After the story about an 82-year-old cleaner, fondly known as “Ah Umm” or “Madam L”, went viral recently, experts have weighed in their opinion on the importance of having “ethical discretion” when it comes to sharing personal data online.
It all started when the story of this elderly woman was shared by social media user named Koh Meng Shuen last week. Mr Koh narrated in Facebook posts about the senior citizen’s work, family circumstances and financial struggles after having a chat with her on a train.
In the posts, Mr Koh asserted that individuals like Madam L must be better supported by the government.
The posts went viral and many people criticised the inequality and social support policies in the country. However, Mr Koh later removed the posts as he found out there are inaccuracies in his previous descriptions. He also apologised to the elderly cleaner for unsolicited and unwanted attention that was garnered, given that some concerned citizens had tried to reach out to her.
Adding to this, the Ministry of Social and Family Development (MSF) also gave out a statement on 29 July spelling out Madam L’s circumstance, while advising the public to not share the life situation of vulnerable individual on social media, instead link them up directly with social services.
Based on this recent incident, research assistant Wong Kwang Lin and senior lecturer Dr Natalie Pan at the Department of Communications and New Media at the National University of Singapore penned their opinion on this matter, which was published in TODAY.
The duo stated that often times, discussions on data protection typically boils down to unauthorised data leaks and cycbersecurity flaws in Singapore, like the 2018 SingHealth cyber-attack. However, they opined that it also crucial to pay attention to “how data can be ethically handled by both the public and ‘authorised’ parties; even in the absence of malicious intentions”.
In Singapore, authorisations comes in the form of consent and notifications, which are the fundamental principles of the Personal Data Protection Act. But, this is not sufficient to “understand authorisation as a one-off agreement, and meaningful consent is key”, the experts pointed out.
This basically means that a person should always be constantly be informed on how their personal data can be used and disclosed by those they share it with. In fact, even is consent if given, both the public and authorities still have to be careful not to “compromise the safety, privacy and dignity of individuals”, they said.
Citing Madam L’s case an example, the experts said that when her information was shared online, it showed the “ethics of data sharing are blurred in the context of personal social media”.
“Consent was not obtained as she [Madam L] was unaware that photos were being taken and the conversation would be shared publicly. While Mr Koh probably had good intentions in publicising her story, it is difficult to control the consequences of spreading such sensitive personal information online,” the experts wrote.
Authorities releasing personal information
Although the duo think that MSF is right to warn public not to share personal details of individuals and families on social media as it “may lead to further distress” for these people, but the Ministry also disclosed more personal information about the elderly cleaner online.
“The ministry’s statement contained further information such as the circumstances of her son’s death, her living arrangements and her wages, ostensibly to counter netizens’ suggestion that not enough support exists for people in Mdm L’s position,” they said.
They added, “It is unclear whether Mdm L’s family consented to such information being disclosed by MSF. However, the potential consequences of such public disclosure lead us to consider data ethics beyond the principle of individual consent.”
In fact, this latest event is just one of the many incidents of the past where public agencies revealed personal information to the public as to defend their policies and processes, the article stated.
One such example happened last year when the Central Provident Fund (CPF) released some of the medical history of a person who highlighted about her inability to access her CPF savings.
The Smart Nation Digital Government Office stated in December 2019 that the “release of personal details [is] necessary to provide the public with correct and relevant facts”, and such disclosure is to “preserve the public trust reposed in them and to ensure that citizens are not misled”.
To this, the article said: “But organisations privy to the personal data of their clients need to also consider the power dynamics among the stakeholders involved.”
It added, “When considering digital vulnerability, data ethics and social welfare are not separate issues.”
The experts also noted that public agencies and social service organisations have a responsibility to care and be accountable to the public and users of their services.
Although the experts opine that it’s important for public agencies to defend their policies and correct falsehoods, but it is “possible and appropriate for these discussions to take place without the disclosure of vulnerable individuals’ information”.
“Trust in the adequacy of public policies is important, but this should also include trust that personal data will be handled in a safe and dignified way.”
As such, the experts stated that it’s crucial to have frameworks like the Public Sector (Governance) Act so that better transparency and accountability can be practiced in the way public agencies handle personal data.
“The ongoing review of public sector data protection rules is an important step that could consider such ethical questions, in addition to the reinforcement of cybersecurity measures,” the article stated.
It concluded, “While regulations are continuously revised to keep up with new ways in which people use technology, ethical discretion is just as important as regulatory safeguards.”