Question: Does giving organizations or individuals the ability to purchase very specific demographic information help produce a fairer and more equal society or is it a threat to privacy and security? Should governments limit the type of information marketers can use? Do governments have this power?
Introduction
With the advancements in technology and computer programming, there is a new application or service being developed every day. The companies require certain information regarding the consumers in order to understand their needs and demands regarding various products and services. The companies or other computer programmers and even entrepreneurs can utilize this information in developing applications, services, and products, whose need is being felt in the market. In this regard, the needs of the market can be satisfied while the companies or entrepreneurs and engineers enjoy the profits that have been reaped on the basis of that information.
Application Programming Interfaces (APIs) and Their Impact on Privacy
Application Programming Interface (API) can be considered as a contract through which the colleagues, partners or third party developers gain valuable information via accessing the browsing and other related information (Jacobson, Woods, & Brail, 2011). Any change or alteration in an Application Programming Interface will create a ripple effect, as it is the foundation on top of which various programs can be built. The API can be altered, almost daily, if utilized properly. Popular social websites such as Twitter and Facebook and businesses such as Uber have managed to utilize the software product in order to improve their services and gain higher levels of customer satisfaction.
In addition to the creation of Apps on the basis of these APIs, the businesses can also use them as a tool to enable communication means, which can lead the employees to do their jobs more effectively (Patterson, 2015). In addition to this, open APIs can enable other businesses to build upon a company’s core product. Therefore, in an era where the businesses are utilizing APIs extensively to build their businesses while heavily relying on information provided by the consumers, there is a significant increase risk of intrusion, data theft, and even DOS attacks. For instance, a recent Twitter security breach exposed information and valuable data relating to about 250,000 accounts.
Such attacks, while do impact the company adversely, perhaps do the most damage to the users of their applications (Lensmar, 2013). Play station also put 77 million users at risk due to similar causes. Companies tend to pay minimal attention to the issue of protection of the user privacy is because of either ignorance or early adoption of new technologies which leaves them vulnerable in terms of user security.
There are certain benefits to the notion of sharing information between companies and utilizing open APIs. The companies can save valuable time and resources in their attempt to develop a platform on which they can base all their new apps and programming on. In fact, the wait for consumers and other programmers is significantly reduced by being provided with the new applications and various other services due to the analysis of their data. Such software results in a very efficient and effective system in the business world.
The society may have benefitted immensely from such APIs by having the opportunity to learn from valuable information regarding the consumer. As a result, it can be stated that a fairer and a more equal society was created due to the availability of information to everyone. The benefits of API usage in creating competitive advantage can be observed from the fact that Uber, Airbnb, Alibaba, etc. are famous companies with no major physical asset ownership. However, all of such companies enjoy considerable success in the market as a result of being experts in the usage of APIs (Lyer & Subramaniam, 2015).
It is due to such usage and the ability to create power through the knowledge that render APIs perhaps more valuable than physical assets, in today’s digitalized world. Considering the advantages that the marketers gain from APIs; it saves time and is relatively cheaper, the amount of hard work and labor is considerably reduced, and hence the needs of the potential customers can be met immediately, with minimum usage of time.
On the other hand, it is of great concern that the privacy or security of the people utilizing the services of such companies may have been significantly compromised and might still be at risk. Consumers keep valuable data stored on their phones, computers, laptops, tablets, etc. If the information from open APIs falls into the wrong hands, then the identity and security of those consumers may be severely compromised, as it can result in financial loss, identity theft, etc. Allowing simple and small applications to gain access to personal information such as identity, phone number, etc., is an undesirable aspect, which the consumers wish to avoid.
In fact, even information such as insurance and home details can be leaked to undesirable individuals under the notion of sharing information via an API. The usage trend and eagerness of companies to utilize data accessed via the use of APIs has certainly increased in recent years. For instance, in 2010, social networking site Facebook, changed one policy related to its API, which was referred to as open graph policy (Warren, 2010).
Where the applications that drew on Facebook’s APIs had to download new information every day, because they were refrained from storing it, were now allowed to store the vital information related to the consumers. The implications of the use of such APIs by the social networking company indicate that information of their activities on Facebook as well as related sites will be available to more than just their friends. In fact, details about them will be available to the public in a more general sense than just their friends’ list.
Another company that operates via APIs to gain access to information is known as Acxiom, and it has been declared that the data mining can lead to incidents such as hacking, identity theft, and stalking (Morris & Lavandera, 2012). A Large amount of data and information can be very powerful, and predators can utilize any of the information that they gain via APIs to find their victims and engage in criminal activities. More possible disadvantages can be observed from the fact that Uber once had the option to track the location of all of its users (Pagliery, 2014).
Termed as the God View mode, it was a perhaps very powerful feature for the company employees. The information regarding the constant location of the customers can be utilized for numerous damaging and harmful purposes. For instance, one employee of the company tracked a client’s route on her way to a meeting, because she was 30 minutes late for a meeting. While a second employee suggested that he could resort to blackmailing journalists that were critical of or against the company, by digging up dirt against them, through their software and APIs.
Hence, it can be stated that the ability to purchase certain information regarding the individuals in the market may be very advantageous for the company. However, it would put the customer at great risk, by exposing their private information and details, an idea, which is not acceptable to the people of the society in general, regardless of their business advantages.
Governmental Role in Maintaining Privacy in Relation to APIs
Following the above arguments, it can be stated that the government should heavily supervise the companies who extensively utilize APIs and associated software and technology and their power and extensive access to sensitive information about the client should be limited. Even though governments cannot extensively dictate the businesses that operate within the country, they do have the power to impose a restriction on businesses when it is believed that their actions and operations may be harming the economy, government or citizens of the country. In other words, it is the responsibility of the government to limit the type and extent of the information of the users that is being accessed by the organizations and individuals.
Although the government of the United States has itself resorted to the usage of APIs to enable better communication between their services, it has strived to protect the privacy of the people to a limited extent. For instance, companies such as Uber, which came under fire for the illegal use of APIs, were scrutinized by the regulatory authorities of the government and was restricted even further to protect the privacy of the civilians. However, in sharp contrast to the responsibility of the governments, it is interesting to note that recently they have also become involved in API software and related technology. For instance, numerous modern apps utilize the information provided by government APIs such as the conditions of the weather, or other health related or geographical data (Brantley, 2015).
Currently, it can be observed that different governments of various countries shave different priorities when it comes to information sharing, APIs, software, and technology. For instance, currently, most of the European Union is more concerned about the privacy protection of its civilians (Andreasson, 2012). They also believe that most of this information is being retrieved by the American companies, thus leaving their country and its people more vulnerable.
On the contrary, however, it can be observed that the government of the United States of America is more concerned with increasing their support of security technologies, in order to be able to investigate better cyber crimes and acts of terrorism occurring within the company. According to the Human Rights Watch (2013), it has been stated that the US and the UK governments had themselves breached the privacy of their citizens (Countries Should Protect Privacy in Digital Age, 2013). In this regard, the organization has declared that the citizens should protect their privacy
Although the governments have complete rights in enforcing extensive regulations and rules in order to protect their society, however, in the modern age, it seems important for the people to be available to APIs in order for the people to use online websites and enable them sites to cater to their specific needs. Since it is nearly impossible to remain online without any constant contact with APIs. It would be redundant or counter intuitive if the government attempts to ban or restrict them in a severe manner.
The modern businesses rely so heavily on APIs that any major restriction on their usage would render significant damage to the economy of the country. In fact, the restrictions would also dissatisfy the consumers of the application and software, which rely on APIs. However, despite that fact that APIs are helpful to the society at large and only pose privacy threats to a certain extent, the government cannot completely restrict the movements of such companies.
Since the American government itself has invaded the privacy of their civilians significantly, the fact that such information can be utilized for malignant purposes remains a permanent threat to the public. Thus, another popular opinion regarding privacy violation by businesses and individuals is that the governmental bodies are inadequate in protecting their civilians.
In this respect, it is stated that innovative methods need development by the people themselves that would pressurize the government and businesses into refraining from the invasion of individual privacy. One solution that has been presented in this respect is that of an open source app such as Crypton, which can be used to create an API layer through which the data will be exchanged but with little knowledge of what data it is (Carson, 2014). ‘
Despite the fact that restrictions can be imposed on the intrusion privacy capabilities of the companies and individuals via APIs, the governments of the country have not played an extremely active role in the prevention of such ethically questionable actions. The governments of various countries around the world do not seem to hold considerable power in this respect because, either they are utilizing APIs themselves and breaching consumer privacy, or they do not have the financial or expert knowledge that is needed in this respect. Even if a government did have the power to be able to impose restrictions, it can be doubted if it would put that power into action since intelligence and other data can be gathered through APIs, which is of course highly valuable information for any country or organization.
Conclusion
Thus, it can be concluded that the APIs seem to have had a very positive influence on businesses as they have provided organizations with numerous competitive advantages. The businesses and other individuals are provided with platforms and user information, which can be built upon in order to cater to the dynamic needs of the market. Since the APIs collect personal data of the user, therefore, they pose a significant threat to the society in terms of breach of privacy and other financial or emotional harm.
In this regard, the governments have taken various steps in order to ensure that the companies and individuals do not abuse the power, which comes with having excessive knowledge about the people. However, the governments themselves have breached the privacy of their citizens in this regard. Therefore, it has been suggested and argued that the people should force the regulatory authorities and the companies to respect and protect their privacy by adopting innovative solutions.
References
Andreasson, K. J. (2012). Cybersecurity: Public Sector Threats and Responses. Boca Raton, Florida: CRC Press.
Brantley, B. (2015). The API Briefing: Government APIs in a Post-Apps World. Retrieved from: http://www.digitalgov.gov/2015/06/24/the-api-briefing-government-apis-in-a-post-apps-world/
Carson, A. (2014). If Gov’t Won’t Protect Privacy, Innovation Will. Retrieved from https://iapp.org/news/a/if-govt-wont-protect-privacy-innovation-will/
Countries Should Protect Privacy in Digital Age. (2013). Retrieved from https://www.hrw.org/news/2013/09/20/countries-should-protect-privacy-digital-age
Jacobson, D., Woods, D., & Brail, G. (2011). APIs: A Strategy Guide. Sebastopol, CA: O'Reilly Media, Inc.
Lensmar, O. (2013). Why is API security always somebody else's problem? Retrieved from http://www.networkworld.com/article/2224828/opensource-subnet/why-is-api-security-always-somebody-else-s-problem-.html
Lyer, B., & Subramaniam, M. (2015). Are You Using APIs to Gain Competitive Advantage? Retrieved from https://hbr.org/2015/04/are-you-using-apis-to-gain-competitive-advantage
Morris, J., & Lavandera, E. (2012). Why big companies buy, sell your data. Retrieved from http://edition.cnn.com/2012/08/23/tech/web/big-data-acxiom/
Pagliery, J. (2014). Uber limits 'God view' to improve rider privacy. Retrieved from http://money.cnn.com/2014/12/16/technology/security/uber-privacy-letter/
Patterson, M. (2015, April 3). What Is an API, and Why Does It Matter? Retrieved from http://sproutsocial.com/insights/what-is-an-api/
Warren, C. (2010). Facebook Open Graph: What it Means for Privacy. Retrieved from http://mashable.com/2010/04/21/open-graph-privacy/#aSxOagYijOqn