The data science professional will likely yield more and more power as time goes on. Therefore it may be a good idea to start thinking several ideas to help safeguard our society from bad actors, disasters and honest mistakes with minimal disruption.
Here are a few ideas & things to consider when crafting policy.
(Disclosure: I am not a lawyer.)
Starting Out With a National Breach Notification Law
Policing the data science professional is an extremely complex proposition so I suggest that we start off with easier to digest problems that aren’t likely to change any time soon and are things that we can tackle right now.
Currently, data scientists who collect large data sets with personally identifiable information should do their best to anonymize the data but strengthening, streamlining and standardizing our breach notifications laws at the federal level could push companies to police their own employees.
Currently companies that house personal data can delay notifying their customers of a data breach for a very long time, in fact time to disclose varies from state to state. This is extremely confusing, burdensome and terrible for all parties involved. I agree with a lot of what’s been written on the subject.
It shouldn’t be that hard to craft a law that requires companies to disclose data breaches in a timely manner, incentives them to care more about protecting personal data and create a national standard that is easier for companies to comply with.
Make It Easier for People & Shareholders to Sue For Unethical Practices
Writing laws & rules to govern behavior can be tricky and it’s often tough to strike the right balance between with what’s safe and what’s flexible enough to ensure that data scientists are still employable.
Perhaps one way to deal with inherent awkwardness is to have Congress make certain unethical behavior punishable in civil court vs making it a criminal offense and or making it the business of a federal agency.
In the legal world there’s a standard called “standing” that prevents parties from bringing suit against another without there being concrete damages. This is great because it generally keeps completely frivolous suits out of court and the enforcement mechanism is used when another person feels like there’s been an actual injustice done to them.
Congress has a lot to say in how the civil courts work or don’t work in this country, sometimes for better and sometimes for worse.
Set Up a Professional Organization to Self Police Members
Doctors have the American Medical Association, realtors have the National Association of Realtors and the financial services industry has Financial Industry Regulatory Authority – also known as FINRA.
Why not create a professional licensing organization for data scientists?
Pros:
- Enforcement of professionals by professional who have better knowledge what’s ethical and what’s not.
- Can more quickly change the rules than a official government enforcement body and can be generally more flexible.
- Would burnish the reputation of the profession which relies so heavily on trust.
Cons:
- Some view professional standards enforcement as weak turkey.
- Can’t address unethical criminal behavior but can refer them to the authorities.
- May not be interested in enforcement against influential members but this would probably applies to government enforcers as well.
Michael Ono 