User Browsing Data Collection and Sale Ethical Issue


Ethical issue: Collection and sale of browsing data and other sensitive information on users by internet service providers.
Stakeholders Confidentiality Publicity Veracity
1) Consumers Internet users desire and expect their personal data to be safe and secure when using service providers. Consumers expect internet service providers to adhere to professional, legal, and ethical codes in protecting their data as would be the case in any other service where confidential information is shared. However, recently, a majority think personal data is less secure and data collection poses more risks than benefits (Auxier et al., 2019). Consumers expect to be told openly and directly regarding what data is collected and where it is stored or distributed by internet service providers. More than 59% of Americans lack understanding about data use by private companies (Auxier et al., 2019).
2) Internet Service Providers (ISPs) Under the Open Internet Order, the FCC requires carriers and ISPs to “protect the confidentiality of consumers’ proprietary information” from unauthorized use or disclosure (EPIC, n.d.) ISPs must follow legal standards but also ethical standards and public expectations regarding how the data is collected, used, and distributed. When ISPs are publicly stating that the data is not shared but there is abundant evidence that it is, it is a violation of the publicity principle. ISPs are guided by law as well as the public expectation, to tell the truth regarding their use of data and notify users when data is being collected or shared.
3) Government Regulators (FCC) The government must regulate other parties to ensure they meet all confidentiality requirements based on the existing law and industry standards. Consumers and everyday people rely on the FCC to ensure the safety and confidentiality of their data. When the FCC leadership argues against net neutrality and aligns itself with ISPs, it inherently undermines trust in it as a governing body supporting standards (Grove, 2017). As government entities meant to regulate and protect internet users, the FCC should be transparent regarding how much is actually being done to protect users and the impacts that political legislation has on consumers.
4) Technology firms The purchase and collection of data by major technological firms is a direct attack on the privacy and confidentiality of its users who access the online platforms through ISPs (Schiffer, 2019). The technology firms and platforms must adhere to legal and ethical standards regarding the use of consumer data, notify users, and practice responsible use regardless if it brings in tremendous profit. When faced with public criticism regarding how the algorithms are aware of the personal interests of users and position their advertising as such, firms are expected to tell the truth regarding the origins of their data.

The collection of private browsing history and subsequent sale of the data to online companies has been an ongoing debate for years. However, with an increased presence of technology in daily life and the complexity of big data analysis and algorithms which can utilize the data in a variety of ways, ranging from advertising based on interests to form an individual profile highlighting preferences – the topic is increasingly controversial despite many consumers either accepting the status quo or unaware of the issue. Legislation passed by President Trump in 2017 allows internet service providers to sell data without the user’s consent due to the way that they are regulated, as communication firms rather than technology companies, eliminating previous regulatory measures of a neutral web which also previously required users to explicitly opt-in for sharing personal information with third-parties (Johnson, 2017). These steps towards deregulation in the industry practices were the primary reason why this topic was selected.

The involved stakeholders were selected based on available information. There is the consumer whose data is collected. Internet service providers, who are providing internet access and simultaneously collect data. Government regulators, particularly the FCC, regulate the business activity conducted by service providers (Johnson, 2017). The technological firms, the likes of Google and Facebook, were included as they are the primary third party beneficiaries from the sold data, utilizing algorithms to track user activity and match advertising content, which generates the majority of billions of dollars in revenue for these companies (Schiffer, 2019).

Principles were selected in the attempt to examine the issue from a public user perspective since virtually everyone relies on the Internet in the modern-day for communication, entertainment, work, and other activities. Confidentiality is the most evident in this case since private information is regarded as a valued asset and most people would not want sensitive information to be collected and distributed. Publicity can be applied to this ethical situation as privacy user agreements are an ethical standard that is well recognized in the modern digital age, and while most users accept that some data will be collected, there are limitations, which until recently have been enforced by law. Finally, veracity was chosen because it reflects transparency, or rather lack of it, of involved stakeholders regarding consumer data. Most internet users are unaware of how much and what data is collected as well as with whom it may be shared. While the details may be hidden in the hidden language of user agreements and contracts consumers sign, most are not aware of these events, while internet service providers and other benefitting parties avoid openly discussing such issues in most cases.



  1. We, as an Internet service provider are committed to providing consumers with an online experience where their data remains confidential and secure. We realize the importance of data in the modern world and value the need for privacy in personal data and online activity that users expect.
  2. Due to the trust placed in us by the consumers, we are striving to meet all necessary legal, industry, and ethical standards regarding online data and not share it with either private firms or any government entity. No personal consumer data will be shared or sold to third parties without explicit consent and open communication with our users.
  3. We are limiting data collection, storage, and sharing of data strictly to the context of technical support of our networks and it will remain fully confidential.


  1. The purpose of this policy is to establish limitations to the collection, storage, or exchange of data on our consumers by us, the internet service provider. It is meant to ensure that the service provided meets legal and ethical standards.
  2. Third-party contacts and data exchange will be reduced. Data manipulations will be limited and remain confidential unless specifically and consensually indicated by the consumer.


  1. The policy applies to all services provided by the Internet Service Provider to the consumer based on the agreed-upon contract.
  2. All personal data, browsing activity, and technical information (IP address, device identifiers) must remain confidential. Data cannot be shared with any third party including but not limited to: government agencies, private firms, social networks unless required by law and/or user consent on doing so.
  3. Due to the technical nature of ISP, data has to be collected to some extent, but it will remain confidential and will not be used for any commercial means.
  4. ISP employees are expected to follow all privacy regulations and not violate consumer confidentiality.

Policy Points

  1. Data collection will be reduced immediately, retaining only personal information and data that is technically or legally necessary to collect.
  2. All collected data up-to-date and in the future will be made confidential, available only with proper security clearance or by court order.
  3. Consumer data will no longer be voluntarily or commercially shared with third parties unless it is requested by court order for government agencies or remains confidential in the form of general statistics or technical data.
  4. The company will make all efforts to enhance the security and privacy of its servers and data collection process.

Sanctions and Communication

  1. Employees in violation of the confidentiality clause or inappropriate collection of data will be reported to law enforcement and terminated immediately.
  2. The company will publicly publish data management practices and any sharing of data that occurs annually.
  3. An independent audit will be conducted annually regarding data practices and safety. Any violations will result in a 1-month payment credited to consumers and a review of both the management and data safety protocols.
  4. Consumers must be notified of any abnormalities or breaches in the collection or storage of their data, including but not limited to personal data used for contractual obligations and payment or browsing data via the provided service.


Auxier, B., Rainie, L., Anderson, M., Perrin, A., Kumar, M., & Turner, E. (2019). Web.

EPIC. (n.d.). Web.

Grove, J. (2017). When it comes to net neutrality, the FCC mistakenly puts trust in ISPs. The Baltimore Sun. Web.

Johnson, A. (2017). NBC News. Web.

Schiffer, Z. (2019). The Verge. Web.

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *