Investigating the Impact of Global Data Protection Regulations on the Landscape for Internet and Private Businesses; An Analogical Analysis of the Enabling Factors and Values Influencing Attitudes Towards Information Classification in the Watergate Scandal

Originally spurred by a desire to investigate overclassification and abuse in the US from the sudden increase in classification actions, I was initially curious to research mitigations through regulations and policy changes. Then, I learned about the Boeing 757 disaster and the pressures at play, discovering how deadlines and corporate stressors played an integral part in the tragedies. This led to my wanting to investigate the enabling factors and pressures at play within the classification space, exploring how abuse may germinate. I chose to investigate Watergate and the different pressures at play, as the officials involved also propagated unethical values and neglected to consider the ramifications of their actions. Similarly, my technical project began as an investigation into the impact of classification policies, but shifted to studying the effects of Global Data Protection Regulations (GDPR) on various data-driven entities, investigating how giving people more autonomy and stipulating ways to handle data impacts the structure of different websites and businesses. For both of my projects, I focused my research and concerns on the handling of sensitive information, focusing on the ethical ways and situations in which to handle it.
The technical portion of my thesis produced various implementations and effects of the policies introduced by the GDPR. Established to prevent the abuse of sensitive data, the GDPR established new rights for users and increased their general autonomy. Among these rights are the right to be forgotten (where users can have their data deleted upon request) and the right to know what data is being used and how it is being used. For the business landscape, larger firms may find GDPR regulations to be the cost of doing business, but financial and technical obstacles required for compliance may devastate smaller companies. There is increased emphasis on data handling procedures and procuring proper consent from users to utilize their data. However, my results showed that websites have been employing sneaky designs to employ more tracking than necessary and making it harder for users to opt out of it. The GDPR also suffers from vague language and a lack of detail on specific concepts and implementation. While intended to allow for flexibility, it makes understanding GDPR much more difficult.
My STS research yielded an analysis into Watergate and its actors, investigating their actions, the ramifications, and the rationale behind their execution. There is a steep increase of hundreds of thousands of classification actions with a disproportionately small increase in declassification due to executive branch policies expanding the abilities of officials. This has resulted in more flexibility, culminating in multiple documented instances of abuse. For instance, the government has had difficulty accessing information about people involved in the 9/11 terrorist attacks due to overclassification, preventing them from potentially stopping it. I utilized Schwartz-Plaschg “Power of Analogies” as a framework to compare the treatment of classified information in Watergate to the treatment of confidential information in businesses. I found that President Nixon and his officials had abused the good faith of the nation, deceiving other parties instead of exposing the truth. The DNC Burglaries exhibited corporate opportunity, where the officials acted illegally to gain unfair advantages. Many officials justified their behavior with “ends justify the means,” overlooking violations in service of overcoming opposition. There were also considerable feelings of loyalty to Nixon, often overwriting personal doubts.

The GDPR’s emphasis on consent highlights the duty to acknowledge an individual's autonomy, and Watergate demonstrates the consequences of neglecting responsibilities and duties to the people. I found that GDPR expanded the rights of users, enabling them to better control their personal data usage. Alternatively, Watergate worked to circumvent the safeguards ensuring privacy and accountability to gain unfair political advantages and control. This concept goes hand in hand with accountability, emphasizing a need at all levels. Sociotechnical systems show that technical aspects (such as tracking and monitoring) and social pressures (including workplace culture) are inseparable. As seen with Watergate, values like the overwhelming loyalty to Nixon created a corrupt and toxic atmosphere, poisoning the work and behavior of executive officials while setting regressive precedents. Therefore, careful consideration should go into the protection and utilization of sensitive data.
There are a couple notable individuals who greatly helped me during my sociotechnical research and development. Along with much appreciated support and encouragement, I received immense support from Professor Neeley in defining and refining my STS topic, Professor Davidson for facilitating my interest in cybersecurity and being my technical capstone advisor, and David Ackerman for helping me better understand the core ideas of my technical research.

School of Engineering and Applied Science

Bachelor of Science in Computer Science

Technical Advisor: Jack Davidson

STS Advisor: Kathryn Neeley

Technical Team Members: N/A