14-2-2014
Dan Perjovschi
Privacy Seminar 2. Privacy: an overview
Jaap-Henk Hoepman
Digital Security (DS) Radboud University Nijmegen, the Netherlands @xotoxot // [email protected] // www.cs.ru.nl/~jhh Dan Perjovschi, 2007
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 2
Privacy Dimensions the right to be let alone relational privacy
informational privacy / what is privacy self determination according to you? corporeal privacy
locational/spatial privacy
privacy spheres
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 3 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 4
Don’t confuse these concepts! 7 types of privacy
privacy of ● the person, security privacy ● behaviour and action, ● personal communication, ● data and image, ● thoughts and feelings, ● location and space, and data protection ● association (including group privacy).
Finn, R.L., Wright, D., and Friedewald, M.: Seven types of privacy. CPDP 2012 Clarke, R.: Introduction to Dataveillance and Information Privacy, and Definitions of Terms, 1997
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 5 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 6
1 14-2-2014
Different definitons Contextual integrity
The right to be let alone ● [Warren & Brandeis, 1890] Informational self-determination: The right to determine for yourself when, how and to what extend information about you is communicated to others ● [Westin, 1967] The freedom from unreasonable constraints on the construction of one’s identity ● [Agre & Rottenberg, 2001] Contextual integrity: the right to prevent information to flow from one context to another ● [Nissenbaum, 2004] [FIDIS project]
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 7 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 8
Aggregation Privacy invasions Identification Privacy Process Insecurity Secondary Use Exclusion
Surveillance computing networking Interrogation (1950-) (1980-) Collect Disseminate
Breach of confidentiality Disclosure Exposure Increased availability Invade/Use Blackmail Appropriation Intrusion •searching becomes efficient •datasharing becomes easy Interference Distortion •data kept forever •data accessible on-line
“network effect”
Based on: Daniel J. Solove,"A Taxonomy of Privacy" 2006.
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 9 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 10
Different types of data/information Data vs Metadata
Transfer Volunteered Metadata (= Behavioural data) ● What you reveal explicitly when asked ● Condensed (information rich, easy to process) Observed ● More ”true” (judge a man not on what he says but on what he does) ● What you reveal implicitly by your behaviour Inferred ● What is derived from other data about you
[World Economic Forum Report Personal Data: The Emergence of a New Asset Class]
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 11 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 12
2 14-2-2014
Searching for the right metaphor You’ve got nothing to hide
orwell / big brother chandler / little sister kafka / the trial
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 13 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 14
Have you!!?? I have nothing to hide....
EverybodyWrong has assumption something to be embarrassed about Assumes that the problem is data you want to hide The point is not that there is data that ● evenis apriori “innocent”“wrong” data canor illegalharm you Freedom of thought ● That job offer(as seen looksby interesting...the “sender”) ● That woman looks “interesting”... The point is that “innocent” data can No distinction between illegal (legal) vs disgraceful (later) be used wrongly (moral) vs …: data is data What is the( bydatathe used current for: “investigation,receiver”) anti- terrorism, or …?? ● Function creep
Solove, Daniel J., “I’ve got nothing to hide" 2008.
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 15 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 16
Why is privacy important “Privacy is essential for freedom, democracy, psychological well-being, individuality and creativity”
Daniel J. Solove. “Understanding Privacy.” Harvard University Press, 2008.
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 17 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 18
3 14-2-2014
Moral basis for data protection Topic
prevention of information-based harm location privacy; roadpricing, ov chipkaart ● Like guns, information may kill people rfid privacy prevention of informational inequality identity management ● The “market” of information electronic voting ● Non-discrimination electronisch patient records (the dutch system) prevention of informational injustice smart metering/smart grids ● Spheres of privacy must be protected search engine privacy profiling; behavioural advertising respect for moral autonomy. ● People change social networks cloud computing Hoven, Jeroen Van Den and Vermaas, Pieter E.(2007) 'Nano-Technology and Privacy: On Continuous Surveillance Outside the Panopticon', Journal of Medicine and Philosophy, 32: 3, 283 — 297
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 19 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 20
Resources
Websites ● http://wiki.science.ru.nl/privacy/ ● https://www.eff.org/
Books ● Agre & Rotenberg: Technology and Privacy: The New Landscape, MIT Press, 1998 ● Ilija Trojanow, Juli Zeh “Aanslag op de vrijheid”, de Geus,2010 ● Daniel J Solove "Understanding Privacy", Harvard University Press, 2008. ● Bart de Koning "Alles onder controle", Uitgeverij Balans, 2008.
[email protected], [email protected] , www.cs.ru.nl/~jhh
Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 21 Jaap-Henk Hoepman // Radboud University Nijmegen // 14-2-2014 // Privacy: an overview 22
4