Privacy Rights

In this article, we identify three key design dimensions along which cryptocurrencies differ -- privacy, censorship-resistance, and consensus procedure. Each raises important normative issues. Our discussion uncovers new ways to approach the question of whether Bitcoin or other cryptocurrencies should be used as money, and new avenues for developing a positive answer to that question. A guiding theme is that progress here requires a mixed approach that integrates philosophical tools with the purely technical results of disciplines like computer science and (...) economics. Note: this article is the second entry within a two-part sequence on the Philosophy, Politics, and Economics of Cryptocurrency. (shrink)

Higher education institutions are mining and analyzing student data to effect educational, political, and managerial outcomes. Done under the banner of “learning analytics,” this work can—and often does—surface sensitive data and information about, inter alia, a student’s demographics, academic performance, offline and online movements, physical fitness, mental wellbeing, and social network. With these data, institutions and third parties are able to describe student life, predict future behaviors, and intervene to address academic or other barriers to student success (however defined). Learning (...) analytics, consequently, raise serious issues concerning student privacy, autonomy, and the appropriate flow of student data. We argue that issues around privacy lead to valid questions about the degree to which students should trust their institution to use learning analytics data and other artifacts (algorithms, predictive scores) with their interests in mind. We argue that higher education institutions are paradigms of information fiduciaries. As such, colleges and universities have a special responsibility to their students. In this article, we use the information fiduciary concept to analyze cases when learning analytics violate an institution’s responsibility to its students. (shrink)

This paper discusses the idea that the concept of privacy should be understood in terms of control. Three different attempts to spell out this idea will be critically discussed. The conclusion will be that the so-called Source Control View on privacy is the most promising version of the idea that privacy is to be understood in terms of control.

Ambient assisted living technologies are increasingly presented and sold as essential smart additions to daily life and home environments that will radically transform the healthcare and wellness markets of the future. An ethical approach and a thorough understanding of all ethics in surveillance/monitoring architectures are therefore pressing. AAL poses many ethical challenges raising questions that will affect immediate acceptance and long-term usage. Furthermore, ethical issues emerge from social inequalities and their potential exacerbation by AAL, accentuating the existing access gap between (...) high-income countries and low and middle-income countries. Legal aspects mainly refer to the adherence to existing legal frameworks and cover issues related to product safety, data protection, cybersecurity, intellectual property, and access to data by public, private, and government bodies. Successful privacy-friendly AAL applications are needed, as the pressure to bring Internet of Things devices and ones equipped with artificial intelligence quickly to market cannot overlook the fact that the environments in which AAL will operate are mostly private. The social issues focus on the impact of AAL technologies before and after their adoption. Future AAL technologies need to consider all aspects of equality such as gender, race, age and social disadvantages and avoid increasing loneliness and isolation among, e.g. older and frail people. Finally, the current power asymmetries between the target and general populations should not be underestimated nor should the discrepant needs and motivations of the target group and those developing and deploying AAL systems. Whilst AAL technologies provide promising solutions for the health and social care challenges, they are not exempt from ethical, legal and social issues. A set of ELSI guidelines is needed to integrate these factors at the research and development stage. (shrink)

Most online platforms are becoming increasingly algorithmically personalized. The question is if these practices are simply satisfying users preferences or if something is lost in this process. This article focuses on how to reconcile the personalization with the importance of being able to share cultural objects - including fiction – with others. In analyzing two concrete personalization examples from the streaming giant Netflix, several tendencies are observed. One is to isolate users and sometimes entirely eliminate shared world aspects. Another tendency (...) is to blur the boundary between shared cultural objects and personalized content, which can be misleading and disorienting. A further tendency is for personalization algorithms to be optimized to deceptively prey on desires for content that mirrors one’s own lived experience. Some specific - often minority targeting -“clickbait” practices received public blowback. These practices show disregard both for honest labeling and for our desires to have access and representation in a shared world. The article concludes that personalization tendencies are moving towards increasingly isolating and disorienting interfaces, but that platforms could be redesigned to support better social world orientation. (shrink)

Even though the idea that privacy is some kind of control is often presented as the standard view on privacy, there are powerful objections against it. The aim of this paper is to defend the control account of privacy against some particularly pressing challenges by proposing a new way to understand the relevant kind of control. The main thesis is that privacy should be analyzed in terms of source control, a notion that is adopted from discussions about moral responsibility.

Our world is under going an enormous digital transformation. Nearly no area of our social, informational, political, economic, cultural, and biological spheres are left unchanged. What can philosophy contribute as we try to under- stand and think through these changes? How does digitization challenge past ideas of who we are and where we are headed? Where does it leave our ethical aspirations and cherished ideals of democracy, equality, privacy, trust, freedom, and social embeddedness? Who gets to decide, control, and harness (...) the powers of digitization and for which purposes? Epistemologically, do most of us understand these new mediations – and thus fabrics – of our new world? Lastly – how is the new technological landscape shaping not only our living conditions but also our collective imaginary and our self-identities? (shrink)

In the age of Big Data Analytics and Covid-19 Apps, the conventional conception of privacy that focuses excessively on the identification of the individual is inadequate to safeguard the individual’s identity and autonomy. An individual’s autonomy can be impaired and their control over their social identity diminished, even without infringing the anonymity surrounding their personal identity. A century-old individualistic conception of privacy that aimed at safeguarding a person from unwarranted social interference is incapable of protecting their autonomy and identity when (...) they are targeted on the basis of their interdependent social and algorithmic group affiliations. In order to overcome these limitations, in this article, I develop a theoretical framework in the form of a triumvirate model of the group right to privacy (GRP), which is based on privacy as a social value (Pv). An individual has an interest in protecting their social identity arising out of their participation in social groups. The panoptic sorting of individuals by Big Data Analytics for behavioral targeting purposes gives rise to epistemic bubbles and echo chambers that impede the formation of an individual’s social identity. I construct the formulation of GRP1 to protect an individual’s interest in their social identity and their socially embedded autonomous self. Thereafter, I emphasize an individual’s right to informational self-determination and against algorithmic grouping in GRP2. Lastly, I highlight instances where GRP3 entitles an organized group to privacy in its own right. I develop a Razian formulation to state that Big Data Analytics’ constant surveillance and monetization of human existence is an infringement of individual autonomy. The violation of GRP subjects an individual to behavioral targeting (including hyper-targeted political advertising) and distorts their weltanschauung, or worldview. As regards Covid-19 Apps, I assert that the extraordinary circumstances surrounding the pandemic do not provide an everlasting justification for reducing an individual’s identity to a potential disease carrier. I argue that the ambivalence regarding existence of surveillance surrounding an individual’s social identity can leave them in a perpetual state of simulated surveillance (simveillance). I further assert that it is in the long-term best interests of the Big Tech corporations to respect privacy. In conclusion, I highlight that our privacy is not only interdependent in nature, but it is also existentially cumulatively interlinked. It increases in force with each successive protection. The privacy challenge posed by Covid-19 Apps has helped us realize that while limited exceptions to privacy may be carved out in grave emergencies, there is no moral justification for round-the-clock surveillance of an individual’s existence by Big Data Analytics. Similarly, the threat to privacy posed by Big Data Analytics has helped us realize that privacy has been wrongly focusing on the distinguishing aspects of the individual. It is our similarities that are truly worth protecting. In order to protect these similarities, I formulate the concept of mutual or companion privacy, which counterintuitively states that in the age of Big Data Analytics, we have more privacy together rather than individually. (shrink)

In a world that is awash in ubiquitous technology, even the least tech-savvy know that we must take care how that technology affects individuals and society. That governments and organizations around the world now focus on these issues, that universities and research institutes in many different languages dedicate significant resources to study the issues, and that international professional organizations have adopted standards and directed resources toward ethical issues in technology is in no small part the result of the work of (...) Simon Rogerson. -/- – Chuck Huff, Professor of Social Psychology at Saint Olaf College, Northfield, Minnesota -/- In 1995, Apple launched its first WWW server, Quick Time On-line. It was the year Microsoft released Internet Explorer and sold 7 million copies of Windows 95 in just 2 months. In March 1995, the author Simon Rogerson opened the first ETHICOMP conference with these words: -/- We live in a turbulent society where there is social, political, economic and technological turbulence … it is causing a vast amount of restructuring within all these organisations which impacts on individuals, which impacts on the way departments are set up, organisational hierarchies, job content, span of control, social interaction and so on and so forth. … Information is very much the fuel of modern technological change. Almost anything now can be represented by the technology and transported to somewhere else. It's a situation where the more information a computer can process, the more of the world it can actually turn into information. That may well be very exciting, but it is also very concerning. -/- That could be describing today. More than 25 years later, these issues are still at the forefront of how ethical digital technology can be developed and utilised. -/- This book is an anthology of the author’s work over the past 25 years of pioneering research in digital ethics. It is structured into five themes: Journey, Process, Product, Future and Education. Each theme commences with an introductory explanation of the papers, their relevance and their interrelationship. The anthology finishes with a concluding chapter which summarises the key messages and suggests what might happen in the future. Included in this chapter are insights from some younger leading academics who are part of the community charged with ensuring that ethical digital technology is realised. (shrink)

Algorithmic governmentality is a new form of political governance interconnected with technology and computation. By coining the term “algorithmic governmentality,” Antoinette Rouvroy argues that this mode of governance reduces everything to data, and people are no longer individuals but dividuals (able to be divided) or readable data profiles. Implementing the concept of algorithmic governmentality, the current study analyses Project Itoh’s award-winning novel Harmony in terms of such relevant concepts as “subjectivity,” “infra-individuality” and “control,” as suggested by Rouvroy and colleagues. The (...) analysis further draws on Foucault’s ideas of “governmentality” and “neoliberalism” and Deleuze’s concepts of “dividuality” and “society of control.” In Itoh’s fictional world, the entire society is subject to the new medical government, which replaced the chaotic world with a perfect but harrowing benevolent society, eradicating disease, suicide and crime. As elucidated in this paper, despite the dominant controlling government, there is a hope for humans to regain and reestablish their subjectivity and give meaning to their own personality by defying the nihilistic computational system. (shrink)

The increasingly prominent role of digital technologies during the coronavirus pandemic has been accompanied by concerning trends in privacy and digital ethics. But more robust protection of our rights in the digital realm is possible in the future. -/- After surveying some of the challenges we face, I argue for the importance of diplomacy. Democratic countries must try to come together and reach agreements on minimum standards and rules regarding cybersecurity, privacy and the governance of AI.

The purpose of this survey was to gather individual’s attitudes and feelings towards privacy and the selling of data. A total (N) of 1,107 people responded to the survey. -/- Across continents, age, gender, and levels of education, people overwhelmingly think privacy is important. An impressive 82% of respondents deem privacy extremely or very important, and only 1% deem privacy unimportant. Similarly, 88% of participants either agree or strongly agree with the statement that ‘violations to the right to privacy are (...) one of the most important dangers that citizens face in the digital age.’ The great majority of respondents (92%) report having experienced at least one privacy breach. -/- People’s first concern when losing privacy is the possibility that their personal data might be used to steal money from them. Interestingly, in second place in the ranking of concerns, people report being concerned about privacy because ‘Privacy is a good in itself, above and beyond the consequences it may have.’ -/- People tend to feel that they cannot trust companies and institutions to protect their privacy and use their personal data in responsible ways. The majority of people believe that governments should not be allowed to collect everyone’s personal data. Privacy is thought to be a right that should not have to be paid for. (shrink)

In this review, we present some ethical imperatives observed in this pandemic from a data ethics perspective. Our exposition connects recurrent ethical problems in the discipline, such as, privacy, surveillance, transparency, accountability, and trust, to broader societal concerns about equality, discrimination, and justice. We acknowledge data ethics role as significant to develop technological, inclusive, and pluralist societies. - - - Resumen: En esta revisión, exponemos algunos de los imperativos éticos observados desde la ética de datos en esta pandemia. Nuestra exposición (...) busca conectar problemas éticos típicos dentro de esta disciplina, a saber, privacidad, vigilancia, transparencia, responsabilidad y confianza, con preocupaciones a nivel social relacionadas con la igualdad, discrimi nación y justicia. Consideramos que la ética de datos tiene un rol significativo para desarrollar sociedades tecnificadas, inclusivas y pluralistas. (shrink)

Given recent discussions of personal privacy, or more particularly, its invasion via the internet, it is not surprising to find the issue of personal privacy emerging regarding God’s relation to our private lives. Two different and opposing views of this God-person relation have surfaced in the literature: ‘God and Privacy’ by Falls-Corbitt and Michael McLain, and ‘Privacy and Control’ by Scott Davison. I discuss key elements in both sides of this debate. Even though I will register my sympathy with both (...) sides, I claim that both fail to grasp what I call the existential depth of the God-person relationship. (shrink)

This paper looks at the development of blockchain technologies that promise to bring new tools for the management of private data, providing enhanced security and privacy to individuals. Particular interest present solutions aimed at reorganizing data flows in the Internet of Things architectures, enabling the secure and decentralized exchange of data between network participants. However, as this paper argues, the promised benefits are counterbalanced by a significant shift towards the propertization of private data, underlying these proposals. Considering the unique capacity (...) of blockchain technology applications to imitate and even replace traditional institutions, this aspect may present certain challenges, both of technical and ethical character. In order to highlight these challenges and associated concerns, this paper identifies the underlying techno-economic factors and normative assumptions defining the development of these solutions amounting to technologically enabled propertization. It is argued that without careful consideration of a wider impact, such blockchain applications could have effects opposite to the intended ones, thus contributing to the erosion of privacy for IoT users. (shrink)

Luciano Floridi was not the first to discuss the idea of group privacy, but he was perhaps the first to discuss it in relation to the insights derived from big data analytics. He has argued that it is important to investigate the possibility that groups have rights to privacy that are not reducible to the privacy of individuals forming such groups. In this paper, we introduce a distinction between two concepts of group privacy. The first, the “what happens in Vegas (...) stays in Vegas” privacy, deals with confidential information shared with the member of a group and inaccessible to outsiders. The second, to which we shall refer as inferential privacy, deals with the inferences that can be made about a group of people defined by a feature, or combination thereof, shared by all individuals in the group. We show why we unreservedly agree with Floridi that groups can have a form of privacy that amounts to more than the mere fact of being sets of individuals each of whom has individual privacy; moreover, like Floridi, we find it plausible that at least some groups may have a right to a species of group privacy as groups. However, by turning our attention to the context of big data analytics, we show that the relevant, new notion of group privacy is one of inferential privacy. We argue that an absolute right to inferential privacy is implausible. We also show that many groups generated algorithmically cannot be right holders as groups. (shrink)

The aim of this paper is to discuss anonymity and the threats against it—in the form of deanonymization technologies. The question in the title is approached by conceptual analysis: I ask what kind of concept we need and how it ought to be conceptualized given what is really at stake. By what is at stake I mean the values that are threatened by various deanonymization technologies. It will be argued that while previous conceptualizations of anonymity may be reasonable—given a standard (...) lexical, or common-sense, understanding of the term—the concept of anonymity is not sufficient given what is really at stake. I will argue that what is at stake is our ability to be anonymous, which I will broadly characterize as a reasonable control over what we communicate. (shrink)

It is argued that GDPR suffer from a practical problem of click-through consents, which developers of web browsers should resolve.

In 2017, Tom Gruber held a TED talk, in which he presented a vision of improving and enhancing humanity with AI technology. Specifically, Gruber suggested that an AI-improved personal memory (APM) would benefit people by improving their “mental gain”, making us more creative, improving our “social grace”, enabling us to do “science on our own data about what makes us feel good and stay healthy”, and, for people suffering from dementia, it “could make a difference between a life of isolation (...) and a life of dignity and connection”. -/- In this paper, Gruber’s idea will be critically assessed. Firstly, it will be argued that most of his pro-arguments for the APM are questionable. Secondly, the APM will also be criticized for other reasons, including the risks and affects to the users’ and other’s privacy and the users’ autonomy. (shrink)

Although popular, control accounts of privacy suffer from various counterexamples. In this article, it is argued that two such counterexamples—while individually resolvable—can be combined to yield a dilemma for control accounts of privacy. Furthermore, it is argued that it is implausible that control accounts of privacy can defend against this dilemma. Thus, it is concluded that we ought not define privacy in terms of control. Lastly, it is argued that since the concept of privacy is the object of the right (...) to privacy if the former cannot be defined in terms of control, neither can the latter. (shrink)

A standard account of privacy says that it is essentially a kind of control over personal information. Many privacy scholars have argued against this claim by relying on so-called threatened loss cases. In these cases, personal information about an agent is easily available to another person, but not accessed. Critics contend that control accounts have the implausible implication that the privacy of the relevant agent is diminished in threatened loss cases. Recently, threatened loss cases have become important because Edward Snowden’s (...) revelation of how the NSA and GCHQ collected Internet and mobile phone data presents us with a gigantic, real-life threatened loss case. In this paper, I will defend the control account of privacy against the argument that is based on threatened loss cases. I will do so by developing a new version of the control account that implies that the agents’ privacy is not diminished in threatened loss cases. (shrink)

Traditional arguments for privacy in public suggest that intentionally public activities, such as political speech, do not deserve privacy protection. In this article, I develop a new argument for the view that surveillance of intentionally public activities should be limited to protect the specific good that this context provides, namely democratic legitimacy. Combining insights from Helen Nissenbaum’s contextualism and Jürgen Habermas’s theory of the public sphere, I argue that strategic surveillance of the public sphere can undermine the capacity of citizens (...) to freely deliberate in public and therefore conflicts with democratic self-determination. (shrink)

Public health scholars and public health officials increasingly worry about health-related misinformation online, and they are searching for ways to mitigate it. Some have suggested that the tools of digital influence are themselves a possible answer: we can use targeted, automated digital messaging to counter health-related misinformation and promote accurate information. In this commentary, I raise a number of ethical questions prompted by such proposals—and familiar from the ethics of influence and ethics of AI—highlighting hidden costs of targeted digital messaging (...) that ought to be weighed against the health benefits they promise. (shrink)

Selected by the Economist as one of the best books of 2020. -/- Privacy Is Power argues that people should protect their personal data because privacy is a kind of power. If we give too much of our data to corporations, the wealthy will rule. If we give too much personal data to governments, we risk sliding into authoritarianism. For democracy to be strong, the bulk of power needs to be with the citizenry, and whoever has the data will have (...) the power. Privacy, I argue, is not a personal preference; it is a political concern. I also argue that personal data is a toxic asset, and should be regulated as if it were a toxic substance, similar to asbestos. I call for a complete ban to the trade in personal data. The book is at once philosophical and political, and extremely practical and accessible. It discusses liberal democracy, equality, justice, and autonomy. It includes a chapter for policymakers, and one that addresses what ordinary citizens can do to protect privacy. Finally, the book covers the tension between privacy and public health in the context of covid19. -/- . (shrink)

The first few years of the 21st century were characterised by a progressive loss of privacy. Two phenomena converged to give rise to the data economy: the realisation that data trails from users interacting with technology could be used to develop personalised advertising, and a concern for security that led authorities to use such personal data for the purposes of intelligence and policing. In contrast to the early days of the data economy and internet surveillance, the last few years have (...) witnessed a rising concern for privacy. As bad data practices have come to light, citizens are starting to understand the real cost of using online digital technologies. Two events stamped 2018 as a landmark year for privacy: the Cambridge Analytica scandal, and the implementation of the European Union’s General Data Protection Regulation (GDPR). The former showed the extent to which personal data has been shared without data subjects’ knowledge and consent and many times for unacceptable purposes, such as swaying elections. The latter inaugurated the beginning of robust data protection regulation in the digital age. Getting privacy right is one of the biggest challenges of this new decade of the 21st century. The past year has shown that there is still much work to be done on privacy to tame the darkest aspects of the data economy. As data scandals continue to emerge, questions abound as to how to interpret and enforce regulation, how to design new and better laws, how to complement regulation with better ethics, and how to find technical solutions to data problems. The aim of the research project Data, Privacy, and the Individual is to contribute to a better understanding of the ethics of privacy and of differential privacy. The outcomes of the project are seven research papers on privacy, a survey, and this final report, which summarises each research paper, and goes on to offer a set of reflections and recommendations to implement best practices regarding privacy. (shrink)

This paper is an overview about the state of privacy and power shifts during the pandemic, and the privacy challenges ahead.

Today’s ethics of privacy is largely dedicated to defending personal information from big data technologies. This essay goes in the other direction; it considers the struggle to be lost, and explores two strategies for living after privacy is gone. First, total exposure embraces privacy’s decline, and then contributes to the process with transparency. All personal information is shared without reservation. The resulting ethics is explored through a big data version of Robert Nozick’s Experience Machine thought experiment. Second, transient existence responds (...) to privacy’s loss by ceaselessly generating new personal identities, which translates into constantly producing temporarily unviolated private information. The ethics is explored through Gilles Deleuze’s metaphysics of difference applied in linguistic terms to the formation of the self. Comparing the exposure and transience alternatives leads to the conclusion that today’s big data reality splits the traditional ethical link between authenticity and freedom. Exposure provides authenticity, but negates human freedom. Transience provides freedom, but disdains authenticity. (shrink)

Today’s ethics of privacy is largely dedicated to defending personal information from big data technologies. This essay goes in the other direction; it considers the struggle to be lost, and explores two strategies for living after privacy is gone. First, total exposure embraces privacy’s decline, and then contributes to the process with transparency. All personal information is shared without reservation. The resulting ethics is explored through a big data version of Robert Nozick’s Experience Machine thought experiment. Second, transient existence responds (...) to privacy’s loss by ceaselessly generating new personal identities, which translates into constantly producing temporarily unviolated private information. The ethics is explored through Gilles Deleuze’s metaphysics of difference applied in linguistic terms to the formation of the self. Comparing the exposure and transience alternatives leads to the conclusion that today’s big data reality splits the traditional ethical link between authenticity and freedom. Exposure provides authenticity, but negates human freedom. Transience provides freedom, but disdains authenticity. (shrink)

Whistleblowing (WB) is the practice of reporting immoral or illegal behavior by members of a legitimate organization with privileged access to information concerning an alleged wrongdoing within that organization. A common critique of WB draws on its supposed consequence of generating a climate of mutual distrust. This wariness is heightened in the case of external WB, which may lead to weakening public trust in an organization by diminishing its credibility. Accordingly, even the defenders of WB have presented it as an (...) individual conscientious extrema ratio; the justification of WB as a dutiful practice has lost plausibility. Contrary to this view, we present WB as a specific instance of institutional and individual moral duties of public accountability in nonideal conditions. WB is thus justified as a dutiful corrective practice within a general normative theory of institutions because it qualifies the individual and institutional moral demands attached to rule-governed institutional roles. (shrink)

This paper offers a sketch of the complicated conflicts which arise—and metastasize seemingly daily—in the era of Big Data. Given the public’s ubiquitous-yet-ostensibly-voluntary data surrender, and industry’s ubiquitous-yet-ostensibly-anodyne collection of the same, inaction is not an option for any near-just society. By revisiting the philosophical basis for Panoptic apparatus, sketching the tumultuous history of US contract law trying to protect the public from itself, and comparing existing industry codes for similarly-situated—read: terrifyingly invasive—fields, the paper will provide a preliminary framework for (...) identifying and confronting the galaxy of problems associated with data analytics. (shrink)

Despite widespread agreement that privacy in the context of education is important, it can be difficult to pin down precisely why and to what extent it is important, and it is challenging to determine how privacy is related to other important values. But that task is crucial. Absent a clear sense of what privacy is, it will be difficult to understand the scope of privacy protections in codes of ethics. Moreover, privacy will inevitably conflict with other values, and understanding the (...) values that underwrite privacy protections is crucial for addressing conflicts between privacy and institutional efficiency, advising efficacy, vendor benefits, and student autonomy. -/- My task in this paper is to seek a better understanding of the concept of privacy in institutional research, canvas a number of important moral values underlying privacy generally (including several that are explicit in the AIR Statement), and examine how those moral values should bear upon institutional research by considering several recent cases. (shrink)

This article concerns the nature and limits of individuals’ rights to privacy over information that they have made public. For some, even suggesting that an individual can have a right to privacy over such information may seem paradoxical. First, one has no right to privacy over information that was never private to begin with. Second, insofar as one makes once-private information public – whether intentionally or unintentionally – one waives one’s right to privacy to that information. In this article, however, (...) we suggest the moral situation is more complicated than this. Rather, we argue that there is a class of public information – namely, once-private information that individuals have made public unintentionally – which remains within the scope of an individuals’ right to privacy, even when it has passed into the public domain. Significantly, this class includes any information rights-holders were unaware could be inferred from information they have made public and which they would not otherwise have wanted to be in the public domain. As we show, as well as clarifying several everyday dilemmas with regards to individuals’ privacy rights, this finding has elucidates a number of problems in the ethics of Big Data. (shrink)

The link between the right to privacy and the right to democratic self-determination is often understood to imply that privacy rights have only instrumental value for democratic participation, and that they consist solely in the possibility to retreat from participation in a public. I examine three arguments for an internal link between both sets of rights: The right to privacy protects political public spheres from epistemic inequality, it protects groups in public from a loss of their deliberative autonomy and it (...) blocks the colonisation of deliberative publics by strategic action orientations. These arguments suggest a genuine political purpose of the right to privacy. (shrink)

Since 2016, when the Facebook/Cambridge Analytica scandal began to emerge, public concern has grown around the threat of “online manipulation”. While these worries are familiar to privacy researchers, this paper aims to make them more salient to policymakers — first, by defining “online manipulation”, thus enabling identification of manipulative practices; and second, by drawing attention to the specific harms online manipulation threatens. We argue that online manipulation is the use of information technology to covertly influence another person’s decision-making, by targeting (...) and exploiting their decision-making vulnerabilities. Engaging in such practices can harm individuals by diminishing their economic interests, but its deeper, more insidious harm is its challenge to individual autonomy. We explore this autonomy harm, emphasising its implications for both individuals and society, and we briefly outline some strategies for combating online manipulation and strengthening autonomy in an increasingly digital world. (shrink)

Most people are completely oblivious to the danger that their medical data undergoes as soon as it goes out into the burgeoning world of big data. Medical data is financially valuable, and your sensitive data may be shared or sold by doctors, hospitals, clinical laboratories, and pharmacies—without your knowledge or consent. Medical data can also be found in your browsing history, the smartphone applications you use, data from wearables, your shopping list, and more. At best, data about your health might (...) end up in the hands of researchers on whose good will we depend to avoid abuses of power.2 Most likely, it will end up with data brokers who might sell it to a future employer, or an insurance company, or the government. At worst, your medical data may end up in the hands of criminals eager to commit extortion or identity theft. In addition to data harms related to exposure and discrimination, the collection of sensitive data by powerful corporations risks the creation of data monopolies that can dominate and condition access to health care. -/- This chapter aims to explore the challenge that big data brings to medical privacy. Section I offers a brief overview of the role of privacy in medical settings. I define privacy as having one’s personal information and one’s personal sensorial space (what I call autotopos) unaccessed. Section II discusses how the challenge of big data differs from other risks to medical privacy. Section III is about what can be done to minimise those risks. I argue that the most effective way of protecting people from suffering unfair medical consequences is by having a public universal healthcare system in which coverage is not influenced by personal data (e.g., genetic predisposition, exercise habits, eating habits, etc.). (shrink)

This article presents the novel view that ‘inclusion into seclusion’ and ‘public disclosure of embarrassing facts’ (‘misuse of private information’ (“MOPI”) in the UK), which both the academic commentary and US case law treat as two separate legal actions, occupy the same conceptual space. This claim has important practical ramifications. No further development of the law is required to realise an actionable intrusion tort as part of the UK’s MOPI tort. The argument is defended in doctrinal and theoretical terms, and (...) by reference to both UK and US law. It is presented in three forms: first, in negative terms, that the orthodox distinction between the two claims (informational privacy and intrusion) is unsustainable; secondly, in positive terms, that both guard against the same wrong (unwarranted privacy-invasion) and the same harm (mental distress), in a way that is distinctive from other privacy actions and legal claims based upon the autonomy value; finally, in pragmatic terms, that MOPI’s mature jurisprudence is sufficiently flexible and dynamic to recognise intrusion-only claims using its existing legal framework. (shrink)

Police do not need a warrant to search information that we reveal to third parties. This so-called “third-party doctrine” is supposed to tell courts when our personal information is no longer private, and therefore not protected by the Fourth Amendment. In the modern world, the doctrine goes too far, leaving much of our most intimate information exposed. We have little choice but to trust third-parties like cell companies, internet service providers, email providers, and the like with most of the data (...) we generate. -/- The root of the problem is the Supreme Court’s restrictive conception of privacy. As the third-party doctrine shows, the Court understands privacy to be a type of secrecy. Just as information is no longer secret when told, the Court thinks information is no longer private after it is shared. In response, scholars have tried to invent entirely new conceptions of privacy or have proposed overruling the third-party doctrine altogether. -/- There is no need for such drastic and unlikely measures. Anglo-American law already has an understanding of privacy, refined over a four-hundred-year tradition, that is up to the task. Long before privacy was important to Constitutional law, it was one of the central concepts for the common law of attorney-client privilege, which protects private communications between attorneys and clients. Importantly, the privilege takes privacy to be a kind of confidentiality, rather than secrecy. Confidences, unlike secrets, can be shared. As a result, attorney-client communications can remain privileged even after voluntary disclosure to third parties if appropriate steps were taken to preserve their confidentiality. Conceiving of privacy as a kind of confidentiality could help soften the bright-line of the third-party doctrine by recognizing when the presence of third parties like cell companies or email providers truly removes privacy interests, and, as importantly, when it does not. Without such a development, the third-party doctrine will not survive the Information Age — or our Fourth Amendment protections will not survive it. (shrink)

This chapter argues that the choice of trust conceptualisations in the context of consumer Internet of Things (IoT) can have a significant impact on the understanding and implementations of a user’s private data protection. Narrow instrumental interpretations of trust as a mere precondition for technology acceptance may obscure important moral issues such as malleability of user’s privacy decisions, and power imbalances between suppliers and consumers of technology. A shift of focus in policy proposals from trust to the trustworthiness of technology (...) can be the first step on the way to addressing these moral concerns. It is argued that complexity of IoT systems, comprised of technological artefacts and institutional data-collecting entities, warrants the moral value of distrust as a prima facie assumption for technological design and regulatory measures. Such a conceptual perspective highlights importance of technological measures that can minimise reliance on trust in consumer IoTs and regulatory measures aimed to improve transparency of IoT architectures. (shrink)

Recent highly publicized privacy breaches in health care and genomics research have led many to question whether current standards of data protection are adequate. Improvements in de-identification techniques, combined with pervasive data sharing, have increased the likelihood that external parties can track individuals across multiple databases. This paper focuses on the communication of identifiability risks in the process of obtaining consent for donation and research. Most ethical discussions of identifiability risks have focused on the severity of the risk and how (...) it might be mitigated, and what precisely is at stake in pervasive data sharing. However, there has been little discussion of whether and how to communicate the risk to potential donors. We review the ethical arguments behind favoring different types of risk communication in the consent process, and outline how identifiability concerns can be incorporated into either a detailed or simplified method of communicating risks during the consent process. (shrink)

This doctoral thesis consists of five research papers that address four tangential topics, all of which are relevant for the challenges we are facing in our socio-technical society: information, security, privacy, and anonymity. All topics are approached by similar methods, i.e. with a concern about conceptual and definitional issues. In Paper I—concerning the concept of information and a semantic conception thereof—it is argued that the veridicality thesis is false. In Paper II—concerning information security—it is argued that the current leading definitions (...) suffer from counter-examples, and lack an appropriate conceptual sense. Based on this criticism a new kind of definition is proposed and defended. In Paper III—concerning control definitions of privacy—it is argued that any sensible control-definition of privacy must properly recognize the context as part of the defining criteria. In Paper IV—concerning the concept of privacy—it is argued that privacy is a normative concept and that it is constituted by our social relations. Final, in Paper V—concerning anonymity—it is argued that the threat from deanonymization technology goes beyond harm to anonymity. It is argued that a person who never is deanonymized can still be harmed and what is at stake is an ability to be anonymous. (shrink)

This paper examines whether American parents legally violate their children’s privacy rights when they share embarrassing images of their children on social media without their children’s consent. My inquiry is motivated by recent reports that French authorities have warned French parents that they could face fines and imprisonment for such conduct, if their children sue them once their children turn 18. Where French privacy law is grounded in respect for dignity, thereby explaining the French concerns for parental “over-sharing,” I show (...) that there are three major legal roadblocks for such a case to succeed in US law. First, US privacy tort law largely only protects a person’s image where the person has a commercial interest in his or her image. Secondly, privacy tort laws are subject to constitutional constraints respecting the freedom of speech and press. Third, American courts are reluctant to erode parental authority, except in cases where extraordinary threats to children’s welfare exist. I argue that while existing privacy law in the US is inadequate to offer children legal remedy if their parents share their embarrassing images of them without their consent, the dignity-based concerns of the French should not be neglected. I consider a recent proposal to protect children’s privacy by extending to them the “right to be forgotten” online, but I identify problems in this proposal, and argue it is not a panacea to the over-sharing problem. I conclude by emphasizing our shared social responsibilities to protect children by teaching them about the importance of respecting one another’s privacy and dignity in the online context, and by setting examples as responsible users of internet technologies. (shrink)

Current technology and surveillance practices make behaviors traceable to persons in unprecedented ways. This causes a loss of anonymity and of many privacy measures relied on in the past. These de facto privacy losses are by many seen as problematic for individual psychology, intimate relations and democratic practices such as free speech and free assembly. I share most of these concerns but propose that an even more fundamental problem might be that our very ability to act as autonomous and purposive (...) agents relies on some degree of privacy, perhaps particularly as we act in public and semi-public spaces. I suggest that basic issues concerning action choices have been left largely unexplored, due to a series of problematic theoretical assumptions at the heart of privacy debates. One such assumption has to do with the influential conceptualization of privacy as pertaining to personal intimate facts belonging to a private sphere as opposed to a public sphere of public facts. As Helen Nissenbaum has pointed out, the notion of privacy in public sounds almost like an oxymoron given this traditional private-public dichotomy. I discuss her important attempt to defend privacy in public through her concept of ‘contextual integrity.’ Context is crucial, but Nissenbaum’s descriptive notion of existing norms seems to fall short of a solution. I here agree with Joel Reidenberg’s recent worries regarding any approach that relies on ‘reasonable expectations’ . The problem is that in many current contexts we have no such expectations. Our contexts have already lost their integrity, so to speak. By way of a functional and more biologically inspired account, I analyze the relational and contextual dynamics of both privacy needs and harms. Through an understanding of action choice as situated and options and capabilities as relational, a more consequence-oriented notion of privacy begins to appear. I suggest that privacy needs, harms and protections are relational. Privacy might have less to do with seclusion and absolute transactional control than hitherto thought. It might instead hinge on capacities to limit the social consequences of our actions through knowing and shaping our perceptible agency and social contexts of action. To act with intent we generally need the ability to conceal during exposure. If this analysis is correct then relational privacy is an important condition for autonomic purposive and responsible agency—particularly in public space. Overall, this chapter offers a first stab at a reconceptualization of our privacy needs as relational to contexts of action. In terms of ‘rights to privacy’ this means that we should expand our view from the regulation and protection of the information of individuals to questions of the kind of contexts we are creating. I am here particularly interested in what I call ‘unbounded contexts’, i.e. cases of context collapses, hidden audiences and even unknowable future agents. (shrink)

In the first part of the 21st century, the complicated relationship between transparency and security reached a boiling point with revelations of extra-judicial CIA activities, near universal NSA monitoring and unprecedented whistleblowing – and prosecution of whistleblowers under the Espionage Act. This article examines the dual necessities of security and transparency for any democracy, and the manner in which whistleblowers radically saddle this Janus-faced relationship. Then I will move to contemporary examples of whistleblowing, showing how and why some prove more (...) damaging or beneficial than others. I will conclude with some suggestions as to practical reforms which might mitigate the seemingly inevitable pendulum-swinging between Snowden-style vigilantism and a panoptic security state. (shrink)

Standing is a peculiar norm, allowing for deflecting that is rejecting offhand and without deliberation interventions such as directives. Directives are speech acts that aim to give directive-reasons, which are reason to do as the directive directs because of the directive. Standing norms, therefore, provide for deflecting directives regardless of validity or the normative weight of the rejected directive. The logic of the normativity of standing is, therefore, not the logic of invalidating directives or of competing with directive-reasons but of (...) ‘exclusionary permission’. That is, standing norms provide for permission to exclude from practical deliberation directive-reasons if given without the requisite standing, regardless of their normative weight. As such, standing is a type of second-order norm. Numerous everyday practices involve the deflection of directives, such as pervasive practices of deflecting hypocritical and officious directives. Of various possible models, the one that best captures the normative structure of these practices of deflection is the standing model. Accordingly, the normativity of standing is pervasive in our everyday practices. Establishing that standing, although a neglected philosophical idea, is a significant and independent normative concept. (shrink)

In this note, we would like to respond to some remarks with which Cass Sunstein has, in turn, responded to our paper 'Nudges as a Threat to Privacy' in this journal. First, we address his contention that nudges are among the less problematic government practices as regards to privacy issues. Second, as he has clarified in his response that he doesn't think an all too well-informed government would be a good idea, we point out that this leaves a gaping hole (...) in his justification of libertarian paternalism. Third, we point out a new problem with gathering information about the preferences of citizens, namely that observation tends to distort behavior and hence leads to misguided inferences about goals and ends. (shrink)

In discussions of state surveillance, the values of privacy and security are often set against one another, and people often ask whether privacy is more important than national security.2 I will argue that in one sense privacy is more important than national security. Just what more important means is its own question, though, so I will be more precise. I will argue that national security rationales cannot by themselves justify some kinds of encroachments on individual privacy (including some kinds that (...) the United States has conducted). Specifically, I turn my attention to a recent, well publicized, and recently amended statute (section 215 of the USA Patriot Act3), a surveillance program based on that statute (the National Security Agency’s bulk metadata collection program), and a recent change to that statute that addresses some of the public controversy surrounding the surveillance program (the USA Freedom Act).4 That process (a statute enabling surveillance, a program abiding by that statute, a public controversy, and a change in the law) looks like a paradigm case of law working as it should; but I am not so sure. While the program was plausibly legal, I will argue that it was morally and legally unjustifiable. Specifically, I will argue that the interpretations of section 215 that supported the program violate what Jeremy Waldron calls “legal archetypes,”5 and that changes to the law illustrate one of the central features of legal archetypes and violation of legal archetypes. The paper proceeds as follows: I begin in Part 1 by setting out what I call the “basic argument” in favor of surveillance programs. This is strictly a moral argument about the conditions under which surveillance in the service of national security can be justified. In Part 2, I turn to section 215 and the bulk metadata surveillance program based on that section. I will argue that the program was plausibly legal, though based on an aggressive, envelope-pushing interpretation of the statute. I conclude Part 2 by describing the USA Freedom Act, which amends section 215 in important ways. In Part 3, I change tack. Rather than offering an argument for the conditions under which surveillance is justified (as in Part 1), I use the discussion of the legal interpretations underlying the metadata program to describe a key ambiguity in the basic argument, and to explain a distinct concern in the program. Specifically that it undermines a legal archetype. Moreover, while the USA Freedom Act does not violate legal archetypes, and hence meets a condition for justifiability, it helps illustrate why the bulk metadata program did violate archetypes. (shrink)

“Big Data” and data analytics affect all of us. Data collection, analysis, and use on a large scale is an important and growing part of commerce, governance, communication, law enforcement, security, finance, medicine, and research. And the theme of this symposium, “Individual and Informational Privacy in the Age of Big Data,” is expansive; we could have long and fruitful discussions about practices, laws, and concerns in any of these domains. But a big part of the audience for this symposium is (...) students and faculty in higher education institutions (HEIs), and the subject of this paper is data analytics in our own backyards. Higher education learning analytics (LA) is something that most of us involved in this symposium are familiar with. Students have encountered LA in their courses, in their interactions with their law school or with their undergraduate institutions, instructors use systems that collect information about their students, and administrators use information to help understand and steer their institutions. More importantly, though, data analytics in higher education is something that those of us participating in the symposium can actually control. Students can put pressure on administrators, and faculty often participate in university governance. Moreover, the systems in place in HEIs are more easily comprehensible to many of us because we work with them on a day-to-day basis. Students use systems as part of their course work, in their residences, in their libraries, and elsewhere. Faculty deploy course management systems (CMS) such as Desire2Learn, Moodle, Blackboard, and Canvas to structure their courses, and administrators use information gleaned from analytics systems to make operational decisions. If we (the participants in the symposium) indeed care about Individual and Informational Privacy in the Age of Big Data, the topic of this paper is a pretty good place to hone our thinking and put into practice our ideas. (shrink)

The public constitutes a major stakeholder in the debate about, and resolution of privacy and ethical The public constitutes a major stakeholder in the debate about, and resolution of privacy and ethical about Big Data research seriously and how to communicate messages designed to build trust in specific big data projects and the institution of science in general. This chapter explores the implications of various examples of engaging the public in online activities such as Wikipedia that contrast with “Notice and (...) Consent” forms and offers models for scientists to consider when approaching their potential subjects in research. Drawing from Lessig, Code and Other Laws of Cyberspace, the chapter suggests that four main regulators drive the shape of online activity: Code (or Architecture), Laws, Markets, and Norms. Specifically, scientists should adopt best practices in protecting computerized Big Data (Code), remain completely transparent about their data management practices (Law), make smart choices when deploying digital solutions that place a premium on information protection (Market), and, critically, portray themselves to the public as seriously concerned with protecting the privacy of persons and security of data (Norms). The community of Big Data users and collectors should remember that such data are not just “out there” somewhere but are the intimate details of the lives of real persons who have just as deep an interest in protecting their privacy as they do in the good work that is conducted with such data. (shrink)