privacy by design (ecrea preconference 12)
DESCRIPTION
TRANSCRIPT
Trapped in My Mobility: Privacy by Design or Another Catchphrase for Privacy Lock-in
Mihaela Popescu Lemi Baruh
Privacy By Design?
• Two legal frameworks– FTC Privacy Framework (March 2012)– EU Proposed Reforms to Data Protection
Directive of 1995• Privacy by Design (Ann Cavoukian)– Incorporation of privacy concerns to
every stage of digital product development
– Compete on the basis of privacy.– Simplify consumer choice (give the
ability to the consumer to limit the original party to the transaction from sharing data with a thir commercial company)
Premise
• Exclusive focus on privacy as data control• Alternatives?
Captive audience
• Justice Douglas, 1952: Situation when audiences have no choice but to listen to a message forced upon them.• Captive audiences are
audiences without funtional opt-out mechanisms to aviod situations of coercive communication.
Captive audience (cont)
• Power differential between communicators and audiences: –messages “thrust upon” observers –“a verbal assault”–“inflame the sensibilities”– speakers “force [their] message”–attention is “bludgeoned”
Captive audience (cont)
• “particular situations where people are particularly subject to unjust and intolerable harassment and coercion” (Balkin, 1999)• Coercive situation• Incurred costs for exit
Captive audienceaudiences
w/o functional opt-out mechanisms
to avoid situations of coercive
communication
Functional opt-outmechanisms
used under agreed-upon expectations of
privacy without significant costs
1. Contextual marketing as coercive
communication?
“Marketing to a segment of one”
• FTC: Individual autonomy=data autonomy– Informed consent over data collection
• Corporate rhetoric: Desired communication=better customization
Contextual marketing
• Location + personal history + social filters + life event triggers–“The old buying model [asked about
customers] 'When did I buy last? What did I buy? And how much did I buy?'…Now, it's about, 'Where am I at the moment? What is it that I'm purchasing right now? And with whom am I conversing at that moment?'” (Gary S. Laben, KBM Group)
Privacy of choice
• Is contextual marketing coercive communication?• “autonomy trap” (Zarsky
2004); Threat to autonomy of choice.• Imagine for example a Bride
to be waiting in line at the Filene's Basement
2. Signalling privacy expectations?
Signaling mechanisms
• Social conventions• Legal tradition: social
expectations of privacy are place-dependent• Place as a nexus for signaling
mechanisms
Place as signal
• Mobile technologies: Public vs. private; virtual vs. material; online vs. offline• The widening of the gap
between what is "naturally private" and what is "normatively private"
3. Cost of exit strategies?
Privacy as a market product
• FTC: “standardize the format and the terminology used in privacy statements so that consumers can compare the data practices of different companies and exercise choices based on privacy concerns, thereby encouraging companies to compete on privacy.”
Switching costs
• Lock-ins (Shapiro & Varian, 1999):– Financial– Legal– Technological– Time investment…– Social investiment (Sal Humphrey from the morning section)
• Customization: durable lock-ins, high switching costs
Disincentives for privacy
• Lock-ins=“sticky” relationships between users and mobile platforms• Lock-ins are disincentives for
better privacy (Bonneau & Preibusch, 2010, 2011)
Impact of FTC market logic
• No attempt to break privacy lock-ins• Outcome: incentives for
horizontally integrated companies to standardize privacy policies across all their services
Impact of market logic (cont)
• Increased opt-out costs• Onus on consumers to
identify comparable services with friendlier privacy policies
Summary of Privacy by Design
• Limited view of user choice• Limited user control over
communication boundaries• Increases user opt-out costs
Principles
• Restore user control over communicative interaction rather than data
• Define “privacy modes” for mobile devices
• Design recognizable signals• Enforce “privacy modes” -
Integrate information about data practices with choice.