Privacy in context Author: Helen Nissenbaum Juan Lockett, Junghwan Shin, J. Karlo Pajota, Mike Nguyen, Vikesh Parmar, Wing Shan Ho (Rosana), Adom Greene, James Turman

Introduction Part I : Information Technology’s Power and Threat Part II: Critical Survey of Predominant Approaches to Privacy Part III: The Framework of Contextual Integrity

Part I: Chapter 1 Overview of technology-based systems and practices that are seen as threats to privacy Closed-Circuit Television Sensor Networks Data records

Part I: Chapter 1 Overview of technology-based systems and practices that are seen as threats to privacy Mobile Phone Triangulation Global Positioning Systems (GPS) Tracking Applications

Part I: Chapter 1 Overview of technology-based systems and practices that are seen as threats to privacy In Public Roadways: License Plate Readers

Part I: Chapter 1 Overview of technology-based systems and practices that are seen as threats to privacy In Online Monitoring:

Part I: Chapter 1 Overview of technology-based systems and practices that are seen as threats to privacy Uses of Radio Frequency Identification (RFID): ●Road toll systems ●Proximity cards ●Keyless automobile entry ●Tracking of air cargo ●Wristbands for newborn ●Implantable transponder chip ●Tracking of goods along distribution channel ●RFID-enabled passports ●RFID-enabled Identification cards

Part I: Chapter 2 Knowing Us Better than We Know Ourselves: Massive and Deep Databases Three areas of information science and technology have contributed to the landscape of threat 1.Capacity2. The Internet3. Advances in Computer Software

Part I: Chapter 2 The Four Pivotal Transformations 1. Democratization of Database Technologies: 2. Information Mobility: EMR EHR Vendors

Part I: Chapter 2 The Four Pivotal Transformations 3. Information Aggregation: 4. Information from Data, Knowledge from Information: DB 1 DB 2 Internet

Part I: Chapter 2 The Four Pivotal Transformations Netflix’s recommendation engine Amazon’s item-to-item collaborative filtering

Part I: Chapter 2 Online Data Vendors ●Acxiom Corporation ●ChoicePoint, Inc. ●First Advantage Corporation

Part I: Chapter 3 ●Capacity to Spread and Find Everything, Everywhere ●Enhanced powers to gather and stockpile information have yielded socio-technical practices often experienced as threats to privacy

Part I: Chapter 3 cont. ●Public records are government records about individuals that are open to public inspection without restriction

Part I: Chapter 3 cont. ●The degree of their accessibility is generally determined by two regulatory regimes exerting force in opposite directions. ●1966 Freedom of Information Act ●1974 Privacy Act

Part I: Chapter 3 cont. ●Social networking sites constitute a subdomain of the larger social software ecosystem,sometimes called Web 2.0 ●a loose class of Web sites dedicated to creating and maintaining social ties, groups, and networks.

Part I: Chapter 3 cont. ●At least three different types of privacy issues have arises in the context of social network sites.

Part II Chapter 4 Locating the Value in Privacy Ruth Gavison: privacy locates its value in its functional relationship to valued ends, including human well-being and development, creativity, autonomy, mental health, and liberty

Part II Chapter 4 cont. Hoven: Four types of moral reasons for why privacy deserves protection: 1. Information-based harm: ●increase critical transactions through internet and phone ●unrestricted availability of information e.g SSN, passwords ●protects against identity theft and undesirable access to personal information

Part II Chapter 4 cont. 2. Informational inequality: ●e.g get a job, obtain a critical loan ●We have little or no voice or choice in the data collections and sharing process ●We do not know who has what information, how they got it... ●restricts the ability of governments, corporations, etc. to collect information about individuals in a one-way

Part II Chapter 4 cont. 3. Informational injustice: ●e.g a job candidate's medical history or religious affiliation found in company’s file → may affect the hiring manager’s decision ●ensures that information is only used in the appropriate context

Part II Chapter 4 cont. 4. Encroachment on moral autonomy: ●allows individuals to independently pursue moral development ●the capacity to reflect on our moral career, ●identify with our own moral choice ●without interference of others ●without pressure to conform to the “normal” or socially desired identities

Chapter 5: Privacy in Private Private and Public ●Private and public have varying meaning from arena to arena o to citizens private means familial, or intimate relations o public means civic actions beyond the home and the personal

Chapter 5: Privacy in Private continued Information:Private versus public ●Scope and extent of privacy protection o FERPA(Family Education Rights and Privacy Act) o HIPPA(Health Insurance Portability and Accountability Act) o Video Privacy Protection Act o US Patriot Act o FCC’s Net Neutrality Act

Chapter 5: Privacy in Private continued Interactions, Gray Areas, and Applications ●Garbage is considered a gray area because it has been ruled public domain by the courts ●Internet ●Telephone conversations

Part II: Chapter 6 Skeptic’s points against privacy: 1.Convenience over privacy 2.“Media exhibitionism” ●People unaware their information is being used ●Key point: The framework of contextual integrity is able to respond to all challenges

C hapter 7: Context Informational Norms ●Contextual Integrity ○ holds when context of relative informational norms are respected; it is violated when they are breached ●Attributes ○ type of information ●The inappropriateness of flow of information ○ Sender, Receiver, Type of Information Google + & Facebook Health care information

Part III: Chapter 8 Contextual integrity as a justification ●Adheres to currently accepted norms o Cost of any new practice not adhering to norms is not justified ●Tyranny of the normal o Unless the technology is accepted as normal it is not accepted at all ●Conservatism o expectations being fulfilled o violation of conservative norms is a breach of contextual integrity

Part III: Chapter 8 continued Contextual values vs. value of contexts ●Contextual norms are to be overcome when novel practices are clearly needed ●When a current practice is in violation of norms o What are it’s information flows? o What is the main context? o How and why does it defy norms? o What are the moral factors? o Where does it deviate from the norms?

Part III: Chapter 9 Privacy Rights in Context: Applying the framework ●Privacy is one of the most enduring social issues associated with information technologies. ○Public discourse through radical transformations of technology from stand-alone computers. ○Housing massive databases of government and other large institutions. ○To the current distributed network of computers with linked information systems, such as the World Wide Web, networked mobile devices, video and radio-frequency surveillance systems, and computer- enabled biometric identification.

Part III: Chapter 9 cont. ●Contextual integrity ties adequate protection for privacy to norms of specific contexts, demanding that information gathering and dissemination be appropriate to that context and obey the governing norms of distribution within it. ●Three key elements of the framework - explanation, evaluation and prescription. ○Explanation - Affect people’s reactions to new systems or practices. ○Evaluation - Resolve a controversy, or at least to clarify what is at stake. ○Prescription - Resistance and protest

Part III: Chapter 9 cont ●Problems arise when policies governing systems and practices assume that only the private warrants privacy protection and for the rest, anything goes. ●The new system violates contextual integrity. ○CCTV - Control over personal information. ○RFID - Information transmit ○Online - Network diminishes information flow etc ○Search engines - Personal information. ○Social network - Privacy sharing ●Conclusion - controversial issues of privacy have been in the world. Information technology has good things but bad things.