Contextual Integrity as a Normative Guide for Privacy Helen Nissenbaum New York University * School of Information, UC Berkeley April 2, 2008 * Supported.

Slides:

Advertisements

Similar presentations

© PMB 2007 Learning for Life and Work Unit 2: Statutory Minimum Requirements.

Advertisements

Constitutions, Law and Judiciary

Authority and Democracy Self-Determination. Analogy individual autonomy – state autonomy Christian Wolff: “Nations are regarded as individuals free persons.

Key Concepts in Civic, Social and Political Education Civic, Social and Political Education (CSPE) Gerry Jeffers.

INTERNATIONAL UNION FOR CONSERVATION OF NATURE. 2 Implemented in 12 countries of Africa, Asia, Latin America and the Middle East, through IUCN regional.

Criteria For Approval 45 CFR CFR Minimized risks Reasonable risk/benefit ratio Equitable subject selection Informed consent process Informed.

Tri-Council Policy Statement 2010 Ethical Conduct for Research Involving Humans.

Medical Ethics Lecturer :Noha Alaggad

HUMAN RIGHTS Right of everyone to the enjoyment of the highest attainable standard of physical and mental health Heather Payne-Drakes.

Challenges to freedom of expression The right to freedom of expression is a “foundation right” in society. It protects the right to: -Express ourselves.

Ethnocultural Minorities in Liberal Democracies Raphael Cohen-Almagor University of Haifa, ISRAEL Will Kymlicka Queen's University, CANADA.

Human Rights What are they?.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford), and Helen Nissenbaum (NYU) TRUST Winter.

Insights on the Legal Landscape for Data Privacy in Higher Education Rodney Petersen, J.D. Government Relations Officer and Security Task Force Coordinator.

Problems with Notice and Consent? Helen Nissenbaum, NYU INCO-TRUST Workshop, May Work supported by: NSF ITR : Sensitive Information in.

Social Philosophy Social philosophy is not ethics, because it is not concerned with identifying a norm of good conduct; nor is it politics, because it.

On Privacy and Compliance: Philosophy and Law meets Computer Science Anupam Datta Stanford University Oakland PC Crystal Ball Workshop January 2007.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 16 and 17: March 27 and 29, 2007 Solove’s taxonomy of privacy.

Contextual Integrity in PORTIA PI: Helen Nissenbaum Students: Timothy Weber & Michael Zimmer New York University In collaboration with: Sam Hawala (U.S.

Research Ethics Dr Andrew Armitage. Morals or ethics? Morals: –Of, pertaining to, or concerned with the principles or rules of right conduct or the distinction.

What if my organization conducts business across borders ? Your footnote Privacy and “Personal Information” have different meanings in different countries;

Philosophy A philosophy is a system of beliefs about reality.

Data Protection in Higher Education: Recent Experiences in Privacy and Security Institute for Computer Law and Policy Cornell University June 29, 2005.

The principles used by AUTEC in granting ethical approval for research.

1 When hate speech tangles privacy... When hate speech tangles privacy...

Privacy in context Author: Helen Nissenbaum Juan Lockett, Junghwan Shin, J. Karlo Pajota, Mike Nguyen, Vikesh Parmar, Wing Shan Ho (Rosana), Adom Greene,

Basic Principles: Ethics and Business

Contextual Integrity & its Logical Formalization 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.

Privacy as contextual integrity Helen Nissenbaum New York University September 6, 2007 Ars Electronica, Linz Support.

What Should Be A Crime?. Recall: Two Main Perspectives 1. Achieving social order outweighs concerns for social justice. 2. CJ system goals must be achieved.

0x1A Great Papers in Computer Security Vitaly Shmatikov CS 380S

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford) Helen Nissenbaum (NYU)

The Eighth Asian Bioethics Conference Biotechnology, Culture, and Human Values in Asia and Beyond Confidentiality and Genetic data: Ethical and Legal Rights.

Liberalism Michael Doyle Lecture 3 Kaisa Ellandi.

© 2011 Underwriters Laboratories Inc. All rights reserved. This document may not be reproduced or distributed without authorization. ASSET Safety Management.

Privacy in Context Helen Nissenbaum Department of Culture and Communication New York University m Research supported.

Privacy Professional Practice for Computer Science Guest Lecture, 05 March 2007 Philippa Lawson Director, Canadian Internet Policy & Public Interest Clinic.

IBT - Electronic Commerce Privacy Concerns Victor H. Bouganim WCL, American University.

Sex, Drugs, Rock and Role, and Other Ethical Dilemmas in Community Based Research Robert T. Trotter, II General Motors Sigma Xi Lecture Dec. 4, 2003.

HACETTEPE UNIVERSITY FACULTY OF MEDICINE CONTINUOUS ETHICS EDUCATION PROGRAM 1.

Dimensions of Privacy 18739A: Foundations of Security and Privacy Anupam Datta Fall 2009.

Understanding of Norms: a developmental context. 3 Function of norms  coordinating actions, beliefs, feelings, expectations  Norms represent social.

Privacy as Contextual Integrity Helen Nissenbaum Department of Culture & Communications, NYU

Usable Security – CS 6204 – Fall, 2009 – Dennis Kafura – Virginia Tech Privacy in Context: Contextual Integrity Peter Radics Usable Security – CS 6204.

American Political Culture. What is it??!?? Widely shared beliefs, values & norms concerning the relationship of citizens to gov’t & each other Shared.

Sociological Analysis of Education Theories of Schooling.

Ethical Issues in School Nursing Care Adebola E. Orimadegun Institute of Child Health College of Medicine University of Ibadan.

Approved for Public Release. Distribution Unlimited. 1 Government Privacy Rick Newbold, JD, MBA, CIPP/G Futures Branch 28.

Privacy and Contextual Integrity: Framework and Applications Adam Barth, Anupam Datta, John C. Mitchell (Stanford) Helen Nissenbaum (NYU)

1 Copyright © International Security, Trust & Privacy Alliance -All Rights Reserved Making Privacy Operational International Security, Trust.

Public Sector Duty: Putting Equality and Human Rights at the Heart of the National Drugs Strategy NIALL CROWLEY.

Human Rights Act, Privacy in the context of auditing Phil Huggins Chief Technologist, IRM PLC

Freedom of expression: underlying principles and sources

1 Ethical Issues in Computer Science CSCI 328, Fall 2013 Session 13 Privacy as a Value.

1 Ethics of Computing MONT 113G, Spring 2012 Session 31 Privacy as a value.

6/5/ PROMOTION AND PROTECTION OF HUMAN RIGHTS AS PREREQUISITE FOR GOOD GOVERNANCE PREPARED BY: IBRAHIM MZEE IBRAHIM CLERK, HOUSE OF REPRESENTATIVES.

The Ethics of Privacy in the Digital Society Ethical issues of emerging information and communication technologies Professor Bernd Carsten Stahl.

Other Human Rights instruments for persons with disabilities in Turkey and the Western Balkans: CEDAW Ana Pelaez UNITED NATIONS COMMITTEE ON THE RIGHTS.

Building Strong Library Associations | Library Associations in Society: An Overview DAY 1 Session 3 What is the context of Library Associations in your.

IR 306 Foreign Policy Analysis

Research Ethics Dr Nichola Seare Aston Health Research & Innovation Cluster.

Principles of Health Care Ethics

Privacy and the library patron: an ongoing ethical challenge

State of the privacy union

Freedom, Order, or Equality?

Analysis of Privacy and Data Protection Laws and Directives

IAPP TRUSTe SYMPOSIUM 9-11 JUNE 2004

18734: Foundations of Privacy

Nursing informatics Lecture (11).

Ethics and Politics of Computational Social Science

Presentation transcript:

Contextual Integrity as a Normative Guide for Privacy Helen Nissenbaum New York University * School of Information, UC Berkeley April 2, 2008 * Supported by NSF ITR : Sensitive Information in a Wired World (PORTIA)

The privacy conundrum +Controversial socio-technical systems -- track and monitor, aggregate and analyze, and publish and disseminate personal information E.g. CCTV, RFID, DRM, Choicepoint, public records online, Facebook. +Non-controversial socio-technical systems E.g. body function monitoring in hospitals +Need for a moral/political “justificatory framework” E.g. distinguish oppressive from benign surveillance

Some other approaches Resort to private/public distinction E.G Canadian physicians and PIPEDA (2001) Support control by subject All out interest brawl Values tradeoffs

Contextual Integrity { bringing the social layer into view } is a measure of how closely the flow of personal information conforms to context-relative informational norms. Contextual integrity is violated when these norms are breached.

Contexts … Structured social settings (“Institutions”) Characterized by roles, relationships, power structures, canonical activities, strategies, norms (rules), enforcement mechanisms, and internal values (goals, ends, purposes) E.g. health-care, education, politics, religious observance

more about contexts… Evolve over time in cultures and societies, subject to historical, cultural, geographic contingencies May be nested, overlap, conflict May be more or less explicit, formalized, institutionalized (e.g. class clown vs. judge) May be more or less “complete”

Among the norms context-relative Informational Norms In a context, the flow of information of a certain type (attributes) about a subject (acting in a particular capacity/role) from a sender (possibly the subject, acting in a particular capacity/role) to a recipient (acting in a particular capacity/role) is governed by a particular transmission principle. key parameters: contexts, attributes, actors, transmission principles

Transmission Principles** e.g. Consent (subject controls) Notice (subject is/is not aware of transmission) Compulsion (e.g. earnings to IRS) Confidentiality Fiduciary Sale Barter Reciprocity Entitlement, desert Need Secrecy? Etc…

Contextual Integrity in a nutshell … Context-Relative Informational Norm expressed in linear temporal logic A. Barth, A. Datta, J. Mitchell, and H. Nissenbaum, (2006) “Privacy and Contextual Integrity: Framework and Applications,” Proceedings of the IEEE Symposium on Security and Privacy.

Contextual Integrity Contextual Integrity holds when context-relative informational norms are respected; it is violated when they are breached. ~ When people complain privacy is violated, look for violations of CI! ~ Surveillance is NOT always problematic ~ Privacy is NOT control over information about oneself ~ Privacy is NOT secrecy; it is appropriate flow ~ Many of our privacy laws reach for CI ~The U.S. sectoral approach is NOT a bad thing

Q: Is CI conservative? A: Yes, in a sense. {problems with the “reasonable expectations” test} Opportunity Costs “perhaps there is something better…” Tyranny of the Normal “entrenched practice wins the day …” {engineering away privacy}

I. Evaluating the merits of new practices against entrenched norms … Moral and political considerations Harms to information subjects (e.g. stigma, discrimination, identity theft) Impacts on justice, balance of power, fair distribution of goods Impacts on freedoms, autonomy, democracy, property Impacts on security, efficiency CI as a normative guide

II. Evaluating the merits of new practices against entrenched norms … Explore impacts on ends-purposes-values of a context {The MEANING of impacts within contexts} Healthcare (hospital surveillance, psychotherapy) Workplaces Friendship (Tripp/Lewinsky) * Democratic elections vs. Congressional voting TMN and websearch privacy CASSIE in public libraries Mobility on the roads (VSCS) CI as a normative guide

Review When novel practices violate entrenched informational norms, Presumption favors entrenched norms {Why?} Novel practices may legitimately overrule entrenched norms if shown to fulfill evaluation requirements

Conclusion: lots more work to be done. Understand contexts and informational norms Expand understanding of transmission principles Explore the relation between information flows and ends-purposes-values Study privacy law through the lens of contextual integrity (e.g. GLBA, Video Privacy Protection Act, Drivers Privacy Protection Act, FERPA, HIPAA Privacy Rules) * * *