Skip to content

The Governance of Privacy

networktopographyBennett and Raab’s The Governance of Privacy is meant to address the politics of privacy protection as they regard personal information. The authors interrogate the public policies of ‘borderless’ and ‘bordered’ worlds in mapping privacy’s governance structure in contemporary regulatory environments. By the time that we reach the third, and last, section of the text, Bennett and Raab have already talked about policy goals and the instruments implicated in those goals; part three considers the impacts of using those instruments in realizing policy goals.

We begin the third section of the book by evaluating policy instruments and “their interrelationships as mutually supportive or conflicting components in privacy-protection systems” (Bennett and Raab 2006: xxvi). The configuration of these instruments lets us identify particular privacy regimes, and entail asking how commissioners, advocates, laws, and so forth, are arranged. To let us evaluate these instruments, four dominant comparative methods are offered: Continued…

Posted in Session Two.

No comments

By Christopher May 28, 2009

Confused by Public/Private Keys in Cryptography?

missyelliotencryptionAs you likely know, some of the reading for the upcoming module has us looking at Diffie and Landau’s excellent work in Privacy on the Line, with an emphasis on how encryption actually works. Personally, I find the discussion of public/private key exchanges invigorating, but also know that it took me some time to wrap my head around it. I came across a good posting about the Diffie-Hellmen key (you’ll read about it in the chapters assigned in Privacy on the Line) that I thought I’d share.

Public key cryptography[2] was invented in 1976 by Martin Hellman and Whitfield Diffie. It is a cryptographic system that requires two keys for each user, a public key that is known to everyone and a secret key that is known only to that user. This negates the problem with symmetric key encryption where the key must be exchanged before messages can be understood. When a user wants to send a secure message, they use the public key of the recipient to encrypt the message before the recipient then decrypts the message by using their own private key. It is important that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. It is also important that the private key cannot be discovered by knowing the public key.

Public key systems are becoming very popular for transmitting information over the Internet due to the fact that they are very secure and easy to use. The main difficulty with this system is that to encrypt a message correctly it is necessary to already have the intended recipient’s public key. This means that a public server needs to be used which holds all the user’s public keys, which can be accessed by anybody. An example of a popular application that utilises the Public-key cryptography principles is the Voice over IP (VoIP) program Skype (Source).

The rest of Stuarts post is really, really good – I’d highly recommend it given that it’s written in very accessible language/terms and gives a nice, very quick, overview of the study of cryptography. Definitely helpful for orienting discussions on the topic!

Posted in Session Two.

No comments

By Christopher May 17, 2009

Who Gives a ‘Tweet’ About Privacy?

antitwitterThis is a full draft of the paper on Twitter and privacy that I’ve been developing over the past few weeks, entitled ‘Who Gives a ‘Tweet’ About Privacy?’ It uses academic privacy literature to examine Twitter and the notion of reasonable expectations of privacy in public. It is written to help nuance privacy discussions about whether the discourse occuring on Twitter should be read as ‘public’ or ‘private’ communication (and, implicitly, similar social networking and blogging sites). The paper focuses on concepts of privacy and, as such, avoids deep empirical analyses of how the term ‘privacy’ is used by particular members of the social networking environment. Further, the paper avoids delving into the web of legal cases that could be drawn on to inform this discussion. Instead, it is theoretically oriented around the following questions:

  1. Do Twitter’s users have reasonable expectations to privacy when tweeting, even though these tweets are the rough equivalent of making statements in public?
  2. If Twitter’s user base should hold expectations to privacy, what might condition these expectations?

The paper ultimately suggests that Daniel Solove’s taxonomy of privacy, most recently articulated in Understanding Privacy, offers the best framework to respond to these question. Users of Twitter do have reasonable expectations to privacy, but as discussed by Solove such expectations are conditioned by juridical understandings of what is and is not reasonable. In light of this, I conclude by noting that his use of law to recognize norms is contestable. Thus, while privacy theorists may adopt his method (a focus on privacy problems to categorize types of privacy infractions), they might profitably condition how and why privacy norms are established – court rulings and dissenting opinions may not be the best foundation upon which to rest our privacy claims – by turning to non-legal understandings of norm development, degeneration, and mutation.

Paper can be downloaded here.

Posted in Papers, Session One.

2 comments

By Christopher May 11, 2009

Facial Blurring = Securing Individual Privacy?

Google Streetview Privacy?The above image was taken by a Google Streetcar. As is evident, all of the faces in the picture have been blurred in accordance with Google’s anonymization policy. I think that the image nicely works as a lightning rod to capture some of the criticisms and questions that have been arisen around Streetview, and would be interesting to think/talk about in reference to our course. Specifically:

1. Does the Streetview image-taking process itself, generally, constitute a privacy violation of some sort?
2. Are individuals’ privacy secured by just blurring faces?
3. Is this woman’s privacy being violated/infringed upon in so way as a result of having her photo taken? Continued…

Posted in Discussion Piece.

No comments

By Christopher April 22, 2009

Privacy as Contextual Integrity

nissenbaumHelen Nissenbaum (pictured left) is a dynamic philosopher of technology who’s work is now focused on providing a justificatory privacy framework. Her framework is meant to capture the nature of the challenges posed by contemporary information technologies. To be successful, it must speak to situations where there is a widespread dissemination of ‘public’ info (e.g. moving government records online), address the effects of the advances of data storage, retrieval, and analysis (e.g. consumer profiling and data mining), and attend to the hyper-efficient ability to capture data (e.g. RFID tags). Rather than approach these three sets of issues from a policy angle, she wants to find the foundation of law and policy as expressed in terms of moral, political, and social values.

As a caveat: her article “Privacy as Contextual Integrity” focuses on individuals, not groups or organizations, and recognizes a difference between personal and sensitive data.

Prior to discussing contextual integrity itself Continued…

Posted in Session One.

2 comments

By Christopher April 17, 2009

Engaging Privacy by Christopher Parsons, Pablo Ouziel, Adam Molnar, Jonathan Floyd, Colin Bennett is licensed under a Creative Commons Attribution-Non-Commercial-Share Alike 2.5 Canada License.