Fwd: ISPI Clips 167.024: TA - Madrigal Gush Fest Over Helen Nissenbaum's Privacy Approach

FYI

The privacy and public-policy approach that I have been working on to  
address intrusive surveillance technologies is heavily  influenced by  
Michael Walzer and similar to Nissenbaums.  Hopefully, this direction  
towards contextual regulation of information will destroy the new UK  
gov surveillance approach.

  - Mark

Begin forwarded message:

> From: "ama-gi ISPI" <ispi4privacy@earthlink.net>
> Date: 2 April 2012 09:05:14 BST
> To: "Institute for the Study of Privacy Issues" <ISPI@PrivacyNews.com>
> Subject: ISPI Clips 167.024: TA - Madrigal Gush Fest Over Helen  
> Nissenbaum's Privacy Approach
> Reply-To: "ama-gi ISPI" <ISPI@PrivacyNews.com>
>
>       ISPI Clips: News on Identity, Surveillance and Privacy Issues
>                  Institute for the Study of Privacy Issues (ISPI)
>                           Quis custodiet ipsos custodes?
>                             http://www.PrivacyNews.com
>
>
> ISPI Clips 167.024: Madrigal Gush Fest Over Helen Nissenbaum's Privacy
> Approach
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> This From: The Atlantic, March 29, 2012
> http://www.theatlantic.com
>
> The Philosopher Whose Fingerprints Are All Over the FTC's New  
> Approach to
> Privacy
> http://www.theatlantic.com/technology/archive/2012/03/the-philosopher-whose-fingerprints-are-all-over-the-ftcs-new-approach-to-privacy/254365/
>
> By Alexis Madrigal, The Atlantic
> Mar 29 2012, 4:44 PM ET
>
> PALO ALTO -- A mile or two away from Facebook's headquarters in  
> Silicon
> Valley, Helen Nissenbaum of New York University was standing in a  
> basement
> on Stanford's campus explaining that the entire way that we've  
> thought about
> privacy on the Internet is wrong.
>
> It was not a glorious setting. The lighting was bad. The room was half
> empty. Evgeny Morozov was challenging her from the back of the room  
> with
> strings of tough, almost ludicrously detailed questions.
>
> Nissenbaum's March presentation was part of Stanford's Program on  
> Liberation
> Technology http://tinyurl.com/2wfanmp and relied heavily on her  
> influential
> recent research, which culminated in the 2010 book, Privacy in Context
> http://tinyurl.com/chkqz58 , and subsequent papers like "A Contextual
> Approach to Privacy Online." http://tinyurl.com/cxxxaaa
>
> But the most important product of Nissenbaum's work does not have her
> byline. She's played a vital role in reshaping the way our country's  
> top
> regulators think http://tinyurl.com/dxwr3vx about consumer data. As  
> one
> measure of her success, the recent Federal Trade Commission report,
> "Protecting Consumer Privacy in an Era of Rapid Change"
> http://tinyurl.com/37ul4jv , which purports to lay out a long-term  
> privacy
> framework for legislators, businesses, and citizens, uses the word  
> context
> an astounding 85 times!
>
> Given the intellectual influence she's had, it's important to  
> understand how
> what she's saying is different from other privacy theorists. The  
> standard
> explanation for privacy freakouts is that people get upset because  
> they've
> "lost control" of data about themselves or there is simply too much  
> data
> available. Nissenbaum argues that the real problem "is the
> inapproproriateness of the flow of information due to the mediation of
> technology." In her scheme, there are senders and receivers of  
> messages, who
> communicate different types of information with very specific  
> expectations
> of how it will be used. Privacy violations occur not when too much  
> data
> accumulates or people can't direct it, but when one of the receivers  
> or
> transmission principles change. The key academic term is "context- 
> relative
> informational norms." Bust a norm and people get upset.
>
> This may sound simple, but it actually leads to different analyses of
> current privacy dilemmas and may suggest better ways of dealing with  
> data on
> the Internet. A quick example: remember the hubbub over Google  
> Street View
> in Europe? Germans, in particular, objected to the photo-taking cars.
> http://tinyurl.com/5rssqm4
>
> Many people, using the standard privacy paradigm, were like, "What's  
> the
> problem? You're standing out in the street? It's public!" But  
> Nissenbaum
> argues that the reason some people were upset is that reciprocity  
> was a key
> part of the informational arrangement. If I'm out in the street, I  
> can see
> who can see me, and know what's happening. If Google's car buzzes  
> by, I
> haven't agreed to that encounter. Ergo, privacy violation.
>
> Nissenbaum gets us past thinking about privacy as a binary: either  
> something
> is private or something is public. Nissenbaum puts the context -- or  
> social
> situation -- back into the equation. What you tell your bank, you  
> might not
> tell your doctor. What you tell your friend, you might not tell your
> father-in-law. What you allow a next-door neighbor to know, you  
> might not
> allow Google's Street View car to know. Furthermore, these  
> differences in
> information sharing are not bad or good; they are just the norms.
>
> Perhaps most importantly, Nissenbaum's paradigm lays out ways in which
> sharing can be a good thing.  That is to say, more information  
> becoming
> available about you may not automatically be a bad thing. In fact,  
> laying
> out the transmission principles for given situations may encourage  
> people,
> both as individuals and collectively, to share more and attain  
> greater good.
> On a day when a House of Representatives committee is holding a  
> hearing on
> privacy titled, "Balancing Privacy and Innovation"
> http://tinyurl.com/d77dyfz , which really should be titled, "Balancing
> Privacy and Corporate Interests," any privacy regulation that's  
> going to
> make it through Congress has to provide clear ways for companies to  
> continue
> profiting from data tracking. The key is coming up with an ethical  
> framework
> in which they can do so, and Nissenbaum may have done just that.
>
> Right now, people are willing share data for the free stuff they get  
> on the
> web. Partly, that's because the stuff on the web is awesome. And  
> partly,
> that's because people don't know what's happening on the web. When  
> they
> visit a website, they don't really understand that a few dozen  
> companies may
> collect data on that visit.
>
> The traditional model of how this works says that your information is
> something like a currency and when you visit a website that collects  
> data on
> you for one reason or another, you enter into a contract with that  
> site. As
> long as the site gives you "notice" that data collection occurs --  
> usually
> via a privacy policy located through a link at the bottom of the  
> page -- and
> you give "consent" by continuing to use the site, then no harm has  
> been
> done. No matter how much data a site collects, if all they do is use  
> it to
> show you advertising they hope is more relevant to you, then they've  
> done
> nothing wrong.  <| Powered by http://www.ISPIClips.com |>
>
> It's a free market kind of thing. You are a consumer of Internet  
> pages and
> you are free to go from one place to another, picking and choosing  
> among the
> purveyors of information. Nevermind that if you actually read all the
> privacy policies you encounter in a year, it would take 76 work  
> days. And
> that calculation doesn't even account for all the 3rd parties that  
> drain
> data from your visits to other websites.
>
> Even more to the point: there is no obvious way to discriminate  
> between two
> separate webpages on the basis of their data collection policies.  
> While
> tools have emerged to tell you how many data trackers are being  
> deployed at
> any site at a given moment, the dynamic nature of Internet  
> advertising means
> that it is nearly impossible to know the story through time. As I  
> explained
> in a previous post, advertising space can be sold and resold many  
> times. At
> each juncture, the new buyer has to have some information about the  
> visit.
> Ads can be sold by geography or probable demographic indicators,  
> too, so
> there may be many, many companies that are involved with some of the  
> data on
> an individual site.
>
> I asked Evidon, the makers of a track-the-trackers tool called  
> Ghostery, to
> see how many data trackers ran during the past month on four news  
> websites
> and my home here, The Atlantic. The numbers were astonishing. The  
> Drudge
> Report and Huffington Post both ran over 200 trackers. The New York  
> Times
> ran 146 and The Wall Street Journal 99. We deployed a 48. Of course,  
> these
> are just the numbers: data tracking firms are invasive in different  
> ways, so
> it could be possible that our 48 tracking tools collect just as much  
> data as
> Drudge's 205. Even if the sheer numbers seem to indicate that  
> something
> different in degree is happening at Drudge and Huffington Post than  
> at our
> site, I couldn't tell you for sure that was the case.
>
> How can anyone make a reasonable determination of how their  
> information
> might be used when there are more than 50 or 100 or 200 tools in  
> play on a
> single website in a single month? "I think the biggest challenge we  
> have
> right now is figuring out a way to educate the average user in a way  
> that's
> reasonable," Evidon's Andy Kahl told me. Some people talk about  
> something
> like a nutritional label for data policies. Others, like Stanford's  
> Ryan
> Calo, talk about "visceral notice." http://tinyurl.com/c5xzuho
>
> Nissenbaum doesn't think it's possible to explain the current online
> advertising ecosystem in a useful way without resorting to a lot of  
> detail.
> She calls this the "transparency paradox," and considers it  
> insoluble. What,
> then, is her answer, if she's thinking about chucking basically the  
> only
> privacy protections that we have on the Internet?
>
> Well, she wants to import the norms from the offline world into the  
> online
> world. When you go to a bank, she says, you have expectations of  
> what might
> happen to your communications with that bank. That should be true  
> whether
> you're online, on the phone, or at the teller.  Companies can use  
> your data
> to do bank stuff, but they can't sell your data to car dealers  
> looking for
> people with a lot of cash on hand.
>
> The answer, as applied by the FTC in their new framework, is to let
> companies do standard data collection but require them to tell  
> people when
> they are doing things with data that are inconsistent with the  
> "context of
> the interaction" between a company and a person.
>
> I've spent this entire story extolling the virtues of Nissenbaum's  
> privacy
> paradigm. But here's the big downside: it rests on the "norms" that  
> people
> expect. While that may be socially optimal, it's actually quite  
> difficult to
> figure out what the norms for a given situation might be. After all,  
> there
> is someone else who depends on norms for his thinking about privacy.
>
> "People have really gotten comfortable not only sharing more  
> information and
> different kinds, but more openly and with more people," Mark  
> Zuckerberg told
> an audience in 2010. "That social norm is just something that has  
> evolved
> over time."  http://tinyurl.com/yadgm8x
>
>
> Copyright © 2012 by The Atlantic Monthly Group. All Rights Reserved.
>
>
> ~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~*~
>                     "Usquequaque sumo pacis voluntarius ratio"
>           "Imperium est mater bellum et bellum est maximum malum"
>
>
> Copyright © 1998-2012, Institute for the Study of Privacy Issues  
> (ISPI)
> PO Box 201 - Crofton, British Columbia - Canada - V0R 1R0 -  
> (250)246-2784
> ISPI@ PrivacyNews .com     http://www.PrivacyNews.com
>
>
> ISPI Clips is the leading daily international privacy-news service.
> ISPI Clips has faithfully delivered trusted and timely news since  
> 1998.
>
> ISPI Clips is distributed via e-mail each week day. It is a high  
> volume
> service of between 10 and 35 news clippings per day.
>
> ISPI Clips include news, opinion & information articles on Identity,
> Surveillance and Privacy Issues from all points-of-view. Inclusion  
> of an
> article does not necessarily reflect an endorsement of its content or
> opinion by ISPI. ISPI Clips is distributed free--as a benefit of ISPI
> membership--for research and educational purposes only.
>
> ISPI offers both private/personal memberships for the individual and
> corporate memberships to facilitate the needs of organizations and  
> agencies.
>
>
> *THREE WEEK FREE TRIAL*
>
> Non-members may receive ISPI Clips on a 3 week trial basis without
> membership obligation by sending the following message:
>
> "Please send [Your Name] three weeks of ISPI Clips: [Your e-mail  
> address]"
>
> to: ISPIClipsTrial@ PrivacyNews .com
>
>
> *PRIVACY POLICY*
>
> ISPI maintains a strict privacy policy. Any and ALL information you  
> divulge
> to ISPI is kept in strict confidence. Unless so ordered by lawful  
> Canadian
> court, It will not be willingly and/or knowingly divulged to any third
> party.
>
>
> *REDISTRIBUTION & ARCHIVE POLICY*
>
> ISPI Clips may not be re-published. ISPI members are permitted to
> occasionally forward select ISPI Clips to others in an unaltered  
> format
> (header and footer information may not be removed or altered).  
> However,
> systematic redistribution of ISPI Clips--either within or outside of  
> an
> organization, agency or office--is not permitted and is contrary to  
> the ISPI
> membership agreement. Likewise, ISPI members may archive ISPI Clips  
> for
> their own personal non-commercial use in a discreet archive which  
> cannot be
> accessed by way of the Internet or any other electronic network. Any
> violation of this policy may result in membership termination.
>
>
> Latin Translations:
> Who will watch the watchmen?
> Always choose the peaceful option.
> The state is the mother of war and war is the greatest evil.
>