Abstract
This article is the result of an international research between law and ethics scholars from Universities in France and Switzerland, who have been closely collaborating with technical experts on the design and use of information and communication technologies in the fields of human health and security. The interdisciplinary approach is a unique feature and guarantees important new insights in the social, ethical and legal implications of these technologies for the individual and society as a whole. Its aim is to shed light on the tension between secrecy and transparency in the digital era. A special focus is put from the perspectives of psychology, medical ethics and European law on the contradiction between individuals’ motivations for consented processing of personal data and their fears about unknown disclosure, transferal and sharing of personal data via information and communication technologies (named the “privacy paradox”). Potential benefits and harms for the individual and society resulting from the use of computers, mobile phones, the Internet and social media are being discussed. Furthermore, the authors point out the ethical and legal limitations inherent to the processing of personal data in a democratic society governed by the rule of law. Finally, they seek to demonstrate that the impact of information and communication technology use on the individuals’ well-being, the latter being closely correlated with a high level of fundamental rights protection in Europe, is a promising feature of the socalled “e-democracy” as a new way to collectively attribute meaning to large-scale online actions, motivations and ideas.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Notes
This right is being promoted by the International Telecommunications Union: http://www.itu.int/en/about/Pages/overview.aspx. Accessed 2 July 2013.
Since the European Commission proposed the first Data Protection Directive in the 1990 s, “[t]he internet has moved out of the university lab into 56 % of European homes and 95 % of OECD businesses”.
For example, in the medical field “[i]nteroperability can be defined as the capability for independent and heterogenous health information systems to exchange health-related data for use by doctors, healthcare providers and patients”.
According to the Oxford Dictionaries, a “paradox” is “a person or thing that combines contradictory features or qualities”: http://oxforddictionaries.com/definition/english/paradox?q=paradox. Accessed 2 July 2013.
For example, medical data being registered on an electronic health insurance card might contribute to better health care performance, as it enables medical doctors, in case of life-threatening emergency, to find out without delay about allergies against drugs of the patient; another example is the registration of personal data of citizens of one country residing in another country with their embassy enabling them to be contacted in case of a major threat to public security.
Citizens especially fear ID fraud and the use of information without knowledge, data sharing with third parties without having consented and, more generally, the use of data for purposes other than those consented for.
To quote only the most frequently invoked instruments: European Convention for the Protection of Human Rights and Fundamental Freedoms (ECHR), Treaty on the European Union, Treaty on the Functioning of the European Union, Charter of Fundamental Rights of the European Union.
The German Federal Constitutional Court established the link between “the storage of telecommunications traffic data without occasion” and its impact on individual well-being by stating that it “is capable of creating a diffusely threatening feeling of being watched which can impair a free exercise of fundamental rights in many areas” at para. 212 of this decision.
Among these specific risks, Art. 33 § 2 lists namely the following: “(a) a systematic and extensive evaluation of personal aspects relating to a natural person or for analysing or predicting in particular the natural person's economic situation, location, health, personal preferences, reliability or behaviour, which is based on automated processing and on which measures are based that produce legal effects concerning the individual or significantly affect the individual; (b) information on sex life, health, race and ethnic origin or for the provision of health care, epidemiological researches, or surveys of mental or infectious diseases, where the data are processed for taking measures or decisions regarding specific individuals on a large scale; (c) monitoring publicly accessible areas, especially when using optic-electronic devices (video surveillance) on a large scale; (d) personal data in large scale filing systems on children, genetic data or biometric data; (e)….”.
References
Baeriswyl, B. & Rudin, B. (2012). Privacy enhancing technologies (PET) versprechen (zu) viel bei der Umsetzung von neuen Technologien. digma—Zeitschrift für Datenrecht und Informationssicherheit (pp. 18–21).
Banisar, D., & Davies, S. (1999). Global trends in privacy protection: An international survey of privacy, data protection and surveillance laws and developments. John Marshall Journal of Computer & Information Law, 18, 1–98.
Beck, U. (1992). Risk society: Towards a new modernity. London: Sage.
Boyce, N. (2012). Maps, apps, and evidence? The Lancet, 379(9833), 2231.
Brosset, E. (2012). Brèves observation sur un secret de Polichinelle: l’influence du droit européen sur le droit médical à travers l’exemple du secret médical. In Leca (A.), Le secret médical, Cahiers du Sud-Est de droit de la santé, Les études hospitalières.
Büschel, I. (submitted). Télémédecine et droit de l’Union européenne: remède, opportunité, défi. Journal International de Bioéthique.
BVerfGE, 1 BvR 256/08, Decision of 2.3.2010 (“Vorratsdatenspeicherung”). http://www.bverfg.de/entscheidungen/rs20100302_1bvr025608.html. Accessed January 6, 2013.
BVerfGE 65, 1, 44, Decision of 15.12.1983 (“Volkszählung”).
Calame, P. (2003). Tools for social and economic responsibility: The charter of human responsibilities. In Council of Europe (2003). Civil society and new social responsibilities based on ethical foundations. http://www.coe.int/t/dg3/socialpolicies/socialcohesiondev/source/trends/trends-07_en.pdf. Accessed November 4, 2013.
Cammilleri-Subrenat, A. (2012). Le privacy by design confronté à la disparition des piliers du Traité de Lisbonne. http://www.ceric-aix.univ-cezanne.fr/fileadmin/CERIC/Documents/manifestations_scientifiques/AnnexeManifestations/Atelier_PbD_23_MarsFin_En_.pdf. Accessed June 28, 2013.
Cammilleri-Subrenat, A., Prouvèze, R., & Verdier-Büschel, I. (2012). Nouvelles technologies et défis du droit en Europe—L’imagerie active au service de la sécurité globale. Bruxelles: Bruylant.
Cattan, J. (2012). Le droit et les communications électroniques. Ph.D. dissertation, under the supervision of Prof. H. Isar and R. Mehdi, Law School, University Aix-Marseille.
Chevallier, J. (1983). L’ordre juridique. In CURAPP, Le droit en procès (p. 34). Paris: PUF.
Christofies, E., Muise, A., & Desmarais, S. (2009). Information disclosure and control on Facebook: Are they two sides of the same coin or two different processes? Cyber Psychology & Behavior, 12(3), 341–345.
Council of the European Union Regulation (EC) No 2252/2004 of 13 December 2004 on standards for security features and biometrics in passports and travel documents issued by Member States, OJ L 385, 29.12.2004, pp. 1–6.
Davis, D. (1982). Determinants of responsiveness in dyadic interaction. In W. Ickes & E. S. Knowles (Eds.), Personality, roles, and social behavior (pp. 85–139). New York: Springer-Verlag.
EDPS (2010). Opinion on promoting trust in the information society by fostering data protection and privacy. http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consultation/Opinions/2010/10-03-19_Trust_Information_Society_EN.pdf. Accessed January 24, 2012.
European Commission (2001). Communication to the Council and the European Parliament: Information and communication technologies in development—The role of ICTs in EC development policy, COM (2001) 770 final. http://ec.europa.eu/development/icenter/repository/com2001_0770en01_en.pdf. Accessed July 14, 2013.
European Commission (2009). Recommendation of 12 May 2009 on the implementation of privacy and data protection principles in applications supported by radio-frequency identification (notified under document number C(2009) 3200), OJ L 122, 16.5.2009, pp. 47–51.
European Commission (2010). Comparative Study on different approaches to new privacy challenges in particular in the light of technological developments. http://ec.europa.eu/justice/policies/privacy/docs/studies/new_privacy_challenges/final_report_en.pdf. Accessed July 3, 2013.
European Commission (2011a). Implementing Regulation (EU) No 1147/2011 of 11 November 2011 amending Regulation (EU) No 185/2010 implementing the common basic standards on civil aviation security as regards the use of security scanners at EU airports, OJ L 294, 12.11.2011, pp. 7–11.
European Commission (2011b). Regulation (EU) No 1141/2011 of 10 November 2011 amending Regulation (EC) No 272/2009 supplementing the common basic standards on civil aviation security as regards the use of security scanners at EU airports, OJ L 293, 11.11.2011, pp. 22–23.
European Commission (2011c). Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. A renewed EU strategy 2011–2014 for Corporate Social Responsibility, COM(2011) 681 final.
European Commission (2011d). Proposal of 2 February 2011 for a Directive of the European Parliament and of the Council on the use of Passenger Name Record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime, COM(2011) 32 final.
European Commission (2012). Recommendation of 6 February 2012 on data protection guidelines for the Early Warning and Response System (EWRS) (2012/73/EU).
European Commission and High Representative for the European Union for Foreign Affairs and Security Policy (2013). Joint Communication to the European Parliament, the Council, the European economic and social Committee and the Committee of the regions “Cybersecurity Strategy of the European Union: An Open, Safe and Secure Cyberspace”, Brussels, 7.2.2013, JOIN (2013) 1 final, 20 p.
European Commission Scientific Committee on Emerging and Newly Identified Health Risks SCENIHR (2012). Health effects of security scanners for passenger screening (based on X-ray technology). http://ec.europa.eu/health/scientific_committees/emerging/docs/scenihr_o_036.pdf. Accessed July 11, 2013.
European Court of Human Rights, Leander v. Sweden, judgment of 26 March 1987, application no. 9248/81.
European Court of Human Rights, S. and Marper v. United Kingdom, judgment of 4 December 2008, application nos. 30562/04 and 30566/04.
European Court of Human Rights, Z. v. Finland, judgment of 25 February 1997, application no. 22009/93.
European Court of Justice (2010). Judgment of 9 November 2010, Volker und Markus Schecke and Eifert, Joined Cases C-92/09 and C-93/09. European Court Reports 2010 Page I-11063.
European Court of Justice, Judgment of 24 November 2011, Asociación Nacional de Establecimientos Financieros de Crédito (ASNEF) and Federación de Comercio Electrónico y Marketing Directo (FECEMD) v Administración del Estado, Joined cases C-468/10 and C-469/10. Not yet published in the European Court Reports.
European Court of Justice, Opinion of Advocate General Jääskinen delivered on 25 June 2013, Google Spain SL, Google Inc. v Agencia Española de Protección de Datos (AEPD), Mario Costeja González, Case C-131/12. Not yet published in the European Court Reports.
European Court of Justice (2013). Opinion of Advocate General Mengozzi delivered on 13 June 2013, Michael Schwarz c. Stadt Bochum, Case C-291/12. Not yet published in the European Court Reports.
European Parliament (2013). Draft Report on the situation of fundamental rights in the European Union (2012) (2013/2078(INI)) of 18.9.2013, Committee on Civil Liberties, Justice and Home Affairs, Rapporteur: Louis Michel.
Ferraud-Ciandet, N. (2010). L’Union européenne et la télésanté. Revue Trimestrielle de Droit Européen, 46(3), 537–561.
Ferraud-Ciandet, N. (2011). Droit de la télésanté et de la télémédecine. Paris: Heures de France.
Fromson, J. A. (2013). Telemedicine: Changing the landscape of rural physician practice. NEJM Career Center. Accessed June 25, 2013.
Gaudriault, C. (2013). Interview with Paul Virilio “Inventer l’avion, c’est inventer le crash…”. http://www.zigzag-blog.com/spip.php?page=article&id_article=4. Accessed July 3, 2013.
Hallinan, D., Friedewald, M., & McCarthy, P. (2012). Citizens’ perceptions of data protection and privacy in Europe. Computer Law & Security Review, 28, 263–272.
Joh, E. E. (2011). Ethics watch—DNA theft: Your genetic information at risk. Nature Reviews Genetics,. doi:10.1038/nrg3113.
Kaplan, D. (2012). Vie privée à l’horizon 2020. In CNIL, Cahiers Innovation et prospective, (Vol. 1, pp. 36–37). http://www.cnil.fr/fileadmin/documents/Guides_pratiques/Livrets/Cahier-ip/cnil_cahieripn1/index.html. Accessed July 2, 2013.
Kierkegaard, P. (2012). E-prescription across Europe. Health and Technology,. doi:10.1007/s12553-012-0037-0.
Kilian, W. (2012). Personal data: The impact of emerging trends in the information society—how the marketability of personal data should affect the concept of data protection law. CRi, 6, 169–175.
Labayle, H., & Mehdi, R. (2009). Le contrôle juridictionnel de la lutte contre le terrorisme: les ‘black lists’ de l’Union dans le prétoire de la Cour de justice. Revue Trimestrielle de Droit Européen, 45(2), 231–265.
Leighninger, M. (2011). Citizenship and governance in a wild, wired world: How should citizens and public managers use online tools to improve democracy? National Civic Review, 100, 20–29.
Luchenski, S., Balasanthiran, S., Marston, C., Sasaki, K., Majeed, A., Bell, D., et al. (2012). Survey of patient and public perceptions of electronic health records for healthcare, policy and research: Study protocol. BMC Medical Informatics and Decision Making,. doi:10.1186/1472-6947-12-40.
Mackenzie, D., & Wajcman, J. (1999). The social shaping of technology (2nd ed., pp. 3–27). Philadelphia: Open University Press.
Madrid Privacy Declaration of 3 November 2009, signed at the annual meeting of the Privacy and Data Protection Commissioners’ conference by more than 100 civil society organizations and privacy experts. http://thepublicvoice.org/TheMadridPrivacyDeclaration.pdf. Accessed November 4, 2013.
Marx, M. (2013). The EP Committee rejects the proposal for a European Passenger Name Record System (PNR). http://eafsj.org/2013/05/01/the-ep-committee-rejects-the-proposal-for-an-european-passanger-name-record-system-pnr/. Accessed July 11, 2013.
Marzouki, Y. & Oullier, O. (2012, July 17). Revolutionizing revolutions: Virtual collective consciousness and the Arab Spring. The Huffington Post US. http://www.huffingtonpost.com/yousri-marzouki/revolutionizing-revolutio_b_1679181.html. Accessed July 2, 2013.
Marzouki, Y., Skandrani-Marzouki, I., Béjaoui, M., Hammoudi, H., & Bellaj, T. (2012). The contribution of Facebook to the 2011 Tunisian revolution: A cyberpsychological insight. Cyberpsychology, Behavior, and Social Networking, 15(5), 237–244.
Mehdi, R. (2012). L’efficacité de la norme en droit de l’Union européenne. In Fatin-Rouge Stefanini, M., Gay, L., Vidal-Naquet, A. (Eds.), L’efficacité de la norme juridique: nouveau vecteur de légitimité ? (pp. 295–331). Bruxelles: Bruylant.
Mill, J. S. (1860). On liberty (Vol. 25). Harvard: Harvard Classics.
Mordini, E., & Ottolini, C. (2007). Body identification, biometrics and medicine: Ethical and social considerations. Ann Ist Super Sanità, 43(1), 51–60.
Norberg, P. A., Horne, D. R., & Horne, D. A. (2007). The privacy paradox: Personal information disclosure intentions versus behaviors. Journal of Consumer Affairs, 41, 100–126.
Nyst, C. (2013). Two sides of the same coin: The right to privacy and freedom of expression (English version of an article in the September issue of Cuestión de Derechos). https://www.privacyinternational.org/opinion-pieces/two-sides-of-the-same-coin-the-right-to-privacy-and-freedom-of-expression. Accessed November 4, 2013.
OECD (2013). ICTs and the health sector: Towards smarter health and wellness models. Paris: OECD Publishing. Accessed October 4, 2013.
Okdie, B. M. (2011). Blogging and self-disclosure: The role of anonimity, self-awarness and audience size. Ph.D. dissertation, Department of Psychology in the Graduate School of The University of Alabama.
Peyrou, S. (2013). De l’accord PNR à Prism, bilan et perspectives sur les malentendus transatlantiques: lutte anti-terroriste versus protection des données personnelles. http://www.gdr-elsj.eu/2013/09/11/droits-fondamentaux/de-laccord-pnr-a-prism-bilan-et-perspectives-sur-les-malentendus-transatlantiques-lutte-anti-terroriste-versus-protection-des-donnees-personnelles/. Accessed October 11, 2013.
Quinn, P., Habbig, A.-K., Mantovani, E., & De Hert, P. (2013). The data protection and medical Devie frameworks: Obstacles to the deployment of mHealth across Europe ? European Journal of Health Law, 20, 185–204.
Rigby, M., Ronchi, E., & Graham, S. (2013). Evidence for building a smarter health and wellness future: Key messages and collected visions from a Joint OECD and NSF workshop. International Journal of Medical Informatics, 82, 209–219.
Shaffer, D. R., Smith, J. E., & Tomarelli, M. (1982). Self-monitoring as a determinant of self-disclosure reciprocity during the acquaintance process. Journal of Personality and Social Psychology, 43(1), 163–175.
Strum, S., & Latour, B. (1999). Redefining the social link: From baboons to humans. In D. MacKenzie & J. Wajcman (Eds.), The social shaping of technology (2nd ed., pp. 116–125). Philadelphia: Open University Press.
Verdier-Büschel, I. (2013). Medical data sharing vs. Privacy protection: Where science meets law. In Malerba, A., Massocchi, A., Santosuosso, A. (Eds.), 2012 Law & Science Young Scholars Informal Symposium Book of Papers (pp. 135–153). Pavia: Pavia University Press.
Verdier-Büschel, I. & Prouvèze, R. (2011). L’utilisation des nouvelles technologies de captation de l’image et la procédure pénale. Réflexions de droit français et de droit européen. In RERDH, Technique et droits humains, Actes du Colloque organisé du 20 au 23 avril 2010 aux Facultés de droit de Limoges et de Poitiers (pp. 93–118). Paris: Montchrestien Lextenso éditions.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Büschel, I., Mehdi, R., Cammilleri, A. et al. Protecting Human Health and Security in Digital Europe: How to Deal with the “Privacy Paradox”?. Sci Eng Ethics 20, 639–658 (2014). https://doi.org/10.1007/s11948-013-9511-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11948-013-9511-y