This article examines the privacy and security issues associated with mobile application-mediated health research, concentrating in particular on research conducted or participated in by independent scientists, citizen scientists, and patient researchers. Building on other articles in this issue that examine state research laws and state data protection laws as possible sources of privacy and security protections for mobile research participants, this article focuses on the lack of application of federal standards to mobile application-mediated health research. As (...) discussed in more detail below, the voluminous and diverse data collected by some independent scientists who use mobile applications to conduct health research may be at risk for unregulated privacy and security breaches, leading to dignitary, psychological, and economic harms for which participants have few legally enforceable rights or remedies under current federal law. Federal lawmakers may wish to consider enacting new legislation that would require otherwise unregulated health data holders to implement reasonable data privacy, security, and breach notification measures. (shrink)

Along with technical issues, biobanking frequently raises important privacy and security issues that must be resolved as biobanks continue to grow in scale and scope. Consent mechanisms currently in use range from fine-grained to very broad, and in some cases participants are offered very few privacy protections. However, developments in information technology are bringing improvements. New programs and systems are being developed to allow researchers to conduct analyses without distributing the data itself offsite, either by allowing the (...) investigator to communicate with a central computer, or by having each site participate in meta-analysis that results in a shared statistic or final significance result. The implementation of security protocols into the research biobanking setting requires three key elements: authentication, authorization, and auditing. Authentication is the process of making sure individuals are who they claim to be, frequently through the use of a password, a key fob, or a physical scan. Authorization involves ensuring that every individual who attempts an action has permission to do that action. Finally, auditing allows for actions to be logged so that inappropriate or unethical actions can later be traced back to their source. (shrink)

Artificial intelligence (AI) technologies in medicine are gradually changing biomedical research and patient care. High expectations and promises from novel AI applications aiming to positively impact society raise new ethical considerations for patients and caregivers who use these technologies. Based on a qualitative content analysis of semi-structured interviews and focus groups with healthcare professionals (HCPs), patients, and family members of patients with Parkinson’s Disease (PD), the present study investigates participant views on the comparative benefits and problems of using human versus (...) AI predictive computer vision health monitoring, as well as participants’ ethical concerns regarding these technologies. Participants presumed that AI monitoring would enhance information sharing and treatment, but voiced concerns about data ownership, data protection, commercialization of patient data, and privacy at home. They highlighted that privacy issues at home and data security issues are often linked and should be investigated together. Findings may help technologists, HCPs, and policymakers determine how to incorporate stakeholders’ intersecting but divergent concerns into developing and implementing AI PD monitoring tools. (shrink)

I will argue that one class of issues in computer ethics oftenassociated with privacy and a putative right to privacy isbest-analyzed in terms that make no substantive reference toprivacy at all. These issues concern the way that networkedinformation technology creates new ways in which conventionalrights to personal security can be threatened. However onechooses to analyze rights, rights to secure person and propertywill be among the most basic, the least controversial, and themost universally recognized. A risk-based approach to (...) theseissues provides a clearer statement of what is ethicallyimportant, as well as what is ethically problematic. Once theissues of security have been articulated clearly, it becomespossible to make out genuine issues of privacy in contrast tothem. (shrink)

In this essay, I consider the relationship between the rights to privacy and security and argue that, in a sense to be made somewhat more precise below, that threats to the right to security outweighs comparable threats to privacy. My argument begins with an assessment of ordinary case judgments and an explanation of the important moral distinction between intrinsic value (i.e., value as an end) and instrumental value (i.e., value as a means), arguing that each approach (...) assigns more moral value, other things being equal, to security interests than to privacy interests. I then consider the issue from with a number of mainstream approaches to normative theories of state legitimacy, including social contract theories (new and old), utilitarian theories, Scanlon's contractualism, and various communitarian theories assign security rights a higher place on the moral hierarchy than privacy rights. I then conclude that, under ordinary intuitions and each of these theories, security interests trump (or outweigh) privacy interests when the two come into “direct” conflict – although I make no attempt to give an algorithm or theory for answering the important question of when these interests come into direct conflict and how to weigh them when, say, minor interests in security conflict with major interests in privacy. (shrink)

Large-scale data brokers collect massive amounts of highly personal consumer information to be sold to whoever will pay their price, even at the expense of sacrificing individual privacy and autonomy in the process. In this Article, I will show how a proper understanding and justification for a right to privacy, in context to both protecting private acts and safeguarding information and states of affairs for the performance of such acts, provides a necessary background framework for imposing legal restrictions (...) on such collections. This problem, which has already gained some attention in literature, now becomes even more worrisome, as government itself becomes a consumer of this information to fight off a domestic instantiation of the global Covid-19 pandemic. This Article proposes some definite ways in which the courts and Congress might limit both the private sector and the government’s use of such data to ensure individual autonomy will not be sacrificed. (shrink)

This article is the result of an international research between law and ethics scholars from Universities in France and Switzerland, who have been closely collaborating with technical experts on the design and use of information and communication technologies in the fields of human health and security. The interdisciplinary approach is a unique feature and guarantees important new insights in the social, ethical and legal implications of these technologies for the individual and society as a whole. Its aim is to (...) shed light on the tension between secrecy and transparency in the digital era. A special focus is put from the perspectives of psychology, medical ethics and European law on the contradiction between individuals’ motivations for consented processing of personal data and their fears about unknown disclosure, transferal and sharing of personal data via information and communication technologies (named the “privacy paradox”). Potential benefits and harms for the individual and society resulting from the use of computers, mobile phones, the Internet and social media are being discussed. Furthermore, the authors point out the ethical and legal limitations inherent to the processing of personal data in a democratic society governed by the rule of law. Finally, they seek to demonstrate that the impact of information and communication technology use on the individuals’ well-being, the latter being closely correlated with a high level of fundamental rights protection in Europe, is a promising feature of the socalled “e-democracy” as a new way to collectively attribute meaning to large-scale online actions, motivations and ideas. (shrink)

It is especially hard, at present, to read the newspapers without emitting a howl of anguish and outrage. Philosophy can heal some wounds but, in this case, political action may prove a better remedy than philosophy. It can therefore feel odd trying to think philosophically about surveillance at a time like this, rather than joining with like‐minded people to protest the erosion of our civil liberties, the duplicity of our governments, and the failings in our political institutions ‐ including our (...) political parties – revealed by the succession of leaks which have dripped away this the summer. Still, philosophy can help us to think about we should do, not merely what we should believe. Thus, in what follows I draw on my previous work on privacy, democracy and security, in order to highlight aspects of recent events which – or so I hope – may prove useful both for political thought and action. (shrink)

The increasingly ubiquitous use of technology has led to the concomitant rise of intensified data collection and the ethical issues associated with the privacy and security of that data. In order to address the question of how these ethical concerns are discussed in the literature surrounding the subject, we examined articles published in IEEE Security and Privacy, a magazine targeted towards a general, technically-oriented readership spanning both academia and industry. Our investigation of the intersection between the (...) ethical and technological dimensions of privacy and security is structured as a bibliometric analysis. Our dataset covers all articles published in IEEE Security and Privacy since its inception in 2003 to February 06, 2014. This venue was chosen not only because of its target readership, but also because a preliminary search of keywords related to ethics, privacy, and security topics in the ISI Web of Knowledge and IEEE Xplore indicated that IEEE Security and Privacy has published a preponderance of articles matching those topics. In fact, our search returned two-fold more articles for IEEE Security and Privacy than the next most prolific venue. These reasons, coupled with the fact that both academia and industry are well-represented in the authorship of articles makes IEEE Security and Privacy an excellent candidate for bibliometric analysis. Our analysis examines the ways articles in IEEE Security and Privacy relate ethics to information technology. Such articles can influence the development of law, policy and the future of information technology ethics. We employed thematic and JK-biplot analyses of content relating privacy and ethics and found eight dominant themes as well as the inter-theme relationships. Authors and institutional affiliations were examined to discern whether centers of research activity and/or authors dominated the overall field or thematic areas. Results suggest avenues for future work in critical areas, especially for closing present gaps in the coverage of ethics and information technology privacy and security themes particularly in the areas of ethics and privacy awareness. (shrink)

It is especially hard, at present, to read the newspapers without emitting a howl of anguish and outrage. Philosophy can heal some wounds but, in this case, political action may prove a better remedy than philosophy. It can therefore feel odd trying to think philosophically about surveillance at a time like this, rather than joining with like-minded people to protest the erosion of our civil liberties, the duplicity of our governments, and the failings in our political institutions - including our (...) political parties – revealed by the succession of leaks dripping away this the summer. Still, philosophy can help us to think about what we should do, not merely what we should believe. Thus, in what follows I draw on my previous work on privacy, democracy and security, in order to highlight aspects of recent events which – or so I hope – may prove useful both for political thought and action. (shrink)

BackgroundAdvances in healthcare artificial intelligence (AI) are occurring rapidly and there is a growing discussion about managing its development. Many AI technologies end up owned and controlled by private entities. The nature of the implementation of AI could mean such corporations, clinics and public bodies will have a greater than typical role in obtaining, utilizing and protecting patient health information. This raises privacy issues relating to implementation and data security. Main bodyThe first set of concerns includes access, use (...) and control of patient data in private hands. Some recent public–private partnerships for implementing AI have resulted in poor protection of privacy. As such, there have been calls for greater systemic oversight of big data health research. Appropriate safeguards must be in place to maintain privacy and patient agency. Private custodians of data can be impacted by competing goals and should be structurally encouraged to ensure data protection and to deter alternative use thereof. Another set of concerns relates to the external risk of privacy breaches through AI-driven methods. The ability to deidentify or anonymize patient health data may be compromised or even nullified in light of new algorithms that have successfully reidentified such data. This could increase the risk to patient data under private custodianship.ConclusionsWe are currently in a familiar situation in which regulation and oversight risk falling behind the technologies they govern. Regulation should emphasize patient agency and consent, and should encourage increasingly sophisticated methods of data anonymization and protection. (shrink)

This doctoral thesis consists of five research papers that address four tangential topics, all of which are relevant for the challenges we are facing in our socio-technical society: information, security, privacy, and anonymity. All topics are approached by similar methods, i.e. with a concern about conceptual and definitional issues. In Paper I—concerning the concept of information and a semantic conception thereof—it is argued that the veridicality thesis is false. In Paper II—concerning information security—it is argued that the (...) current leading definitions suffer from counter-examples, and lack an appropriate conceptual sense. Based on this criticism a new kind of definition is proposed and defended. In Paper III—concerning control definitions of privacy—it is argued that any sensible control-definition of privacy must properly recognize the context as part of the defining criteria. In Paper IV—concerning the concept of privacy—it is argued that privacy is a normative concept and that it is constituted by our social relations. Final, in Paper V—concerning anonymity—it is argued that the threat from deanonymization technology goes beyond harm to anonymity. It is argued that a person who never is deanonymized can still be harmed and what is at stake is an ability to be anonymous. (shrink)

The first few years of the 21st century were characterised by a progressive loss of privacy. Two phenomena converged to give rise to the data economy: the realisation that data trails from users interacting with technology could be used to develop personalised advertising, and a concern for security that led authorities to use such personal data for the purposes of intelligence and policing. In contrast to the early days of the data economy and internet surveillance, the last few (...) years have witnessed a rising concern for privacy. As bad data practices have come to light, citizens are starting to understand the real cost of using online digital technologies. Two events stamped 2018 as a landmark year for privacy: the Cambridge Analytica scandal, and the implementation of the European Union’s General Data Protection Regulation (GDPR). The former showed the extent to which personal data has been shared without data subjects’ knowledge and consent and many times for unacceptable purposes, such as swaying elections. The latter inaugurated the beginning of robust data protection regulation in the digital age. Getting privacy right is one of the biggest challenges of this new decade of the 21st century. The past year has shown that there is still much work to be done on privacy to tame the darkest aspects of the data economy. As data scandals continue to emerge, questions abound as to how to interpret and enforce regulation, how to design new and better laws, how to complement regulation with better ethics, and how to find technical solutions to data problems. The aim of the research project Data, Privacy, and the Individual is to contribute to a better understanding of the ethics of privacy and of differential privacy. The outcomes of the project are seven research papers on privacy, a survey, and this final report, which summarises each research paper, and goes on to offer a set of reflections and recommendations to implement best practices regarding privacy. (shrink)

Fall prediction using machine learning has become one of the most fruitful and socially relevant applications of computer vision in gerontological research. Since its inception in the early 2000s, this subfield has proliferated into a robust body of research underpinned by various machine learning algorithms (including neural networks, support vector machines, and decision trees) as well as statistical modeling approaches (Markov chains, Gaussian mixture models, and hidden Markov models). Furthermore, some advancements have been translated into commercial and clinical practice, with (...) companies in various stages of development capitalizing on the aging population to develop new commercially available products. Yet despite the marvel of modern machine learning-enabled fall prediction, little research has been conducted to shed light on the security and privacy concerns that such systems pose for older adults. The present study employs an interdisciplinary lens in examining privacy issues associated with machine learning fall prediction and exploring the implications of these models in elderly care and the Internet of Medical Things (IoMT). Ultimately, a justice-informed set of best practices rooted in social geroscience is suggested to help fall prediction researchers and companies continue to advance the field while preserving elderly privacy and autonomy. (shrink)

Ultimately, this affects the natural interplay between privacy, personal identity and identification. This book investigates that interplay from a systemic, socio-technical perspective by combining research from the social and computer sciences. It sheds light on the basic functions of privacy, their relation to identity, and how they alter with digital identification practices. The analysis reveals a general privacy control dilemma of (digital) identification shaped by several interrelated socio-political, economic and technical factors. Uncontrolled increases in the identification modalities (...) inherent to digital technology reinforce this dilemma and benefit surveillance practices, thereby complicating the detection of privacy risks and the creation of appropriate safeguards. Easing this problem requires a novel approach to privacy impact assessment (PIA), and this book proposes an alternative PIA framework which, at its core, comprises a basic typology of (personally and technically) identifiable information. This approach contributes to the theoretical and practical understanding of privacy impacts and thus, to the development of more effective protection standards. This book will be of much interest to students and scholars of critical security studies, surveillance studies, computer and information science, science and technology studies, and politics. (shrink)

For more than thirty years an extensive and significant philosophical debate about the notion of privacy has been going on. Therefore it seems puzzling that most current authors on information technology and privacy assume that all individuals intuitively know why privacy is important. This assumption allows privacy to be seen as a liberal “nice to have” value: something that can easily be discarded in the face of other really important matters like national security, the doing (...) of justice and the effective administration of the state and the corporation. In this paper I want to argue that there is something fundamental in the notion of privacy and that due to the profoundness of the notion it merits extraordinary measures of protection and overt support. I will also argue that the notion of transparency (as advocated by Wasserstrom) is a useless concept without privacy and that accountability and transparency can only be meaningful if encapsulated in the context of privacy. From philosophical and legal literature I will discuss and argue the value of privacy as the essential context and foundation of human autonomy in social relationships. In the conclusion of the paper I will discuss implications of this notion of privacy for the information society in general, and for the discipline of information systems in particular. (shrink)

Talking about privacy in the public prima facie seems to be a contradiction: why should privacy have to play a role within the public sphere? What could possibly be private in the public? However, quite a number of theories of privacy conceptualize privacy as a protective shield which we carry with us wherever we are: respect for privacy in public then means, for instance, not listening in on private conversations between friends on the street or (...) in a cafe. The most important form of privacy in public, however, which has gained a lot of attention during the last decade or so, is privacy as anonymity: the form of privacy in the public sphere, online as well as offline, which means invisibility, nontraceability, not being identifiable as an individual person. Theories of privacy differ as to the possibility as well as to the desirabilty of anonymity in public contexts, online as well as offline. In my paper, I investigate the complicated relations between privacy, anonymity, and the public sphere. I will, firstly, clarify the conceptual relation between privacy and anonymity, drawing on theories which define privacy in terms of conditions enabling individual freedom and autonomy. I will also review some normatively relevant differences between the online and the offline world. In the second part, I will discuss possible normative conflicts between a moral or legal right to privacy and anonymity, and considerations of security, accountability, or moral responsibility. One of the important questions will concern the ethical consequences of the technical possibilities of identification and de-anonymization in the online world. (shrink)

Organizational change surrounding the security of identifiable health information has become imperative. This is a significant challenge for managers who are held responsible for loss of privacy through faulty security procedures. Management cannot completely secure the organization and still provide employees and customers with the information and services they need. Organizations must decide how much and what type of security they need, how to assign priorities, and how to manage security as the organization evolves in (...) a competitive environment. (shrink)

The ethical problem of privacy lies at the core of computer ethics and cyber ethics discussions. The extensive use of personal data in digital networks poses a serious threat to the user’s right of privacy not only at the level of a user’s data integrity and security but also at the level of a user’s identity and freedom. In normative ethical theory the need for an informational self-deterministic approach of privacy is stressed with greater emphasis on (...) the control over personal data. However, scant attention has been paid on a virtue ethics approach of information privacy. Plotinus’ discussion of self-determination is related to ethical virtue, human freedom and intellectual autonomy. The Plotinian virtue ethics approach of self-determination is not primarily related to the sphere of moral action, but to the quality of the self prior to moral practice. In this paper, it is argued that the problem of information privacy should be reconsidered in the light of Plotinus’ virtue ethics and his notion of self-determination. (shrink)

This book is based on the premise that the trade-off between privacy and security is both unsound and conceals important aspects of surveillance and control. Accordingly, the authors analyse the symbiotic relationship between liberty and security, and the emptiness of both concepts when considered in isolation. They explore and contextualise different notions of risk, surveillance practices and the value of the rights to private life and data protection. Thereby, they show that surveillance and control neither necessarily attain (...) security, nor always pose a threat to privacy and, conversely, that protecting privacy does not necessarily hamper security provision. Moreover, they appreciate how surveillance and control, mediated through technology, express and sustain specific power relationships. The book thus offers a kaleidoscope of perspectives, ranging from critical studies to international relations, law, philosophy and sociology, to rethink surveillance and control. (shrink)

It is especially hard, at present, to read the newspapers without emitting a howl of anguish and outrage. Philosophy can heal some wounds but, in this case, political action may prove a better remedy than philosophy. It can therefore feel odd trying to think philosophically about surveillance at a time like this, rather than joining with like-minded people to protest the erosion of our civil liberties, the duplicity of our governments, and the failings in our political institutions - including our (...) political parties – revealed by the succession of leaks which have dripped away this the summer. Still, philosophy can help us to think about what we should do, not merely what we should believe. Thus, in what follows I draw on my previous work on privacy, democracy and security, in order to highlight aspects of recent events which – or so I hope – may prove useful both for political thought and action. (shrink)

This chapter is concerned with the role of democracy in preventing terrorism, identifying and apprehending terrorists, and in minimizing and alleviating the damage created by terrorism.1 Specifically, it considers the role of democracy as a resource, not simply a limitation, on counterterrorism.2 I am mainly concerned with the ways in which counterterrorism is similar to more familiar forms of public policy, such as the prevention of crime or the promotion of economic prosperity, and so nothing that I say turns on (...) being able sharply to distinguish terrorism from other bad things that democracies have to face. I will not, then, address the extensive debate on the best way to define terrorism.3 However, I assume that terrorists characteristically seek to terrorize people in order to secure their particular ends. What forms that terror takes, what people terrorists seek to terrorize, and what ends terrorists seek to promote I assume to be indeterminate, open to change, and a matter for empirical investigation. However, I take it that the IRA, Baader Meinhoff, and the Red Brigade, as well as certain animal rights groups in the United Kingdom and certain anti-abortion groups in the United States, are examples of terrorist groups and individuals. In short, I will be assuming that terrorism is principally characterized by the choice of means to given ends, rather than by the ends themselves, and that it is the choice of means, rather than the favored ends, that makes terrorism so problematic from a democratic perspective. However good the goal, terrorizing a population—whether or not this involves killing the innocent—is morally wrong and, from a democratic perspective, an abuse of power over the lives of others. While the use of terror may indicate that the ends sought by terrorists are such that people cannot be expected to support them voluntarily, there is no justification for supposing that the ends of terrorism must be morally or politically unacceptable simply because the means are both. It is a staple of ordinary life—not merely of philosophical examples—that people are sometimes unjustified in the means they use in order to accomplish perfectly acceptable ends. So, the ends terrorists seek are, or might become, morally or politically acceptable without in any way altering our objections to the use of terror as a tool for promoting them. (shrink)

From a speech given at a conference sponsored by the Electronic Funds Transfer Association (EFTA) on "The Puzzle of Data Security and Consumer Privacy," Washington, DC, 16 November 1992. At that time, Dr. Perry was a Consultant in Advisory Services for the Ethics Resource Center.

In times of national crisis, citizens are often asked to trade liberty and privacy for security. And why not, it is argued, if we can obtain a fair amount of security for just a little privacy? The surveillance that enhances security need not be overly intrusive or life altering. It is not as if government agents need to physically search each and every suspect or those connected to a suspect. Advances in digital technology have made (...) such surveillance relatively unobtrusive. Video monitoring, global positioning systems, airport body scanners, and biometric technologies, along with data surveillance, provide law enforcement officials with monitoring tools, without also unduly burdening those being watched. Against this view are those who maintain that we should be worried about trading privacy for security. Criminals and terrorists, it is argued, are nowhere near as dangerous as governments. There are too many examples for us to deny Lord Acton’s dictum that “power tends to corrupt, and absolute power corrupts absolutely.” If information control yields power and total information awareness radically expands that power, then we have good reason to pause before trading privacy for security. (shrink)

This volume analyses the moral and legal foundations of privacy, security, and accountability along with the tensions that arise between these important individual and social values.

Recently, John Doe, an undocumented immigrant who was detained by United States Immigration and Customs Enforcement, was admitted to a hospital off-site from a detention facility. Custodial officers accompanied Mr. Doe into the exam room and refused to leave as physicians examined him. In this analysis, we examine the ethical dilemmas this case brings to light concerning the treatment of patients in immigration detention and their rights to privacy. We analyze what US law and immigration detention standards allow regarding (...) immigration enforcement or custodial officers’ presence in medical exams and documentation of detainee health information. We describe the ethical implications of the presence of officers in medical exam rooms, including its effects on the quality of the patient-provider relationship, patient privacy and confidentiality, and provider's ability to provide ethical care. We conclude that the presence of immigration enforcement or custodial officers during medical examination of detainees is a breach of the right to privacy of detainees who are not an obvious threat to the public. We urge ICE and the US Department of Homeland Security to clarify standards for and tighten enforcement around when officers are legally allowed to be stationed in medical exam rooms and document detainees’ information. (shrink)

The increased use of health information technology is a common element of nearly every health reform proposal because it has the potential to decrease costs, improve health outcomes, coordinate care, and improve public health. However, it raises concerns about security and privacy of medical information. This paper examines some of the “gaps” in privacy protections that arise out of the current federal health privacy standard, the Health Insurance Portability and Accountability Privacy Rule, which is the (...) main federal law that governs the use and disclosure of health information. Additionally, it puts forth a range of possible solutions, accompanied by arguments for and against each, to strengthen the current legal framework of privacy protections in order to build public trust in health IT and facilitate its use for health reform. The American Recovery and Reinvestment Act , enacted in February 2009, includes a number of changes to HIPAA and its regulations, and those changes are clearly noted among the list of solutions. (shrink)

Epigenetic research has brought several important technological achievements, including identifying epigenetic clocks and signatures, and developing epigenetic editing. The potential military applications of such technologies we discuss are stratifying soldiers’ health, exposure to trauma using epigenetic testing, information about biological clocks, confirming child soldiers’ minor status using epigenetic clocks, and inducing epigenetic modifications in soldiers. These uses could become a reality. This article presents a comprehensive literature review, and analysis by interdisciplinary experts of the scientific, legal, ethical, and societal issues (...) surrounding epigenetics and the military. Notwithstanding the potential benefit from these applications, our findings indicate that the current lack of scientific validation for epigenetic technologies suggests a careful scientific review and the establishment of a robust governance framework before consideration for use in the military. In this article, we highlight general concerns about the application of epigenetic technologies in the military context, especially discrimination and data privacy issues if soldiers are used as research subjects. We also highlight the potential of epigenetic clocks to support child soldiers’ rights and ethical questions about using epigenetic engineering for soldiers’ enhancement and conclude with considerations for an ethical framework for epigenetic applications in the military, defense, and security contexts. (shrink)

This book is based on the premise that the trade-off between privacy and security is both unsound and con-ceals important aspects of surveillance and control. Accordingly, the authors analyse the symbiotic relati-onship between liberty and security, and the emptiness of both concepts when considered in isolation. They explore and contextualise different notions of risk, surveillance practices and the value of the rights to pri-vate life and data protection. Thereby, they show that surveillance and control neither necessarily attain (...) security, nor always pose a threat to privacy and, conversely, that protecting privacy does not necessarily hamper security provision. Moreover, they argue that surveillance and control, mediated through technolo-gy, express and sustain specific power relationships. The book offers a kaleidoscope of perspectives, ranging from critical studies to international relations, law, philosophy and sociology, to rethink surveillance and control. (shrink)

Modern technologies are providing unprecedented opportunities for surveillance. In the workplace surveillance technology is being built into the very infrastructure of work. Can the employee legitimately resist this increasingly pervasive net of surveillance? The employers argue that workplace surveillance is essential for security, safety, and productivity in increasingly competitive markets. They argue that they have a right to ensure that they 'get what they pay for', furthermore, that the workplace is a place of 'work' which by its very definition (...) excludes the 'personal' dimension at the core of all privacy claims. Legal developments, especially in the USA, seem to favour such an interpretation. The individual's call for workplace privacy seems illegitimate in a context where the 'personal' is almost excluded by default. In this paper I want to argue that the private/public distinction is not useful in the context of workplace surveillance since it always seems possible to argue that the workplace is always and only 'public'---thereby leaving the employee without resources to defend their claim. Such a position belies the fact that the fundamental claim of workplace privacy is not a claim for some personal space as such but rather a claim for the protection against the inherently political interests in the 'gaze' of the employer. Furthermore, that it is probably impossible, in practice, to separate the public from the private in the flow of everyday work. Thus, it seems that one needs to develop another approach to think through the issues at stake. I will argue that the distribution of privacy rights and transparency rights is rather a matter of organisational justice. I will suggest that we may use theories of justice---in particular the work of Rawls---to develop a framework of distributive justice for distributing privacy and transparency between the collective and the individual in a way that is fair. I will contend that such an approach will provide the employee with resources to defend their legitimate claim to workplace privacy. (shrink)

The relationship of workers to management has traditionally been one of control. However, the introduction of increasingly sophisticated technology as a means of supervision in the modern workplace has dramatically altered the contours of this relationship, giving workers much less privacy and making workers much more visible than previously possible. The purpose of this paper is to examine the current state of technological control of workers and how it has altered the relationship of worker to organization, through the impact (...) upon self as perceived by the worker. (shrink)

An article by Melissa Gymrek and colleagues, published this January in Science, described how the researchers used surname inferences from commercial genealogy databases and Internet searches to deduce the identity of nearly fifty research participants whose supposedly private data were stored in large, publicly available datasets. This news comes just months after the Presidential Commission for the Study of Bioethical Issues published a report that expressed serious concerns about personal privacy and security in whole genome sequencing. The bioethics (...) commission (on which we serve as chair and vice‐chair) highlighted the importance of reconciling the enormous public benefits anticipated from research in this area with the potential risks to individuals’ privacy, and it offered several policy proposals to help balance the potential of scientific progress with privacy and respect for persons. The human subjects research protections laid out in the federal regulations are triggered by the identifiability of data. The participants in the Gymrek et al. study were not “readily identifiable”; however, the data proved far more easily identifiable than expected. With rapidly evolving technology, a precise definition of that notion may be impossible. But if we move the debate from the rhetoric of identifiability to the ethical principles of public beneficence and the centrality of respecting all persons, we find that the real ethical focus must be on promoting generalizable progress while at all times respecting individual privacy. (shrink)

The privacy concerns discussed in the 1990s in relation to the New Genetics failed to anticipate the relevant issues for individuals, families, geneticists and society. Consumers, for example, can now buy their personal genetic information and share it online. The challenges facing genetic privacy have evolved as new biotechnologies have developed, and personal privacy is increasingly challenged by the irrepressible flow of electronic data between the personal and public spheres and by surveillance for terrorism and security (...) risks. This book considers the right to know and the right not to know about your own and others’ genomes. It discusses new privacy concerns and developments in ethical thinking, with the greater emphasis on solidarity and equity. The multidisciplinary approach covers current topics such as biobanks and forensic databases, DIY testing, group rights and accountability, the food we eat and the role of the press and the new digital media. (shrink)

Personal data is highly vulnerable to security exploits, spurring moves to lock it down through encryption, to cryptographically ‘cloud’ it. But personal data is also highly valuable to corporations and states, triggering moves to unlock its insights by relocating it in the cloud. We characterise this twinned condition as ‘clouded data’. Clouded data constructs a political and technological notion of privacy that operates through the intersection of corporate power, computational resources and the ability to obfuscate, gain insights from (...) and valorise a dependency between public and private. First, we survey prominent clouded data approaches, suggesting their particular affordances produce distinctive versions of privacy. Next, we perform two notional code-based experiments using synthetic datasets. In the field of health, we submit a patient’s blood pressure to a notional cloud-based diagnostics service; in education, we construct a student survey that enables aggregate reporting without individual identification. We argue that these technical affordances legitimate new political claims to capture and commodify personal data. The final section broadens the discussion to consider the political force of clouded data and its reconstitution of traditional notions such as the public and the private. (shrink)

Purpose This paper aims to study the developed countries’ experience on the cyberbullying legal regulation among adolescents, to identify existing shortcomings in the developing countries’ laws and to develop recommendations for regulatory framework improvement. Design/methodology/approach The authors have studied the state regulatory practice of the UK, the USA, Canada, Malaysia, South Africa, Turkey, UAE and analyzed the statistics of 2018 on the cyberbullying manifestation among adolescents in these countries. Findings The study results can encourage countries to create separate cyberbullying legislation (...) and periodically review and modify already existing legislation. Originality/value The study provides a list of the recommendations to regulate cybercrime in developing countries and prevent it as well. The results may contribute to creating laws related to the regulation of cyberbullying in countries where such legislation does not exist yet or existing regulatory legal acts do not bring the expected results, namely, in Post-Soviet countries and other developing countries of the world. (shrink)

Purpose This paper aims to provide a non-academic perspective on the research reports of the JICES “Post-Snowden” special edition, from the viewpoint of a privacy advocate with an IT background. Design/methodology/approach This paper was written after reviewing the country reports for Japan, New Zealand, PRC and Taiwan, Spain and Sweden, as well as the Introduction paper. The author has also drawn on online sources such as news articles to substantiate his analysis of attitudes to technical privacy protection post-Snowden. (...) Findings Post-Snowden, the general perception of threats to online privacy has shifted from a predominant focus on commercial threats to a recognition that government activities, in the sphere of intelligence and national security, also give rise to significant privacy risk. Snowden’s disclosures have challenged many of our assumptions about effective oversight of interception capabilities. Citizens’ expectations in this regard depend partly on national experience of the relationship between citizen and government, and can evolve rapidly. The tension between legitimate law enforcement access and personal privacy remains challenging to resolve. Originality/value As a “viewpoint” paper, this submission draws heavily on the author’s experience as a privacy and technology subject-matter expert. Although it therefore contains a higher proportion of opinion than the academic papers in this issue, his hope is that it will stimulate debate and further research. (shrink)

This article presents a conceptual investigation into the value impacts and relations of algorithms in the domain of justice and security. As a conceptual investigation, it represents one step in a value sensitive design based methodology. Here, we explicate and analyse the expression of values of accuracy, privacy, fairness and equality, property and ownership, and accountability and transparency in this context. We find that values are sensitive to disvalue if algorithms are designed, implemented or deployed inappropriately or without (...) sufficient consideration for their value impacts, potentially resulting in problems including discrimination and constrained autonomy. Furthermore, we outline a framework of conceptual relations of values indicated by our analysis, and potential value tensions in their implementation and deployment with a view towards supporting future research, and supporting the value sensitive design of algorithms in justice and security. (shrink)

An intelligent climate and watering agriculture system is presented that is controlled with Android application for smart water consumption considering small and medium ruler agricultural fields. Data privacy and security as a big challenge in current Internet of Things (IoT) applications, as with the increase in number of connecting devices, these devices are now more vulnerable to security threats. An intelligent fuzzy logic and blockchain technology is implemented for timely analysis and securing the network. The proposed design (...) consists of various sensors that collect real-time data from environment and field such as temperature, soil moisture, light intensity, and humidity. The sensed field information is stored in IoT cloud platform, and after the analysis of entries, watering is scheduled by implementing the intelligent fuzzy logic and blockchain. The intelligent fuzzy logic based on different set of rules for making smart decisions to meet the watering requirements of plant and blockchain technology provides necessary security to the IoT-enabled system. The implementation of blockchain technology allows access only to the trusted devices and manages the network. From the experimentation, it is observed that the proposed system is highly scalable and secure. Multiple users at the same time can monitor and interact with the system remotely by using the proposed intelligent agricultural system. The decisions are taken by applying intelligent fuzzy logic based on input variables, and an alert is transmitted about watering requirements of a field to the user. The proposed system is capable of notifying users for turning water motor on and off. The experimental outcomes of the proposed system also reveal that it is an efficient and highly secure application, which is capable of handling the process of watering the plants. (shrink)

ABSTRACT:The oft-cited privacy paradox is the perceived disconnect between individuals’ stated privacy expectations, as captured in surveys, and consumer market behavior in going online: individuals purport to value privacy yet still disclose information to firms. The goal of this paper is to empirically examine the conceptualization of privacy postdisclosure assumed in the privacy paradox. Contrary to the privacy paradox, the results here suggest consumers retain strong privacy expectations even after disclosing information. Privacy (...) violations are valued akin to security violations in creating distrust in firms and in consumer willingness to engage with firms. This paper broadens the scope of corporate responsibility to suggest firms have a positive obligation to identify reasonable expectations of privacy of consumers. In addition, research perpetuating the privacy paradox, through the mistaken framing of disclosure as proof of anti-privacy behavior, gives license to firms to act contrary to the interests of consumers. (shrink)

: The market success of managed health plans in the 1990s is bringing to medicine the easy availability of electronically stored information that is characteristic of the securities and consumer credit industries. Protection for medical confidentiality, however, has not kept pace with this information revolution. Employers, the managed care industry, and legal and ethics commentators frequently look to the concept of informed consent to justify particular uses of health information, but the elastic use of informed consent as a way of (...) responding to managed health plans' disclosure of information to third parties fails to address underlying questions involving substantive value choices. (shrink)

The European Union approach to data protection consists of assessing the adequacy of the data protection offered by the laws of a particular jurisdiction against a set of principles that includes purpose limitation, transparency, quality, proportionality, security, access, and rectification. The EU's Data Protection Directive sets conditions on the transfer of data to third countries by prohibiting Member States from transferring to such countries as have been deemed inadequate in terms of the data protection regimes. In theory, each jurisdiction (...) is evaluated similarly and must be found fully compliant with the EU's data protection principles to be considered adequate. In practice, the inconsistency with which these evaluations are made presents a hurdle to international data-sharing and makes difficult the integration of different data-sharing approaches; in the 20 years since the Directive was first adopted, the laws of only five countries from outside of the EU, Economic Area, or the European Free Trade Agreement have been deemed adequate to engage in data transfers without the need for further administrative safeguards. (shrink)

The World Bank estimates that over one billion people currently lack official identity documents. To tackle this crucial issue, the United Nations included the aim to provide legal identity for all by 2030 among the Sustainable Development Goals. Technology can be a powerful tool to reach this target. In the digital age, new technologies increasingly mediate identity verification and identification of individuals. Currently, State-led and public–private initiatives use technology to provide official identification, to control and secure external borders, and to (...) distribute humanitarian aid to populations in need. All of these initiatives have profound implications for the protection of human rights of those affected by them. Digital identity technologies may render individuals without legal documentation more visible and therefore less vulnerable to abuse and exploitation. However, they also present risks for the protection of individuals' human rights. As they build on personal data for identification and identity verification, data protection and privacy rights are most clearly affected. The prohibition of discrimination in the digital space is also of concern as these technological advances' societal impact is not yet fully understood. Accordingly, the article argues that emerging digital identity platforms will only contribute to the protection of human rights if the providers adequately mitigate any risks of potential discrimination and promote high standards of privacy and data protection. (shrink)