Ubicomp challenges for privacy law


Published on

Presentation at Ubicomp at a Crossroads: Art, Science, Politics and Design

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Ubicomp challenges for privacy law

    1. 1. Ubicomp challenges for privacy law Dr Ian Brown, Oxford Internet Institute
    2. 2. Overview <ul><li>Human rights to privacy </li></ul><ul><ul><li>ECHR, EU Charter </li></ul></ul><ul><li>Data protection law </li></ul><ul><ul><li>OECD, Council of Europe and EU instruments </li></ul></ul><ul><li>Privacy by design </li></ul><ul><li>The challenges of/for ubicomp </li></ul>
    3. 3. Privacy <ul><li>“ the right to be let alone – the most comprehensive of rights, and the right most valued by civilized men. ” – Supreme Court Justice Louis Brandeis, Olmstead v US 277 US 478 (1928) </li></ul><ul><li>“ A free and democratic society requires respect for the autonomy of individuals, and limits on the power of both state and private organisations to intrude on that autonomy... Privacy is a key value which underpins human dignity and other key values such as freedom of association and freedom of speech” –Australian Privacy Charter (1994) </li></ul>
    4. 4. European Convention on Human Rights <ul><li>Reaffirming their profound belief in those fundamental freedoms which are the foundation of justice and peace in the world: </li></ul><ul><li>§8 Everyone has the right to respect for his private and family life, his home and his correspondence </li></ul><ul><li>§9 Everyone has the right to freedom of thought, conscience and religion </li></ul><ul><li>§10 Everyone has the right to freedom of expression </li></ul><ul><li>§11 Everyone has the right to freedom of peaceful assembly and to freedom of association with others </li></ul><ul><li>§14 rights and freedoms set forth in this Convention shall be secured without discrimination </li></ul>
    5. 5. Government data sinks <ul><li>If data can be collected about individuals, there will be government pressure to store and access that information </li></ul><ul><li>E.g. PATRIOT Act National Security Letters, NSA activities within the US, EU data retention directive, National DNA Database (although see S & Marper v UK ) </li></ul><ul><li>Encryption has little impact if governments can compel decryption </li></ul>
    6. 6. Data protection instruments <ul><li>OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (1980) </li></ul><ul><li>Council of Europe Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (1981) </li></ul><ul><li>Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data </li></ul><ul><li>Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector </li></ul><ul><li>EU Charter of Fundamental Rights (2007) </li></ul>
    7. 7. Data Protection Act 1998 <ul><li>Personal data shall be processed fairly and lawfully </li></ul><ul><li>Personal data shall be obtained only for one or more specified and lawful purposes , and shall not be further processed in any manner incompatible with that purpose or those purposes </li></ul><ul><li>Personal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed </li></ul><ul><li>Personal data shall be accurate and, where necessary, kept up to date </li></ul><ul><li>Personal data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes </li></ul><ul><li>Personal data shall be processed in accordance with the rights of data subjects under this Act </li></ul><ul><li>Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data </li></ul><ul><li>Personal data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data </li></ul>
    8. 8. Insider fraud “ What price privacy?”, Information Commissioner’s Office (2006) Information required Price paid to ‘blagger’ Price charged Occupant search not known £17.50 Telephone reverse trace £40 £75 Friends and Family £60 – £80 not known Vehicle check at DVLA £70 £150 – £200 Criminal records check not known £500 Locating a named person not known £60 Ex-directory search £40 £65 – £75 Mobile phone account not known £750 Licence check not known £250
    9. 9. Definitions of personal data <ul><li>“ any information relating to an identified or identifiable natural person” (DPD §2a) </li></ul><ul><li>Relation determined by content, purpose or result (WP 136) </li></ul><ul><li>“ account should be taken of all the means likely reasonably to be used either by the controller or by any other person to identify the said person.” (DPD recital 26) </li></ul><ul><ul><li>“ unless the Internet Service Provider is in a position to distinguish with absolute certainty that the data correspond to users that cannot be identified, it will have to treat all IP information as personal data, to be on the safe side” </li></ul></ul><ul><ul><li>“ Putting in place the appropriate state-of-the-art technical and organizational measures to protect the data against identification may make the difference to consider that the persons are not identifiable” </li></ul></ul>
    10. 10. Designing for privacy <ul><li>Data minimisation key: is your data really necessary? </li></ul><ul><li>Limit personal data collection, storage, access and usage </li></ul><ul><ul><li>States have a positive duty to design systems to protect privacy ( I v Finland 2008) </li></ul></ul><ul><ul><li>“ processing of location data on employees must correspond to a specific need on the part of the company which is connected to its activity” (WP 115) </li></ul></ul><ul><li>Users must also be notified and consent to the processing of data – user interfaces? </li></ul>Ade Rowbotham (2005)
    11. 11. Sensor data <ul><li>Is communication uni- or bi-directional or broadcast? </li></ul><ul><li>Does sensor, user agent or network carry out triangulation and processing? </li></ul><ul><li>What resolution data can network access? </li></ul><ul><li>How long-lived and linkable are identifiers? </li></ul>
    12. 12. Transport pricing <ul><li>Monitor all traffic centrally (London), at kerbside (W London) or deduct payment from pay-as-you-go toll cards (Singapore)? Or tax parking spaces? </li></ul><ul><li>Link all payment card usage (Oyster) or use unlinkable RFID tokens (Shenzen)? </li></ul>MIT Technology Review (2006)
    13. 13. Key questions <ul><li>Can ubiquitous computing designers work with the European definition of personal data? </li></ul><ul><li>Can inhabitants of ubiquitous computing spaces exercise informed consent over the collection and processing of personal data? </li></ul><ul><li>How can regulators encourage system designers to include privacy by design? </li></ul><ul><ul><li>“ In order to make the use of the concept of ‘privacy by design’ compulsory, the EDPS recommends that the Commission uses the mechanism of Article 3(3)(c) of Directive 1999/5/EC” (Opinion on ‘RFID In Europe’ 2007) </li></ul></ul><ul><ul><li>§3(3) 1995/5/EC: “the Commission may decide that apparatus … shall be so constructed that: … (c) it incorporates safeguards to ensure that the personal data and privacy of the user and of the subscriber are protected” </li></ul></ul>
    14. 14. References <ul><li>S. Marsh, I. Brown and F. Khaki (2008) Privacy Engineering – Cybersecurity KTN white paper </li></ul><ul><li>Information Commissioner’s Office (2008) Privacy By Design </li></ul><ul><li>Opinion of the European Data Protection Supervisor on the communication…on ‘Radio Frequency Identification (RFID) in Europe: steps towards a policy framework’ (2007) </li></ul><ul><li>Article 29 Data Protection Working Party </li></ul><ul><ul><li>WP 136: Opinion 4/2007 on the concept of personal data </li></ul></ul><ul><ul><li>WP 115: Opinion on the use of location data with a view to providing value-added services (2005) </li></ul></ul><ul><ul><li>WP 105: Working document on data protection issues related to RFID technology (2005) </li></ul></ul>