Privacy, Data Protection and SNS Prof. dr. Jeroen van den Hoven Scientific Director 3TU Centre Ethics and Technology Professor Delft University of Technology Professorial Fellow Australian National University

Prof. dr. Jeroen van den Hoven

Scientific Director 3TU Centre Ethics and Technology

Professor Delft University of Technology

Professorial Fellow Australian National University

EXPLODING Personal Data EMPLOYEE MONITORING INTERNET SEARCH BEHAVIOR TELECOMMUNICATION VEHICLE REGISTRATION SYSTEMS INTERNET OF THINGS PAYMENTS CCTV IN PUBLIC PLACES SOCIAL SECURITY HOMELAND SECURITY POPULATION REGISTRATION SNS AMBIENT ASSISTED LIVING PROFILES COOKIES KNOWLEDGE DISCOVERY IN DATA BASES RFID

EMPLOYEE MONITORING

INTERNET SEARCH BEHAVIOR

TELECOMMUNICATION

VEHICLE REGISTRATION SYSTEMS

INTERNET OF THINGS

PAYMENTS

CCTV IN PUBLIC PLACES

SOCIAL SECURITY

HOMELAND SECURITY

POPULATION REGISTRATION

SNS

AMBIENT ASSISTED LIVING

PROFILES

COOKIES

KNOWLEDGE DISCOVERY IN DATA BASES

RFID

Privacy Consider an empty restaurant Consider a successful SNS Informational (tort privacy) Decisional (constitutional) What is personal data? Referential (identity based) Attributive (attribute based)

Consider an empty restaurant

Consider a successful SNS

Informational (tort privacy)

Decisional (constitutional)

What is personal data?

Referential (identity based)

Attributive (attribute based)

Privacy A) recurrent problem (explain) B) messy problem (clear up) C) real problem (understand)

A) recurrent problem (explain)

B) messy problem (clear up)

C) real problem (understand)

A. Data greed explained Commodity Prisoners’ Dilemmas; Principal- Agent Public goods Free-riders Negative reasons Customer relations pro-active service Positive reasons Market Government Accumulation of Personal data

B. Mess: Privacy Accounts Scarcity Account Moral self-ownership Autonomy Personal sphere/zone Property Human dignity Utilitarian

Scarcity Account

Moral self-ownership

Autonomy

Personal sphere/zone

Property

Human dignity

Utilitarian

C. Problem liberalist &. communitarians divided over conception of the liberal self: “unencumbered, punctual, un-situated” individual rights, privacy, autonomy community/corporation needs: information, surveillance, monitoring

liberalist &. communitarians divided over

conception of the liberal self:

“unencumbered, punctual, un-situated”

individual rights, privacy, autonomy

community/corporation needs: information, surveillance, monitoring

Normative principles of DATA PROTECTION (EU 95 Directive) notification participation purpose specification use limitation security accuracy accountability informed consent (Central Principle of Data Protection)

notification

participation

purpose specification

use limitation

security

accuracy

accountability

informed consent (Central Principle of Data Protection)

Conceptualizing “privacy” privacy (USA) vs. data-protection (EU) reconstruction in terms of moral reasons for data-protection Why establish data-protection regimes, norms, habits which put autonomy/informed consent and other constraints (95 Dir) center stage?

privacy (USA) vs. data-protection (EU)

reconstruction in terms of moral reasons for data-protection

Why establish data-protection regimes, norms, habits which put autonomy/informed consent and other constraints (95 Dir) center stage?

Moral grounds for data-protection 1. Preventing harm 2. Establishing transparency, fairness and equality of opportunity/arms in market for personal data 3.Respecting Informational Justice: Separation of spheres of access (Walzer) 4.Respecting Moral autonomy

1. Preventing harm

2. Establishing transparency, fairness and equality of opportunity/arms in market for personal data

3.Respecting Informational Justice: Separation of spheres of access (Walzer)

4.Respecting Moral autonomy

Importance of Design Privacy by Design Privacy Enhancing Technology (PET) Business Process Redesign (BPR) Specified in the form of: Deontic constraints on information relations, information actions, implemented in software and architectures

Privacy by Design

Privacy Enhancing Technology (PET)

Business Process Redesign (BPR)

Specified in the form of:

Deontic constraints on information relations, information actions, implemented in software and architectures