Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ottawa haifaintro2019 privacy


Published on

Zarsky intro

Published in: Education
  • Be the first to comment

  • Be the first to like this

Ottawa haifaintro2019 privacy

  1. 1. Information Privacy in the Digital Age – Introduction Spring 2019 Dr. Tal Zarsky [University of Haifa – Faculty of Law]
  2. 2. Introduction to Introduction:  Various privacy problems addressed in the public debate and technological discourse  Strive to address both theory and practice  Will map out main issues here addressed
  3. 3. Why Privacy is “Exploding” Now • Collection: Omnipresent, Quantity leap, Quality leap • Analysis: Digital environment, easy to “warehouse” • Use: Narrowcasting, tailored content and the “feedback loop” • Behavioral targeting as a test-case
  4. 4. The Challenge of Identifying Privacy Problems Privacy concerns: • Privacy is a “tricky” concept • Three “mega” problems stemming from the collection of personal data: (1) Fear the data will be used by government, or passed on to it (2) Fear of the collection of personal data per se (collection on its own is bad enough) (3) Fear of the specific detriments stemming from the use of personal data (the “so what?” approach)
  5. 5. Identifying the problems – Fear of Collection per se  Specific concerns: • Loss of control over data, self- monitoring, conformity, inability to form intimacy, loss of autonomy  Overall response – social adaptation
  6. 6. Identifying the problems: Metaphors we live by  The powerful metaphors (and the problems they cause):  “1984”  Kafka (“The Trial”, “The Castle”)  “Brave New World”  Bentham’s “Panopticon”
  7. 7. Common responses to “Privacy claims”  Privacy creates: • Social costs: reputation, search expenses (waste) • Security costs (inability to track terrorists, criminals, diseases) • Free Speech Arguments (Sorrell)
  8. 8. Identifying “actual” problems • Abuse • Discrimination: (1) In general (2) Problematic Factors (3) Based on prior patterns of behavior • Autonomy and Manipulation
  9. 9. Autonomy:  Difficult and problematic concept  “insight” into the users preferences allows content providers to effectively manipulate them  On the other hand, autonomy possibly compromised when personal data analyzed without consent.
  10. 10. Overview of solutions (1)  “The Right of Privacy” (1890)  Torts – the Four Privacy Torts (Prosser, 1960): Intrusion, Disclosure of Private Facts, False Light, Appropriation – garden variety of rights  The GDPR (as opposed to the EU Directive) – and overall perspective (understanding secondary sale & secondary Use; Opt In vs. Opt Out)  The Fair Information Practices – Notice, Access, Choice, Security and Enforcement  In the EU – also purpose specification, minimization, proportionality.  The U.S. Patchwork –  Protected realms - Health (HIPPA)  Protected Subjects - Children (COPPA)  Protected forms of Data (“Sensitive Data”)  State laws – California and beyond…
  11. 11. Overview of solutions (2)  Why Torts (usually) fail – and the realm of today’s data collection  Example: DoubleClick and “cookies”  The contractual and property perspective (for example: default and mandatory rules)  The technological solution (P3P, Lessig)  The shortcoming  Market failures (high information and transactional costs) – people are happy to sell their privacy for very very cheap!  Negative externalities (inferences from one group to another, and from group to individual  Loss of Benefits (loss of subsidy to start ups, loss of data derived from analysis)
  12. 12. Classic Privacy Themes  Theories of Privacy and their Critiques  The Privacy Torts/Privacy and/in the media  Privacy and the Government  Digital Surveillance, National Security  Using Private Data Sets/Data Mining  Privacy in the Commercial Realm  Online Privacy/Behavioral Marketing/Privacy by Design
  13. 13. Classic Privacy Themes (2)  Anonymity, Pseudonymity, Identity and Transparency  Data Security, Cyber-security, Cyber Crime  Social Networks and Online Social Networks  Uniqueness of exposing a social graph  Medical Privacy  The curious case of genetic information  Privacy in the Workplace (monitoring, evaluating, recruiting)
  14. 14. Data Protection and the EU  1995 – the EU adopts the Data Protection Directive  A Directive sets a minimal standard.  Broad spectrum of levels of adoption throughout the continent.  Directive premised on FIPPs.  Sets jurisdictional boundaries and relies upon the work of DPAs.
  15. 15. Foundations of EU Privacy Law  European member states adopt data protection laws.  EU Charter of Rights now includes privacy and data protection.  Not to be confused with the ECtHR  Therefore court can strike down Directives.  Digital Rights Ireland.  ECJ – relevant court  Growing set of case law.