Last week the world’s thought leaders on privacy had dawned on Amsterdam for Privacy Week: a series of three consecutive conferences on privacy: the general Amsterdam Privacy Conference (APC), the Privacy Law Scholars Conference (PLSC), and the International Data Protection and Privacy Commissioners Conference. I was invited to the APC to talk about our COMMIT/ SWELL research on privacy transparency in sensor based applications. A wonderful opportunity to be among such inspirational fellow researchers. In the SWELL research I presented we explored software design patterns that enable transparency in sensor based applications.
The conference talks were dominated mostly by Safe Harbor, the practices of national intelligence services, and big data, with some attention to drones, data protection directive principles, as well as sensor based applications. As to Safe Harbor, the commentary was largely in line with my colleague Bob Hulsebosch’s metaphor of Safe Harbor as a fig leaf. The consensus seemed to be Safe Harbor simply wasn’t effective to begin with (perhaps fired by a lightning talk by Max Schrems himself), yet as FTC commissioner Julie Brill pointed out some means of transparency and accountability has nevertheless been lost. Opinions on a successful revamp of Safe Harbor weren’t optimistic.
Not surprisingly, it was stressed that privacy is ever more in peril; in her opening address University of Amsterdam’s Dymph van den Boom pointed to sensor based applications, data commodification, and an increase in hacking activity. Gabriella Coleman presented her research on the Anonymous hacker-collective, and made a case for anonymity, or pseudonymization, as being both under attack and an invaluable tool for civil discourse and activism. In a startling insight to how marketing encroaches on privacy, Ashkan Soltani (the FTC’s CTO) explained how marketers target individuals. He gave the example of audio beacons: an inaudible sound print is transmitted during a commercial, which your smartphone passively scans for to confirm you’ve heard the commercial.
The benefits of what may be achieved with data tend to outweigh privacy concerns. Dutch Minister of the Interior Ronald Plasterk too stressed the difficult balance between privacy and utility in defense of the Dutch national intelligence services. Similarly, Google’s Global Privacy Counsel Peter Fleischer clarified they don’t have all the answers either, and are continually changing policy and implementing new functionality to safeguard user’s privacy as best they can, within their commercial confines.
As Helen Nissenbaum put it, privacy isn’t dead, but the traditional instruments are. Too long have we relied on informed consent and anonymization to safeguard privacy; it was made abundantly clear that these tools simply do not suffice. Nissenbaum suggests the solution lies with restricting data flows, rather than focusing on the use of data, since the latter proved unenforceable. Many look to regulation to resolve some of the privacy issues in the age of big data, most enticingly Viktor Mayer-Schönberger, but the lawyers are faced with international disputes, lacking tools to enforce regulation, and normative questions. Several calls to action were made to other parties, such as consumers, tech developers and government bodies, to engage in the privacy debate. Witnessing the thriving privacy research community, I can agree privacy isn’t dead in 2015, or at least, is making a convincing last stand.
This post is also available in: English