Tag Archives: Privacy

ZEN and the art of making tech work for you

Gender and Tech Ressources >> ZEN and the art of making tech work for you,  complete manual (Tactical Technology Collective + Association for Progressive Communication)

From the Introduction:

“This manual is a community-built resource for our growing community of women and trans* activists, human rights defenders and technologists. It is designed to be a living, growing collection of practical guidance and information that uniquely speaks to our needs, experiences, and activism, both online and offline. Content listed in the manual was created in response to our community’s requests for ideas and guidance they needed, but couldn’t find elsewhere. Therefore, this initial manual content doesn’t cover many other topics that we hope to add with your support and input as it evolves here on the wiki. The current manual explores two overlapping issues:

  • First, how can we craft appropriate online presences (or a series of them) that strengthen our ability to communicate and work online safely?
  • Secondly, how can we collaboratively create safe online and offline spaces that enable our communities to share, collaborate, and communicate safely?

This is a process: Stay centered, cultivate patience, and practice self-care

The first most important thing to remember when using this manual, is that we have used the concept of “zen” in the title to highlight the importance of embracing technology with the calm understanding that it won’t always work perfectly. Sometimes you might need to spend time pondering technology and the significance of it in your life, in your community and in the world. And other times you might need to take a break and come back to it.”

Towards Holistic Security – Tactical Tech

Find out about great Tactical Tech project for Holistic Security

>> Towards holistic security for rights advocates

“Human rights defenders, journalists, and activists continue to operate in a terrain fraught by ever-evolving risks to their physical and psychological integrity, along with those of their family, friends and associates.

The great proliferation of digital devices and information and communication technologies such as the internet, email, social networking tools, mobile and smartphone devices, has had a profound impact on the dimensions of these threats, both in broadening the kinds of surveillance and harassment to which HRDs can be subjected, and providing new and innovative ways for them to communicate, organise, take action and stay safe, both psychologically and physically.”

Business on the back of our pains: Personal health data harvested online with no respect for privacy

“For now, however, millions of people are exposing their personal health profiles to internet advertisers and data brokers, right at the moment they’re making the most confidential inquiries imaginable.”

“Health data is some of the most private data you have. That a data reveals a lot about you. There’s a reason that we have laws like HIPAA—unfortunately those don’t apply here,” Quintin said. HIPAA is the Health Insurance Portability and Accountability Act of 1996, and it forces the government and doctors to keep patient medical records secure and confidential. It has no jurisdiction over search engine companies or data brokers who sap data “volunteered” by users.”

Read : Looking up symptoms online ? These companies are tracking you

No privacy for spouses (Check Mate)

1300SPOUSE

On SPOUSE-BUSTING: Intimacy, Adultery and Surveillance Technology,

Melissa Gregg

“The rise in online communication has brought an accompanying demand for services that facilitate, obscure and discover intimate and adulterous behavior, from dating sites to detective services and location-based tracking devices. This paper takes recent examples of  “spouse-busting” applications to investigate the relationship between intimacy, transparency and security. Adultery anxieties hold useful lessons for surveillance studies, since intimacy often means entitlement to a certain kind of knowledge – the provision of which equates to dominant ideals of commitment, care and trust. As Laura Kipnis argues, the modern relationship is one in which lovers “ must know everything there is to know about one another ”(2003, 162). This premise accords with broader transformations in intimacy encouraging openness and communication between self-directed individuals (Giddens 1992, Shumway 2003, Illouz 2007). According to Kipnis, the practice of “withholding information or having secrets is a definite warning sign of relationship distress ” , since “in principle nothing should be off limits (even if on occasion, ‘making sure’ may be required)”(2003,162-3). Spouse monitoring software provides the means for  “ making sure”. It demonstrates a major tenet of contemporary intimacy in so far as it presumes there is no need for privacy “if there’s nothing to hide”.”

 

 

On Lateral Surveillance (when hell is other people)

safefamily

 

THE WORK OF WATCHING ONE ANOTHER –

Lateral Surveillance, Risk and Governance – Mark Andrejevic

 

“This article focuses on emerging strategies for what might be described as lateral surveillance: not the top-down monitoring of employees by employers, citizens by the state, but rather the peer-to-peer surveillance of spouses, friends, and relatives.”

(…)

 

“Lateral surveillance, or peer-to-peer monitoring, understood as the use of surveillance tools by individuals, rather than by agents of institutions public or private, to keep track of one another, covers (but is not limited to) three main categories: romantic interests, family, and friends or acquaintances. It also comprises several levels of monitoring, ranging from casually Googling a new acquaintance to purchasing keystroke monitoring software, surveillance cameras, or even portable lie detectors. Rather than providing an exhaustive taxonomy of surveillance technologies and practices, this section explores examples of monitoring strategies in an effort to elaborate the logic of peer-to-peer surveillance, one that it is hoped might prove of some use in illuminating a constellation of practices ranging from the use of lie detectors in reality TV formats to the growing market for home surveillance products, and the commonplace practices of peer monitoring via cell phone, IM, or the Internet. While some of the practices described below might seem absurd, such as submitting children to a portable lie detector test, others have become so commonplace that they have passed into unreflective use, such as caller ID, once a technology paid for by those with security concerns, now a service as ubiquitous as cell phones. The following sections explore three inter-related forms of lateral surveillance: the use of the Internet, the development of do-it-yourself information gathering technologies, and that of offline investigative tools. In each case the goal is to use representative examples of the technologies to provide some concrete examples of the argument developed in previous section as well as to illustrate developments in lateral monitoring that don’t receive the kind of attention academic or otherwise that more top-down forms of surveillance have generated. Of central interest to this paper is the constellation of monitoring practices that emerge from a consideration of the available technologies and techniques. They are, I would argue, worthy of consideration in their own right not as a unique phenomenon but as part of the monitoring assemblage associated with the deployment of new information and communication technologies.”

Article abstract:

 

This article explores a range of technologies for ‘lateral surveillance’or peer monitoring arguing that in a climate of perceived risk and savvy skepticism individuals are increasingly adopting practices associated with marketing and law enforcement to gain information about friends, family members, and prospective love interests. The article argues that the adoption of such technologies corresponds with an ideology of responsibilization’associated with the risk society: that consumers need training in the consumption of services and the development of expertise to monitor one another. Rather than displacing ‘top-down’ forms of monitoring, such practices emulate and amplify them, fostering the internalization of government strategies and their deployment in the private sphere. In an age in which everyone is to be considered potentially suspect, all are simultaneously urged to become spies.

Screenshot from 2015-03-15 13:29:38

 

 

Health-related searches privacy sell-outs

“A new study found that 91% of health-related web pages reveal potentially sensitive information to third parties like data brokers and online advertisers.(…)

To conduct the study, University of Pennsylvania PhD student Timothy Libert analyzed the top 50 search results for 1,986 common diseases, some 80,000 web pages. He found that on 91% of the pages, third parties like social networks, advertisers, and data brokers could access information about who was viewing the page, like the user’s IP address. On 70% of the pages, those third parties could see information about specific “conditions, treatments and diseases” viewed.

Altogether, 78% of the health-related web pages sent information about you to Google, 31% sent information to Facebook, and 5% sent information to Experian, a credit bureau and data broker”

>> Your embarrassing online searches about health problems aren’t private 

Tools and Tactics for LGBT communities in Arabic region and sub-Saharan Africa

Security in-a-Box is a collaborative effort of the Tactical Technology Collective and Front Line Defenders, which was created to meet the digital security and privacy needs of advocates and human rights defenders. The Community Focus editions of Security in-a-Box are a series of guides which aim to better place digital security in the context of the work carried out and threats faced by different communities of human rights defenders.

Development of the guides is ongoing. The first two guides, for the Arabic-speaking and sub-Saharan African LGBTI communities, were published in 2013 and 2014 respectively.

The guides are researched and written in collaboration with human rights defenders. They include information about the particular digital security risks which the communities tend to face and also add to the existing material in Security in-a-Box to include new How-to chapters and Hands-on guides where necessary, in order to help you to better protect your information, yourself, and your community.”

Proteja-se nas ruas e na rede

 

O destaque do projeto é o guia Vai protestar? Proteja-se!. Ilustrada, a publicação contém informações de fácil entendimento sobre o uso de tecnologias que protegem a privacidade. Através dela, os manifestantes podem também munir-se de dicas jurídicas sobre seus direitos e estratégias de mitigação de riscos em caso de vigilância ou abuso de poder antes de ir para as ruas.

 

 

Le droit à l’anonymat et au chiffrement

“L’âge numérique s’est traduit par une capacité accrue de chacun à créer et publier des contenus accessibles par tous (en théorie) et à correspondre presque instantanément avec d’autres. Mais ces capacités accrues se sont en réalité accompagnées d’un affaiblissement de la confidentialité des communications et de l’anonymat des producteurs de contenus ou correspondants. La centralisation des services Web, la création d’un marché des données personnelles et le développement de techniques de croisement transforment l’idée d’anonymat (et l’intimité qu’elle permet) en une illusion que les dispositions juridiques de protection ne suffisent pas à transformer en réalité. Ce ne sont donc pas seulement les protestataires ou les lanceurs d’alerte qui ont besoin de techniques d’anonymisation, de chiffrement et d’outils décentralisés, mais également tout un chacun qui souhaite préserver son intimité.

L’anonymisation de type Tor (et technologies liées) et le chiffrement des communications doivent être vus comme un semble de techniques (réunies par exemple dans le système Tails [4]) qui rétablissent un équilibre perturbé, reconstituant les conditions technologiques d’un droit à l’anonymat et au secret des correspondances qui est mis en danger notamment par les différents programmes de la NSA et de ses partenaires. Ce rétablissement renforce le pouvoir distribué des individus et des organisations qu’ils forment face aux pouvoirs étatiques et privés.”

Extrait de la note de Philippe Aigrain élaborée pour la Commission parlementaire de réflexion et de propositions sur le droit et les libertés à l’âge numérique de l’Assemblée nationale

 

Healthcare and Big data and Feminism @ CPDP, Brussels

The Computers, Privacy and Data protection conference in Brussels today until 23rd has/had talks on topics related to healthcare system and research, the data it generates, the status and the uses of this data, the political and ethical questions this gives rise to today.

Also, some Feminist perspective on privacy and data protection, talks on LGBT vital rights to privacy, freedom from surveillance, safety, free speech, access to information on sexuality…

La santé selon la Silicon Valley

Evgeny Morozov dans Le Temps – “Quelques sociétés de la Silicon Valley peuvent nous imposer une façon de vivre”...

Exemple avec la santé :

– Du coup, craignez-vous que les autorités s’impliquent de moins en moins dans la résolution de problèmes, laissant des sociétés high-tech s’en charger?

– Oui, ce risque existe. Dans la santé, un domaine dans lequel Google s’implique de plus en plus, par exemple. Avec ses solutions individualisées, l’on peut craindre de glisser de plus en plus d’un système d’assurance générale avec un partage des risques pour toute la communauté à des solutions individuelles où chacun devra supporter totalement ses propres risques. Avec leur technologie d’apparence si séduisante, les sociétés de la Silicon Valley entrent dans des domaines tels que la prévention du crime, la détection de fraudes fiscales… Ces sociétés, avec des systèmes de contrôle en temps réel, pourraient aussi décider qui peut séjourner dans quel pays. Cela risque d’aboutir à une société où l’Etat, qui ne peut tolérer le moindre risque et dont les moyens financiers diminuent sans cesse, se base de plus en plus sur des sociétés technologiques pour le maîtriser.

– Prenons le service Google Flu Trends, qui permet de détecter les débuts d’épidémies de grippe. Ne pourrait-on pas imaginer que les autorités se servent de ces données pour améliorer leurs politiques?

– Oui mais le danger est que l’Etat devienne beaucoup trop dépendant de sociétés privées pour déceler des maladies ou des comportements criminels. Du coup, au final, la question suivante pourrait se poser: pourquoi a-t-on encore besoin de l’Etat? Ne voulons-nous pas plutôt confier toutes nos données à des firmes high-tech qui les analysent, nous connaissent par cœur, nous ciblent avec de la publicité personnalisée et prennent des décisions à notre place? Et se pose aussi la question du chiffrement de nos données. Google ne les code pas et les diffuse telles quelles pour qu’elles soient utilisables à des fins marketing, ce qui n’est pas acceptable. Il faut que nos données soient protégées et qu’elles soient aussi découplées de la publicité.

Protect all Rhinos

 

rhino

 

“Une image, peut-être plus parlante que mes histoires de selfies piégés et d’attentats futurs, est celle qui demande aux visiteurs de cette réserve – où vivent des rhinocéros – de ne pas diffuser les photos qu’ils prennent sur les réseaux sociaux, ou sinon de désactiver la géolocalisation de leurs appareils.

Parce que celles-ci pourront, sinon, servir à indiquer aux braconiers où et quand vont les animaux qu’ils vont abattre pour leurs cornes.

C’est pour cette raison que, quelles que soient leurs qualités, je ne prête que peu d’intérêts à la majorité des initiatives de messageries sécurisées « post-snowden ». Non qu’elles soient inutiles, loin de là, mais simplement parce qu’elles répondent à un problème du siècle dernier.

Oui, se protéger soi-même est utile. Mais quand l’énorme majorité de nos correspondants ne le sont pas, alors nous sommes autant à l’abri de la surveillance que nos amis rhinocéros. Or – et même si c’est triste il faut se rendre à l’évidence – l’énorme majorité de nos contemporains ne va pas quitter Gmail, ne va pas cesser de publier des photos sur Facebook, ne va pas désactiver la géolocalisation de ses smartphones, ni rien de tout ça.

Parce que l’énorme majorité de nos contemporains n’a « rien à cacher » et qu’à ce jour personne ne lui explique que ce qu’elle a à cacher, c’est nous.

Extrait de Rien à cacher de Laurent Chemla su rle blog Mediapart.

The ethical challenges of ubiquitous healthcare (Brown & Adams)

Abstract:

Ubiquitous healthcare is an emerging area of technology that uses a large number of environmental and patient sensors and actuators to monitor and improve patients’ physical and mental condition. Tiny sensors gather data on almost any physiological characteristic that can be used to diagnose health problems. This technology faces some challenging ethical questions, ranging from the small-scale individual issues of trust and efficacy to the societal issues of health and longevity gaps related to economic status. It presents par- ticular problems in combining developing computer/information/media ethics with established medical ethics. This article describes a practice-based ethics approach, considering in particular the areas of privacy, agency, equity and liability. It raises questions that ubiquitous healthcare will force practitioners to face as they de- velop ubiquitous healthcare systems. Medicine is a controlled profession whose practise is commonly re- stricted by government-appointed authorities, whereas computer software and hardware development is notoriously lacking in such regimes.

” In this article we present a practise-based ethics approach, raising the questions to which medical and computing professionals will be forced to face up, as they collaborate to develop and deploy ubiquitous healthcare systems.” 

The ethical challenges of ubiquitous healthcare, Ian Brown & Andrew A. Adams in IRIE, International Review of Informational Ethics, Vol.8 12/2007

England Your England, by George Orwell

“As I write, highly civilized human beings are flying overhead, trying to kill me.”

“It is therefore of the deepest importance to try and determine what England is, before guessing what part England can play in the huge events that are happening.”

ENGLAND YOUR ENGLAND, George Orwell, 1941 –

 

Note, a passage on the “Privateness of English life”:

(…) What it does link up with, however, is another English characteristic which is so much a part of us that we barely notice it, and that is the addiction to hobbies and spare-time occupations, the privateness of English life. We are a nation of flower-lovers, but also a nation of stamp-collectors, pigeon-fanciers, amateur carpenters, coupon-snippers, darts-players, crossword-puzzle fans. All the culture that is most truly native centres round things which even when they are communal are not official – the pub, the football match, the back garden, the fireside and the ‘nice cup of tea’. The liberty of the individual is still believed in, almost as in the nineteenth century. But this has nothing to do with economic liberty, the right to exploit others for profit. It is the liberty to have a home of your own, to do what you like in your spare time, to choose your own amusements instead of having them chosen for you from above. The most hateful of all names in an English ear is Nosey Parker. It is obvious, of course, that even this purely private liberty is a lost cause. Like all other modern people, the English are in process of being numbered, labelled, conscripted, ‘co-ordinated’. But the pull of their impulses is in the other direction, and the kind of regimentation that can be imposed on them will be modified in consequence. No party rallies, no Youth Movements, no coloured shirts, no Jew-baiting or ‘spontaneous’ demonstrations. No Gestapo either, in all probability.”

UK health sector’s “duty to have due regard to the need to prevent people from being drawn into terrorism”

Check UK government Prevent duty guidance: a consultation (which will run until Friday January 30th 2015). Direct implications for the healthcare sector.
Introduction: 
“The Counter-Terrorism and Security Bill, which is currently before Parliament, seeks to place a duty on specified authorities (identified in full in Schedule 3 to the Bill, and set out in the guidance) to ‘have due regard, in the exercise of its functions, to the need to prevent people from being drawn into terrorism’. Preventing people becoming terrorists or supporting terrorism also requires challenge to extremist ideas where they are used to legitimise terrorism and are shared by terrorist groups. In carrying out this duty, the specified authorities must have regard to guidance issued by the Secretary of State. A draft of that guidance is attached here, for consultation.
Purpose :
“The purpose of this consultation is to seek views on the draft guidance from: local authorities, schools, further and higher education institutions, the NHS, the police, prison and young offender institution governors, and providers of probation services. These bodies are listed in Schedule 3 and will be subject to the duty, when the provisions come into force. We would also be interested in hearing from other bodies working in these fields who feel that they should also be subject to the duty.
We have included specific consultation questions throughout the document which we invite responses on. But more generally, we would like to hear views on the practicality of the guidance, what other measures could proportionately be taken to comply with the duty, any examples of existing good practice, and any opportunities and barriers to implementation. “
The health sector (p.30-32)
119. Healthcare professionals will meet and treat people who may be vulnerable to being drawn into terrorism. Being drawn into terrorism includes not just violent extremism but also non-violent extremism, which can create an atmosphere conducive to terrorism and can popularise views which terrorists exploit. The key challenge for the healthcare sector is to ensure that, where there are signs that someone has been or is being drawn into terrorism, the healthcare worker is trained to recognise those signs correctly and is aware of and can locate available support, including the Channel programme where necessary. Preventing someone from being drawn into terrorism is substantially comparable to safeguarding in other areas, including child abuse or domestic violence.
120.There are already established arrangements in place, which we would expect to be
built on in response to the statutory duty.
Health specified authorities
121.The health specified authorities in Schedule 3 to the Bill are as follows:
•NHS Trusts
•NHS Foundation Trusts
Question for consultation
19. Are there other institutions, not listed here, which ought to be covered by the duty?
Please explain why.
122. NHS England has incorporated Prevent into its safeguarding arrangements, so that
Prevent awareness and other relevant training is delivered to all staff who provide services to NHS patients. These arrangements have been effective and should continue.
123. The Chief Nursing Officer in NHS England has responsibility for all safeguarding, and a safeguarding lead, working to the Director of Nursing, is responsible for the overview and management of embedding the Prevent programme into safeguarding procedures across the NHS.
124. Each regional team in the NHS has a Head of Patient Experience who leads on
safeguarding in their region. They are responsible for delivery of the Prevent
strategy within their region and the health regional Prevent co-ordinators (RPCs).
125. These RPCs are expected to have regular contact with Prevent leads in NHS

organisations to offer advice and guidance.
126. In fulfilling the duty, we would expect health bodies to demonstrate effective action in the following areas.

How will surveillance and privacy technologies impact on the psychological notions of identity ?

After discussing the developments of surveillance and privacy technologies (with privacy protection lagging behind), Ian Brown (Oxford University) argues that they are likely to :

> Bring about Distrust in personal relationships and technology

“Control of information disclosure is an important part of managing personal relationships. Between partners and friends, controlled disclosure builds intimacy and trust, while the ability to tell “little white lies” can be essential to smooth over conflict. If new surveillance technologies do not come with adequate privacy features, this disclosure control will be damaged. This could erode social ties and potentially contribute to family breakdowns and fewer quality relationships. ”

> Negatively affect Social mobility and cohesion

“Private and public-sector surveillance and profiling will lead to individuals increasingly being offered differentiated products and services based on past behaviour, and to a more targeted exercise of power in areas such as criminal justice and social security (Anderson et al. 2009). Unless approached carefully, this could significantly reduce aspiration and social mobility. It may also cause a reduction in social cohesion, if levels of common experiences and the perception of equal treatment are reduced.”

> Create Conformity and stigma 

“The Internet has given individuals greater freedom to explore different identities, reducing constraints on finding information about and participating in online discussion with similar others (McKenna 2007). Greater surveillance could constrain such “potential” selves, and force the revelation of stigmatised identities and interest in fringe ideologies – as well as reinforcing feelings of isolation, difference and shame”

> “Criminalize” citizens and be counter-productive in catching criminals : (mis) Judgment by authority

“While the use of privacy technologies (such as e-mail encryption) remains relatively unusual, users could be wrongly identified with those attempting to hide criminal activities. ”

> Disable the Plural society 

“Surveillance can have a significantly constraining effect on political debate and protest, and hence reduce the broader public debate on socially contested issues, and the ability of weaker groups to resist power.”

“Despite the technological opportunities for sousveillance, Ullrich and Wollinger (2011) note that power asymmetries remain for protestors. Police are “better equipped, outfitted with public legitimacy, more trusted by courts, in possession of other preventive and repressive instruments,” and can also seize protestors’ recordings for their own use (Ullrich and Wollinger, 2011: 24). They conclude that “a technical arms build-up of open and concealed surveillance… signals the encroachment of authoritarian concepts of the state and is a potentially dangerous attack on political participation from below” (p.33). ”

ACCESS THE FULL ARTICLE HERE

 

 

 

Surveillance Self-Defense (EFF)

Capture d’écran 2014-10-29 à 10.14.16

Surveillance Self-Defense is EFF’s “guide to defending yourself and your friends from surveillance by using secure technology and developing careful practices.”

Activists or protesters, journalists, human rights defender, everyone, on the move or at home: Be introduced to threat modeling, find out how to keep your data safe, how to create strong passwords, learn about encryption, choose your tools…

For inspiration, you can read Laura Poitras on the crypto tools that made her journalistic work with whistleblower Edward Snowden possible, and the film CITIZENFOUR 

 

 

 

Holly Herndon’s NSA break up song

Holly Herndon’s HOME, a love/break up song “for prying eyes” and corrupt confidants/devices. Data rain of NSA symbols in music video by Metahaven.

Holly Herndon says:

For my debut album Movement, I communicated an intimacy with my laptop. It is my instrument, memory, and window to most people that I love. It is my Home.

The ongoing NSA revelations have fundamentally changed this relationship. I entrusted so much in my device. To learn this intimacy had been compromised felt like a grand betrayal. Is everything done privately on my laptop to be considered a public performance?

Metahaven says:

The NSA spying on our network may have been tacitly known from reports going back as far as 2002, but the aesthetics of this surveillance were not so known. Code names, acronyms, icons and graphics from a shadow world designed to never be publicly exposed.

For “Home,” we created a data rain of these NSA symbols.

 

Oficina Cyber – Crypto Party, 8/10 @ PORTO

A tecnologia que nos controla ou a tecnologia que nós, cidadãos, controlamos ?
Guerra cibernética ou paz cibernética?
Que futuro queremos para a tecnologia, e de que forma podemos combater a vigilância em massa?
Nesta oficina será abordada a história das redes, ética, co-respondabilidade e co-dependência, os ciclos virtuosos e os ciclos viciosos.
O tema central será o anonimato, a descentralização e o software livre, a alternativa ao Google, Skype, Dropbox, entre outros.

Não é obrigatório trazer um dispositivo próprio (laptop, tablet ou telefone).

A oficina será orientada por Jérémie Zimmermann, engenheiro informático Francês co-fundador da La Quadrature du Net, grupo de defesa das liberdades fundamentais dos cidadãos na internet.

Jérémie foi um dos contribuidores para o livro “Cypherpunks: freedom and the future of internet”, de Julien Assange.

Quarta feira, 8 de Outubro, na Sonoscopia, PORTO
Das 15H às 20H
Preço Livre

 

“How to talk to your children about mass surveillance”, by Cory Doctorow

“Kids care intensely about privacy, because kids make a lot of mistakes. Making mistakes is how you learn not to make more mistakes in the future. Making mistakes while someone else watches is a qualitatively different experience from making them on your own. Kids know, intimately, why privacy matters.

So I’m not surprised that my kid wants to talk about surveillance with me, and that this subject has grown to eclipse all others during our talks: ‘‘Daddy, let’s talk about the spies some more.’’

Cory Doctorow, HOW TO TALK TO YOUR CHILDREN ABOUT MASS SURVEILLANCE 

“If you want to connect to me, you have to do it safely” – Jacob Appelbaum & Jillian York @ re:publica 14

Like people didn’t give up on sex because of STDs, they are not going to give up using the Internet or today’s communication devices because they are bugged. There are however (transitive) risks in exposing our lives to constant capture / monitoring by third parties, and these could be minimized if the variety of us become better informed and start to adopt know-better behaviors, like in safer sex. Could we then learn how to use crypto tools like we learnt how to place condoms on bananas ? Drawing analogies with public health campaigns, environmental education for children and other social movements, Jacob Appelbaum (TOR) and Jillian York (EFF) lay out the principles of what could be a harm reduction campaign against the epidemic of mass surveillance and erosion of privacy, in their talk @ re:publica 14. Note that in a salutary queering of the debate, Appelbaum and York also point to the fact that opting out of the problem today saying “I have nothing to hide” is pretty much equivalent to (dominant white male) hetero saying AIDS is a gays thing and doesn’t concern them : false of course, and irresponsible. True, not everyone exposed to mass surveillance in their countries is exposed to the same risks (as of now white westerners might not risk to be put in jail or drone striked overnight for expressing their thoughts or gathering together on a regular basis), but understanding the interconnectedness is a vital key for all across the globe.

Watch the talk here : LET’S TALK ABOUT SEX BABY, LET’S TALK ABOUT PGP 

Psychological functions of privacy

What are the psychological functions of privacy ? What do the psychologists and “academicians” who have looked into it actually have to say about it ? Can we be inspired by some of their findings to better protect privacy, and/or maybe fix the “argumentative gap” with a public too prompt to resolve the problem with the “I have nothing to hide” argument ?

Researching the socio-psychological functions of privacy through its literature in social sciences I find that the works of Westin, Pedersen, Altman seem to have been influentials, ever since they were published already some years ago. Their “models” and understanding of the complex concept of privacy have inspired researchers after them.

Alan Westin, for instance, author of Privacy and Freedom, identified 4 types of privacy : solitude, intimacy, anonymity and reserve – and 4 functions of privacy : personal autonomy, emotional release, self-evaluation, and protected communication 

Darhl M Pedersen, contributed numerous research on the subject in social psychology, starting with The Psychological Functions Of Privacy, where he empirically identified 5 functions of privacy: contemplation, autonomy, rejuvenation, confiding and creativity.     

Environmental psychologist Irwin Altman also researched and wrote about personal space and privacy.

I came across a Literature review on the subject of privacy inside another article TOWARDS A PRIVACY FRAMEWORK FOR INFORMATION SYSTEMS DEVELOPMENT, by Peter J. Carew and Larry Stapleton.

Here it is below.

2. PRIVACY: A REVIEW OF THE LITERATURE

The concept of privacy appears in the literature of several disciplines. There is no universal definition for privacy, and numerous authors have highlighted the difficulties in producing such a definition (cf. Burgoon, 1982; Leino-Kilpi, et al., 2001; Newell, 1998). Theorists argue over whether privacy is a condition, a process or a goal (Newell, 1998). While privacy may be a difficult concept to characterise concisely, the various definitions do have substantial commonalities. One group of definitions emphasise seclusion, withdrawal, and avoidance of interaction with others. The second group puts more emphasis on the control individuals have over their lives.

There are a number of formal models of privacy in the literature, but the theories of Alan Westin (e.g. Westin, 1970) and Irwin Altman (e.g. Altman, 1976) are considered authoritative. Their theories and ideas have stood the test of time and have been the basis of research for many subsequent authors (Margulis, 2003; Pedersen, 1999, 1997; Petronio, 1991). The remainder of this section provides an aggregated overview of some of the core aspects of privacy compiled from the most influential literature. These core aspects set out the theoretical background against which any ISD privacy theory must be constructed.

TOWARDS A PRIVACY FRAMEWORK FOR ISD

3 2.1. Privacy Types, Functions and Mechanisms

People experience and desire several states, or types, of privacy. These include the four identified by Westin (1970): solitude, intimacy, anonymity and reserve. Solitude means to be alone and free from observation by others. Intimacy refers to being alone with a small group to the exclusion of others (e.g. family), and concerns close relationships. Anonymity refers to being unrecognised in a public place – to be inconspicuous and blend into the crowd. Reserve is based on a desire to limit disclosures to others. Pedersen (1997, 1999) extended Westin‟s model by adding isolation (i.e. using physical distance to be alone) and splitting intimacy into intimacy with family and intimacy with friends. Burgoon (1982) identified the following broad dimensions of privacy: social, physical, informational and psychological.

Privacy functions refer to why individuals seek privacy. Westin (1970) identified four functions of privacy: personal autonomy, emotional release, self-evaluation, and limited and protected communication. Personal autonomy relates to independence and self-identity. It is the desire to avoid being manipulated, dominated or exposed by others. Emotional release refers to freedom from the tensions of social life, and being able to deviate from social norms, roles, rules and customs safely. Self-evaluation refers to integrating experience into meaningful patterns, and the opportunity to plan and assess future actions (i.e. self-reflection and assessment). Limited and protected communication provides the opportunity to share personal information with trusted others. Altman (1976) describes three functions of privacy: interpersonal, the interface to the self and the social world, and self-identity. Pedersen (1997, 1999) empirically identified five basic functions of privacy: contemplation, autonomy, rejuvenation, confiding and creativity. From a systems point of view, Newell (1998) argues that privacy provides an opportunity for restabilisation, system maintenance (i.e. healthy physiological and cognitive functioning) and system development (i.e. towards autonomy and self-actualisation). Individuals may seek to protect their privacy to avoid e.g. embarrassment, harassment, ridicule, shame, scrutiny or discrimination (Shapiro and Baker, 2001).

Behavioural mechanisms are used to achieve a desired level of privacy. These mechanisms include verbal, paraverbal (e.g. tone), non-verbal (e.g. gestures), environmental behaviour (e.g. personal space and territoriality), and cultural norms and customs (Altman, 1976; Pedersen, 1999). Personal space is an invisible zone surrounding the human body, separating people from one another (Leino-Kilpi, et al., 2001). Territoriality refers to a perceived ownership of areas, objects, knowledge or status. These privacy mechanisms function as an integrated system, supporting and substituting each other as appropriate (Altman, 1976).

2.2. Circumstance, Individuality and Culture

Privacy interests vary in both content and magnitude across situations and individuals. What may be trivial to one individual may be significant to another (Shapiro and Baker, 2001). Relevant personal factors include the individual‟s need for privacy, personal attractiveness, interpersonal skills, personality variables, and ability to use privacy control mechanisms effectively (Pedersen, 1999). Personality variables include extraversion, emotional stability, agreeableness, openness to experience, and conscientiousness (Zweig and Webster, 2003). Gender also can impact on privacy preferences (Newell, 1998; Pedersen, 1999). Some cultures have a stronger preference for privacy and more privacy needs than others (Kaya and Weber, 2003). The need for privacy is universal but manifestations and privacy mechanisms are culturally specific (Margulis, 2003; Newell, 1998). For example, local culture has been shown to affect people‟s perceptions of crowding (Hall, 1966).

2.3. Intrusion and Privacy Violation

Intrusion essentially is when the desired level for privacy is higher than the actual level being enjoyed (Altman, 1976). Altman‟s process oriented model for social interaction is useful for further describing what is meant by intrusion or privacy violation. In Altman‟s theory, privacy has five properties: units of privacy, the dialectic nature of privacy, the non-monotonic nature of privacy, privacy as a boundary control process, and privacy as a bi-directional process (Altman, 1976). Units of privacy refer to the fact that privacy applies at the individual and group levels, and differences exist in privacy dynamics for various social units (Altman, 1976; Margulis, 2003). The units of privacy can be person-to-person, person-to-group, group-to-person or group-to-group (Leino- Kilpi, et al., 2001). The dialectic nature of privacy refers to the fact that individuals continuously change their desire for interpersonal contact. There are two opposing forces at work at all times – one drawing individuals together, and another pushing them apart. Privacy can, thus, be viewed as a dynamic, dialectic process where the need for solitude and the need for interpersonal contact are constantly in opposition. The desired level of privacy depends on which of the two opposing forces is strongest at a given time. The non-monotonic nature of privacy refers to the fact that there is an optimal level of privacy at a given time, and people can have too much privacy (e.g. social isolation) or too little privacy (e.g. crowding). Privacy as a boundary regulation process offers the notion of a flexible barrier between the self and non-self, which can be opened or closed depending on circumstance (Altman, 1976; Petronio, 1991). Finally, privacy can be viewed as a bi- directional process, involving controlling inputs from others and outputs to others.

In terms of Altman‟s model, intrusion therefore depends on a number of factors. Different social units have different privacy needs (e.g. family, work group, individual), these needs change frequently, and it is possible to have too much or too little privacy. While too much interaction may be experienced as an invasion of privacy, too little may be experienced as loneliness or alienation (Pedersen, 1999). Being forced to interact (i.e. receive input or provide output) beyond the level of interaction desired in a given circumstance is an intrusion as the forced participation implies an attempt to break through the flexible mental barrier (cf. Altman, 1976). The ability to control interactions is essential for privacy management.

Technology has long been recognised as posing a significant threat to the privacy of personal data. The following section looks at some of the privacy related ethical issues in the information society. It shows how ICT is shaping society and the workplace and highlights some dilemmas facing the ethical ISD professional.

P. Carew, and L. Stapleton (2005). „Towards a Privacy Framework for Information Systems Development‟, in O. Vaselicas, W. Wojtowski & G. Wojtowski (eds.), Information Systems Development: Advances in Theory, Practice and Education, Kluwer Academic Press/ Plenum

A woman hid her pregnancy from Big data

A woman hid her pregnancy from the Internet, using TOR, cash not cards, personal server, local lockers instead of house mailbox, and of course, not feeding uncle Facebook the happy news. Educational.

“My story is about big data, but from the bottom up,” she said. “From a very personal perspective of what it takes to avoid being collected, being tracked and being placed into databases.”

READ How one woman hid her pregnancy from big data. 

Electronic health records pose challenges to privacy

Published in May 2011 in The International Journal of Person Centered Medicine, here is a read for health-care professionals who care about privacy

To serve and to protect ? Electronic health records pose challenges for privacy, autonomy and person-centered medicine 

ARTICLE ABSTRACT:

“This paper highlights potential challenges to privacy posed by electronic health records and proposes to increase patient involvement in maintaining the privacy of their data. Electronic health records are heavily promoted in the United States, rendering sensitive health information accessible and potentially jeopardizing patient privacy. Yet certain HIPAA regulations are consistently violated, suggesting that the Federal Government is unable to fully enforce privacy standards. On the other hand, proportionately there are few civilian complaints to the U.S. Department of Health and Human Services (HHS), implying that patients are unaware of privacy breaches, the means to report them, or both. Without permitting patient control over information, the proposed privacy system assumes that leakages will occur and offers to notify patients of breaches after the fact. This deprives patients of the right to defend their intimate details, which are more available to caretakers, employers, and insurers than ever. Our proposed solution is to render usage of patient information transparent by default, so that patients can monitor and control who is privy to what input. This will enhance patient empowerment, feeding into improved governmental control over health data.”

by

Talya Miron-Shatz MA PhDa and Glyn Elwyn MB BCh MSc FRCGP PhDb

a Founding Director, Center for Medical Decision Making, Ono Academic College, Israel; Lecturer, Marketing Department, Wharton School, University of Pennsylvania, Philadelphia, Pennsylvania, USA
b Professor of Primary Medical Care, Clinical Epidemiology Interdisciplinary Research Group, Department of Primary Care and Public Health, Cardiff University, Cardiff, UK

Big Doctor will care ?! Privacy for the weak !

The possibilities and dangers -closing in on us- of “pseudonymized” health records central databases, with police backdoors, scientists, insurers, and other third parties authorized to mine the “care.data” are exposed in this guardian article “Police will have backdoor access to health records despite opt-out”, by Randeep Ramesh.

This puts into light an architecture of biopower (as conceptualized by french philosopher Michel Foucault) where control over people’s destinies can technically and easily be exerted via the subjugation of their own bodies.

Let’s not forget that today, people’s personal health informations ALREADY are used against them and negatively affect their fundamental freedoms, for example of movement and/or economic interaction, whether it is a matter of crossing a border when you’re HIV+ and/or getting/keeping a job when you’re a smoker.

Overall it is a particularly aching reminder of the importance of protecting the personal data of the weak, in that it concerns the very place where people are the most vulnerable (that’s when we go to a doctor, right?), and a place that is still considered a safety and confidentiality haven – with privacy being a component of good care.

“PRIVACY FOR THE WEAK, TRANSPARENCY FOR THE POWERFUL”

as advocated and enabled by Wikileaks and its founder Julian Assange,

really sounds like the right line.

Extract:

Phil Booth of medConfidential, which campaigns on medical privacy, told the Guardian: “This is precisely the danger when you create a giant database of highly sensitive information about people – all sorts of other people want to go rifling through it, including the government.” There’s always another good reason to go digging, but no one thinks of the catastrophic breach of trust this represents.”

“The lack of independent oversight and transparency is what’s most worrying. People trust their GP, but who’s heard of the Health and Social Care Information Centre or the four people who sign off on access to all our medical records?”