Privacy Flashcards
Name and explain three types of privacy, and explain how they can be threatened.
Informational privacy is an individual’s ability to control and limit the extent to which, and the way in which, their information is collected, stored, disseminated, and processed. The individual’s informational privacy is threatened whenever they have inadequate knowledge of and insufficient influence over the amount and nature of information that is collected, stored, disseminated, and processed about them.
Decisional privacy is an individual’s ability to make decisions
on their own, without undue interference or surveillance. The individual’s decisional privacy is threatened not only if others
are able to influence their decisions, but also if others simply take
inappropriate levels of interest in those decisions.
Local privacy is the ability to be alone and to have a space where we can “be ourselves”. An individual’s local privacy is threatened if there is a lack of control over one’s own environment, as well as a lack of anonymity.
Explain why information processing and gathering is important, as well as how this can lead to ethical issues.
Information is often used to solve a variety problems. Many different stakeholders may have a legitimate interest in any bit of information. These problems can be important to deal with societal issues like public health or scientific progress. Also on a personal level information is important; a doctor needs information to diagnose you and needs to share information to other specialists if needed.
Ethical questions arise about how information should be
collected, stored, disseminated, and processed.
In which two ways does privacy have value?
Privacy has instrumental value: it valuable insofar as it helps achieve other (intrinsic) values such as autonomy and security.
Privacy is also of intrinsic importance: an individual’s privacy is no less important than their physical security. E.g. local privacy is important because every person has a right to live their life however they want to live it.
How can tracking pose a threat to each different kind of privacy?
The fact that information is collected about a user’s behavior is an obvious threat to their informational privacy.
Because a user might behave differently if they suspect that they are being tracked, tracking also threatens their decisional privacy.
Because tracking allows others to follow users through a digital space, there is a sense in which users are never truly “alone” and free to be themselves in that space, which threatens local privacy.
How can personalization pose a threat to each different kind of privacy?
Effective personalization requires detailed knowledge of the user, the acquisition of which threatens their informational privacy.
The fact that personalization is often used to influence a user’s actions (e.g. through “nudging”) threatens their decisional privacy.
If an environment becomes too personalized, users are prevented from experiencing something new and “foreign”, limiting the extent to which they can be themselves, threatening local privacy.
What are some good reasons to employ practices that could be privacy-threatening? And what does that lead to?
Policing could be a valid reason for increasing security, but this could also pose a threat to privacy. How much information should the police have about civilians? This leads to a value conflict, meaning that there is a conflict between values like privacy vs security. It’s impossible to maximize both at the same time.
Explain Notice & Consent.
The gist of this approach is to inform website visitors and users of online goods and services of respective information flow practices and to provide a choice either to engage or disengage.
Notice is the principle that individuals must be given an adequate explanation about exactly which (and how much) of information would be collected, and how it would be stored, disseminated, and
processed.
Consent is the principle that individuals must approve the collection, storage, dissemination, and processing of information as described.
Provide two considerations that explain the appeal of Notice & Consent to regulatory bodies.
Two considerations explain the appeal of this approach to stakeholders and regulators. One is the popular definition of a right to privacy as a right to control information about one-self. The second consideration is the compatibility with the paradigm of a competitive free market, because personal information may be conceived as part of the price of online exchange, people are free to decide whether the price is right.
Provide three reasons for why notice & consent is ineffective.
Critics explain that notice and consent has failed because:
1. (consent) it may seem that individuals are free to choose to pay the informational price, the price of not engaging socially, commercially, and financially may in fact be exacting enough to call into question how freely these choices are made.
2. (notice) Privacy policies are too long, abstruse and legalistic, which adds to the unrealistic burden of checking the respective policies of all websites that we visit. Evidence has shown that people do not read them, do not understand them when they do and realistically could not read them if they wanted to.
3. (notice) Privacy policies could be subject to change whenever, meaning that all website visitors have to re-read the whole privacy policy, which adds another level of burden to the previous points.
Keywords: cost evaluation, overburdening, change
Explain a potential improvement to notice & consent. Explain why these improvements might not be effective. Include the term ‘transparency paradox’ in your answer.
Policies could be made shorter and simpler, similar to the nutritional label on food. A problem with this is that the details of privacy policies are usually most important, and by creating a simpler and easy-to-read policy, it is likely that you will lose those detail. This is what is meant with the Transparency Paradox: By an attempt to be transparent (e.g. simplifying the policies) you will lose transparency in the form of important details that are lost.
Explain the contextual approach to privacy, as defined by Helen Nissenbaum.
The contextual approach to privacy, as described by Helen Nissenbaum, argues that privacy should be understood in the context of specific social and ethical values, rather than as an absolute or universal right. According to this approach, privacy is not a fixed or unchanging concept, but rather something that can vary depending on the context in which it is being considered. New contexts can arise, in which there exists no privacy-protection norms and regulations yet.
Nissenbaum argues that privacy is a social construct that is shaped by the values and norms of a particular society or community. She suggests that privacy should be analyzed in terms of the specific information practices that are at issue and the values that are being protected or threatened by those practices. This approach emphasizes the importance of understanding the social, cultural, and ethical dimensions of privacy in order to develop appropriate policies and practices.
Provide one advantage and one disadvantage of the contextual approach over Notice & Consent
An advantage of the Contextual Approach over Notice & Consent is that we do not over-burden individuals and can rely on existing norms.
A disadvantage is that, if new technologies do not sufficiently resemble traditional contexts, it we will face the difficult task of developing new norms, with the traditional difficulties of e.g. operationalizing and measuring privacy or balancing duties.