Dagstuhl Perspectives WorkshopOnline Privacy – Towards Informational Self-

Determination on the Internet

Part 4: Method, Structure and Language

Jacques Bus Dagstuhl, DE – 7-11 Febr 2011

DIGITRUST.EUTrust in the digital space

DIGITRUST.EUTrust in the digital spaceStructure of result

Part 1. Current S-o-A of online privacy w.r.t. to informational self-determination Part 2. Industry & Engineering Options to improve online privacyPart 3. Recommendations for improving regulations of online privacyPart 4. Recommendations for research to improve the S-o-A of online privacy The report structure will follow the Parts as proposed above? Comments: Part 1 may include background and relevance of the topic Part 2 could include challenges Part 3 depends on result in 1 and 2 Part 4 depends on results in 1 and 2, but problems of focus and form In general of course one cannot make 3 or 4 without some consent on 1 and 2.

DIGITRUST.EUTrust in the digital spaceIssues in Part 4

Part 4: Foster industry's and academia's research for creating effective on-line privacy technologies. components and systems that promote informational self-determination

Questions:1.A message for whom? To do what?2.Terminology and language3.Choices to be made4.Time Frame

DIGITRUST.EUTrust in the digital space

A message for whom?To do what?

Or just a missionary statement about our good intentions?

DIGITRUST.EUTrust in the digital spaceDagstuhl Perspectives Workshop

Analyze the status quo of a field and jointly develop a vision for its future. Give at the level of funding agencies and research policies: recommendations for research investments.Update the respective legislative and regulative authorities on their options.

Results in a “Dagstuhl Manifesto” with

Research directions that are put into a larger context: society and economy, applications, relations to other fieldsAudience beyond the inner circle of experts, including policy makersPublication

Dagstuhl Online Publication Server (DROPS) Other scientific publishers.Summaries of selected manifestos in Informatik-Spektrum (Springer)

OutreachPresented at a meeting of Dagstuhl’s Scientific Advisory BoardPassed on to national and European funding agenciesOther specific actions of participants??

DIGITRUST.EUTrust in the digital spaceTargeted audience?

Researchers and Funding Agencies , policy makers - motives

• Politics and Institutions (incl. EDPS, Privacy Commissioners, Legislative authorities)• regulatory part is topic of Part 3• role of technology in legislation (transparency, privacy assurance, auditing)• political motivation for research funding is industrial and social innovation• citizen’s trust in government, social acceptance of ICT innovation, • how can government stimulate multi-disciplinarity (ambient law)

• Funding Agencies and Industry, part of political and institutional world

• EU research managers? Need political and societal (ethics/norms) arguments, and arguments of competitiveness and innovation• Member State research managers? local priorities in politics, industry, research• Industry? Focus on technology trends, product innovation and business models

• Researchers

In academia? (interesting research, good for publication)Research institutes (application research, what is needed in economy/society)In industry? (profitable innovation and product development)

DIGITRUST.EUTrust in the digital spaceBasic inputs

A research agenda must take account of developments in:

• Technology trends

• Industry requirements

• Regulatory environment and requirements

• Societal needs and stability

• Citizens’ needs and perceptions

DIGITRUST.EUTrust in the digital space

Terminology and LanguageThe trap of being logical and English?

NOTE: I just want to sketch the problems, not at all to give definitions,nor an exhaustive analysis of the terms discussed !!

DIGITRUST.EUTrust in the digital spaceTerminology - SECURITY

security is used in many contexts:• people: security and safety of people, physically and psychologically• states: national security, external relations, military defence• borders: in context of national security and protection of society (culture, economy)• entities: (infrastructures like electricity net; products like cars, planes; software and IT systems) avoid harm to property and life and protected against intrusion and abuse• data: protected against unintended observation, protection of integrity and theft

• Note the organisation in EU’s FP7:• The Theme Security, or the Security Programme• The part of the ICT programme: Trustworthy ICT in the Unit Trust and Security

• Note the language translation problem: • “security” and “safety” have only one translation in many languages FR: “securité”, DE: “Sicherheit”, NL: “veiligheid”. •Similar problems with other words.

Writing perfect English can lead to wrong understanding by people with other mother tongues. The context of a manifesto need to be introduced/explained.

DIGITRUST.EUTrust in the digital spaceTerminology - IDENTITY

For example 3 concepts (Davis)• Metaphysical identity (what are the essential qualities of a person that makes him unique)• Physical identity: the carrier in flesh and blood of all the roles and qualities• Epistemological identity (created by relations to institutions; or existing because of various practices connected to our culture, language, ...)

We can also talk about multiple (partial) identities, if we consider every creation of relation or existence of practice that together form the epistemological identity, as one (partial) identity.

An ID in a certain context is a particular set of credentials (attributes), called a partial ID

FIDIS distinguishes: • the structural perspective (ID as set of attributes) • process perspective (ID as set of processes of disclosure and usage of ID data; authentication)

DIGITRUST.EUTrust in the digital spaceTerminology - PRIVACY

Paul de Hert: “Privacy is about what is not covered by other civil liberties” It is about the balance of power: state vs citizen, multi-national vs consumerSeda Guerses: “Privacy cannot and should not be precisely defined – definition would kill it”

Allen considers: • physical privacy (seclusion, solitude); • informational privacy (confidentiality, secrecy, data protection and control over PI)• proprietary privacy (control over names, likeliness and repositories of PI)Or one could think of the three dimensions: spatial, relational, informational.

Approaches through: (1) Secrecy/anonymity; (2) Control/ID mgt; (3) Practices;

Nissenbaum developed a framework for privacy as “Contextual Integrity of Information”, emphasising the essential contextual and normative character of privacy.

Q: How to consider context and norm/cultural dependency in tech privacy systems?

Relation to Data Protection: • DP needed for privacy implementation, but not all personal data is privacy sensitive. • DP requests consent be “specific” thus introducing context; implementation weak /uneven

DIGITRUST.EUTrust in the digital spaceTerminology - CONFIDENCE

We can have confidence (some would call it trust!) in institutions, organizations, technology, to do what is expected to be done by them.

What is done can be negative and positive. We can be confident that viruses are harmful to our system. (But trust often has a positive connotation)

Hardin uses “confidence” in relation to institutions (he reserves “trust” for interpersonal relations).

But Fukuyama talks about “trust” in government, society (societal trust – which is a measure of citizen’s opinion).

And Cofta e.a. uses “trust” overall in Trust Guide, a project analysing the position of people with respect to reliance on or confidence in technology

DIGITRUST.EUTrust in the digital space

Terminology - TRUST

TRUST – a context-dependent (also culture, character or psychology-based) – relation between a truster and a trusted (often reserved for persons), where the truster expects the trusted to have a certain behaviour or acting

TRUSTWORTHINESS - is the quality of an entity (as believed by the truster) to behave in a certain way (One can trust an entity without the entity being trustworthy for others)

BUT: “trustworthy computing” has for many a very special meaning with reminiscences to Microsoft’s alleged attempt to get control over the (trustworthy) PC platform

Of course Trust (and Trustworthiness) have the same complicating factors with respect to capturing in technology as Privacy: Context and norm/culture dependency, ...Much has been said and written about Trust and its meaning in society.

Trust (confidence) is a basic condition for acceptance of technology, but from research done it is clear that people do not trust technology, but only the operators (organisations with procedures, transparency and well behaving persons)

DIGITRUST.EUTrust in the digital spaceTrust/Confidence in Technology

Confidence in technology is not in the first place a technological problem.

•Requires providers to be open and transparent about• How their organization works and processes data• What are the business objectives and where profit comes from• What protection can be given against abuse• What redress and damage management is foreseen

• Requires Government to develop effective and as much as possible technology neutral regulation/law

• which is effectively enforceable• takes account of speed of data transfer and technology development• takes account of globalization

• Must give users the feeling that• it is following their norms and expectations• they understand the general picture• they do understand dangers, vulnerabilities and possible abuse• they have a reasonable control over their lives

DIGITRUST.EUTrust in the digital spaceExample on Privacy - Social Networks

Choices to be madeComprehensive, focused, shopping list??

DIGITRUST.EUTrust in the digital spaceChoices to be made

Decisions are needed before we start writing, to avoid lengthy discussions at the end

1.How do we want to use all these terms, if at all?2.What type of entities do we include in the terminology (identity, privacy, trust only between persons, or wider, including technological entities)?3.How do we relate trust and identity to privacy? (I trust you if I know your ID? I will give up more of privacy if I trust more?).4.What terms do we use in relation to technology (trusted or trustworthy or something else)?I introduced in the ICT programme the term “Trustworthy ICT” defined as technology that is secure, reliable and resilient to attacks and operational failures; guaranteeing quality of service; protecting user data; ensuring privacy and providing usable and trusted tools to support the user in his security management. And measuring these qualities is part of this research.5.Can we talk about trusting a data-collector or data-processor and what would that mean? Should such organisation be compliant with Privacy and Data Protection law + Assures so through some certification + Proves practising it through transparency and audits, ....?

DIGITRUST.EUTrust in the digital space

Choices to be made – the language

• Audience are politicians, industry leaders, researchers• Audience likely European: beautiful and correct EN will sometimes more confuse than help (security/safety!)• Audience not all technical expert: avoid abstract and rigid use of language, as well as technical terms and acronyms

• When talking to laymen it is often better to use various words and points of view, as well as metaphors, to circumscribe issues, rather than talking clean logical language

• Research program language use to be vague and abstract to avoid strong prescription, errors and out-of-date things leave the creativity to the proposer (some years later !!)

DIGITRUST.EUTrust in the digital spaceChoices to be made – The Language

• People/politicians want to recognize their thinking and preaching and be able to integrate new ideas in their normal discourse

• Politicians do not change language easily once they have made their job period’s basic policy documents, so adapt to them if you want success

Enhance trust and security (Example from press release Neely Kroes on Digital Agenda)Europeans will not embrace technology they do not trust - they need to feel confident and safe online. A better coordinated European response to cyber-attacks and reinforced rules on personal data protection are part of the solution. Actions could also potentially oblige website operators to inform their users about security breaches affecting their personal data.

Online trust and securityidentity theft privacy concerns

cybercrime spam

cybercrime centre

computer emergency response teams

low trust = low use

Example: From Presentation of Neelie Kroes, EC Commissioner Digital Agenda

DIGITRUST.EUTrust in the digital spaceThe Time Frame

Examples of issues in a time frame

Short term - industrial innovation, product development• extension of current work on multiple ID and MDD, • user-centricity in data control (PET – privacy patching)• general data protection tools (not specific for the situation or sector)

Medium term – connect to the revision of the DP directive• Privacy by Design (technology, regulatory)• privacy assurance, certification• transparency, auditing

Longer term – research in academia and research institutes • Include dynamicity, diversity, contextual, cultural and normative essence of life• Ensure essential multi-disciplinarity in future research• personal, protected and trustworthy spaces for informational integrity• self-determination, also in profiling, targeted ads, …• Build a trusted environment that gives excitement and confidence

DIGITRUST.EUTrust in the digital spaceReferences

1. A. Allen (1998) Uneasy Access, Totowa, NJ, Rowman & Littlefield2. Russel Hardin (2002) Trust & Trustworthiness, Russel Sage Foundation, NY3. Helen Nissenbaum (2010) Privacy in Context: Technology, Policy and the Integrity

of Social Life, Stanford Univ Press4. Francis Fukuyama (1995) Trust: the social virtues and the creation of prosperity,

Free press, NY (Author from “The end of History”)5. Kieron O’Hara (2004) Trust: From Socrates to Spin, Icon Books, Cambridge

DIGITRUST.EUTrust in the digital spaceExample on Privacy - Social Networks