Privacy and Sensor Networks: Do Sensor Networks fit with Fair Information Practices

1
Privacy and Sensor Networks Do Sensor Networks
fit with Fair Information Practices

• Deirdre K. Mulligan
• Acting Clinical Professor of Law
• Director, Samuelson Law, Technology
• Public Policy Clinic
• Boalt Hall
• http//www.samuelsonclinic.org

2
Privacy

• Legal protections for privacy have multiple roots
• Important norm individuals have own concepts of
  privacy can vary greatly between cultures
• Different things in different settings Know it
  when you lose it

3
Result Patchwork Privacy Protection

• Constitutional, statutory, common law, State,
  Federal
• Sectoral
• Focus on a business, a record keeper, a format
  (electronic v. paper oral v. visual electronic
  v. aural), a piece of information
• Multiple overlapping, sometimes difficult to
  reconcile rules AND inconsistencies - same
  practices receive different treatment

3
4
Thinking about privacy in Sensor NetworksFair
Information Practice Principles

• Basic framework of statutory protections in US
  and worldwide
• Collection Limitation
• Purpose specification
• Openness
• Consent
• Individual participation
• Data Quality
• Use Limitation
• Security
• Accountability

10
5
Thinking about Privacy in Sensor Networks
Statutory protections

• Limits on government intrusion --conversation
  between Court and Congress
• Title III (1968) restrictions on wiretapping
  and electronic surveillance (Katz Smith)
  (extended by ECPA 1986 and CALEA 1995 altered by
  Patriot Act 2001)
• Right to Financial Privacy (Miller)

7
6
Beliefs underlying privacy law

• Data collection is exception
• Public/private spaces distinct - personal will
  exist in private space
• Wall between private sector and government is
  thick
• Data collection is engaged in by limited set of
  corporate or commercial entities
• Communications are ephemeral distinction between
  content and other

• Regulatory patchwork notice and consent
• Protections weaken as information moves away from
  home/person out into network/third party storage
• Little regulation of government acquisition of
  personal information from private entities
• Regulatory framework focuses on specific record
  keepers rather than the protection of the
  information itself
• Protections for records related to individual
  maintained by third parties are weak

13
7
Sensor Networks

• The most profound technologies are those that
  disappear. They weave themselves into the fabric
  of everyday life until they are indistinguishable
  from it. M. Weiser, The computer for the 21st
  Century, 1991.
• In the future, interconnected devices will be so
  commonplace that "the internet" becomes
  invisible. Devices span from the so tiny that the
  computer disappears, to servers so large that
  storage limits vanish. It will be possible to
  track and relate everything... The Endeavour
  Expedition Charting the Fluid Information
  Utility

14
8
Existing privacy law is a poor fit for Sensor
Networks

• Data collection as norm
• Absence of cues that signal data collection
• Porous barriers between public and private spaces
• Everyone is a potential data collector
• New kinds of data sensed created, stored
• Increased ability to create patterns, knowledge
  out of seemingly unrevealing bits of data
• Ability to influence behavior/alter environment
  in realtime based on data that may not meet
  definitions of PII found in traditional data
  protection statutes
• Always on, broad accessibility

15
9
Big questions

• Given importance of whether tech is broadly
  available to public to question of 4th A
  reasonableness premium put on what kind of
  world technology gives us. Do we want a world
  with no privacy?
• Who should be responsible?
• How do we consider system design and policy
  issues in multi-use technology?

10
Challenges for system designers and policy makers

• How do you facilitate transparency and control
  where being unobtrusive is an explicit system
  goal?
• How do you evaluate privacy risks when you dont
  know who is accessing the information and to what
  else they may be privy?
• To what extent do you design around the
  weaknesses of the existing privacy law?
  (preference for client side storage? Destruction
  of data? Limits on certain kinds of collection?)

16
11
Key questions for business adoption

• What are the implications of these systems given
  the ability of private actors and governmental
  entities to access information? (privacy,
  business confidentiality, various sorts of
  litigation)
• Given limits of law, how to deploy? (Limit data
  collection purge quickly keep identification
  information separate from other forms of data)
• Need to fix the law?

17