際際滷

際際滷Share a Scribd company logo

A Privacy Framework for Social Machines

Download as PPTX, PDF
Ulrik Lyngs
Ulrik Lyngs

This document proposes a 7-level privacy framework for analyzing social machines. Level 1 examines conceptions of privacy like personal data, anonymity, and location. Level 2 looks at if there are factual breaches of privacy. Level 3 considers people's phenomenological experiences. Level 4 addresses user preferences. Level 5 analyzes social norms. Level 6 deals with applicable laws and regulations. Level 7 involves questions of politics and morality. The framework is meant to help make sense of the complexity around privacy, separate different privacy issues, and guide the management of privacy for social machines by analyzing them through these seven levels. It examines example social machines like SOCIAM across the different levels of the framework.

1 of 16
Download to read offline
A Privacy Framework for Social Machines Kieron OHara
Motivation 1: A Concept in Disarray Any attempt to locate a common denominator for all the manifold things that fall under the rubric of privacy faces an onerous choice. A common denominator broad enough to encompass nearly everything involving privacy risks being overinclusive or too vague. A narrower common denominator risks being too restrictive. Solove, Understanding Privacy 2
Motivation 2: Social Machines Are All Shapes and Sizes
Taming Complexity Principles for a framework to make sense of the disarray Separate out loose hierarchy of privacy discourses Help defuse and organise privacy debates Help manage privacy issues for SMs Separate out: Values/ethics Legal issues Cybersecurity
Level 1: Conception What conceptions of privacy are relevant to the social machine? Does it deal with personal data? Does it use names/pseudonyms/anonymity? Location? Non-digital aspects (e.g. F2F)? 5
Level 2: Actuality Is there a breach of each conception of privacy? A matter of fact & measurement It does NOT mean Have my rights been breached? Has the law been broken? Have my interests been harmed? Have I noticed anything untoward? Has anything happened that I care about? Cybersecurity/implementation 6
What does the breach/non-breach feel like? Shame, outrage, creepiness, pride Do I even notice? Little work at this level Level 3: Phenomenology 7
8
Level 4: Preferences What do I want? When do I want visibility to the SM? When do I want to be concealed? What do others want of me? What exposure to others do I want? Idiosyncrasy rules Control, consent, privacy markets 9
Level 5: Norms Regularities, conventions, expectations Variations across culture, classes What do participants expect of an SM? How do norms carry over into SMs? Relation to other norms Can be used to derive rules 10 https://wordspictureshumor.wordpress.com/2013/03/06/blind-humor/
Level 6: Law & Regulation Privacy is not a legal concept! Unlike data protection Regulated but not created by law Organisational rules Privacy law What does the state/the organisation constrain? 11
Level 7: Politics & Morality What is right/wrong? Value Political effects Democracy (Westin) Security (Etzioni) Autonomy of the citizen (R旦ssler) Social interests outside the SM 12 https://popularresistance.org/developing-a-people-centered-security-culture/
Questions for Social Machines 1: What conceptions of privacy are implicated? 2: Is privacy protected? 3: Does the design convey (lack of) protection? 4: How do participants exert control? 5: What are participants expectations? 6: Who is accountable for data breach? 7: What is the value of the SM?
SOCIAM Across the Levels 1: group privacy 2: privacy-preserving ML, ethical data initiative, transparency/output 3: transparency/awareness 4: transparency/recommendations (e.g. X- ray Refine), PDSs, data terms of use 5: privacy of childrens data 6: web observatory rules 7: ethics
Across the Levels Data Safe Havens 7: Public good: medical research v privacy 6: What sharing can we legally do? 6: What organisational rules do data controllers have? 6: What protocols can we craft to govern a federation of organisations? 5: Need to preserve public confidence in medical data sharing 4: (Future work:) machine-readable data terms of use 2: Automation of experiment design
Conclusion 7-level privacy framework Disentangle separate issues in debate Organisational principle for SM management Loose hierarchy of discourses/issues to resolve

More Related Content

A Privacy Framework for Social Machines

  • 1. A Privacy Framework for Social Machines Kieron OHara
  • 2. Motivation 1: A Concept in Disarray Any attempt to locate a common denominator for all the manifold things that fall under the rubric of privacy faces an onerous choice. A common denominator broad enough to encompass nearly everything involving privacy risks being overinclusive or too vague. A narrower common denominator risks being too restrictive. Solove, Understanding Privacy 2
  • 3. Motivation 2: Social Machines Are All Shapes and Sizes
  • 4. Taming Complexity Principles for a framework to make sense of the disarray Separate out loose hierarchy of privacy discourses Help defuse and organise privacy debates Help manage privacy issues for SMs Separate out: Values/ethics Legal issues Cybersecurity
  • 5. Level 1: Conception What conceptions of privacy are relevant to the social machine? Does it deal with personal data? Does it use names/pseudonyms/anonymity? Location? Non-digital aspects (e.g. F2F)? 5
  • 6. Level 2: Actuality Is there a breach of each conception of privacy? A matter of fact & measurement It does NOT mean Have my rights been breached? Has the law been broken? Have my interests been harmed? Have I noticed anything untoward? Has anything happened that I care about? Cybersecurity/implementation 6
  • 7. What does the breach/non-breach feel like? Shame, outrage, creepiness, pride Do I even notice? Little work at this level Level 3: Phenomenology 7
  • 8. 8
  • 9. Level 4: Preferences What do I want? When do I want visibility to the SM? When do I want to be concealed? What do others want of me? What exposure to others do I want? Idiosyncrasy rules Control, consent, privacy markets 9
  • 10. Level 5: Norms Regularities, conventions, expectations Variations across culture, classes What do participants expect of an SM? How do norms carry over into SMs? Relation to other norms Can be used to derive rules 10 https://wordspictureshumor.wordpress.com/2013/03/06/blind-humor/
  • 11. Level 6: Law & Regulation Privacy is not a legal concept! Unlike data protection Regulated but not created by law Organisational rules Privacy law What does the state/the organisation constrain? 11
  • 12. Level 7: Politics & Morality What is right/wrong? Value Political effects Democracy (Westin) Security (Etzioni) Autonomy of the citizen (R旦ssler) Social interests outside the SM 12 https://popularresistance.org/developing-a-people-centered-security-culture/
  • 13. Questions for Social Machines 1: What conceptions of privacy are implicated? 2: Is privacy protected? 3: Does the design convey (lack of) protection? 4: How do participants exert control? 5: What are participants expectations? 6: Who is accountable for data breach? 7: What is the value of the SM?
  • 14. SOCIAM Across the Levels 1: group privacy 2: privacy-preserving ML, ethical data initiative, transparency/output 3: transparency/awareness 4: transparency/recommendations (e.g. X- ray Refine), PDSs, data terms of use 5: privacy of childrens data 6: web observatory rules 7: ethics
  • 15. Across the Levels Data Safe Havens 7: Public good: medical research v privacy 6: What sharing can we legally do? 6: What organisational rules do data controllers have? 6: What protocols can we craft to govern a federation of organisations? 5: Need to preserve public confidence in medical data sharing 4: (Future work:) machine-readable data terms of use 2: Automation of experiment design
  • 16. Conclusion 7-level privacy framework Disentangle separate issues in debate Organisational principle for SM management Loose hierarchy of discourses/issues to resolve