Seda Gürses, “Privacy is don’t ask, confidentiality is don’t tell” An empirical study of privacy definitions, assumptions and methods in computer science research and Robert Sprague and Nicole Barberis, An Ontology of Privacy Law Derived from Probabilistic Topic Modeling Applied to Scholarly Works Using Latent Dirichlet Allocation (joint workshop)

By privacylaw | Posted on

Seda Gürses, “Privacy is don’t ask, confidentiality is don’t tell” An empirical study of privacy definitions, assumptions and methods in computer science research and Robert Sprague and Nicole Barberis, An Ontology of Privacy Law Derived from Probabilistic Topic Modeling Applied to Scholarly Works Using Latent Dirichlet Allocation (joint workshop)

Comment by: Helen Nissenbaum

PLSC 2013

Workshop draft abstract:

Since the end of the 60s, computer scientists have  engaged in  research on  privacy and  information  systems.  Over the years, this research has led to a whole  palette  of “privacy solutions”.  These vary from design principles and  privacy  tools,  to the application of privacy enhancing techniques.  These solutions originate  from  diverse  sub-fields of computer  science,  e.g.,  security  engineering, databases,  software  engineering,  HCI,  and  artificial intelligence. From a bird’s  eye view, all of these  researchers are  studying  privacy. However,  a  closer  look  reveals that each  community  of researchers relies  on different,  sometimes  even conflicting, definitions of privacy, and  on a variety of social and  technical assumptions. At best, they are referring to different facets of privacy and,  at worst,  they  fail  to take  into  account  the diversity  of existing definitions  and  to integrate  knowledge  on  the phenomenon generated by  other  communities  (Gürses  and  Diaz,  2013).  Researchers do have  a tradition of assessing  the (implicit) definitions and assumptions that un- derlie the studies in their respective communities (Goldberg, 2002; Patil et al., 2006). However,  a systematic evaluation of privacy  research prac- tice across  the different computer science communities is so far absent. This  paper  contributes to closing this gap through an empirical study of privacy  research in computer  science.  The  focus of the paper  is on the different  notions  of privacy  that the 30 interviewed  privacy  researchers employ, as well as on the dominant worldviews that inform their practice. Through a qualitative analysis  of their responses  using grounded theory we consider  how the researchers framing  of privacy  affects  what  counts as “worthwhile problems” and  “acceptable  scientific  evidence”  in their studies  (Orlikowski and  Baroudi, 1991).  We  further analyze  how  these conceptions of the problem  prestructure the potential solutions to privacy in their  fields (Van  Der Ploeg,  2005).

 

We expect the results to be of interest beyond  the confines of computer science.  Previous studies  on how privacy  is conceived  and  addressed in practice have brought new perspectives to “privacy on the books” (Bamberger and Mulligan,  2010): users’ changing  articulations of privacy  in networked publics  (danah boyd,  2007), the evolution of privacy  as practiced by private organizations (Bamberger and Mulligan,  2010), the conceptualization of privacy  in legal practice (Solove,  2006), or the framing of privacy  in media  coverage  in different cultural contexts (Petrison and Wang,  1995). However,  few studies have turned their gaze on the re- searchers themselves with the objective of providing a critical reflection of the field (Smith et al., 2011). The  few studies that exist in computer science focus on artifacts produced by the researchers, e.g., publications, or provide  an  analysis  of the state-of-the-art written by insiders.  While these are valuable contributions, we expect the comparative and the empirical nature of our study  to provide  deep  and  holistic  insight  into privacy  research in computer science.

Kenneth A. Bamberger  and Deirdre  K. Mulligan.  Privacy  on the Books and on the Ground.  Stanford  Law Review,  63:247 – 316, 2010.

danah   boyd.    Why  Youth  (Heart) Social  Network  Sites:  The  Role  of  Net- worked  Publics   in  Teenage  Social  Life.    The  John  D.  and  Catherine   T. MacArthur Foundation  Series on Digital Media and Learning,  pages 119–142,

2007.   URL  http://www.mitpressjournals.org/doi/abs/10.1162/dmal.9780262524834.119.

Ian  Goldberg.   Privacy-enhancing technologies  for the Internet, II: Five  years later.  In Proc.  of PET 2002, LNCS 2482, pages 1–12. Springer,  2002.

Seda  Gu¨rses  and  Claudia  Diaz.   An activist  and  a consumer  meet  at  a social network …  IEEE  Security  and Privacy  (submitted), 2013.

Wanda  J. Orlikowski and Jack. J. Baroudi.  Studying Information Technology in Organizations: Research  Approaches  and Assumptions.  Information Systems Research,  2(1):1 – 28, 1991.

Sameer Patil,  Natalia  Romero, and John Karat. Privacy  and HCI: Methodologies for studying privacy issues. In CHI ’06 Extended  Abstracts  on Human  Factors in Computing  Systems, CHI EA ’06, pages 1719–1722, New York, NY, USA,

2006. ACM.  ISBN 1-59593-298-4. doi: 10.1145/1125451.1125771.  URL http://doi.acm.org/10.1145/1125451.1125771.

Lisa A. Petrison and Paul Wang.  Exploring  the dimensions of consumer privacy: an analysis of coverage in british and american  media.   Journal of Direct Marketing,  9(4):19–37, 1995.  ISSN 1522-7138.  doi: 10.1002/dir.4000090404. URL http://dx.doi.org/10.1002/dir.4000090404.

H.  Jeff Smith,  Tamara Dinev,  and  Heng  Xu.   Information Privacy  Research: An interdisciplinary review.  MIS  Quarterly,  35(4):989–1016, December  2011.

ISSN  0276-7783.        URL   http://dl.acm.org/citation.cfm?id=2208940.2208950.

Daniel  J. Solove.   A Taxonomy   of Privacy.    University   of  Pennsylvania  Law Review,  154(3), January 2006.

Irma  Van  Der Ploeg.  Keys  To Privacy.  Translations of “the privacy  problem” in Information Technologies, pages 15–36. Maastricht: Shaker,  2005.