Archives

Colin J. Bennett & Deirdre K. Mulligan, Privacy on the Ground Through Codes of Conduct: Lessons from Canada

By privacylaw | Posted on

Colin J. Bennett & Deirdre K. Mulligan, Privacy on the Ground Through Codes of Conduct: Lessons from Canada

Comment by: Robert Gellman

PLSC 2012

Published version available here: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2230369

Workshop draft abstract:

The recent White Paper on privacy from the U.S. Department of Commerce encourages “the development of voluntary, enforceable privacy codes of conduct in specific industries through the collaborative efforts of multi-stakeholder groups, the Federal Trade Commission, and a Privacy Policy Office within the Department of Commerce.”   The policy envisages a coordination of multi-stakeholder groups through a new Privacy Policy Office which would work with the FTC “to develop voluntary but enforceable codes of conduct…Compliance with such a code would serve as a safe harbor for companies facing certain complaints about their privacy practices.”

Privacy codes of practice have extensive histories in a number of countries outside the United States.  At various times they have been adopted to anticipate privacy legislation, to supplement privacy legislation, to pre-empt privacy legislation and to implement privacy legislation. This paper draws upon international experiences and interviews with chief privacy officers to offer important lessons for American policy-makers about how codes of practice might best encourage privacy protection “on the ground.”

Despite obvious differences, the Canadian policy experience may be especially instructive.  Private sector regulation was originally based on a bottom-up approach, through which legislation (the Personal Information Protection and Electronic Documents Act of 2000) was based on a voluntarily negotiated standard through the Canadian Standards Association (CSA).  This in turn was based on existing sectoral codes of practice, of the kind envisaged by the US Department of Commerce.   What has been the experience over the last decade?   What useful lessons can be drawn for US policy?   What are the economic, technological, legal and social conditions under which codes of practice might promote better privacy protection?

 

Colin J. Bennett: In Defense of Privacy: The Concept and the Regime

By privacylaw | Posted on

Colin J. Bennett: In Defense of Privacy: The Concept and the Regime

Comment by: Michael Froomkin

PLSC 2011

Workshop draft abstract:

For many years those scholars interested in the nature and effects of “surveillance” have been generally critical of “privacy” as a concept, as a way to frame the political and social issues, and as a regime of governance. “Privacy” and all that it entails is considered too narrow, too based on liberal assumptions about subjectivity, too implicated in rights-based theory and discourse, insufficiently sensitive to the discriminatory aspects of surveillance, culturally relative, overly embroiled in spatial metaphors about “invasion” and “intrusion,” and ultimately practically ineffective.

On closer examination, however, I suggest that the critiques of privacy are quite diverse, and often based on some faulty assumptions about the contemporary framing of the privacy issue, and about the implementation of privacy protection policy.  Some critiques are pitched at a conceptual level; others focus on practice.  There is a good deal of overstatement, and a certain extent to which “straw men” are constructed for later demolition.

The aim of this paper is to disentangle the various critiques and to subject each to a critical analysis. Despite the fact that nobody can supply a precise and commonly accepted definition, privacy maintains an enormous popular appeal, in the English-speaking world and beyond.  It attaches to a huge array of policy questions, to a sprawling policy community, to a transnational advocacy network, to an academic literature and to a host of polemical and journalistic commentary.  Furthermore, its meaning has gradually changed to embrace a more collective understanding of the broader set of social problems. The broader critique from surveillance scholars tends to be insensitive to these conceptual developments, as well as to what members of the policy community actually do.

Kenneth Farrall, Production or Collection? Towards an Alternate Framing of the Problem of Information Privacy

By privacylaw | Posted on

Kenneth Farrall, Production or Collection? Towards an Alternate Framing of the Problem of Information Privacy

Comment by: Colin Bennett

PLSC 2009

Workshop draft abstract:

Bennett (2008) recently demonstrated that for privacy advocates to be effective in resisting the growth of surveillance systems in the 21st century, framing, or the specific language constructs used to articulate a social problem, is a crucial determinant of success or failure. This paper explores the benefits of framing the problem of digital dossiers (Solove, 2004) not in terms of the “collection and use” of personal data, but in terms of their production. Drawing on the theoretical tradition of the “social construction of reality” (Berger & Luckmann, 1966) and Foucault’s (1974) early work on discursive formations, the paper takes the position that personal information does not simply exist “out there” but is always first produced.  Latour & Woolgar (1986), for example, have shown that seemingly objective scientific facts are not discovered but are in fact thoroughly constituted by the material setting of the laboratory. Similarly, the totality of personally identifiable information (PII) comprising an individual dossier is always produced within, and is ultimately contingent upon, specific social, institutional, and technological contexts. Dossier information is not merely an abstract, formless reduction of uncertainty, but an object of discourse with a specific material embodiment — a pattern of ink on parchment or an electromagnetic disturbance on the surface of a metal disk—that may or may not manifest at a specific space-time location.

Using data from government documents, NGO reports, investigative journalism and extant academic research, the paper explores  distinct moments of production within historical and contemporary dossier systems in China and the United States, including the production of paper-based, highly localized “dangan” (dossiers) in mid 80s China and the accelerating production of Suspicious Activity Reports (SARs) within the United States today. Drawing from these and other examples, the paper will identify key factors – legal, economic, technological – driving the production of PII and explore emerging strategies of resistance.