Colin J. Bennett & Deirdre K. Mulligan, Privacy on the Ground Through Codes of Conduct: Lessons from Canada
Comment by: Robert Gellman
Published version available here: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2230369
Workshop draft abstract:
Privacy codes of practice have extensive histories in a number of countries outside the United States. At various times they have been adopted to anticipate privacy legislation, to supplement privacy legislation, to pre-empt privacy legislation and to implement privacy legislation. This paper draws upon international experiences and interviews with chief privacy officers to offer important lessons for American policy-makers about how codes of practice might best encourage privacy protection “on the ground.”
Despite obvious differences, the Canadian policy experience may be especially instructive. Private sector regulation was originally based on a bottom-up approach, through which legislation (the Personal Information Protection and Electronic Documents Act of 2000) was based on a voluntarily negotiated standard through the Canadian Standards Association (CSA). This in turn was based on existing sectoral codes of practice, of the kind envisaged by the US Department of Commerce. What has been the experience over the last decade? What useful lessons can be drawn for US policy? What are the economic, technological, legal and social conditions under which codes of practice might promote better privacy protection?
Colin J. Bennett: In Defense of Privacy: The Concept and the Regime
Comment by: Michael Froomkin
Workshop draft abstract:
For many years those scholars interested in the nature and effects of “surveillance” have been generally critical of “privacy” as a concept, as a way to frame the political and social issues, and as a regime of governance. “Privacy” and all that it entails is considered too narrow, too based on liberal assumptions about subjectivity, too implicated in rights-based theory and discourse, insufficiently sensitive to the discriminatory aspects of surveillance, culturally relative, overly embroiled in spatial metaphors about “invasion” and “intrusion,” and ultimately practically ineffective.
On closer examination, however, I suggest that the critiques of privacy are quite diverse, and often based on some faulty assumptions about the contemporary framing of the privacy issue, and about the implementation of privacy protection policy. Some critiques are pitched at a conceptual level; others focus on practice. There is a good deal of overstatement, and a certain extent to which “straw men” are constructed for later demolition.
The aim of this paper is to disentangle the various critiques and to subject each to a critical analysis. Despite the fact that nobody can supply a precise and commonly accepted definition, privacy maintains an enormous popular appeal, in the English-speaking world and beyond. It attaches to a huge array of policy questions, to a sprawling policy community, to a transnational advocacy network, to an academic literature and to a host of polemical and journalistic commentary. Furthermore, its meaning has gradually changed to embrace a more collective understanding of the broader set of social problems. The broader critique from surveillance scholars tends to be insensitive to these conceptual developments, as well as to what members of the policy community actually do.
Kenneth Farrall, Production or Collection? Towards an Alternate Framing of the Problem of Information Privacy
Comment by: Colin Bennett
Workshop draft abstract:
Bennett (2008) recently demonstrated that for privacy advocates to be effective in resisting the growth of surveillance systems in the 21st century, framing, or the specific language constructs used to articulate a social problem, is a crucial determinant of success or failure. This paper explores the benefits of framing the problem of digital dossiers (Solove, 2004) not in terms of the “collection and use” of personal data, but in terms of their production. Drawing on the theoretical tradition of the “social construction of reality” (Berger & Luckmann, 1966) and Foucault’s (1974) early work on discursive formations, the paper takes the position that personal information does not simply exist “out there” but is always first produced. Latour & Woolgar (1986), for example, have shown that seemingly objective scientific facts are not discovered but are in fact thoroughly constituted by the material setting of the laboratory. Similarly, the totality of personally identifiable information (PII) comprising an individual dossier is always produced within, and is ultimately contingent upon, specific social, institutional, and technological contexts. Dossier information is not merely an abstract, formless reduction of uncertainty, but an object of discourse with a specific material embodiment — a pattern of ink on parchment or an electromagnetic disturbance on the surface of a metal disk—that may or may not manifest at a specific space-time location.
Using data from government documents, NGO reports, investigative journalism and extant academic research, the paper explores distinct moments of production within historical and contemporary dossier systems in China and the United States, including the production of paper-based, highly localized “dangan” (dossiers) in mid 80s China and the accelerating production of Suspicious Activity Reports (SARs) within the United States today. Drawing from these and other examples, the paper will identify key factors – legal, economic, technological – driving the production of PII and explore emerging strategies of resistance.