From the course: Ethics and Law in Data Analytics

The evolution of privacy and technology

From the course: Ethics and Law in Data Analytics

The evolution of privacy and technology

- The relationship between privacy law and technology has been evolving since the 1970s. In both the US and Europe, the first generation of modern privacy and data protection laws grew out of the increased use of computers for information processing by governments and businesses. Harvard Law Professor Urs Gasser recently published an article which traces the history and opines about the future direction of this relationship. The laws of the 1970s were anchored in a set of fair information practices which are still arguably universally accepted as foundation principles to protect individual privacy rights. These five principles concern access to stored records, transparency of process, control options for individuals, and security. We see these original principles incorporated later in the 1990s with the widespread adoption of internet technology and the wave of legislation and regulations aimed at dealing with privacy concerns; and even more recently in more ambitious privacy codes and laws, such as the OECD's Privacy Guidelines at the international level, the General Data Protection Regulation in the European Union, and the proposed Consumer Privacy Bill of Rights in the US. Today, we are experiencing even more rapidly advancing technologies and applications, such as cloud computing, analytics, and AI. And as we know, there is just no way for law to keep the pace of development with technology. The law-technology tension theme is present in privacy with a capital P. But Professor Gasser has an intriguing proposal that reimagines the relationship between privacy law and technology. He uses the term privacy by design to describe an umbrella philosophy that promotes a means to manage privacy challenges from emerging technologies. This is a holistic privacy risk assessment model that relies on modeling approaches from information security and an understanding of privacy that is informed by multiple disciplines, including statistics, computer science, law, and social sciences. This privacy by design is a collaboration of law and technology. I have to agree with Professor Gasser when he says, and I quote, "Traditional legal approaches for protecting privacy "while transferring data, making data release decisions, "and drafting data-sharing agreements, "among other activities, are time intensive "and not readily scalable to big data context. "Technological approaches can be designed with compliance "with legal standards and practices in mind "in order to help automate data-sharing decisions "and ensure consistent privacy protections "at a massive scale." We have seen similar proposals for design solutions to legal and ethical issues in this course already. Privacy by design is a way for law and technology to have a mutually productive relationship. As Professor Gasser states, and again, I quote, "Taken together, the development of privacy tools "that aim to integrate legal and technical approaches "could help pave the way for a more strategic "and systematic way to conceptualize and orchestrate "the contemporary interplay between law and technology "in the field of information privacy."

Contents