Privacy protection online I Surveillance MVV1368K Privacy and Personal Data František Kasl Image result for hal 1/28 Structure of the seminar •1) Essays –Basic info + readings •2) Topics –Surveillance then and now –Chilling effect –New surveillance •3) Slides –Title – Question – Discussion - Information 2 Essays - Topics •Essay Deadline: 30 October, 8:00 AM •approx. 10 500 - 16 000 characters long (+ footnotes) = 5-8 pages •For further essay requirements see interactive sylabus •Presentation day (only students with Presentation No. 1): 31 October – –Surveillance then and now: Development of the issue of state surveillance in the privacy context –Chilling effect: How lack of privacy affects the political freedom and social dissent –New surveillance: From pursuit of national security to erosion of privacy for commercial purposes • 3 Obligatory readings •These readings are the prerequisite for the understanding of the concept of surveillance and its historical development. –CLARKE, Roger. Introduction to Dataveillance and Information Privacy, and Definitions of Terms, 1997. Available at: http://www.rogerclarke.com/DV/Intro.html –MARX, Gary T. What’s new about the “new surveillance”?: Classifying for change and continuity, Knowledge, Technology & Policy. 2004, Vol. 17, No. 1, pp. 18–37. Available (through university computers) at: https://link.springer.com/article/10.1007%2FBF02687074 • 4 Voluntary readings •These readings provide additional insight into the challenges related to the conflict of surveillance and privacy. –STUART, Avelie; Mark Levine. Beyond ‘nothing to hide’: When identity is key to privacy threat under surveillance. European Journal of Social Psychology. 2017, Vol. 47, 694-707. Available (through university computers) at: https://onlinelibrary.wiley.com/doi/abs/10.1002/ejsp.2270 –MILAJ, Jonida. Privacy, surveillance, and the proportionality principle: The need for a method of assessing privacy implications of technologies used for surveillance, International Review of Law, Computers & Technology, 2016, Vol. 30, No. 3, pp. 115-130. Available (through university computers) at: https://www.tandfonline.com/doi/abs/10.1080/13600869.2015.1076993 –POSNER, Richard A. Privacy, Surveillance, and Law, The University of Chicago Law Review. 2008, Vol. 75, No. 1, pp. 245-260. Available (through university computers) at: https://www.jstor.org/stable/20141907?seq=1#page_scan_tab_contents –PENNEY, J. W. Chilling Effects: Online Surveillance and Wikipedia Use. Berkeley Technology Law Journal. 2016, Vol. 31, No. 1. Available (through university computers) at: https://heinonline.org/HOL/LandingPage?handle=hein.journals/berktech31&div=6&id=&page= –ZUBOFF, Shoshana. Big other: surveillance capitalism and the prospects of an information civilization. Journal of Information Technology. 2015, Vol. 30, No. 1, pp. 75-89. Available (through university computers) at: https://link.springer.com/article/10.1057/jit.2015.5 • 5 Additional readings •These readings provide broader context and up-to-date examples of situations, where privacy is being challenged by surveillance. –BUNIN, G. ‘We’re a people destroyed’: why Uighur Muslims across China are living in fear. The Guardian. 7. 8. 2018. Available at: https://www.theguardian.com/news/2018/aug/07/why-uighur-muslims-across-china-are-living-in-fear –SCHNEIER, Bruce. It's Not Just Facebook. Thousands of Companies are Spying on You. CNN. 2018. Available at: https://www.schneier.com/essays/archives/2018/03/its_not_just_faceboo.html –SCHNEIER, Bruce. Security vs. Surveillance. Don't Panic: Making Progress on the 'Going Dark' Debate. 2016. Available at: https://www.schneier.com/essays/archives/2016/02/security_vs_surveill.html –SCHNEIER, Bruce. The Era Of Automatic Facial Recognition And Surveillance Is Here. Forbes. 2015. Available at: https://www.schneier.com/essays/archives/2015/09/sep_29_2015_0930_am_.html –CLARKE, Roger. Risks Inherent in the Digital Surveillance Economy: A Research Agenda. 2017. Available at: http://www.rogerclarke.com/EC/DSE.html –CLARKE, Roger. Data Retention as Mass Surveillance: The Need for an Evaluative Framework. International Data Privacy Law, 2015, Vol. 5, No. 2, pp. 121-132. Also available at: http://www.rogerclarke.com/DV/DRPS.html . –CLARKE, Roger; Marcus WIGAN. You Are Where You've Been The Privacy Implications of Location and Tracking Technologies. Journal of Location Based Services, 2011, Vol. 5, No. 3-4, pp. 138-155. Also available at: http://www.rogerclarke.com/DV/YAWYB-CWP.html –CLARKE, Roger. From Dataveillance to Ueberveillance. 2013. Available at: http://www.rogerclarke.com/DV/DV13.html –SOLOVE, Daniel J.; Paul. M. SCHWARTZ. Privacy, Law Enforcement and National Security. 2014, Wolters Kluwer Law & Business, 978-1454861539, 233 p. –SCHNEIER, Bruce. Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World. 2016, W. W. Norton & Company, 978-0393352177, 448 p. • 6 Surveillance then and now Image result for secret agent 7 Quick recap: Privacy and why does it matter? •control over self-determination –freedom to choose one´s future – „freedom to make mistakes“ –expression and development of unique personality + social profile –control over one´s outside image – self-esteem/self-representation •personal data = data about an individual •private sphere = intimate / vulnerable / „true self“ •types of privacy – spatial x social x intellectual x informational •levels of privacy - solitude x intimacy x anonymity x reserve • •=> surveillance = attempts to profile for outside control = public – excessive behaviour / private – customer behaviour •data profile + data processing –control over profile => categorization => prediction („pre-crime“ / „minitrue“ / „what is not on the menu?“) –control over individual - capacity for discrimination / normalization / manipulation 8 pre-crime – minority report minitrue – ministry of truth - orwell Surveillance What does it mean? •„close observation, especially of a suspected person“ –Concise Oxford Dictionary • X •„systematic investigation or monitoring of the actions or communications of one or more persons“ –Roger Clarke, 1997 – X •„the use of technical means to extract or create personal data“ –New Surveillance – G.T.Marx 2004 9 Technology and surveillance New tools = less privacy? •surveillance = ever present part of social organisation – need for information / control •changes in form and content –tax surveillance –religious surveillance –political surveillance –policed society surveillance –work/market/medical surveillance •self-surveillance X outside surveillance •direct X indirect surveillance •New tools and techniques => new countermeasures = constant struggle –observation X closed door / eavesdropping X coded language / wiretapping X encryption 10 Big data and surveillance How did modern ICT change surveillance? •electronic communication = exponential increase in data = new information potential •Dataveillance –"systematic use of personal data systems in the investigation or monitoring of the actions or communications of one or more persons" •Roger Clarke, 1997 –significantly less expensive - can be automated => mass scale surveillance –wide range of techniques •Front- End Verification (transactions) •Computer Matching (big data combination) •Profiling (categorisation) •=> Data Trail = person´s informational tracks in cyberspace 11 Chilling effect Image result for orwell chilling effect 12 National security and state interests in surveillance For the greater good – justification of state surveillance? •surveillance in public interest –airport security / public places / counter-terorism / data retention / public health / social unrest •surveillance = tool –morality depends on the one who wields it •NSA PRISM (counterterorism surveillance program) •China - Xinjiang region – Uighur minority normalisation – X •Energy distribution efficiency – Smart grid •Enviromental monitoring •Optimisation of public services •Epidemiological disease monitoring • 13 Panopticon State´s watchful eye = good citizens? •Panopticon prison as "a mill for grinding rogues honest" –Jeremy Bentham (1748-1832) •you never know, if someone is not watching –mass surveillance –omnipresent surveillance in public places –monitoring of employees through ICT –surveillance through private online activities •impact on behaviour = chilling effect –social conformity = normalisation / preemptive self-regulation / supression of individuality / no space to revolt 14 Mass surveillance and data retention Wider net = better catch? •targeted surveillance – wiretapping / observation –criminal procedure – court order – limited to suspect •X •mass surveillance - data retention tools –systematic use of personal data systems in the investigation or monitoring of the actions or communications of groups of people. –Non-discriminatory retention of data –Preventive = not based on suspicion/investigation –Full-scope = collect first – sort out later –Evidence into the past = continuous process 15 Data retention vs. Privacy How to find the balance? •Data retention = panopticon of public surveillance –combating terrorism x orwellian society •Surveillance slack = differentiation between potential of the tool and its actual use –consideration of practical limits = budget / manpower / focus / priorities... •legal challenges to data retention through protection of privacy –retention by providers + access by criminal investigation units –need for proportionality = effective tools + minimal intrusion –Data Retention Directive 2006/24/EC – invalidated 2014 •CJEU 2014 – case Digital Rights Ireland - C-293/12 •CJEU 2016 – case Tele2 Sverige - C-203/15 •National constitutional courts => modified data retention approach –retention within limits justifiable by service provider interests (technical/billing) –access limited by court order / surpervision + list of criminal offences 16 Legal framework for surveillance Public oversight through transparency vs. enforcement efficiency? •Standard surveillance = e.g. security check on airport •X •Hidden surveillance = secret services/national security agencies X whistleblowers • •European legal framework –complex / state specific – conflicting interests •Explanatory example –ECHR case of Big Brother Watch v. UK (Applications nos. 58170/13, 62322/14 and 24960/15) - 13 September 2018 (212) pages 17 Surveillance in the workplace Employer´s assets vs. Employee´s privacy? •justifiable interest X appropriate means •Grand Chamber judgment - Bărbulescu v. Romania (application no. 61496/08) - 2017 –proportionality criteria •i) preceding notification about monitoring •ii) adequate limitation of scope •iii) legitimate interest •iv) level of intrusion in private sphere •v) capacity to achieve the goal •vi) adequate guarantees for employees interests and rights 18 New surveillance https://www.vapulus.com/wp-content/uploads/2018/03/https-_blogs-images.forbes.com_jaysondemers_file s_2014_08_social-media-marketing.png 19 Surveillance capitalism Do you like the likes? •Freemium business model –profit seeking + information asymetry + unclear value of personal data •Early internet = encouraged model – infant industry protection –X current situation changed – „puppy“ => „beast“ •New challenges –omnipresence = big data = profiling –informational bubble effect = polarization and fragmentation –manipulative power = marketing x fake news x propaganda –increasing importance of individuals virtual identities => •abuse of the tools = hate speech / cybercrime / cyberstalking / identity theft •modification of personal perception = self-identification with virtual profile => impact on personality development – habits, opinions, preferences, choices •New tool of social control –China/Tencent – Social credit system => reward system for „good citizens“ 20 Belly of the big data beast How does the freemium business model generate profit? •Metadata => profiling => targeted advertisement •„Half the money I spend on advertising is wasted; the trouble is I don't know which half.“ –John Wanamaker (1838-1922) •Indirect payment for the services = illusion of „free“ –Just access to internet? Income inequality x we all „are data“ •Complex system = big data – max. revenue from available information –Invisible infrastructure = trackers and cookies –Algorithmic marketing tools = profiling + real time bidding • 21 The magic that makes it work • Image result for cookies http 22 • Related image 23 • C:\DATA\2018-1-29-Marketing-Technology-LUMAscape-1024x768.png 24 Regulation of cookies How to tame the cookie monster? •ePrivacy directive = transparency –informed consent – opt in (X Czech opt-out) –right to refuse –cookie policy - data minimisation + privacy by design •X regulatory gap behind technology –new forms of cookies •zombie cookies / flash cookies / ever cookies •Proposal of ePrivacy Regulation 25 Platforms and illicit content Private censorship vs. protection from „info-pollution“? •ISP liability – eCommerce directive –notice and action –no obligatory general monitoring of content –terms and conditions –supranational entities - conflicting obligations •privacy vs. surveillance (EU vs. US laws) •terorist propaganda, hate speech, fake news –legal tools X state enforcement in cyberspace –technical tools X enforcement through private entities •cooperation in criminal matters – access to data •notice-and-action framework = delegated enforcement –adjudication of content through private entity X court remedy available –urgent issue = search for least imperfect tool that is effective • 26 Future of surveillance – Smart everything New tools = less privacy - ver. 2.0? •internet of things / smart city / ambient intelligence –ubiquity – „nowhere to hide“ •new countermeasures = privacy as commodity –ambience – „everyday surveillance“ •new social standard = change in the concept of privacy? –automated profiling – „you are your data“ •individualisation of offer (services, goods) and opportunity (actions, decisions, rights) –enhanced reality – merger of the real and virtual identity •creation of new social gap? freedom on the fringes of society? •dystopian scenarios (cyberpunk) x solution to everything –past as guidance X certain aspects enhanced by new tech reality 27 Thank you for your attention! Questions? Ideas? Answers? Looking forward to your essays! 28 Související obrázek