Big Data and Insurance Symposium

This Article reproduces the keynote address delivered by Connecticut Attorney General George Jepsen at the University of Connecticut School of Law’s Spring 2014 Big Data and Insurance Symposium. In his address, Attorney General Jepsen describes the opportunities and challenges associated with the use of big data technologies. He stresses the need to consider personal privacy concerns at every step of the data collection and analysis processes. Moreover, he argues that self-policing is not enough and that it is vital for the government to play a role in defining and enforcing individual privacy protections. Attorney General Jepsen concludes by calling for regulators and industry to remember that they share the common goal of achieving an effective balance between protecting personal privacy and promoting the use of big data to create new business opportunities and more efficient service delivery

Implementing Privacy Policy: Who Should Do What?

Academic scholarship on privacy has focused on the substantive rules and policies governing the protection of personal data. An extensive literature has debated alternative approaches for defining how private and public institutions can collect and use information about individuals. But, the attention given to the what of U.S. privacy regulation has overshadowed consideration of how and by whom privacy policy should be formulated and implemented. U.S. privacy policy is an amalgam of activity by a myriad of federal, state, and local government agencies. But, the quality of substantive privacy law depends greatly on which agency or agencies are running the show. Unfortunately, such implementation-related matters have been discounted or ignored— with the clear implication that they only need to be addressed after the “real” work of developing substantive privacy rules is completed. As things stand, the development and implementation of U.S. privacy policy is compromised by the murky allocation of responsibilities and authority among federal, state, and local governmental entities—compounded by the inevitable tensions associated with the large number of entities that are active in this regulatory space. These deficiencies have had major adverse consequences, both domestically and internationally. Without substantial upgrades of institutions and infrastructure, privacy law and policy will continue to fall short of what it could (and should) achieve

Predicted Adoption Rates of Contact Tracing App Configurations - Insights from a choice-based conjoint study with a representative sample of the UK population

Widespread adoption of a contact tracing app by the UK public is an important part of safely easing or lifting the lockdown. In this context, it is essential to understand how adoption rates are influenced by different configurations of a proposed contact tracing app. There are many implementation options that can impact app adoption. For example, which institution should be responsible for and have oversight of the app? What type of data is collected? Does it matter how long it is stored? This whitepaper provides data-driven insights into these and other questions to guide app implementation choices

Literature Overview - Privacy in Online Social Networks

In recent years, Online Social Networks (OSNs) have become an important\ud part of daily life for many. Users build explicit networks to represent their\ud social relationships, either existing or new. Users also often upload and share a plethora of information related to their personal lives. The potential privacy risks of such behavior are often underestimated or ignored. For example, users often disclose personal information to a larger audience than intended. Users may even post information about others without their consent. A lack of experience and awareness in users, as well as proper tools and design of the OSNs, perpetuate the situation. This paper aims to provide insight into such privacy issues and looks at OSNs, their associated privacy risks, and existing research into solutions. The final goal is to help identify the research directions for the Kindred Spirits project

Privacy, Ideology, and Technology: A Response to Jeffrey Rosen

This essay reviews Jeffrey Rosen’s The Unwanted Gaze: The Destruction of Privacy in America (2000). Rosen offers a compelling (and often hair-raising) account of the pervasive dissolution of the boundary between public and private information. This dissolution is both legal and social; neither the law nor any other social institution seems to recognize many limits on the sorts of information that can be subjected to public scrutiny. The book also provides a rich, evocative characterization of the dignitary harms caused by privacy invasion. Rosen’s description of the sheer unfairness of being “judged out of context” rings instantly true. Privacy, Rosen concludes, is indispensable to human well-being and is at risk of being destroyed unless we act fast. The book is far less convincing, however, when it moves beyond description and attempts to identify the causes of the destruction of privacy and propose solutions. Why is privacy under siege today? The incidents that Rosen chooses as illustrations both reveal and obscure. From Monica Lewinsky’s unsent, deleted e-mails to the private online activities of corporate employees and the Dean of the Harvard Divinity School, the examples offer a rich stew of technology, corporate mind control, public scapegoating, and political intrigue. But for the most part, Rosen seems to think that it is sex that is primarily to blame for these developments—though how, exactly, Rosen cannot seem to decide. He suggests, variously, that we seek private information out of prurient fascination with other people’s intimate behavior, or to enforce upon others authoritarian notions of “correct” interpersonal behavior, or to inform moral judgments about others based on a hasty and ill-conceived equivalence between the personal and the political. Or perhaps Rosen is simply upset about the loss of privacy for a specific sort of (sexual or intimate) behavior, whatever the origin of society’s impulse to pry. Yet there are puzzling anomalies in Rosen’s account. Most notably, appended to Rosen’s excavation of recent sex-related privacy invasions is a chapter on privacy in cyberspace. This chapter sits uneasily in relation to the rest of the book. Its focus is not confined to sex-related privacy, and Rosen does not explain how the more varied information-gathering activities chronicled there bear on his earlier analysis. Rosen acknowledges as much and offers, instead, the explanation that intimate privacy and cyberspace privacy are simply two examples of the same problem: the risk of being judged out of context in a world of short attention spans, and the harms to dignity that follow. This explanation seems far too simple, and more than a bit circular. Why this rush to judge others out of context? Necessity is one answer—if attention spans are limited, we cannot avoid making decisions based on incomplete information—but where does the necessity to judge come from? And what do computers and digital networking technologies—factors that recur not only in the chapter on cyberspace privacy, but also in most of Rosen’s other examples—have to do with it? This Review Essay argues, first, that the use of personal information to sort and classify individuals is inextricably bound up with the fabric of our political economy. As Part II explains, the unfettered use of “true” information to predict risk and minimize uncertainty is a hallmark of the liberal state and its constituent economic and political markets. Not sex, but money, and more broadly an ideology about the predictive power of isolated facts, generate the perceived necessity to judge individuals based on incomplete profiles. The harms of this rush to judgment—harms not only to dignity, but also to economic welfare and more fundamentally to individual autonomy—may undermine liberal individualism (as Rosen argues), but they are products of it as well. Part III argues, further, that the problem of vanishing informational privacy in digital networked environments is not sui generis, but rather is central to understanding the destruction of privacy more generally. This is not simply because new technologies reduce the costs of collecting, exchanging, and processing the traditional sorts of consumer information. The profit-driven search for personal information via digital networks is also catalyzing an erosion of the privacy that individuals have customarily enjoyed in their homes, their private papers, and even their thoughts. This process is transforming not only the way we experience privacy, but also the way we understand it. Privacy is becoming not only harder to protect, but also harder to justify protecting. Part IV concludes that shifting these mutually reinforcing ideological and technological vectors will require more drastic intervention than Rosen suggests

Four Facets of Privacy and Intellectual Freedom in Licensing Contracts for Electronic Journals

This is a study of the treatment of library patron privacy in licenses for electronic journals in academic libraries. We begin by distinguishing four facets of privacy and intellectual freedom based on the LIS and philosophical literature. Next, we perform a content analysis of 42 license agreements for electronic journals, focusing on terms for enforcing authorized use and collection and sharing of user data. We compare our findings to model licenses, to recommendations proposed in a recent treatise on licenses, and to our account of the four facets of intellectual freedom. We find important conflicts with each