Privacy Dependencies

This Article offers a comprehensive survey of privacy dependencies—the many ways that our privacy depends on the decisions and disclosures of other people. What we do and what we say can reveal as much about others as it does about ourselves, even when we don’t realize it or when we think we’re sharing information about ourselves alone. We identify three bases upon which our privacy can depend: our social ties, our similarities to others, and our differences from others. In a tie-based dependency, an observer learns about one person by virtue of her social relationships with others—family, friends, or other associates. In a similarity-based dependency, inferences about our unrevealed attributes are drawn from our similarities to others for whom that attribute is known. And in difference- based dependencies, revelations about ourselves demonstrate how we are different from others—by showing, for example, how we “break the mold” of normal behavior or establishing how we rank relative to others with respect to some desirable attribute. We elaborate how these dependencies operate, isolating the relevant mechanisms and providing concrete examples of each mechanism in practice, the values they implicate, and the legal and technical interventions that may be brought to bear on them. Our work adds to a growing chorus demonstrating that privacy is neither an individual choice nor an individual value— but it is the first to systematically demonstrate how different types of dependencies can raise very different normative concerns, implicate different areas of law, and create different challenges for regulation

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

The Law of Global Digitality

The Internet is not an unchartered territory. On the Internet, norms matter. They interact, regulate, are contested and legitimated by multiple actors. But are they diverse and unstructured, or are they part of a recognizable order? And if the latter, what does this order look like? This collected volume explores these key questions while providing new perspectives on the role of law in times of digitality. The book compares six different areas of law that have been particularly exposed to global digitality, namely laws regulating consumer contracts, data protection, the media, financial markets, criminal activity and intellectual property law. By comparing how these very different areas of law have evolved with regard to cross-border online situations, the book considers whether cyberlaw is little more than "the law of the horse", or whether the law of global digitality is indeed special and, if so, what its characteristics across various areas of law are. The book brings together legal academics with expertise in how law has both reacted to and shaped cross-border, global Internet communication and their contributions consider whether it is possible to identify a particular mediality of law in the digital age. Examining whether a global law of digitality has truly emerged, this book will appeal to academics, students and practitioners of law examining the future of the law of digitality as it intersects with traditional categories of law

Remix

This book is available as open access through the Bloomsbury Open Access programme and is available on www.bloomsburycollections.com. Lawrence Lessig, the reigning authority on intellectual property in the Internet age, spotlights the newest and possibly the most harmful culture war-a war waged against our children and others who create and consume art. Copyright laws have ceased to perform their original, beneficial role: protecting artists' creations while allowing them to build on previous creative works. In fact, our system now criminalises those very actions. By embracing "read-write culture," which allows its users to create art as readily as they consume it, we can ensure that creators get the support-artistic, commercial, and ethical-that they deserve and need. Indeed, we can already see glimmers of a new hybrid economy that combines the profit motives of traditional business with the "sharing economy" evident in such websites as Wikipedia and YouTube. The hybrid economy will become ever more prominent in every creative realm-from news to music-and Lessig shows how we can and should use it to benefit those who make and consume culture. Remix is an urgent, eloquent plea to end a war that harms our children and other intrepid creative users of new technologies. It also offers an inspiring vision of the post-war world where enormous opportunities await those who view art as a resource to be shared openly rather than a commodity to be hoarded

A study of EU data protection regulation and appropriate security for digital services and platforms

A law often has more than one purpose, more than one intention, and more than one interpretation. A meticulously formulated and context agnostic law text will still, when faced with a field propelled by intense innovation, eventually become obsolete. The European Data Protection Directive is a good example of such legislation. It may be argued that the technological modifications brought on by the EU General Data Protection Regulation (GDPR) are nominal in comparison to the previous Directive, but from a business perspective the changes are significant and important. The Directive’s lack of direct economic incentive for companies to protect personal data has changed with the Regulation, as companies may now have to pay severe fines for violating the legislation. The objective of the thesis is to establish the notion of trust as a key design goal for information systems handling personal data. This includes interpreting the EU legislation on data protection and using the interpretation as a foundation for further investigation. This interpretation is connected to the areas of analytics, security, and privacy concerns for intelligent service development. Finally, the centralised platform business model and its challenges is examined, and three main resolution themes for regulating platform privacy are proposed. The aims of the proposed resolutions are to create a more trustful relationship between providers and data subjects, while also improving the conditions for competition and thus providing data subjects with service alternatives. The thesis contributes new insights into the evolving privacy practices in the digital society at an important time of transition from the service driven business models to the platform business models. Firstly, privacy-related regulation and state of the art analytics development are examined to understand their implications for intelligent services that are based on automated processing and profiling. The ability to choose between providers of intelligent services is identified as the core challenge. Secondly, the thesis examines what is meant by appropriate security for systems that handle personal data, something the GDPR requires that organisations use without however specifying what can be considered appropriate. We propose a method for active network security in web software that is developed through the use of analytics for detection and by inserting data generators into a software installation. The active network security method is proposed as a framework for achieving compliance with the GDPR requirements for services and platforms to use appropriate security. Thirdly, the platform business model is considered from the privacy point of view and the implication of “processing silos” for intelligent services. The centralised platform model is considered problematic from both the data subject and from the competition standpoint. A resolution is offered for enabling user-initiated open data flow to counter the centralised “processing silos”, and thereby to facilitate the introduction of decentralised platforms. The thesis provides an interdisciplinary analysis considering the legal study (lex lata) and additionally the resolution (lex ferenda) is defined through argumentativist legal dogmatics and (de lege ferenda) of how the legal framework ought to be adapted to fit the described environment. User-friendly Legal Science is applied as a theory framework to provide a holistic approach to answering the research questions. The User-friendly Legal Science theory has its roots in design science and offers a way towards achieving interdisciplinary research in the fields of information systems and legal science

Ferocious Logics: Unmaking the Algorithm

Contemporary power manifests in the algorithmic. And yet this power seems incomprehensible: understood as code, it becomes apolitical; understood as a totality, it becomes overwhelming. This book takes an alternate approach, using it to unravel the operations of Uber and Palantir, Airbnb and Amazon Alexa. Moving off the whiteboard and into the world, the algorithmic must negotiate with frictions - the 'merely' technical routines of distributing data and running tasks coming together into broader social forces that shape subjectivities, steer bodies, and calibrate relationships. Driven by the imperatives of capital, the algorithmic exhausts subjects and spaces, a double move seeking to both exhaustively apprehend them and exhaust away their productivities. But these on-the-ground encounters also reveal that force is never guaranteed. The irreducibility of the world renders logic inadequate and control gives way to contingency