Lex Informatica: The Formulation of Information Policy Rules through Technology

Historically, law and government regulation have established default rules for information policy, including constitutional rules on freedom of expression and statutory rights of ownership of information. This Article will show that for network environments and the Information Society, however, law and government regulation are not the only source of rule-making. Technological capabilities and system design choices impose rules on participants. The creation and implementation of information policy are embedded in network designs and standards as well as in system configurations. Even user preferences and technical choices create overarching, local default rules. This Article argues, in essence, that the set of rules for information flows imposed by technology and communication networks form a “Lex Informatica” that policymakers must understand, consciously recognize, and encourage

Protecting Information Privacy

This report for the Equality and Human Rights Commission (the Commission) examines the threats to information privacy that have emerged in recent years, focusing on the activities of the state. It argues that current privacy laws and regulation do not adequately uphold human rights, and that fundamental reform is required. It identifies two principal areas of concern: the state’s handling of personal data, and the use of surveillance by public bodies. The central finding of this report is that the existing approach to the protection of information privacy in the UK is fundamentally flawed, and that there is a pressing need for widespread legislative reform in order to ensure that the rights contained in Article 8 are respected. The report argues for the establishment of a number of key ‘privacy principles’ that can be used to guide future legal reforms and the development of sector-specific regulation. The right to privacy is at risk of being eroded by the growing demand for information by government and the private sector. Unless we start to reform the law and build a regulatory system capable of protecting information privacy, we may soon find that it is a thing of the past

A Theory of Transactions Privacy

In this paper, we consider the costs and benefits of transactions privacy. In the environment we consider, privacy is the concealment of potentially useful information, but concealment also potentially bestows benefits. In some versions of the environment, the standard Coasian logic applies: given an unambiguous initial assignment of rights and sufficient flexibility in contracting, efficiency in information revelation with result. Coasian bargaining may be impeded, however, by either an inability to make certain commitments or by the presence of significant investments that must be made before the transaction occurs. In such cases, initial assignments of rights (for example, privacy laws) can have consequences for efficiency.

Empirical Study of Privacy Issues Among Social Networking Sites.

Social media networks are increasing their types of services and the numbers of users are rapidly growing. However, online consumers have expressed concerns about their personal privacy protection and recent news articles have shown many privacy breaches and unannounced changes to privacy policies. These events could adversely affect data protection and compromise user trust, thus it is vital that social sites contain explicit privacy policies stating a comprehensive list of protection methods. This study analyzes 60 worldwide social sites and finds that even if sites contain a privacy policy, the site pages may also possess technical elements that could be used to serendipitously collect personal information. The results show specific technical collection methods most common within several social network categories. Methods for improving online privacy practices are suggested

Online Personal Data Processing and EU Data Protection Reform. CEPS Task Force Report, April 2013

This report sheds light on the fundamental questions and underlying tensions between current policy objectives, compliance strategies and global trends in online personal data processing, assessing the existing and future framework in terms of effective regulation and public policy. Based on the discussions among the members of the CEPS Digital Forum and independent research carried out by the rapporteurs, policy conclusions are derived with the aim of making EU data protection policy more fit for purpose in today’s online technological context. This report constructively engages with the EU data protection framework, but does not provide a textual analysis of the EU data protection reform proposal as such

Integrating Diplomacy and Social Media: A Report of the First Annual Aspen Institute Dialogue on Diplomacy and Technology

This report is a result of the first annual Aspen Institute Dialogue on Diplomacy and Technology, or what we call ADDTech. The concept for this Dialogue originated with longtime communications executive and Aspen Institute Trustee Marc Nathanson. Since his tenure as Chairman of the U.S. Broadcasting Board of Governors (BBG), Nathanson has been concerned with how American diplomacy could more rapidly embrace the changing world of social media and other technologies. He is also a graduate of the University of Denver where former Secretary of State Madeleine Albright's father, Josef Korbel, namesake of the Josef Korbel School of International Relations there, was his professor. Thus, Albright, another Institute Trustee, was a natural partner to create the first Dialogue on Diplomacy and Technology. The cast is ably supplemented with Korbel School Dean and former U.S. Ambassador Christopher Hill and Aspen Institute President Walter Isaacson, who himself was also recently the chair of the BBG.The topic for this inaugural dialogue is how the diplomatic realm could better utilize new communications technologies. The group focused particularly on social media, but needed to differentiate among the various diplomacies in play in the current world, viz., formal state diplomacy, public diplomacy, citizen diplomacy and business diplomacy. Each presents its own array of opportunities as well as problems. In this first Dialogue, much of the time necessarily had to be used to define our terms and learn how technologies are currently being used in each case. To help us in that endeavor, we focused on the Middle East. While the resulting recommendations are therefore rather modest, they set up the series of dialogues to come in the years ahead

Surveillance, big data and democracy: lessons for Australia from the US and UK

This article argues that current laws are ill-equipped to deal with the multifaceted threats to individual privacy by governments, corporations and our own need to participate in the information society. Introduction In the era of big data, where people find themselves surveilled in ever more finely granulated aspects of their lives, and where the data profiles built from an accumulation of data gathered about themselves and others are used to predict as well as shape their behaviours, the question of privacy protection arises constantly. In this article we interrogate whether the discourse of privacy is sufficient to address this new paradigm of information flow and control. What we confront in this area is a set of practices concerning the collection, aggregation, sharing, interrogation and uses of data on a scale that crosses private and public boundaries, jurisdictional boundaries, and importantly, the boundaries between reality and simulation. The consequences of these practices are emerging as sometimes useful and sometimes damaging to governments, citizens and commercial organisations. Understanding how to regulate this sphere of activity to address the harms, to create an infrastructure of accountability, and to bring more transparency to the practices mentioned, is a challenge of some complexity. Using privacy frameworks may not provide the solutions or protections that ultimately are being sought. This article is concerned with data gathering and surveillance practices, by business and government, and the implications for individual privacy in the face of widespread collection and use of big data. We will firstly outline the practices around data and the issues that arise from such practices. We then consider how courts in the United Kingdom (‘UK’) and the United States (‘US’) are attempting to frame these issues using current legal frameworks, and finish by considering the Australian context. Notably the discourse around privacy protection differs significantly across these jurisdictions, encompassing elements of constitutional rights and freedoms, specific legislative schemes, data protection, anti-terrorist and criminal laws, tort and equity. This lack of a common understanding of what is or what should be encompassed within privacy makes it a very fragile creature indeed. On the basis of the exploration of these issues, we conclude that current laws are ill-equipped to deal with the multifaceted threats to individual privacy by governments, corporations and our own need to participate in the information society