Privacy Rights

The advent of Generative AI, particularly through Large Language Models (LLMs) like ChatGPT and its successors, marks a paradigm shift in the AI landscape. Advanced LLMs exhibit multimodality, handling diverse data formats, thereby broadening their application scope. However, the complexity and emergent autonomy of these models introduce challenges in predictability and legal compliance. This paper analyses the legal and regulatory implications of Generative AI and LLMs in the European Union context, focusing on liability, privacy, intellectual property, and cybersecurity. It examines (...) the adequacy of the existing and proposed EU legislation, including the Artificial Intelligence Act (AIA), in addressing the challenges posed by Generative AI in general and LLMs in particular. The paper identifies potential gaps and shortcomings in the EU legislative framework and proposes recommendations to ensure the safe and compliant deployment of generative models. (shrink)

Respect appears to generate a puzzling self-other asymmetry: Respect for others can demand that we avoid knowledge of others or ignore that knowledge in deciding how we treat others. This demand for epistemic distancing lies behind the imperatives not to violate others’ privacy or to treat them paternalistically. Self-respect, in contrast, mandates that we pursue knowledge of ourselves and that we choose and act light of that self-knowledge. Individual agents thus do not have a duty to epistemically distance themselves from (...) themselves; a fortiori, they have self-regarding duties to reduce such distance. This article elaborates this asymmetry and offers a plausible solution to it, rooted in the distinctive importance that self-knowledge (and acting in the world on the basis of that self-knowledge) has for self-respecting rational agents: Self-respecting agents have reasons to have others defer to their ‘surfaces’ or self-presentations in order to inhibit making themselves vulnerable to others in ways that undermine their self-respect by subordinating their wills to the wills of others. A measure of control over what others know about us and over what they do with that knowledge thus undergirds self-respect by enabling self-knowledge to play the role that it should play in the lives of self-respecting agents. Epistemic distancing thus operates in concert with the ways in which self-respecting agents value and pursue epistemic intimacy with themselves. (shrink)

Higher education institutions are mining and analyzing student data to effect educational, political, and managerial outcomes. Done under the banner of “learning analytics,” this work can—and often does—surface sensitive data and information about, inter alia, a student’s demographics, academic performance, offline and online movements, physical fitness, mental wellbeing, and social network. With these data, institutions and third parties are able to describe student life, predict future behaviors, and intervene to address academic or other barriers to student success (however defined). Learning (...) analytics, consequently, raise serious issues concerning student privacy, autonomy, and the appropriate flow of student data. We argue that issues around privacy lead to valid questions about the degree to which students should trust their institution to use learning analytics data and other artifacts (algorithms, predictive scores) with their interests in mind. We argue that higher education institutions are paradigms of information fiduciaries. As such, colleges and universities have a special responsibility to their students. In this article, we use the information fiduciary concept to analyze cases when learning analytics violate an institution’s responsibility to its students. (shrink)

If I decide to disclose information about myself, this act can undermine other people’s ability to effectively conceal information about themselves. One case in point involves genetic information: if I share ‘my’ genetic information with others, I thereby also reveal genetic information about my biological relatives. Such dependencies are well-known in the privacy literature and are often referred to as ‘privacy dependencies’. Some take the existence of privacy dependencies to generate a moral duty to sometimes avoid sharing information about oneself. (...) If true, we argue, then it is sometimes justified for others to impose harm on the person sharing the information to prevent them from doing so. This is a highly revisionary implication. Hence, one must either endorse a highly revisionary view on what one may do to protect one’s privacy, or one must reject the view that privacy dependencies can be used to justify a moral duty that constrains choices about sharing information about oneself. (shrink)

This research explores how a person with whom information has been shared and, importantly, an artificial intelligence (AI) system used to deduce information from the shared data contribute to making the disclosure context private. The study posits that private contexts are constituted by the interactions of individuals in the social context of intersubjectivity based on trust. Hence, to make the context private, the person who is the trustee (i.e., with whom information has been shared) must fulfil trust norms. According to (...) the commitment account of trustworthiness, a person is trustworthy only if they satisfy the norm of competence. It is argued that a person using an AI system to answer a question is competent only if they are ex post justified in believing what has been delivered by the AI system. A person’s belief is justified in the doxastic sense only if the AI system is accurate. This feature of AI’s performance affects a person’s competence and, as a result, trustworthiness. The effect of AI on trust as an essential component of making the context private, and thus on privacy, means an AI system also impacts privacy. Therefore, a private context is constituted when the individual with whom the information is shared fulfils the competence norm and the AI system used for analysing the information is sufficiently accurate to adhere to this norm. The result of this research emphasises the significance of the relationship between individuals involved in information-sharing and how an AI system used for analysing that information impacts the relationship regarding making the context private, as well as how it impacts privacy. The findings of this research have significant implications for improving or ameliorating privacy regulations in light of trust. (shrink)

An issue about the privacy of the clustered groups designed by algorithms arises when attempts are made to access certain pieces of information about those groups that would likely be used to harm them. Therefore, limitations must be imposed regarding accessing such information about clustered groups. In the discourse on group privacy, it is argued that the right to privacy of such groups should be recognised to respect group privacy, protecting clustered groups against discrimination. According to this viewpoint, this right (...) places a duty on others, for example, private companies, institutions, and governments, to refrain from accessing such information. To defend the idea that the right to privacy should be recognised for clustered groups, at least two requirements must be satisfied. First, clustered group privacy must be conceived of as either a collective good or a participatory good. Since these forms of good are of the type from which no member of a group can be excluded from benefiting, the right to them is defined as a group right. Second, there must be group interests on which to base a group right. Group interests can be either the interests of those members that are a result of their being in the group or the interests of the group as a whole that transcend the interests of its members. However, this paper argues that clustered group privacy cannot be conceived of as either a collective or a participatory good because it is possible for some individuals to be excluded from benefiting from it. Furthermore, due to the lack of awareness among individuals that they are members of a clustered group and the nature of a clustered group itself, such groups cannot have the group interests necessary to establish a group right. Hence, the group right to privacy cannot be recognised for these groups, implying that the group right cannot be considered a means to protect clustered groups against discrimination. Instead, this paper suggests that moral principles need to be articulated within an ethics of vulnerability to identify the moral obligations of protecting vulnerable clustered groups. The duty owed to the vulnerable should involve refraining from accessing certain information about clustered groups in specific contexts. This duty is not engendered by the right to privacy of such groups; it is the duty owed to the vulnerable. The findings highlight the need to articulate moral principles regarding privacy and data protection to protect clustered groups in contexts in which accessing information about them could constitute a reason for discriminatory targeting. (shrink)

In this chapter, Macnish and Asgarinia introduce current thinking and debate around issues of privacy as these relate to the media. Starting with controversies over the definition of privacy, they consider what the content of privacy should be and why it is we consider privacy to be valuable. This latter includes the social implications of privacy and the only recently-recognised concept of group privacy, contrasting it with individual privacy, as well as legal implications arising through laws such as the European (...) Union’s General Data Protection Regulation, concerning the collection of personal data and data subjects’ rights. Finally they turn to specific instances of privacy consideration in the media. These include: -/- The use of telephoto lenses to take pictures of celebrities at a distance without those celebrities’ permission (and the related question as to what is a reasonable expectation of privacy when in a public place); -/- Sharing information on social media (and the related question of whether those who share their data on social networking sites care about their privacy), as well as the availability of data online to research, even though that data has not always been posted for the purposes of research; -/- The challenges posed by anonymity online, including the trade-off between free expression and offensive expression; -/- Hacking and the meaning of fishing expeditions as a practice by the media and exploring what, if anything, is wrong with these; -/- The implications of invading the privacy of politicians, both as a defence of democracy and as a threat to democracy. (shrink)

Digital data help data scientists and epidemiologists track and predict outbreaks of disease. Mobile phone GPS data, social media data, or other forms of information updates such as the progress of epidemics are used by epidemiologists to recognize disease spread among specific groups of people. Targeting groups as potential carriers of a disease, rather than addressing individuals as patients, risks causing harm to groups. While there are rules and obligations at the level of the individual, we have to reach a (...) stage in the development of data analytics where groups are protected as entities. This chapter offers a deeper examination of harms to the groups. (shrink)

Philosophy &Public Affairs, Volume 51, Issue 4, Page 413-449, Fall 2023.

This article examines how facial recognition technology reshapes the philosophical debate over the ethics of video surveillance. When video surveillance is augmented with facial recognition, the data collected is no longer anonymous, and the data can be aggregated to produce detailed psychological profiles. I argue that – as this non-anonymous data of people’s mundane activities is collected – unjust risks of harm are imposed upon individuals. In addition, this technology can be used to catalogue all who publicly participate in political, (...) religious, and socially stigmatised activities, and I argue that this would undermine central interests of liberal democracies. I examine the degree to which the interests of individuals and the societal interests of liberal democracies to maintain people’s obscurity while in public coincide with privacy interests, as popularly understood, and conclude that there is a practical need to articulate a novel right to obscurity to protect the interests of liberal democratic societies. (shrink)

In this paper, we defend what we call the ‘Hybrid View’ of privacy. According to this view, an individual has privacy if, and only if, no one else forms an epistemically warranted belief about the individual’s personal matters, nor perceives them. We contrast the Hybrid View with what seems to be the most common view of what it means to access someone’s personal matters, namely the Belief-Based View. We offer a range of examples that demonstrate why the Hybrid View is (...) more plausible than the Belief-Based View. Finally, we show how the Hybrid View generates a more plausible fit between the concept of privacy, and a (morally objectionable) violation of privacy. (shrink)

Cameras, microphones, and other sensors continue to proliferate in the world around us. I offer a new metaphor for conceptualizing these technologies: they are _digital wormholes_, transmitting representations of human persons between disparate points in space–time. We frequently cannot tell when they are operational, what kinds of data they are collecting, where the data may reappear in the future, and how the data can be used against us. The wormhole metaphor makes the mysteriousness of digital sensors salient: digital sensors have (...) brought us to a strange place. If humans are to be capable of making sensible decisions while under observation by digital sensors, we must improve the epistemic position of potential sensor subjects. (shrink)

This essay is part of a special issue celebrating 50 years of Political Theory. The ambition of the editors was to mark this half century not with a retrospective but with a confabulation of futures. Contributors were asked: What will political theory look and sound like in the next century and beyond? What claims might political theorists or their descendants be making in ten, twenty-five, fifty, a hundred years’ time? How might they vindicate those claims in their future contexts? How (...) will the consistent concerns of political theorists evolve into the questions critical for people decades or centuries from now? What new problems will engage the political theorists (or their rough equivalents) of the future? What forms might those take? What follows is one of the many confabulations published in response to these queries. (shrink)

We investigate the question of whether (and if so why) creating or distributing deepfake pornography of someone without their consent is inherently objectionable. We argue that nonconsensually distributing deepfake pornography of a living person on the internet is inherently pro tanto wrong in virtue of the fact that nonconsensually distributing intentionally non-veridical representations about someone violates their right that their social identity not be tampered with, a right which is grounded in their interest in being able to exercise autonomy over (...) their social relations with others. We go on to suggest that nonconsensual deepfakes are especially worrisome in connection with this right because they have a high degree of phenomenal immediacy, a property which corresponds inversely to the ease with which a representation can be doubted. We then suggest that nonconsensually creating and privately consuming deepfake pornography is worrisome but may not be inherently pro tanto wrong. Finally, we discuss the special issue of whether nonconsensually distributing deepfake pornography of a deceased person is inherently objectionable. We argue that the answer depends on how long it has been since the person died. (shrink)

The 2010s were a golden age of information privacy research, but its policy accomplishments tell a mixed story. Despite significant progress on the development of privacy theory and compelling demonstrations of the need for privacy in practice, real achievements in privacy law and policy have been, at best, uneven. In this chapter, I outline three broad shifts in the way scholars (and, to some degree, advocates and policy makers) are approaching privacy and social media. First, a change in emphasis from (...) individual to structural approaches. Second, increasing attention to the political economy of privacy—especially the business models of information companies, such as social media platforms. And third, a deeper understanding of privacy’s role in a healthy digital public sphere. (shrink)

The potential to collect brain data more directly, with higher resolution, and in greater amounts has heightened worries about mental and brain privacy. In order to manage the risks to individuals posed by these privacy challenges, some have suggested codifying new privacy rights, including a right to “mental privacy.” In this paper, we consider these arguments and conclude that while neurotechnologies do raise significant privacy concerns, such concerns are—at least for now—no different from those raised by other well-understood data collection (...) technologies, such as gene sequencing tools and online surveillance. To better understand the privacy stakes of brain data, we suggest the use of a conceptual framework from information ethics, Helen Nissenbaum’s “contextual integrity” theory. To illustrate the importance of context, we examine neurotechnologies and the information flows they produce in three familiar contexts—healthcare and medical research, criminal justice, and consumer marketing. We argue that by emphasizing what is distinct about brain privacy issues, rather than what they share with other data privacy concerns, risks weakening broader efforts to enact more robust privacy law and policy. (shrink)

Throughout the 20th century, market capitalism was defended on parallel grounds. First, it promotes freedom by enabling individuals to exploit their own property and labor-power; second, it facilitates an efficient allocation and use of resources. Recently, however, both defenses have begun to unravel—as capitalism has moved into its “platform” phase. Today, the pursuit of allocative efficiency, bolstered by pervasive data surveillance, often undermines individual freedom rather than promoting it. And more fundamentally, the very idea that markets are necessary to achieve (...) allocative efficiency has come under strain. Even supposing, for argument’s sake, that the claim was true in the early 20th century when von Mises and Hayek pioneered it, advances in computing have rekindled the old “socialist calculation” debate. And this time around, markets—as information technology—are unlikely to have the upper hand. -/- All of this, we argue, raises an important set of governance questions regarding the political economy of the future. We focus on two: How much should our economic system prioritize freedom, and to what extent should it rely on markets? The arc of platform capitalism bends, increasingly, toward a system that neither prioritizes freedom nor relies on markets. And the dominant critical response, exemplified by Shoshana Zuboff’s work, has been to call for a restoration of market capitalism. Longer term, however, we believe it would be more productive to think about how “postmarket” economic arrangements might promote freedom—or better yet, autonomy—even more effectively than markets, and to determine the practical steps necessary to realize that possibility. (shrink)

Employers seeking to control employee behavior outside of working hours is nothing new. However, recent developments have extended efforts to control employee behavior into new areas, with new significance. Employers seek to control legal behavior by employees outside of working hours, to have significant influence over employee’s health-related behavior, and to monitor and control employee’s social media, even when this behavior has nothing to do with the workplace. In this article, I draw on the work of political theorists Jon Elster, (...) Gerald Gaus and Michael Walzer, and privacy scholars Daniel Solove and Anita Allen, to show what is wrong with this extension of employer control of employee’s outside of work behavior. I argue that there are ethical limits on the controls that employers may put on their employees’ out of work behavior, and that many of these limits should be enshrined into legal protections which would prevent employers from conditioning employment on the regulations criticized. -/- (Please note that the version of this paper on SSRN is a pre-publication version. Please cite and refer to the published version when possible.). (shrink)

Pyrrho and colleagues (2022) argue that the loss of health privacy can damage democratic values by increasing social polarization, removing individual choice, and limiting self-determination. As a remedy, the authors propose a data-regulation regime that prohibits companies from using such data for discriminatory purposes. Our commentary addresses three issues. First, we point out an additional problematic dimension of excessive health privacy loss, namely, the potential racialization of groups and individuals that it may likely contribute to. Second, we note that, in (...) our view, the authors’ argument for more regulation rests on an invidious comparison between the realistically described status quo and the idealized picture of the imagined regulatory regime that the authors briefly propose. Third, we argue that, despite existing regulations, both private and government actors frequently use private data in ways that lead to ethically problematic outcomes, especially when it comes to racialized communities. (shrink)

This paper discusses the idea that the concept of privacy should be understood in terms of control. Three different attempts to spell out this idea will be critically discussed. The conclusion will be that the Source Control View on privacy is the most promising version of the idea that privacy is to be understood in terms of control.

There is currently intense debate about the significance of user consent to data practices. Consent is often taken to legitimate virtually any data practice, no matter how invasive. Many scholars argue, however, that user consent is typically so defective as to be ‘meaningless’ and that user privacy should thus be protected by substantive legislation that does not rely (or does not rely heavily) on consent. I argue that both views rest on serious mistakes about the validity conditions for consent. User (...) consent is sufficiently impoverished that it does not guarantee legitimacy but is not so impoverished as to be ‘meaningless’; it can legitimate data practices that are independently reasonable but not those that are exploitative. Since many valuable data practices must be consented to if they are to be legitimate (or so I argue), our privacy legislation should continue emphasizing the importance of user consent, even if auxiliary protections are also desirable. (shrink)

Most studies on the ethics of privacy focus on what others ought to do to accommodate our interest in privacy. I focus on a related but distinct question that has attracted less attention in the literature: When, if ever, does morality require us to safeguard our own privacy? While we often have prudential reasons for safeguarding our privacy, we are also, at least sometimes, morally required to do so. I argue that we, sometimes, ought to safeguard our privacy for the (...) sake of the possible wrongdoer, in order to prevent the possible wrongdoer from committing a morally defiling act that renders them worse off. I illustrate the variety of cases in which this duty binds us and contrast my view to some other claims in the literature which also purport to show that we sometimes have a duty to safeguard our own privacy. (shrink)

The fast pace of technological change necessitates new evaluative and deliberative tools. This article develops a general, functional approach to evaluating technological change, inspired by Nissenbaum’s theory of contextual integrity. Nissenbaum introduced the concept of contextual integrity to help analyze how technological changes can produce privacy problems. Reinterpreted, the concept of contextual integrity can aid our thinking about how technological changes affect the full range of human concerns and values—not only privacy. I propose a generalized concept of contextual integrity that (...) is applicable to a broader variety of circumstances, and I outline a new, general procedure for technological evaluation. Among the attractive features of the proposed approach to evaluating technological change are its context-sensitivity, adaptability, and principled presumptive conservatism, enabled by the mechanism the approach supplies for reevaluating existing practices, norms, and values. (shrink)

All societies have to balance privacy claims with other moral concerns. However, while some concern for privacy appears to be a common feature of social life, the definition, extent and moral justifications for privacy differ widely. Are there better and worse ways of conceptualising, justifying, and managing privacy? These are the questions that lie in the background of this thesis. -/- My particular concern is with the ethical issues around privacy that are tied to the rise of new information and (...) communication technologies (henceforth “ICT”). The focus here is on technologies involved in processing personal data in its broadest sense, including “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.” The issue of moral concern is commonly designated as that of 'data privacy'. -/- The first step is to consider why privacy matters, or ought to matter, in the first place. And here we run into our first difficulty, since both the conceptualisation of privacy and the justification for the right to privacy are matters for contention. On the one hand, we are animated by a moral concern for privacy in some sense; on the other, we lack the conceptual and moral resources for making sense of this concern or for promoting particular social policies and criticising others. This often-cited dichotomy and its ensuing confusion have been the central motivation for most of the philosophical literature on privacy – including this thesis. -/- In what follows, I will suggest a way out of the confusion that pervades the current debate on data privacy. I will essentially argue two claims: one, that the concept of (data) privacy is uniquely characterised by a particular context within which we exchange information; two, that because (data) privacy constitutes an intrinsic value, its moral concerns and justifications ought to be deliberated as such. -/- The first chapter sketches the current data privacy landscape by introducing a number of concepts and arguing the unique nature of the landscape. I argue that the traditional distinction between four kinds of privacy (physical, mental, decisional and informational) is no longer accurate, given the technological context that reduces, unifies and processes all aspects of people’s lives by means of digital data. In fact, to hold on to the distinction leads to a fundamental misconception of data privacy. I further argue that today’s distinction between data protection and data privacy runs the risk of ignoring the fact that the former is an inherent aspect of the latter. These arguments allow me to settle on a (provisional) definition of data privacy: controlling how data about identifiable people is processed by ICT. -/- Next, I draw a line between descriptive and normative accounts of data privacy, and explain why this book belongs to the latter category. After a brief discussion of the coherence and distinctiveness theses, and of the difference between instrumental and intrinsic theories of privacy, I introduce the problem of data privacy as a distinct, coherent, and intrinsic moral concern. Three arguments support this position: one, data privacy is a coherent moral concern because it is motivated by a singular moral concept; two, data privacy is a distinct moral concern because the privacy challenges we face today are of a fundamentally new nature – distinct from any moral concerns we’ve faced in the past; and three, data privacy is an intrinsic moral concern that is predominantly justified, not by what it instrumentally protects us from, but by what it intrinsically constitutes. -/- Chapter Two makes the case against a harm-based, consequentialist approach to data privacy. After a brief introduction to the basic tenets of consequentialism I discuss harm-based arguments in favour as well as against privacy. I explain how privacy may protect us against psychological distress, but at the same time constitute the source of that distress; how privacy may be necessary for the proper functioning of democratic societies, but at the same time provide a cloak for anti-social and immoral behaviour; and how privacy protects us against the improper use of our personal data by others, but at the same enables us to conceal information or spread false information about ourselves in ways that are harmful to others. Next, I argue that consequentialism essentially relies on two flawed presumptions – that we know what harm is, and that we know how to predict it – and discuss the controversies surrounding definitions and predictions of harm. This argument becomes especially pertinent in today’s rapidly changing technological context: we may guess, and make assumptions, perhaps even find correlations, but don’t really know or understand (yet) with any degree of certainty the harmful consequences today’s data privacy violations are causing or will eventually cause – if any. -/- I illustrate this with examples of recent data privacy violations, and with a brief overview of consequentialist arguments for and against data privacy. Those who invoke consequentialist arguments against data privacy claim that personal data is nothing more than a raw material that can be turned into something useful and valuable without harming anyone. Choosing to move fast and break things – a popular mantra that promotes the benefits of technological “permissionless innovation” over and above its risks and costs – they draw our attention to the many benefits free data flows generate. Those who rely on consequentialist arguments in favour of data privacy, on the other hand, insist on actual and potential misuse of personal data. Rather careful than sorry, they draw our attention to the urgent need to take back control and protect ourselves against data privacy violations – precisely because we don’t know which harm they may cause in the future. Others go one step further and argue that these violations are part of a broader ideology of power. -/- What Chapter Two demonstrates is that vague definitions, unreliable predictions and inconclusive allegations of harm from both sides of the debate perpetuate a stalemate that fails to produce morally defensible answers to our growing data privacy concerns. Deliberating about data privacy from a consequentialist perspective is a dead end. -/- Chapter Three proposes an alternative to the harm-based approach, namely that privacy is an intrinsic value that deserves moral protection for its own sake. After a brief account of what I take values to be, and why we have a need to protect them, I introduce the foundational value of respect for persons, and lay out my main argument in two steps. The conceptual component of my argument returns to the definition of data privacy I had temporarily settled on in Chapter One, but now with the added consideration of the particular context, and particular circumstances and attitudes, within which information is exchanged. This addition is crucial, as it reveals the fundamental value that is at stake in our data privacy concerns, namely the inherent value of each and every person, which we protect by upholding an ethical principle commonly known as the principle of respect for persons. It is for this reason that the violation of privacy cannot (only) be expressed in terms of harm. I further argue that the principle of respect for persons is consistent with, and in fact unthinkable without, some degree of privacy. -/- I reply to potential challenges to a value-based approach to data privacy by showing that (i) values and value trade-offs are fundamentally different from consequential benefits and cost-benefit analyses; (ii) the suspension of one value in favour of another is not inherently contradictory; what matters is morally defensible deliberation about values and valid individual consent; (iii) data privacy concerns cannot be reduced to other moral concerns and therefore deserve a specific, distinct protection. -/- Finally, because this is a thesis in applied ethics, I attempt an answer to the question as to how we ought to apply a value-based approach to practical data privacy concerns. I argue that a revised, three-pronged version of John Rawls’ reflective equilibrium, founded on the non-negotiable principle of respect for persons, is the best possible procedure to deliberate data privacy concerns in relation to other moral values. (shrink)

Trustworthiness is typically regarded as a desirable feature of national identification systems (NISs); but the variegated nature of the trustor communities associated with such systems makes it difficult to see how a single system could be equally trustworthy to all actual and potential trustors. This worry is accentuated by common theoretical accounts of trustworthiness. According to such accounts, trustworthiness is relativized to particular individuals and particular areas of activity, such that one can be trustworthy with regard to some individuals in (...) respect of certain matters, but not trustworthy with regard to all trustors in respect of every matter. The present article challenges this relativistic approach to trustworthiness by outlining a new account of trustworthiness, dubbed the expectation-oriented account. This account allows for the possibility of an absolutist (or one-place) approach to trustworthiness. Such an account, we suggest, is the approach that best supports the effort to develop NISs. To be trustworthy, we suggest, is to minimize the error associated with trustor expectations in situations of social dependency (commonly referred to as trust situations), and to be trustworthy in an absolute sense is to assign equal value to all expectation-related errors in all trust situations. In addition to outlining the features of the expectation-oriented account, we describe some of the implications of this account for the design, development, and management of trustworthy NISs. (shrink)

This chapter provides a high-level overview of key ethical issues raised by the use of surveillance technologies, such as digital contact tracing, disease surveillance, and vaccine passports, to combat the COVID-19 pandemic. To some extent, these issues are entirely familiar. I argue that they raise old questions in new form and with new urgency, at the intersection of information ethics, research ethics, and public health. Whenever we deal with data-driven technologies, we have to ask how they fare in relation to (...) important values like privacy, fairness, transparency, and accountability—values emphasized by information ethics scholars. Likewise, when such technologies put individuals at risk in order to drive scientific research and knowledge construction, we have to ask how they implicate values such as autonomy, beneficence and non-maleficence, and justice—values central to research ethics. And as researchers focusing on health information have long argued, when the data collected by these technologies pertain to individuals and public health, these ethical issues take on a special cast. -/- It is also true, however, that the pandemic has placed these questions in a new and revealing light. I highlight three insights from information ethics and research ethics that can help us navigate this difficult terrain. First, the value of privacy is instrumental, not absolute—there is nothing wrong with asking how to balance privacy against other important values. Second, privacy has both individual and social importance. Weighing privacy, on one hand, and public health, on the other, is not, therefore, a contest between individual and collective interests. Rather, it is an attempt to balance disparate public goods. Third, we ought to put these kinds of ethical decisions in the hands of third parties, rather than leaving them up to those who directly stand to benefit from them. In the case of pandemic surveillance technologies, this should mean more public, democratic oversight. (shrink)

Surveillance studies scholars and privacy scholars have each developed sophisticated, important critiques of the existing data-driven order. But too few scholars in either tradition have put forward alternative substantive conceptions of a good digital society. This, I argue, is a crucial omission. Unless we construct new “sociotechnical imaginaries,” new understandings of the goals and aspirations digital technologies should aim to achieve, the most surveillance studies and privacy scholars can hope to accomplish is a less unjust version of the technology industry’s (...) own vision for the future. (shrink)

Writing a college-application essay has become a rite of passage for high-school seniors in the U.S., one whose importance has expanded over time due to an increasingly competitive admissions process. Various commentators have noted the disturbing evolution of these essays over the years, with an ever-greater emphasis placed on obstacles overcome and traumas survived. How have we gotten to the point where college-application essays are all too frequently competitive-victimhood displays? Colleges have an understandable interest in the disadvantages their applicants may (...) have suffered, but this interest—and the awareness of it among both applicants and their advisors—has led to a “race to the bottom”: in order to thrive (or even survive) in a particular competitive context, participants are forced to continuously lower relevant standards in a game of one-upmanship. With college essays, the competition is among high-school seniors for admission, the one-upmanship is an ever-escalating effort to persuade admission committees of one’s greater disadvantage, and the relevant standards being lowered are honesty, privacy, and dignity—or so I shall argue. As we shall see, this particular race to the bottom imposes unequal costs on certain groups and has implications stretching well beyond collegiate admissions. (shrink)

In Vayena’s article, ‘direct-to-consumer (DTC) genomics on the scales of autonomy’, she claims that there may be a strong autonomy-based argument for permitting DTC genomic services. In this response, I point out how the diminishment of one’s genetic privacy can cause a relevant autonomy-related harm which must be balanced against the autonomy-related gains DTC services provide. By drawing on conceptual connections between privacy and the Razian conception of autonomy, I show that DTC genetic testing may decrease the range of valuable (...) options individuals possess, which impacts the extent to which would-be consumers can exercise their autonomy. (shrink)

In this paper, I argue against views that equate privacy with control over self-presentation and explore some of the implications of my criticism for the online world. In section 1, I analyze the relationship between control over self-presentation and privacy and argue that, while they are both tightly connected, they are not one and the same thing. Distinguishing between control over self-presentation and privacy has important practical implications for the online world. In section 2, I investigate self-presentation online and argue (...) that, while there might be an illusion that one can self-present on one’s own terms online, that mirage often reveals itself as unrealistic because of external and internal constraints. I further argue that what is most noteworthy about self-presentation online, in contrast to self-presentation offline, is the pressure to be on display at all times. In section 3, I argue that to combat some of the negative trends we are witnessing online we need, on the one hand, to cultivate a culture of privacy, in contrast to a culture of exposure. On the other hand, we need to readjust how we understand self-presentation online. I argue that in some cases we should understand it in similar terms to how we understand advertisement or fiction. By changing our conventions online, we would be taking away some of people’s control over self-presentation by not taking their online personae at face value. (shrink)

This chapter identifies and analyzes ethical issues in video surveillance, with a focus on applications that involve video analytics and facial recognition technology. The first part of the analysis focuses on ethical issues in video analytics, which are techniques that automatically analyze preexisting or gathered video data. Ethical issues are discussed in relation to processes of identification, classification, detection, and tracking of persons. Next, facial recognition technology is discussed, particularly its use in surveillance, and its ethical challenges are investigated. Finally, (...) we focus on three advanced video analytics techniques: facial analysis, behavior analysis, and emotional analysis, which raise additional serious ethical issues. (shrink)

Ambient assisted living technologies are increasingly presented and sold as essential smart additions to daily life and home environments that will radically transform the healthcare and wellness markets of the future. An ethical approach and a thorough understanding of all ethics in surveillance/monitoring architectures are therefore pressing. AAL poses many ethical challenges raising questions that will affect immediate acceptance and long-term usage. Furthermore, ethical issues emerge from social inequalities and their potential exacerbation by AAL, accentuating the existing access gap between (...) high-income countries and low and middle-income countries. Legal aspects mainly refer to the adherence to existing legal frameworks and cover issues related to product safety, data protection, cybersecurity, intellectual property, and access to data by public, private, and government bodies. Successful privacy-friendly AAL applications are needed, as the pressure to bring Internet of Things devices and ones equipped with artificial intelligence quickly to market cannot overlook the fact that the environments in which AAL will operate are mostly private. The social issues focus on the impact of AAL technologies before and after their adoption. Future AAL technologies need to consider all aspects of equality such as gender, race, age and social disadvantages and avoid increasing loneliness and isolation among, e.g. older and frail people. Finally, the current power asymmetries between the target and general populations should not be underestimated nor should the discrepant needs and motivations of the target group and those developing and deploying AAL systems. Whilst AAL technologies provide promising solutions for the health and social care challenges, they are not exempt from ethical, legal and social issues. A set of ELSI guidelines is needed to integrate these factors at the research and development stage. (shrink)

In this article, we identify three key design dimensions along which cryptocurrencies differ -- privacy, censorship-resistance, and consensus procedure. Each raises important normative issues. Our discussion uncovers new ways to approach the question of whether Bitcoin or other cryptocurrencies should be used as money, and new avenues for developing a positive answer to that question. A guiding theme is that progress here requires a mixed approach that integrates philosophical tools with the purely technical results of disciplines like computer science and (...) economics. Note: this article is the second entry within a two-part sequence on the Philosophy, Politics, and Economics of Cryptocurrency. (shrink)

Most online platforms are becoming increasingly algorithmically personalized. The question is if these practices are simply satisfying users preferences or if something is lost in this process. This article focuses on how to reconcile the personalization with the importance of being able to share cultural objects - including fiction – with others. In analyzing two concrete personalization examples from the streaming giant Netflix, several tendencies are observed. One is to isolate users and sometimes entirely eliminate shared world aspects. Another tendency (...) is to blur the boundary between shared cultural objects and personalized content, which can be misleading and disorienting. A further tendency is for personalization algorithms to be optimized to deceptively prey on desires for content that mirrors one’s own lived experience. Some specific - often minority targeting -“clickbait” practices received public blowback. These practices show disregard both for honest labeling and for our desires to have access and representation in a shared world. The article concludes that personalization tendencies are moving towards increasingly isolating and disorienting interfaces, but that platforms could be redesigned to support better social world orientation. (shrink)

Over the years, several counterexamples arguably establish the limits of control-based conceptions of privacy and the right to privacy. Some of these counterexamples focus only on privacy, while the control-based conception of the right to privacy is rejected because of conceptual consistency between privacy and the right to privacy. Yet, these counterexamples do not deny the intuitions of control-based conceptions of the right to privacy. This raises the question whether conceptual consistency is more important than intuitions in determining the right (...) way to conceptualize the right to privacy. This article aims to show how the major alternative to control-based conceptions of the right privacy—that is, limited access—can be modified to make sense of, and provide alternative explanations for, these control-based intuitions. (shrink)

Recently, Ingmar Persson and Julian Savulescu argued that an action that does not violate a moral right to privacy cannot violate that right if it is extended over time. Specifically, they argue that a moral right to privacy does not protect against gawking or stalking. In this reply the reverse position is defended. Specifically, it is argued that their arguments fails on according to their own definition of the right to privacy. Furthermore, it is argued and illustrated by examples that (...) this conceptual conclusion holds for many other conceptions of the right to privacy. Moreover, it is argued that Persson and Savluescu fail to recognize the privacy-related harm extended to individuals through gawking or stalking. Lastly, the article ends by sketching how the role of privacy in public and consent relates to the given examples. (shrink)

Even though the idea that privacy is some kind of control is often presented as the standard view on privacy, there are powerful objections against it. The aim of this paper is to defend the control account of privacy against some particularly pressing challenges by proposing a new way to understand the relevant kind of control. The main thesis is that privacy should be analyzed in terms of source control, a notion that is adopted from discussions about moral responsibility.

Our world is under going an enormous digital transformation. Nearly no area of our social, informational, political, economic, cultural, and biological spheres are left unchanged. What can philosophy contribute as we try to under- stand and think through these changes? How does digitization challenge past ideas of who we are and where we are headed? Where does it leave our ethical aspirations and cherished ideals of democracy, equality, privacy, trust, freedom, and social embeddedness? Who gets to decide, control, and harness (...) the powers of digitization and for which purposes? Epistemologically, do most of us understand these new mediations – and thus fabrics – of our new world? Lastly – how is the new technological landscape shaping not only our living conditions but also our collective imaginary and our self-identities? (shrink)

In the age of Big Data Analytics and Covid-19 Apps, the conventional conception of privacy that focuses excessively on the identification of the individual is inadequate to safeguard the individual’s identity and autonomy. An individual’s autonomy can be impaired and their control over their social identity diminished, even without infringing the anonymity surrounding their personal identity. A century-old individualistic conception of privacy that aimed at safeguarding a person from unwarranted social interference is incapable of protecting their autonomy and identity when (...) they are targeted on the basis of their interdependent social and algorithmic group affiliations. In order to overcome these limitations, in this article, I develop a theoretical framework in the form of a triumvirate model of the group right to privacy (GRP), which is based on privacy as a social value (Pv). An individual has an interest in protecting their social identity arising out of their participation in social groups. The panoptic sorting of individuals by Big Data Analytics for behavioral targeting purposes gives rise to epistemic bubbles and echo chambers that impede the formation of an individual’s social identity. I construct the formulation of GRP1 to protect an individual’s interest in their social identity and their socially embedded autonomous self. Thereafter, I emphasize an individual’s right to informational self-determination and against algorithmic grouping in GRP2. Lastly, I highlight instances where GRP3 entitles an organized group to privacy in its own right. I develop a Razian formulation to state that Big Data Analytics’ constant surveillance and monetization of human existence is an infringement of individual autonomy. The violation of GRP subjects an individual to behavioral targeting (including hyper-targeted political advertising) and distorts their weltanschauung, or worldview. As regards Covid-19 Apps, I assert that the extraordinary circumstances surrounding the pandemic do not provide an everlasting justification for reducing an individual’s identity to a potential disease carrier. I argue that the ambivalence regarding existence of surveillance surrounding an individual’s social identity can leave them in a perpetual state of simulated surveillance (simveillance). I further assert that it is in the long-term best interests of the Big Tech corporations to respect privacy. In conclusion, I highlight that our privacy is not only interdependent in nature, but it is also existentially cumulatively interlinked. It increases in force with each successive protection. The privacy challenge posed by Covid-19 Apps has helped us realize that while limited exceptions to privacy may be carved out in grave emergencies, there is no moral justification for round-the-clock surveillance of an individual’s existence by Big Data Analytics. Similarly, the threat to privacy posed by Big Data Analytics has helped us realize that privacy has been wrongly focusing on the distinguishing aspects of the individual. It is our similarities that are truly worth protecting. In order to protect these similarities, I formulate the concept of mutual or companion privacy, which counterintuitively states that in the age of Big Data Analytics, we have more privacy together rather than individually. (shrink)

In a world that is awash in ubiquitous technology, even the least tech-savvy know that we must take care how that technology affects individuals and society. That governments and organizations around the world now focus on these issues, that universities and research institutes in many different languages dedicate significant resources to study the issues, and that international professional organizations have adopted standards and directed resources toward ethical issues in technology is in no small part the result of the work of (...) Simon Rogerson. -/- – Chuck Huff, Professor of Social Psychology at Saint Olaf College, Northfield, Minnesota -/- In 1995, Apple launched its first WWW server, Quick Time On-line. It was the year Microsoft released Internet Explorer and sold 7 million copies of Windows 95 in just 2 months. In March 1995, the author Simon Rogerson opened the first ETHICOMP conference with these words: -/- We live in a turbulent society where there is social, political, economic and technological turbulence … it is causing a vast amount of restructuring within all these organisations which impacts on individuals, which impacts on the way departments are set up, organisational hierarchies, job content, span of control, social interaction and so on and so forth. … Information is very much the fuel of modern technological change. Almost anything now can be represented by the technology and transported to somewhere else. It's a situation where the more information a computer can process, the more of the world it can actually turn into information. That may well be very exciting, but it is also very concerning. -/- That could be describing today. More than 25 years later, these issues are still at the forefront of how ethical digital technology can be developed and utilised. -/- This book is an anthology of the author’s work over the past 25 years of pioneering research in digital ethics. It is structured into five themes: Journey, Process, Product, Future and Education. Each theme commences with an introductory explanation of the papers, their relevance and their interrelationship. The anthology finishes with a concluding chapter which summarises the key messages and suggests what might happen in the future. Included in this chapter are insights from some younger leading academics who are part of the community charged with ensuring that ethical digital technology is realised. (shrink)

Algorithmic governmentality is a new form of political governance interconnected with technology and computation. By coining the term “algorithmic governmentality,” Antoinette Rouvroy argues that this mode of governance reduces everything to data, and people are no longer individuals but dividuals (able to be divided) or readable data profiles. Implementing the concept of algorithmic governmentality, the current study analyses Project Itoh’s award-winning novel Harmony in terms of such relevant concepts as “subjectivity,” “infra-individuality” and “control,” as suggested by Rouvroy and colleagues. The (...) analysis further draws on Foucault’s ideas of “governmentality” and “neoliberalism” and Deleuze’s concepts of “dividuality” and “society of control.” In Itoh’s fictional world, the entire society is subject to the new medical government, which replaced the chaotic world with a perfect but harrowing benevolent society, eradicating disease, suicide and crime. As elucidated in this paper, despite the dominant controlling government, there is a hope for humans to regain and reestablish their subjectivity and give meaning to their own personality by defying the nihilistic computational system. (shrink)

The increasingly prominent role of digital technologies during the coronavirus pandemic has been accompanied by concerning trends in privacy and digital ethics. But more robust protection of our rights in the digital realm is possible in the future. -/- After surveying some of the challenges we face, I argue for the importance of diplomacy. Democratic countries must try to come together and reach agreements on minimum standards and rules regarding cybersecurity, privacy and the governance of AI.

The purpose of this survey was to gather individual’s attitudes and feelings towards privacy and the selling of data. A total (N) of 1,107 people responded to the survey. -/- Across continents, age, gender, and levels of education, people overwhelmingly think privacy is important. An impressive 82% of respondents deem privacy extremely or very important, and only 1% deem privacy unimportant. Similarly, 88% of participants either agree or strongly agree with the statement that ‘violations to the right to privacy are (...) one of the most important dangers that citizens face in the digital age.’ The great majority of respondents (92%) report having experienced at least one privacy breach. -/- People’s first concern when losing privacy is the possibility that their personal data might be used to steal money from them. Interestingly, in second place in the ranking of concerns, people report being concerned about privacy because ‘Privacy is a good in itself, above and beyond the consequences it may have.’ -/- People tend to feel that they cannot trust companies and institutions to protect their privacy and use their personal data in responsible ways. The majority of people believe that governments should not be allowed to collect everyone’s personal data. Privacy is thought to be a right that should not have to be paid for. (shrink)

In this review, we present some ethical imperatives observed in this pandemic from a data ethics perspective. Our exposition connects recurrent ethical problems in the discipline, such as, privacy, surveillance, transparency, accountability, and trust, to broader societal concerns about equality, discrimination, and justice. We acknowledge data ethics role as significant to develop technological, inclusive, and pluralist societies. - - - Resumen: En esta revisión, exponemos algunos de los imperativos éticos observados desde la ética de datos en esta pandemia. Nuestra exposición (...) busca conectar problemas éticos típicos dentro de esta disciplina, a saber, privacidad, vigilancia, transparencia, responsabilidad y confianza, con preocupaciones a nivel social relacionadas con la igualdad, discrimi nación y justicia. Consideramos que la ética de datos tiene un rol significativo para desarrollar sociedades tecnificadas, inclusivas y pluralistas. (shrink)

This article argues that the self-management of one’s privacy is impossible due to privacy externalities. Privacy externalities are the negative by-product of the services offered by some data controllers, whereby the price to ‘pay’ for a service includes not just the provision of the user’s own personal data, but also that of others. This term, related to similar concepts from the literature on privacy such as ‘networked privacy’ or ‘data pollution’, is used here to bring to light the incentives and (...) exploitative dynamics behind a phenomenon which, I demonstrate, benefits both the user and the data controller to the detriment of third-party data subjects. Building on these novel elements and on the relevant concepts and examples found in the existing literature, this article draws a comprehensive picture of the phenomenon, and offers two promising paths to address it—better enforcing the principle of data protection by design and by default, and relying on the framework of joint controllership. (shrink)

This paper looks at the development of blockchain technologies that promise to bring new tools for the management of private data, providing enhanced security and privacy to individuals. Particular interest present solutions aimed at reorganizing data flows in the Internet of Things architectures, enabling the secure and decentralized exchange of data between network participants. However, as this paper argues, the promised benefits are counterbalanced by a significant shift towards the propertization of private data, underlying these proposals. Considering the unique capacity (...) of blockchain technology applications to imitate and even replace traditional institutions, this aspect may present certain challenges, both of technical and ethical character. In order to highlight these challenges and associated concerns, this paper identifies the underlying techno-economic factors and normative assumptions defining the development of these solutions amounting to technologically enabled propertization. It is argued that without careful consideration of a wider impact, such blockchain applications could have effects opposite to the intended ones, thus contributing to the erosion of privacy for IoT users. (shrink)

Luciano Floridi was not the first to discuss the idea of group privacy, but he was perhaps the first to discuss it in relation to the insights derived from big data analytics. He has argued that it is important to investigate the possibility that groups have rights to privacy that are not reducible to the privacy of individuals forming such groups. In this paper, we introduce a distinction between two concepts of group privacy. The first, the “what happens in Vegas (...) stays in Vegas” privacy (in the following: WHVSV privacy), deals with confidential information shared with the member of a group and inaccessible to (all or a specific group of) outsiders. The second, to which we shall refer as inferential privacy, deals with the inferences that can be made about a group of people defined by a feature, or combination thereof, shared by all individuals in the group. We show why we unreservedly agree with Floridi that groups can have a form of privacy that amounts to more than the mere fact of being sets of individuals each of whom has individual privacy; moreover, like Floridi, we find it plausible that at least some groups (those satisfying our definition of type-a groups) may have a right to a species of group privacy (that is, WHVSV privacy) as groups (and not just as individuals who belong to those groups). However, by turning our attention to the context of big data analytics, we show that the relevant, new notion of group privacy is one of inferential privacy. We argue that an absolute right (either of individuals or groups) to inferential privacy is implausible. We also show that many groups generated algorithmically (those satisfying our definition of type-b groups) cannot be right holders as groups (unless they become type-a groups). (shrink)

The aim of this paper is to discuss anonymity and the threats against it—in the form of deanonymization technologies. The question in the title is approached by conceptual analysis: I ask what kind of concept we need and how it ought to be conceptualized given what is really at stake. By what is at stake I mean the values that are threatened by various deanonymization technologies. It will be argued that while previous conceptualizations of anonymity may be reasonable—given a standard (...) lexical, or common-sense, understanding of the term—the concept of anonymity is not sufficient given what is really at stake. I will argue that what is at stake is our ability to be anonymous, which I will broadly characterize as a reasonable control over what we communicate. (shrink)

It is argued that GDPR suffer from a practical problem of click-through consents, which developers of web browsers should resolve.