Privacy in weakness

Green dialog bubbleI remember when my grandfather was in a nursing home. He wasn’t able to get around easily, his hearing was poorer, he would sleep more and seemed tired most of the time.

It seems that he had much less privacy than he did when he was living with my grandmother and aunt. People could come and see him at any time. He didn’t have the opportunity to say no.

When they would need to draw blood for tests, they would take it from a vein in his hand. We never knew whether he was screaming out of fear or pain.

The people in the nursing home lost most of their privacy in their weakness. It wasn’t up to my grandfather to decide when or what to eat. The men and women living at the facility often went to the central area of the halls to sit and wait through the day. No one to talk to. No one to listen to.

It was work for the staff to get my grandfather to the rest room or get around for the day so that added to the indignities he faced. Bathing I’m sure was difficult—someone you don’t know is taking your clothes off and doesn’t really take the time to help you understand.

When I’ve been a hospital patient in the past, I took it for granted that people I didn’t know would come and go. The nurse that helped me Friday night, I might never see again. I wouldn’t know the ultrasound tech who was examining me. No one one asked if I wanted my friend that was there to wait outside.

I read the book “Privacy” by Garret Keizer. He was visiting a hospital and the doctor he was following asked if Garret would go with him to see a patient. The doctor mentioned that he’d ask permission. The author’s response was that he wouldn’t go in; that it wasn’t fair to ask the patient. “How do you say no to the the doctor that gives you your pain meds?”

When there’s an imbalance of power, the powerful one needs to be especially respectful of the others privacy. People in a nursing home are in an imbalance of power with almost everyone and their privacy suffers as a result.

I wrote him a letter once that made him very happy.

I wonder if he was depressed. No one asked him.

Surveillance: an additional cost

I was just reading “Privacy and Positive Intellectual Freedom” by Alan Rubel from the Fall 2014 issue of Journal of Social Philosophy (vol. 45, no. 3, pp. 390-407).

The article includes several ideas that I’d like to write about in the future. This post might simplify the argument about surveillance and intellectual freedom.

The section that explains the harms of surveillance is complicated.  With other privacy violations, it’s easy to connect the dots. How does surveillance affect an individual who will never be aware of the surveillance?

The surveillance’s victim is not the only actor in the situation. The people who are controlling that surveillance are also part of the equation. It’s easy to show that the surveillance is harming their intellectual freedom.

They know that they, themselves, can be monitored. They lose the same freedoms that can be taken by other privacy violations.

The right to be let alone

The Supreme Court case Olmstead v. United States from 1928 is very famous for the dissenting opinion written by Justice Louis Brandeis.

However, it easy to misquote Brandeis by saying he wrote “the right to be left alone-the most comprehensive of rights and the right most valued by civilized men.” For example, sometimes the mistake is made in library science documents.

However, the actual quote is “the right to be let alone….” not “left alone.” The difference is  substantial.

“Left alone” refers to things that directly affect a person. Generally, a violation of this definition would be known to the person whose privacy was violated. When the police come without a warrant looking for contraband, that would violate the principle of being left alone.

“Let alone” makes irrelevant whether there is the knowledge of the violation by the victim or whether they are directly affected. When the police use a Stingray to capture cell phone information, that is a violation of being let alone, but it isn’t a violation of being left alone.

Is the Signal Private Messenger app supporting its user’s privacy?

Since starting this privacy blog, I’ve become more aware of ways privacy can be threatened. One vulnerability is through apps that require smartphone features that are not necessary for the proper functioning of the app itself.

I was looking at the Signal messaging app by Open Whisper Systems. It is mentioned by the Library Freedom Project as beneficial. When I installed it on my Android smartphone I noticed and found troubling that it requires access to almost every feature of my phone when it is installed.

I’m not sure I would recommend it as being helpful for privacy when it requires access to each of these:  Device & app history, Identity, Calendar, Contacts, Location, SMS, Phone, Photos/Media/Files and the Camera. I’m not sure whether there are any Android features that it does not need access to.

I can’t imagine that it requires all of those features to function properly and all of them can give highly sensitive information to the app’s owners.

I decided to reevaluate whether Signal should actually be recommended. Since it has unnecessary and unexplained access to so many parts of a smartphone’s capabilities, I decided to uninstall it. Without the LFP recommendation, I would never have installed it to begin with.

The recommendation and its marketing are solely based on the feature that Signal allows you to send private and encrypted messages. However, these access demands make me doubt that it has a net positive effect on user privacy.

North Carolina’s HB 2 and Privacy

A sign saying "PRIVATE"Most discussions of HB 2 discuss its discriminatory nature and attack it on that basis, it is more fundamentally a violation of the privacy of anyone who goes to North Carolina.

Although North Carolina’s “Public Facilities Privacy and Security Act” (House Bill 2) includes Privacy in the name of the bill, it is actually in opposition to privacy principles. The section of the law that affects transgender citizens defines individual’s biological sex as “the physical condition of being male or female, which is stated on the person’s birth certificate.” This requires any application of the law to refer to any individual’s birth certificate or information derived from it. Potentially, this birth certificate information is required for anyone who uses “single-sex multiple occupancy bathroom and changing facilities” and not just transgender people. This is extremely private information.

For a transgender woman or man, some friends may know the truth of the matter, but often it would have been shared in a manner that proved that it was intended to be confidential and thus private between the confidants. It still should be protected as private because it was not meant to be shared with others. The law does not have the moral authority to interrogate that information. Court decisions not withstanding, information shared in such a manner is private and should have legal recognition.

Information can be shared in confidence with a covenant, pact, or promise that the information will not be shared outside of that confidence. This promise may not expressed verbally, but that is not necessary for the covenant to exist. The situation at the time of the sharing the information can be clearly understood by both parties that the ensuing conversation is confidential.

If John learned that his friend Kevin had been sexually abused as a child, John might share with his friend that he had been sexually abused as a child as well. By saying that he understands what Kevin was struggling with, they begin a conversation where the information is confidential. Although it is not protected by any legal doctrine such as attorney/client privilege, or a patient/therapist relationship, that does not make it any less private. By taking his friend aside and speaking with him out of the company of others in this manner, he has made a covenant that “Kevin, this is for us to share. What you share with me next, I am not going to share with others.” If John later shared with Kevin’s girlfriend details of that abuse, the outrage of Kevin would be a reasonable expectation. If John had shared it even wider than that, the presence of a privacy violation would be clear.

Similarly, if Torie shared with a trusted teacher about her transgender status, she would do it in a manner that any teacher would understand that the information had been shared in confidence. There would be a connection between the two of them that had developed gradually that led them to be able to have such a covenant of confidentiality about this information. The words “don’t tell anyone else” are not required for the mutual understanding to be just as factual.

With respect to HB 2, the state has no right to interfere with that confidence nor claim that Torie’s status is no longer private. Requiring her to reveal what her birth certificate says is an affront to her dignity. It tears at the very fabric of what human relationships are truly woven from.

Original image: private. By Bryan Kennedy [Image license]

Social eCommerce

The word bibliography displayed on a TVThis is part 3 of a bibliography of privacy topics to review in depth. I took my main interests and narrowed them down to 3 specific applications of privacy theory. This one focuses on eCommerce, social media and privacy. It does not touch conventional social media like Facebook in any depth and when it reviews them, it is looking at them through the lens of commerce.

This list is incomplete due to me starting the bibliography late. It would benefit by searching references of these documents as well as evaluating sources that cite them.

The topics are not very closely attached to library science topics.

A goal is to be able to look at privacy from several significantly different angles to develop a broader understanding.

                             

Aljukhadar, M., Senecal, S., & Ouellette, D. (2010). Can the Media Richness of a Privacy Disclosure Enhance Outcome? A Multifaceted View of Trust in Rich Media Environments. International Journal of Electronic Commerce, 14(4), 103-126. doi:10.2753/jec1086-4415140404

Baethge, C., Klier, J., & Klier, M. (2016). Social commerce-state-of-the-art and future research directions. Electronic Markets, 26(3), 269-290. doi:10.1007/s12525-016-0225-2

Chang, S. H., Chih, W. H., Liou, D. K., & Yang, Y. T. (2016). The mediation of cognitive attitude for online shopping. Information Technology & People, 29(3), 618-646. doi:10.1108/itp-08-2014-0172

Choi, B. C., & Tam, J. (2015). Privacy by Design: Examining Two Key Aspects of Social Applications. Paper presented at the International Conference on HCI in Business.

Hew, J. J., Lee, V. H., Ooi, K. B., & Lin, B. S. (2016). Mobile social commerce: The booster for brand loyalty? Computers in Human Behavior, 59, 142-154. doi:10.1016/j.chb.2016.01.027

Hoffmann, C. P., Lutz, C., & Meckel, M. (2015). Content creation on the Internet: a social cognitive perspective on the participation divide. Information Communication & Society, 18(6), 696-716. doi:10.1080/1369118x.2014.991343

Keith, M. J., Babb, J. S., Lowry, P. B., Furner, C. P., & Abdullat, A. (2015). The role of mobile-computing self-efficacy in consumer information disclosure. Information Systems Journal, 25(6), 637-667. doi:10.1111/isj.12082

Keith, M. J., Thompson, S. C., Hale, J., Lowry, P. B., & Greer, C. (2013). Information disclosure on mobile devices: Re-examining privacy calculus with actual user behavior. International Journal of Human-Computer Studies, 71(12), 1163-1173. doi:10.1016/j.ijhcs.2013.08.016

Knijnenburg, B. P., & Kobsa, A. (2013). Making Decisions about Privacy: Information Disclosure in Context-Aware Recommender Systems. ACM Trans. Interact. Intell. Syst., 3(3), 1-23. doi:10.1145/2499670

Lai, I. K. W., & Shi, G. C. (2015). The impact of privacy concerns on the intention for continued use of an integrated mobile instant messaging and social network platform. International Journal of Mobile Communications, 13(6), 641-669. doi:10.1504/ijmc.2015.072086

Olivero, N., & Lunt, P. (2004). Privacy versus willingness to disclose in e-commerce exchanges: The effect of risk awareness on the relative role of trust and control. Journal of Economic Psychology, 25(2), 243-262. doi:10.1016/S0167-4870(02)00172-1

Tan, X., Qin, L., Kim, Y., & Hsu, J. (2012). Impact of privacy concern in social networking web sites. Internet Research, 22(2), 211-233. doi:10.1108/10662241211214575

Toch, E., Wang, Y., & Cranor, L. F. (2012). Personalization and privacy: a survey of privacy risks and remedies in personalization-based systems. User Modeling and User-Adapted Interaction, 22(1-2), 203-220. doi:10.1007/s11257-011-9110-z

Xu, H., Wang, N., & Grossklags, J. (2012). Privacy by redesign: Alleviating privacy concerns for third-party apps.

Yang, H. L., & Lin, S. L. (2015). User continuance intention to use cloud storage service. Computers in Human Behavior, 52, 219-232. doi:10.1016/j.chb.2015.05.057

Yang, H. W., & Liu, H. (2014). Prior negative experience of online disclosure, privacy concerns, and regulatory support in Chinese social media. Chinese Journal of Communication, 7(1), 40-59. doi:10.1080/17544750.2013.816756

Original image: bibliography. By Tessa Farrell [Image license]

Smart Cities, Smart Grids, Smart Meters

The word bibliography displayed on a TVThis is part 1 of a bibliography of topics to review in depth. I took the main interests and narrowed them down to 3 specific applications of privacy theory. This one is focused on the topic of the Internet of Things, but is very narrow within that grouping and focuses on Smart Power Meters

These lists are all incomplete due to me starting the bibliography late. It would benefit by searching references of these documents as well as evaluating sources that cite them.

The topics are not very closely attached to library science topics.

                             

Bier, C., & Krempel, E. (2012, 3-5 Dec. 2012). Common privacy patterns in video surveillance and smart energy. Paper presented at the Computing and Convergence Technology (ICCCT), 2012 7th International Conference on.

Brown, I. (2014). Britain’s smart meter programme: A case study in privacy by design. International Review of Law, Computers & Technology, 28(2), 172-184. doi:10.1080/13600869.2013.801580

Cavoukian, A., & Kursawe, K. (2012, 27-29 Aug. 2012). Implementing Privacy by Design: The smart meter case. Paper presented at the Smart Grid Engineering (SGE), 2012 IEEE International Conference on.

Davis, M. H., Lang, U., & Shetye, S. (2015). A Cybermodel for Privacy by Design: Building privacy protection into consumer electronics. IEEE Consumer Electronics Magazine, 4(1), 41-49.

De Wolf, R., Heyman, R., & Pierson, J. (2013). Privacy by Design Through a Social Requirements Analysis of Social Network Sites form a User Perspective. In S. Gutwirth, R. Leenes, P. de Hert, & Y. Poullet (Eds.), European Data Protection: Coming of Age (pp. 241-265). Dordrecht: Springer Netherlands.

Finster, S., & Baumgart, I. (2014). Privacy-Aware Smart Metering: A Survey. IEEE Communications Surveys & Tutorials, 16(3), 1732-1745. doi:10.1109/SURV.2014.052914.00090

Hadar, I., Hasson, T., Ayalon, O., Toch, E., Birnhack, M., Sherman, S., & Balissa, A. (2014). Are Designers Ready for Privacy by Design? Examining Perceptions of Privacy Among Information Systems Designers. Paper presented at the 2014 TPRC Conference Paper.

Mazhelis, O., Hämäläinen, A., Asp, T., & Tyrväinen, P. (2016, 12-15 Sept. 2016). Towards enabling privacy preserving smart city apps. Paper presented at the 2016 IEEE International Smart Cities Conference (ISC2).

McKenna, E., Richardson, I., & Thomson, M. (2012). Smart meter data: Balancing consumer privacy concerns with legitimate applications. Energy Policy, 41, 807-814. doi:10.1016/.enpol.2011.11.049

Nakamura, Y., Matsui, K., & Nishi, H. (2014). Anonymization Infrastructure for Secondary Use of Data. Paper presented at the Proceedings on the International Conference on Internet Computing (ICOMP).

Peppet, S. R. (2014). Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security, and Consent. Texas Law Review, 93, 85.

Vermesan, O., & Friess, P. (2013). Internet of Things : Converging Technologies for Smart Environments. Aalborg, DK: River Publishers.

Ziegeldorf, J. H., Morchon, O. G., & Wehrle, K. (2014). Privacy in the Internet of Things: threats and challenges. Security and Communication Networks, 7(12), 2728-2742.

Original image: bibliography. By Tessa Farrell [Image license]