Abstract
Particular applications of Privacy by Design (PbD) have proven to be valuable tools to protect privacy in many technological applications. However, PbD is not as promising when applied to technologies used for surveillance. After specifying how surveillance and privacy are understood in this paper, I will highlight the shortcomings of PbD when applied to surveillance, using a web-scanning system for counter-terrorism purposes as an example. I then suggest reworking PbD into a different approach: the Minimum Harm by Design (MHbD) model. MHbD differs from PbD principally in that it acknowledges that the potential harms of surveillance bear not only upon privacy but also values that define the very constitution of a society and its political character. MHbD aims to identify and systematise the different categories of such harms and links them to current theories on surveillance on the one hand and on possible design measures on the other.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
Ann Cavoukian, ‘Privacy by Design: Origins, Meaning, and Prospects for Assuring Privacy and Trust in the Information Era’, in Privacy Protection Measures and Technologies in Business Organizations: Aspects and Standards, ed. George O.M. Yee (Hershey: Information Science Reference, 2012), 170–207.
- 2.
There is an ambiguity regarding the way the win-win principle is understood in the PbD approach. To explain this principle, Cavoukian refers both to the win-win and to the positive-sum paradigm. However, these are two different concepts. We have a win-win situation when, compared to a previous state of affairs, both values (in our case, privacy and security) increase. We have a positive-sum situation when, compared to a previous situation, the sum of two values (in our case, the ones assigned to privacy and security) increases. But, unlike the first case, this might also imply that one of the two values decreases, when the other increases enough to maintain the sum of the two values as positive. In other words, we can have a positive-sum scenario also when privacy is sacrificed to a given extent, provided that security increases enough to compensate for this loss. See Christoph Bier et al., ‘Enhancing Privacy by Design from a Developer’s Perspective’, in Privacy Technologies and Policy, ed. Bart Preneel and Demosthenes Ikonomou, Lecture Notes in Computer Science 8319 (Berlin Heidelberg: Springer, 2014), 73–85.
- 3.
On the origins of PbD see Peter Hustinx, ‘Privacy by Design: Delivering the Promises.’, Identity in the Information Society 3, no. 2 (2010): 253–55.
- 4.
Ann Cavoukian, ‘Privacy by Design’, 2009, 2, <https://www.privacybydesign.ca/content/uploads/2009/01/privacybydesign.pdf>.; Ann Cavoukian and Marilyn Prosch, ‘The Roadmap for Privacy by Design in Mobile Communications: A Practical Tool for Developers, Service Providers, and Users’, December 2010, <https://www.ipc.on.ca/images/Resources/pbd-asu-mobile.pdf>.; Ann Cavoukian and Jeff Jonas, ‘Privacy by Design in the Age of Big Data’, June 2012, <https://privacybydesign.ca/content/uploads/2012/06/pbd-big_data.pdf>.
- 5.
Seda Gürses, Carmela Troncoso, and Claudia Diaz, ‘Engineering Privacy by Design’, in Conference on Computers, Privacy, and Data Protection (CPDP), 2011, https://www.cosic.esat.kuleuven.be/publications/article-1542.pdf; Josep Balasch et al., ‘PrETP: Privacy-Preserving Electronic Toll Pricing’, in 19TH USENIX SECURITY SYMPOSIUM (USENIX Association, 2010), 63–78.
- 6.
Section 3 below clarifies how expressions such as ‘technology system with a surveillance functionality’ are understood in this paper.
- 7.
Cavoukian, ‘Privacy by Design’.
- 8.
Ann Cavoukian and Khaled El Emam, ‘Introducing Privacy-Protective Surveillance: Achieving Privacy and Effective Counter-Terrorism’, September 2013, https://www.ipc.on.ca/images/Resources/pps.pdf.
- 9.
Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation), COM(2012) 11 Final.
- 10.
Although the EU recognises privacy and data protection as two separate rights (s. arts 7 and 8 of the Charter of the Fundamental Rights of the EU), the proposal uses the terms ‘privacy by design’ and ‘data protection by design’ as synonyms, s. George Danezis et al., ‘Privacy and Data Protection by Design – from Policy to Engineering’, Report/Study (ENISA, December 2014), https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design. For how the two terms are understood in this paper see section 4 below.
- 11.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), art. 25.
- 12.
Commission Implementing Decision of 20.1.2015 on a Standardisation Request to the European Standardisation Organisations as Regards European Standards and European Standardisation Deliverables for Privacy and Personal Data Protection Management pursuant to Article 10(1) of Regulation (EU) No 1025/2012 of the European Parliament and of the Council, M530, C(2015) 102 Final and Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. The European Agenda on Security, COM(2015) 185 Final.
- 13.
Directive (EU) 2016/680 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data by competent authorities for the purposes of the prevention, investigation, detection or prosecution of criminal offences or the execution of criminal penalties, and on the free movement of such data, and repealing Council Framework Decision 2008/977/JHA.
- 14.
See arts. 10, 11, 12, 21 and 23 of the Charter of Fundamental Rights of the EU. The list of values is not meant to be exhaustive.
- 15.
For an overview of the negative effects of surveillance see also Elisa Orrù, ‘Effects and Effectiveness of Surveillance Technologies: Mapping Perceptions, Reducing Harm’, European University Institute Working Papers, (2015), http://cadmus.eui.eu//handle/1814/37340.
- 16.
On the difficulty of defining privacy and surveillance see, for instance, Daniel J. Solove, ‘A Taxonomy of Privacy’, University of Pennsylvania Law Review 154, no. 3 (January 1, 2006): 477–564, doi:10.2307/40,041,279 and Kevin D. Haggerty and Richard V. Ericson, ‘The New Politics of Surveillance and Visibility’, in The New Politics of Surveillance and Visibility, ed. Kevin D. Haggerty and Richard V. Ericson (Toronto: University of Toronto Press, 2007), 3–25.
- 17.
Kevin D. Haggerty and Richard V. Ericson, ‘The New Politics of Surveillance and Visibility’, in The New Politics of Surveillance and Visibility, ed. Kevin D. Haggerty and Richard V. Ericson (Toronto: University of Toronto Press, 2007), 22.
- 18.
For a recent attempt to map surveillance theories comprehensively, see Maša Galič, Tjerk Timan, and Bert-Jaap Koops, ‘Bentham, Deleuze and Beyond: An Overview of Surveillance Theories from the Panopticon to Participation’, Philosophy & Technology, 13 May 2016, 1–29, doi:10.1007/s13347–016–0219-1.
- 19.
Steve Mann, Jason Nolan and Barry Wellman, ‘Sousveillance: Inventing and Using Wearable Computing Devices for Data Collection in Surveillance Environments.’, Surveillance & Society 1, no. 3 (1 September 2002): 331–55.
- 20.
James P. Walsh, ‘From Border Control to Border Care: The Political and Ethical Potential of Surveillance’, Surveillance & Society 8, no. 2 (18 December 2010): 113–30; Alison Marie Kenner, ‘Securing the Elderly Body: Dementia, Surveillance, and the Politics of “Aging in Place”’, Surveillance & Society 5, no. 3 (1 September 2002): 252–69.
- 21.
Anders Albrechtslund, ‘Online Social Networking as Participatory Surveillance’, First Monday 13, no. 3 (2008), http://firstmonday.org/ojs/index.php/fm/article/view/2142.
- 22.
Gilles Deleuze, ‘Post-Scriptum Sur Les Sociétés de Contrôle’, Lʼautre Journal 1 (1990); Bruno Latour, ‘On Recalling ANT’, The Sociological Review 47, no. S1 (1 May 1999): 15–25, doi:10.1111/j.1467-954X.1999.tb03480.x; Shoshana Zuboff, ‘Big Other: Surveillance Capitalism and the Prospects of an Information Civilization’, Journal of Information Technology 30: 75–89, 4 April 2015, http://papers.ssrn.com/abstract=2594754.
- 23.
Michel Foucault, Discipline and Punish: The Birth of the Prison (New York: Vintage Books, 1979), 201.
- 24.
See Deleuze, ‘Post-Scriptum Sur Les Sociétés de Contrôle’ and Kevin D. Haggerty, ‘Tear down the Walls: On Demolishing the Panopticon’, in Theorizing Surveillance: The Panopticon and beyond, ed. David Lyon (Cullompton: Willan, 2009), 23–45.
- 25.
David Lyon, Surveillance Studies: An Overview (Cambridge: Polity Press, 2009), 14.
- 26.
Haggerty and Ericson, ‘The New Politics of Surveillance and Visibility’, 3.
- 27.
Christopher Dandeker, Surveillance, Power and Modernity: Bureaucracy and Discipline from 1700 to the Present Day (Cambridge: Polity Press, 1990).
- 28.
On public-private partnerships see also Maria Grazia Porcedda, ‘Public-Private Partnerships: A “Soft” Approach to Cybersecurity? Views from the European Union’, in Security in Cyberspace: Targeting Nations, Infrastructures, Individuals, ed. Giampiero Giacomello (New York: Bloomsbury, 2014), 183–211.
- 29.
Gilles Deleuze, ‘Post-scriptum sur les sociétés de contrôle’; Gilles Deleuze, Foucault (Frankfurt am Main: Suhrkamp, 2001); Gilles Deleuze and Félix Guattari, A Thousand Plateaus: Capitalism and Schizophrenia (London: Bloomsbury, 2013).
- 30.
K. D. Haggerty and R. V. Ericson, ‘The Surveillant Assemblage’, The British Journal of Sociology 51, no. 4 (2000): 605–22.
- 31.
Ibid., 613.
- 32.
Oscar H. Gandy, ‘Data Mining, Surveillance, and Discrimination in the Post-9/11 Environment’, in The New Politics of Surveillance and Visibility, ed. Kevin D. Haggerty and Richard V. Ericson (Toronto: University of Toronto Press, 2007), 363–84.
- 33.
Solon Barocas and Andrew D. Selbst, ‘Big Data’s Disparate Impact’, California Law Review 104 (14 August 2015), http://papers.ssrn.com/abstract=2477899.
- 34.
Giorgio Agamben, Homo Sacer: Sovereign Power and Bare Life, Meridian, Crossing Aesthetics (Stanford: Stanford University Press, 1998).
- 35.
Didier Bigo, ‘Globalized (In)Security: The Field and the Ban-Opticon’, in Terror, Insecurity and Liberty. Illeberal Practices of Liberal Regimes after 9/11, ed. Didier Bigo and Anastassia Tsoukala (London: Routledge, 2008), 40.
- 36.
Balasch et al., ‘PrETP’.
- 37.
Alan Rubel, ‘The Particularized Judgment Account of Privacy’, Res Publica 17 (2011): 275–90.
- 38.
W. A. Parent, ‘Privacy, Morality, and the Law’, Philosophy and Public Affairs 12 (1983): 269.
- 39.
Charles Fried, ‘Privacy. [A Moral Analysis]’, in Philosophical Dimensions of Privacy: An Anthology, ed. Ferdinand David Schoeman (Cambridge: Cambridge University Press, 1984), 209.
- 40.
Felix Stalder, ‘Privacy Is Not the Antidote to Surveillance’, Surveillance & Society 1 (2009): 120–24.
- 41.
Daniel J. Solove, ‘Conceptualizing Privacy’, California Law Review 90 (2002): 1087–1155, doi:10.2307/3,481,326.
- 42.
Daniel J. Solove, ‘A Taxonomy of Privacy’, University of Pennsylvania Law Review 154 (2006): 564, doi:10.2307/40,041,279.
- 43.
Stalder, ‘Privacy Is Not the Antidote to Surveillance.’
- 44.
Priscilla M. Regan, Legislating Privacy (London: University of North Carolina Press, 1995).
- 45.
Rachel L. Finn, David Wright and Michael Friedewald, ‘Seven Types of Privacy’, in European Data Protection: Coming of Age, ed. Serge Gutwirth et al. (Dordrecht: Springer, 2013), 3–32; Charles D. Raab and David Wright, ‘Privacy Principles, Risks and Harms’, International Review of Law, Computers & Technology 28, no. 3 (2014): 277–98. For an overview of positions stressing the social importance of privacy see Charles D. Raab, ‘Privacy, Social Values and the Public Interest’, ed. Andreas Busch and Jeannette Hofmann, Politik und die Regulierung von Information’ [‘Politics and the Regulation of Information’], Politische Vierteljahresschrift, 46 (2012): 129–51.
- 46.
Solove, ‘A Taxonomy of Privacy’, 477.
- 47.
As a further example of recent papers presenting a new conceptualisation of privacy (and one that is different from the recent ones mentioned above), see George E. Panichas, ‘An Intrusion Theory of Privacy’, Res Publica 20, no. 2 (1 May 2014): 145–61.
- 48.
Solove, ‘Conceptualizing Privacy’.
- 49.
Solove, ‘A Taxonomy of Privacy’.
- 50.
Helen Fay Nissenbaum, Privacy in Context: Technology, Policy, and the Integrity of Social Life (Stanford, 2010).
- 51.
Ibid., 141.
- 52.
Ibid., 3.
- 53.
On the distinction between privacy and data protection and between the different meanings of privacy, see the Charter of Fundamental Rights of the European Union, 2010/C 83/02 (Arts. 7 and 8), Beate Rössler, ‘New Ways of Thinking about Privacy’, in The Oxford Handbook of Political Theory, ed. John S. Dryzek, 1. publ., The Oxford Handbooks of Political Science (Oxford: Oxford Univ. Press, 2006), 694–712 and Finn, Wright, and Friedewald, ‘Seven Types of Privacy’.
- 54.
A further limitation of Nissenbaum’s approach is the lack of clarity on what characterises a context as such, i.e. on how to distinguish one context from another. This limitation, acknowledged by Nissenbaum, is relevant for the present paper as well, since the MHbD approach relies on Nissenbaum’s definition to identify privacy violations. However, I consider this limitation to indicate that Nissenbaum’s approach deserves to be further developed and specified (a task that is out of the scope of this paper, but from which the MHbD approach would benefit as well) rather than invalidate the whole framework of privacy as contextual integrity. See Colin J. Bennett, ‘Review of Nissenbaum’s Privacy in Context’, Surveillance & Society 8, no. 4 (28 April 2011): 541–43.
- 55.
Cavoukian and El Emam, ‘Introducing Privacy-Protective Surveillance: Achieving Privacy and Effective Counter-Terrorism’.
- 56.
Cavoukian and El Emam do not specify what kind of agencies would run the system, i.e. intelligence services or the police.
- 57.
Ibid., 9.
- 58.
Cavoukian and El Emam define privacy as ‘the ability of individuals to control the collection, use, and disclosure of information about themselves’, Ibid., 3.
- 59.
For two recent studies confirming these effects see Jon Penney, ‘Chilling Effects: Online Surveillance and Wikipedia Use’, Berkeley Technology Law Journal 31, no. 1 (2016): 117–82 and Alex Marthews and Catherine E. Tucker, ‘Government Surveillance and Internet Search Behavior’, SSRN Scholarly Paper (Rochester, NY: Social Science Research Network, 29 April 2015), https://papers.ssrn.com/abstract=2412564.
- 60.
Patrick Toomey and Brett Max Kaufman, ‘How Did We Let the NSA Spying Get This Bad?’, The Guardian, 20 November 2013, http://www.theguardian.com/commentisfree/2013/nov/20/how-nsa-spying-got-this-bad-fisa-secret-court; ‘US Foreign Intelligence Court Did Not Deny Any Surveillance Requests Last Year’, The Guardian, 30 April 2016, http://www.theguardian.com/law/2016/apr/30/fisa-court-foreign-intelligence-surveillance-fbi-nsa-applications.
- 61.
This approach has led some authors to assert that PbD, far from offering concrete ways to overcome the trade-off between privacy and security, just reframes the problem in order to make it more suitable for current policy needs. See Matthias Leese, ‘Privacy and Security - On the Evolution of a European Conflict’, in Reforming European Data Protection Law, ed. Serge Gutwirth, Ronald Leenes, and Paul De Hert, Law, Governance and Technology Series (Dordrecht; Heidelberg: Springer, 2015), 271–89.
- 62.
Charles D. Raab, ‘The Future of Privacy Protection’, in Trust and Crime in Information Societies, ed. Robin Mansell and Brian Collins (Cheltenham: Edward Elgar, 2005), 282–318, as referred in Raab and Wright, ‘Privacy Principles, Risks and Harms’, 16.
- 63.
Charles D. Raab and David Wright, ‘Surveillance: Extending the Limits of Privacy Impact Assessment’, in Privacy Impact Assessment, ed. David Wright and Paul De Hert (Dordrecht: Springer, 2012), 363–83.
- 64.
Raab and Wright, ‘Privacy Principles, Risks and Harms’, 2.
- 65.
Roger Clarke, ‘Introduction to Dataveillance and Information Privacy, and Definitions of Terms’, 1997, http://www.rogerclarke.com/DV/Intro.html. See also Finn, Wright, and Friedewald, ‘Seven Types of Privacy’.
- 66.
Raab and Wright, ‘Privacy Principles, Risks and Harms’, 8.
- 67.
Ibid. Given this connection, the paper also does not consider rights-based and harms-based approaches to regulatory policies as being opposed to each other. For a view contrasting the two approaches see Finn, Wright, and Friedewald, ‘Seven Types of Privacy’ and Raab and Wright, ‘Privacy Principles, Risks and Harms’.
- 68.
Paul De Hert and David Wright, ‘Introduction to Privacy Impact Assessment’, in Privacy Impact Assessment, ed. David Wright and Paul De Hert (Dordrecht; Heidelberg: Springer, 2012), 5.
- 69.
For an early criticism in this direction see Judith Jarvis Thomson, ‘The Right to Privacy’, Philosophy & Public Affairs 4 (1975): 295–314.
- 70.
Solove, ‘A Taxonomy of Privacy’, 479.
- 71.
I am aware that a specification of which aspects exactly I consider belong to privacy would be advantageous here. This is, however, a task for another day, since to discuss it in this paper would bring us too far from its focus.
- 72.
See for instance Solove, ‘A Taxonomy of Privacy’ and Balasch et al., ‘PrETP’.
- 73.
David Lyon, ed., Surveillance as Social Sorting: Privacy, Risk, and Digital Discrimination (London: Routledge, 2003).
- 74.
Oscar H. Gandy, The Panoptic Sort: A Political Economy of Personal Information (Boulder, Colo: Westview Press, 1993); Oscar H. Gandy, Coming to Terms with Chance: Engaging Rational Discrimination and Cumulative Disadvantage (Farnham: Ashgate, 2009).
- 75.
Gandy, ‘Data Mining, Surveillance, and Discrimination in the Post-9/11 Environment’, 370.
- 76.
Barocas and Selbst, ‘Big Data’s Disparate Impact’.
- 77.
Faisal Kamiran, Toon Calders, and Mykola Pechenizkiy, ‘Techniques for Discrimination-Free Predictive Models’, in Discrimination and Privacy in the Information Society: Data Mining and Profiling Large Databases, ed. Bart Custers et al. (Berlin, Heidelberg: Springer, 2013), 223–41.
- 78.
Ibid.
- 79.
For more details on these techniques see Ibid. and the further contributions on the topic in Bart Custers et al., eds., Discrimination and Privacy in the Information Society: Data Mining and Profiling Large Databases (Berlin, Heidelberg: Springer, 2013).
- 80.
Maria Los, ‘Looking into the Future: Surveillance, Globalization and the Totalitarian Potential’, in Theorizing Surveillance: The Panopticon and beyond, ed. David Lyon (Cullompton: Willan, 2009), 69–94.
- 81.
‘Opinion of Advocate General Cruz Villalón, Case C-293/12, Digital Rights Ireland, 12.12.2013’, §52.
- 82.
Part of these measures would overlap with ones increasing transparency. On the challenges to enhance transparency through design measures see Tal Zarsky, ‘Transparency in Data Mining: From Theory to Practice’, in Discrimination and Privacy in the Information Society: Data Mining and Profiling Large Databases, ed. Bart Custers et al. (Berlin, Heidelberg: Springer, 2013), 301–24.
- 83.
Discussing accountability and oversight mechanisms for surveillance technologies is out of the scope of this paper. For recent developments in the EU legal framework and an account of existing frameworks see, respectively, Fanny Coudert, ‘Accountable Surveillance Practices: Is the EU Moving in the Right Direction?’, in Privacy Technologies and Policy, Proceedings of the Second Annual Privacy Forum, APF 2014 (Cham: Springer, 2014), 70–85 and Zhendong Ma et al., ‘Towards a Multidisciplinary Framework to Include Privacy in the Design of Video Surveillance Systems’, in Privacy Technologies and Policy, Proceedings of the Second Annual Privacy Forum, APF 2014 (Cham: Springer, 2014), 101–16.
Bibliography
Agamben, Giorgio. Homo Sacer: Sovereign Power and Bare Life. Stanford: Stanford Univ. Press, 1998.
Albrechtslund, Anders. ‘Online Social Networking as Participatory Surveillance’. First Monday 13, no. 3 (2008). http://firstmonday.org/ojs/index.php/fm/article/view/2142.
Balasch, Josep, Alfredo Rial, Carmela Troncoso, Christophe Geuens, Bart Preneel, and Ingrid Verbauwhede. ‘PrETP: Privacy-Preserving Electronic Toll Pricing’, In 19TH USENIX SECURITY SYMPOSIUM, 63–78. USENIX Association, 2010.
Barocas, Solon, and Andrew D. Selbst, ‘Big Data’s Disparate Impact’. California Law Review 104 (August 14, 2015), http://papers.ssrn.com/abstract=2477899. Accessed March 24, 2016.
Bennett, Colin J. ‘Review of Nissenbaum’s Privacy in Context’. Surveillance & Society 8, no. 4 (April 28, 2011): 541–43.
Bier, Christoph, Pascal Birnstill, Erik Krempel, Hauke Vagts, and Jürgen Beyerer. ‘Enhancing Privacy by Design from a Developer’s Perspective’. In Privacy Technologies and Policy, edited by Bart Preneel and Demosthenes Ikonomou, 73–85. Lecture Notes in Computer Science 8319. Berlin Heidelberg: Springer, 2014.
Bigo, Didier. ‘Globalized (In)Security: The Field and the Ban-Opticon’. In Terror, Insecurity and Liberty. Illeberal Practices of Liberal Regimes after 9/11, edited by Didier Bigo and Anastassia Tsoukala, 10–48. London and New York: Routledge, 2008.
Cavoukian, Ann. ‘Privacy by Design’. 2009. https://www.privacybydesign.ca/content/uploads/2009/01/privacybydesign.pdf. Accessed March 24, 2016.
———. ‘Privacy by Design: Origins, Meaning, and Prospects for Assuring Privacy and Trust in the Information Era’. In Privacy Protection Measures and Technologies in Business Organizations: Aspects and Standards, edited by George O.M. Yee, 170–207. Hershey: Information Science Reference, 2012.
Cavoukian, Ann, and Khaled El Emam. ‘Introducing Privacy-Protective Surveillance: Achieving Privacy and Effective Counter-Terrorism’, September 2013. https://www.ipc.on.ca/images/Resources/pps.pdf. Accessed March 24, 2016.
Cavoukian, Ann, and Jeff Jonas. ‘Privacy by Design in the Age of Big Data’, June 2012. https://privacybydesign.ca/content/uploads/2012/06/pbd-big_data.pdf. Accessed March 24, 2016.
Cavoukian, Ann, and Marilyn Prosch. ‘The Roadmap for Privacy by Design in Mobile Communications: A Practical Tool for Developers, Service Providers, and Users’, December 2010. https://www.ipc.on.ca/images/Resources/pbd-asu-mobile.pdf. Accessed March 24, 2016.
Clarke, Roger. ‘Introduction to Dataveillance and Information Privacy, and Definitions of Terms’, 1997. http://www.rogerclarke.com/DV/Intro.html.
Coudert, Fanny. ‘Accountable Surveillance Practices: Is the EU Moving in the Right Direction?’ In Privacy Technologies and Policy, 70–85. Proceedings of the Second Annual Privacy Forum, APF 2014. Cham: Springer, 2014.
Custers, Bart, Toon Calders, Bart Schermer, and Tal Zarsky, eds. Discrimination and Privacy in the Information Society: Data Mining and Profiling Large Databases. Berlin, Heidelberg: Springer, 2013.
Dandeker, Christopher. Surveillance, Power and Modernity: Bureaucracy and Discipline from 1700 to the Present Day. Cambridge: Polity Press, 1990.
Danezis, George, Josep Domingo-Ferrer, Marit Hansen, Jaap-Henk Hoepman, Daniel Le Métayer, Rodica Tirtea, and Stefan Schiffner. ‘Privacy and Data Protection by Design—from Policy to Engineering’. Report/Study. ENISA, December 2014. https://www.enisa.europa.eu/publications/privacy-and-data-protection-by-design.
De Hert, Paul, and David Wright. ‘Introduction to Privacy Impact Assessment’. In Privacy Impact Assessment, edited by David Wright and Paul De Hert, 3–32. Dordrecht; Heidelberg: Springer, 2012.
Deleuze, Gilles. Foucault. Frankfurt am Main: Suhrkamp, 2001.
———. ‘Post-scriptum sur l es sociétés de contrôle’. L’autre Journal 1 (1990).
Deleuze, Gilles, and Félix Guattari. A Thousand Plateaus: Capitalism and Schizophrenia. London: Bloomsbury, 2013.
Finn, Rachel L., David Wright, and Michael Friedewald. ‘Seven Types of Privacy’. In European Data Protection: Coming of Age, edited by Serge Gutwirth, Ronald Leenes, Paul De Hert, and Yves Poullet, 3–32. Dordrecht: Springer, 2013.
Foucault, Michel. Discipline and Punish: The Birth of the Prison. New York: Vintage Books, Alexander Street Press, 1979.
Fried, Charles. ‘Privacy. [A Moral Analysis]’. In Philosophical Dimensions of Privacy: An Anthology, edited by Ferdinand David Schoeman, 203–22. Cambridge: Cambridge University Press, 1984.
Galič, Maša, Tjerk Timan, and Bert-Jaap Koops. ‘Bentham, Deleuze and Beyond: An Overview of Surveillance Theories from the Panopticon to Participation’. Philosophy & Technology, May 13, 2016, 1–29. doi:10.1007/s13347-016-0219-1.
Gandy, Oscar H. Coming to Terms with Chance: Engaging Rational Discrimination and Cumulative Disadvantage. Farnham: Ashgate, 2009.
———. ‘Data Mining, Surveillance, and Discrimination in the Post-9/11 Environment’. In The New Politics of Surveillance and Visibility, edited by Kevin D. Haggerty and Richard V. Ericson, 363–84. Toronto: University of Toronto Press, 2007.
———. The Panoptic Sort: A Political Economy of Personal Information. Boulder: Westview Press, 1993.
Gürses, Seda, Carmela Troncoso, and Claudia Diaz. ‘Engineering Privacy by Design’, paper presented at the Conference on Computers, Privacy, and Data Protection (CPDP), 2011. https://www.cosic.esat.kuleuven.be/publications/article-1542.pdf. Accessed March 24, 2016.
Haggerty, K. D., and R. V. Ericson. ‘The Surveillant Assemblage’. The British Journal of Sociology 51 (2000): 605–22.
Haggerty, Kevin D. ‘Tear down the Walls: On Demolishing the Panopticon’. In Theorizing Surveillance : The Panopticon and beyond, edited by David Lyon, 23–45. Cullompton: Willan, 2009.
Haggerty, Kevin D., and Richard V. Ericson. ‘The New Politics of Surveillance and Visibility’. In The New Politics of Surveillance and Visibility, edited by Kevin D. Haggerty and Richard V. Ericson, 3–25. Toronto: University of Toronto Press, 2007.
Hustinx, Peter. ‘Privacy by Design: Delivering the Promises.’ Identity in the Information Society 3, no. 2 (2010): 253–55.
Kamiran, Faisal, Toon Calders, and Mykola Pechenizkiy. ‘Techniques for Discrimination-Free Predictive Models’. In Discrimination and Privacy in the Information Society: Data Mining and Profiling Large Databases, edited by Bart Custers, Toon Calders, Bart Schermer, and Tal Zarsky, 223–41. Berlin, Heidelberg: Springer, 2013.
Kenner, Alison Marie. ‘Securing the Elderly Body: Dementia, Surveillance, and the Politics of “Aging in Place”’. Surveillance & Society 5, no. 3 (September 1, 2002): 252–69.
Latour, Bruno. ‘On Recalling ANT’. The Sociological Review 47, no. S1 (May 1, 1999): 15–25. doi:10.1111/j.1467-954X.1999.tb03480.x.
Los, Maria. ‘Looking into the Future: Surveillance, Globalization and the Totalitarian Potential’. In Theorizing Surveillance: The Panopticon and beyond, edited by David Lyon, 69–94. Cullompton: Willan, 2009.
Lyon, David, ed. Surveillance as Social Sorting: Privacy, Risk, and Digital Discrimination. London: Routledge, 2003.
———. Surveillance Studies: An Overview. Cambridge: Polity Press, 2009.
Ma, Zhendong, Denis Butin, Francisco Jaime, Fanny Coudert, Antonio Kung, Claire Gayrel, Antonio Mana, et al. ‘Towards a Multidisciplinary Framework to Include Privacy in the Design of Video Surveillance Systems’. In Privacy Technologies and Policy, 101–16. Proceedings of the Second Annual Privacy Forum, APF 2014. Cham: Springer, 2014.
Mann, Steve, Jason Nolan, and Barry Wellman. ‘Sousveillance: Inventing and Using Wearable Computing Devices for Data Collection in Surveillance Environments.’ Surveillance & Society 1, no. 3 (September 1, 2002): 331–55.
Marthews, Alex and Catherine E. Tucker. ‘Government Surveillance and Internet Search Behavior’, SSRN Scholarly Paper (Rochester, NY: Social Science Research Network, 29 April 2015), https://papers.ssrn.com/abstract=2412564.
Nissenbaum, Helen Fay. Privacy in Context: Technology, Policy, and the Integrity of Social Life. Stanford: Stanford Law Books, 2010.
Orrù, Elisa. ‘Effects and Effectiveness of Surveillance Technologies: Mapping Perceptions, Reducing Harm’, European University Institute Working Papers, (2015), http://cadmus.eui.eu//handle/1814/37340.
Panichas, George E. ‘An Intrusion Theory of Privacy’. Res Publica 20, no. 2 (May 1, 2014): 145–61.
Penney, Jon. ‘Chilling Effects: Online Surveillance and Wikipedia Use’, Berkeley Technology Law Journal 31, no. 1 (2016): 117–82.
Porcedda, Maria Grazia. ‘Public-Private Partnerships: A “Soft” Approach to Cybersecurity? Views from the European Union’. In Security in Cyberspace: Targeting Nations, Infrastructures, Individuals, edited by Giampiero Giacomello, 183–211. New York: Bloomsbury, 2014.
Raab, Charles D. ‘Privacy, Social Values and the Public Interest’. Edited by Andreas Busch and Jeannette Hofmann. Politik und die Regulierung von Information’ [‘Politics and the Regulation of Information’], Politische Vierteljahresschrift, 46 (2012): 129–51.
Raab, Charles D. ‘The Future of Privacy Protection’. In Trust and Crime in Information Societies, edited by Robin Mansell and Brian Collins, 282–318. Cheltenham: Edward Elgar, 2005.
Raab, Charles D., and David Wright. ‘Privacy Principles, Risks and Harms’. International Review of Law, Computers & Technology 28, no. 3 (2014): 277–98.
———. ‘Surveillance: Extending the Limits of Privacy Impact Assessment’, in In Privacy Impact Assessment, edited by David Wright and Paul De Hert, 363–83. Dordrecht; Heidelberg: Springer, 2012.
Regan, Priscilla M. Legislating Privacy. London: University of North Carolina Press, 1995.
Rössler, Beate. ‘New Ways of Thinking about Privacy’. In The Oxford Handbook of Political Theory, edited by John S. Dryzek, 694–712. Oxford: Oxford University Press, 2006.
Rubel, Alan. ‘The Particularized Judgment Account of Privacy’. Res Publica 17 (2011): 275–90.
Solove, Daniel J. ‘A Taxonomy of Privacy’. University of Pennsylvania Law Review 154 (2006): 477–564. doi:10.2307/40041279. Accessed March 24, 2016.
———. ‘Conceptualizing Privacy’. California Law Review 90 (2002): 1087–1155. doi:10.2307/3481326. Accessed March 24, 2016.
Stalder, Felix. ‘Privacy Is Not the Antidote to Surveillance.’ Surveillance & Society 1 (2009): 120–24.
Thomson, Judith Jarvis. ‘The Right to Privacy’. Philosophy & Public Affairs 4 (1975): 295–314.
Walsh, James P. ‘From Border Control to Border Care: The Political and Ethical Potential of Surveillance.’ Surveillance & Society 8, no. 2 (December 18, 2010): 113–30.
Zarsky, Tal. ‘Transparency in Data Mining: From Theory to Practice’. In Discrimination and Privacy in the Information Society: Data Mining and Profiling Large Databases, edited by Bart Custers, Toon Calders, Bart Schermer, and Tal Zarsky, 301–24. Berlin, Heidelberg: Springer, 2013.
Zuboff, Shoshana. ‘Big Other: Surveillance Capitalism and the Prospects of an Information Civilization’, Journal of Information Technology 30: 75–89, April 4, 2015. http://papers.ssrn.com/abstract=2594754.
Acknowledgments
I am grateful to two anonymous reviewers and to Claudia Diaz and Maria Grazia Porcedda for their comments on earlier drafts of this article. I also gratefully acknowledge the comments made by the participants in the Third Dutch/German Workshop in Philosophy of Technology (Technische Universität Darmstadt, June 2014), the Delft Philosophy Colloquium (Technische Universitait Delft, March 2015), the State of the Union Conference 2015 (European University Institute, Florence) and the CPDP (Computers, Privacy & Data Protection) Conference 2016 (Brussels). Part of the research presented in this chapter was funded by the European Union’s Seventh Framework Programme for research, technological development and demonstration under grant agreement no. 284725 as part of the SURVEILLE (Surveillance: Ethical Issues, Legal Limitations, and Efficiency) Project.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Orrù, E. (2017). Minimum Harm by Design: Reworking Privacy by Design to Mitigate the Risks of Surveillance. In: Leenes, R., van Brakel, R., Gutwirth, S., De Hert, P. (eds) Data Protection and Privacy: (In)visibilities and Infrastructures. Law, Governance and Technology Series(), vol 36. Springer, Cham. https://doi.org/10.1007/978-3-319-50796-5_5
Download citation
DOI: https://doi.org/10.1007/978-3-319-50796-5_5
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-56177-6
Online ISBN: 978-3-319-50796-5
eBook Packages: Law and CriminologyLaw and Criminology (R0)