Abstract
Over the last years lawmakers, privacy commissioners and scholars have discussed the idea of embedding data protection safeguards in ICT and other types of technology, by means of value-sensitive design, AI and legal ontologies, PeCAM platforms, and more. Whereas this kind of effort is offering fruitful solutions for operating systems, health care technologies, social networks and smart environments, the paper stresses some critical aspects of the principle by examining technological limits, ethical constraints and legal conditions of privacy by design, so as to prevent some misapprehensions of the current debate. The idea should be to decrease the entropy of the system via “digital air-bags” and to strengthen people’s rights by widening the range of their choices, rather than preventing harm generating behaviour from occurring through the use of self-enforcement technologies.
This chapter was originally published as Pagallo U. (2012) On the Principle of Privacy by Design and its Limits: Technology, Ethics and the Rule of Law. In: Gutwirth S., Leenes R., De Hert P., Poullet Y. (eds) European Data Protection: In Good Health? Springer, Dordrecht.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abou-Tair, D., el Diehn, I., & Berlik, S. (2006). An ontology-based approach for managing and maintaining privacy in information systems. In Lectures notes in computer science (Vol. 4275, pp. 983–994). Berlin: Springer.
Agre, P. E. (1997). Introduction. In P. E. Agre & M. Rotenberg (Eds.), Technology and privacy: The new landscape (pp. 1–28). Cambridge: The MIT Press.
Borning, A., Friedman, B., & Kahn, P. H. (2004). Designing for human values in an urban simulation system: Value sensitive design and participatory design. In Proceedings of eighth biennial participatory design conference (pp. 64–67). Toronto: ACM Press.
Breuker, J., Casanovas, P., Klein, M., & Francesconi, E. (2009). Law, ontologies and the semantic web. Amsterdam: IOS Press.
Brownsword, R. (2005). Code, control, and choice: Why east is east and west is west. Legal Studies, 25(1), 1–21.
Casanovas, P., Ugo, P., Sartor, G., & Ajani, G. (2010). AI approaches to the complexity of legal systems. Complex systems, the semantic web, ontologies, argumentation, and dialogue. Berlin: Springer.
Casellas, N., Torralba, S., Nieto, J.-E., Merono, A., Roig, A., Reyes, M., & Casanovas, P. (2014). The neurona ontology: A data protection compliance ontology. In Paper presented at the intelligent privacy management symposium. Stanford: Stanford University.
Cavoukian, A. (2009). Privacy by design. Ottawa: IPC.
Cavoukian, A. (2010). Privacy by design: The definitive workshop. Identity in the Information Society, 3(2), 247–251.
Clarke, S. (2005). Future technologies, dystopic futures and the precautionary principle. Ethics and Information Technology, 7(4), 121–126.
Cranor, L. F., Egelman, S., Sheng, S., McDonald, A. M., & Chowdhury, A. (2008). P3P deployment on websites. Electronic Commerce Research and Applications, 7(3), 274–293.
Flanagan, M., Howe, D. C., & Nissenbaum, H. (2008). Embodying values in technology: Theory and practice. In J. van den Hoven & J. Weckert (Eds.), Information technology and moral philosophy (pp. 322–353). New York: Cambridge University Press.
Floridi, L. (2005). Information ethics, its nature and scope. Computers and Society, 36(3), 21–36.
Floridi, L. (2006). Four challenges for a theory of informational privacy. Ethics and Information Technology, 8(3), 109–119.
Friedman, B. (1986). Value-sensitive design. Interactions, 3(6), 17–23.
Friedman, B., Howe, D. C., & Felten, E. (2002). Informed consent in the Mozilla browser: Implementing value-sensitive design. In Proceedings of 35th annual Hawaii international conference on system sciences. Washington, DC: IEEE Computer Society.
Friedman, B., Kahn, P. H., Jr., & Borning, A. (2006). Value sensitive design and information systems. In P. Zhang & D. Galletta (Eds.), Human-computer interaction in management information systems: Foundations (pp. 348–372). New York: Armonk.
Friedman, B., & Kahn, P. H. (2003). Human values, ethics, and design. In J. A. Jacko & A. Sear (Eds.), The human computer interaction handbook (pp. 1177–1201). Mahwah: Lawrence Erlbaum Associates.
Garfinkel, S., & Spafford, E. (1997). Web security and commerce. Sebastopol: O’Reilly.
Glorioso, A., Pagallo, U., & Ruffo, G. (2010). The social impact of P2P systems. In X. Shen, H. Yu, J. Buford, & M. Akon (Eds.), Handbook of peer-to-peer networking (pp. 47–70). Heidelberg: Springer.
Grodzinsky, F. S., & Tavani, H. T. (2008). Online file sharing: Resolving the tensions between privacy and property interest. In T. W. Bynum, M. Calzarossa, I. De Lotto, & S. Rogerson (Eds.), Proceedings of ETHICOMP2008 “living, working and learning beyond technology” (pp. 373–383). Tipografia Commerciale: Mantova.
Hustinx, P. (2007). Opinion of the European Data Protection Supervisor on the Communication from the Commission to the European Parliament and the Council on the Follow-up of the Work Program for Better Implementation of the Data Protection Directive. Official Journal of the European Union, 25, 51.
Jobs, S. (2007). Thoughts on music. Retrieved 20 April, 2009, from http://www.apple.com/hotnews/thoughtsonmusic/
Jutla, D. N. (2010). Layering privacy on operating systems, social networks, and other platforms by design. Identity in the Information Society, 3(2), 319–341.
Jutla, D. N., Bodorik, P., & Zhan, Y. (2006). PeCAN: An architecture for user privacy and profiles in electronic commerce contexts on the semantic web. Information Systems, 31(4-5), 295–320.
Jutla, D. N., & Xu, L. (2004). Privacy agents and ontology for the semantic web. Americas Conference on information systems. New York: CUSP.
Jutla, D. N., & Zhang, Y. (2005). Maturing E-privacy with P3P and context agents. In Proceedings of IEEE International Conference on E-Technology, E-Commerce and E-Service, Hong Kong (pp. 536–541).
Kant, I. (1891). Kant’s principles of politics, including his essay on perpetual peace. A contribution to political science. Edinburgh: Clark.
Katyal, N. (2002). Architecture as crime control. The Yale Law Journal, 111(5), 1039–1139.
Katyal, N. (2003). Digital architecture as crime control. The Yale Law Journal, 112(6), 101–129.
Kesan, J. P., & Shah, R. C. (2006). Setting software defaults: perspectives from law, computer science and behavioural economics. Notre Dame Law Review, 82, 583–634.
Kim, A., Hoffman, L. J., & Martin, C. D. (2002). Building privacy into the semantic web: Ontology needed now. Semantic web workshop 2002. Honolulu, Hawaii.
Kuner, C. (2003). European data privacy law and online business. Oxford: Oxford University Press.
Lessig, L. (1999). Code and other laws of cyberspace. New York: Basic Books.
Lessig, L. (2004). Free culture: The nature and future of creativity. New York: Penguin Press.
Lioudakis, G., Koutsoloukasa, E., Tselikasa, N., Kapellakia, S., Prezerakosa, G., Kaklamani, D., & Venieris, I. (2007). A middleware architecture for privacy protection. The International Journal of Computer and Telecommunications Networking, 51(16), 4679–4696.
McLaren, B. (2006). Computational models of ethical reasoning: Challenges, initial steps, and future directions. IEEE Intelligent Systems, 2006, 29–37.
Mills, E. (2008). To be anonymous or not to be, that is the privacy question: Interview to Jeffrey Rosen. News blog. Retrieved 15 October, 2010, from http://news.cnet.com/8301-10784_3-9889255-7.html
Mitcham, C. (1995). Ethics into design. In R. Buchanan & V. Margolin (Eds.), Discovering design (pp. 173–179). Chicago: University of Chicago Press.
Mitre, H., Gonzàlez-Tablas, A. I., Ramos, B., & Ribagorda, A. (2006). A legal ontology to support privacy preservation in location-based services. Lectures notes in computer science (Vol. 4278, pp. 1755–1764). Berlin: Springer.
Moor, J. (2006). The nature, importance, and difficulty of machine ethics. IEEE Intelligent Systems, 2006, 18–21.
Nissenbaum, H. (1998). Protecting privacy in an information age: The problem of privacy in public. Law and Philosophy, 17(5-6), 559–596.
Nissenbaum, H. (2004). Privacy as contextual integrity. Washington Law Review, 79(1), 119–158.
Pagallo, U. (2007). Small world-paradigm and empirical research in legal ontologies: A topological approach. In G. Ajani, G. Peruginelli, G. Sartor, & D. Tiscornia (Eds.), The multilanguage complexity of European Law: Methodologies in comparison (pp. 195–210). Florence: European Press Academic.
Pagallo, U. (2008). La tutela della privacy negli Stati Uniti d’America e in Europa: Modelli giuridici a confronto. Milano: Giuffrè.
Pagallo, U. (2009). Privacy e design. Informatica e Diritto, 1, 123–134.
Pagallo, U. (2011a). Designing data protection safeguards ethically. Information, 2(2), 247–265.
Pagallo, U. (2011b). The trouble with digital copies: A short km phenomenology. In G. J. Morais da Costa (Ed.), Ethical issues and social dilemmas in knowledge management organizational innovation (pp. 195–210). Hershey: IGI Global.
Peerenboom, R. (2009). The future of rule of law: The challenges and prospects for the field. Hague Journal on the Rule of Law, 1(1), 5–14.
Post, D. G. (2002). Against “against cyberspace”. Berkeley Technology Law Journal, 17(4), 365–1383.
Potter, N. (2002). What is a designer. London: Hyphen Press.
Reay, I., Dick, S., & Miller, J. (2009). A large-scale empirical study on p3p privacy policies: Stated actions vs. legal obligations. ACM Transactions on the Web, 3, 2.
Rodotà, S. (2006). The retention of electronic communication traffic data. Revista d’Internet, dret i política, 3, 53–60.
Shneiderman, B. (2000). Universal usability. Communications of the ACM, 43(3), 84–91.
Simon, H. A. (1996). The sciences of the artificial. Cambridge: The MIT Press.
Spinello, R. A. (2003). The future of intellectual property. Ethics and Information Technology, 5(1), 1–16.
Summers, R. S. (1993). A formal theory of rule of law. Ratio Iuris, 6(2), 127–142.
Tavani, H. T. (2007). Philosophical theories of privacy: implications for an adequate online privacy policy. Metaphilosophy, 38(1), 1–22.
Volkman, R. (2003). Privacy as life, liberty, property. Ethics and Information Technology, 5(4), 199–210.
von Ahn, L., Maurer, B., McMillen, C., Abraham, D., & Blum, M. (2008). reCAPTCHA: Human-based character recognition via web security measures. Science, 321(5895), 1465–1468.
Weckert, J., & Moor, J. (2004). Using the precautionary principle in nanotechnology policy making. Asia Pacific Nanotechnology Forum News Journal, 3(4), 12–14.
Whitbeck, C. (1996). Ethics as design: doing justice to moral problems. Hastings Center Report, 26(3), 9–16.
Working Party (WP) Article 29 D-95/46/EC. (2009). The future of privacy. 02356/09/EN-WP 168.
Yeung, K. (2007). Towards an understanding of regulation by design. In R. Brownsword & K. Yeung (Eds.), Regulating technologies: Legal futures, regulatory frames and technological fixes (pp. 79–108). London: Hart Publishing.
Zittrain, J. (2007). Perfect enforcement on tomorrow’s internet. In R. Brownsword & K. Yeung (Eds.), Regulating technologies: Legal futures, regulatory frames and technological fixes (pp. 125–156). London: Hart Publishing.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this chapter
Cite this chapter
Pagallo, U. (2021). On the Principle of Privacy by Design and Its Limits: Technology, Ethics and the Rule of Law. In: Chiodo, S., Schiaffonati, V. (eds) Italian Philosophy of Technology. Philosophy of Engineering and Technology, vol 35. Springer, Cham. https://doi.org/10.1007/978-3-030-54522-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-030-54522-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-54521-5
Online ISBN: 978-3-030-54522-2
eBook Packages: Religion and PhilosophyPhilosophy and Religion (R0)