Surveillance in ubiquitous network societies: normative conflicts related to the consumer in-store supermarket experience in the context of the Internet of Things

Abstract

The Internet of Things (IoT) is an emerging global infrastructure that employs wireless sensors to collect, store, and exchange data. Increasingly, applications for marketing and advertising have been articulated as a means to enhance the consumer shopping experience, in addition to improving efficiency. However, privacy advocates have challenged the mass aggregation of personally-identifiable information in databases and geotracking, the use of location-based services to identify one’s precise location over time. This paper employs the framework of contextual integrity related to privacy developed by Nissenbaum (Privacy in context: technology, policy, and the integrity of social life. Stanford University Press, Stanford, 2010) as a tool to understand citizen response to implementation IoT-related technology in the supermarket. The purpose of the study was to identify and understand specific changes in information practices brought about by the IoT that may be perceived as privacy violations. Citizens were interviewed, read a scenario of near-term IoT implementation, and were asked to reflect on changes in the key actors involved, information attributes, and principles of transmission. Areas where new practices may occur with the IoT were then highlighted as potential problems (privacy violations). Issues identified included the mining of medical data, invasive targeted advertising, and loss of autonomy through marketing profiles or personal affect monitoring. While there were numerous aspects deemed desirable by the participants, some developments appeared to tip the balance between consumer benefit and corporate gain. This surveillance power creates an imbalance between the consumer and the corporation that may also impact individual autonomy. The ethical dimensions of this problem are discussed.

This is a preview of subscription content, log in to check access.

References

  1. Acquisti, A. (2010 December 1). The economics of personal data and the economics of privacy. Joint Working Party for Information Security and Privacy (WPISP) and Working Party on the Information Economy (WPIE) Roundtable, background paper 3. Paris: Organisation for Economic Co-operation and Development (OECD).

  2. Acquisti, A., Gross, R., & Stutzman, F. (2011). Faces of Facebook: Privacy in the age of augmented reality. Black Hat 2011. Retrieved on December 11, 2011 from http://www.heinz.cmu.edu/~acquisti/face-recognition-study-FAQ/acquisti-faces-BLACKHAT-draft.pdf.

  3. Albanesius, C. (2011 May 10). Senator has ‘serious doubts’ about privacy of Google, Apple location apps. PC Magazine. Retrieved on June 8, 2011 from http://www.pcmag.com/article2/0,2817,2385150,00.asp.

  4. Angwin, J., & Stecklow, S. (2010 October 12). ‘Scrapers’ did deep for data on Web. The Wall Street Journal. Retrieved on October 20, 2010 from http://online.wsj.com/article/SB10001424052748703358504575544381288117888.html.

  5. Ashton, K. (22 June 2009). That ‘Internet of Things’ thing. RFID Journal. Accessed from http://www.rfidjournal.com/article/view/4986 on May 11, 2010.

  6. Barnett, E. (11 Jan 2010). Facebook’s Mark Zuckerberg says privacy is no longer a ‘social norm’. The Telegraph. Retrieved on March 10, 2010 from http://www.telegraph.co.uk/technology/facebook/6966628/Facebooks-Mark-Zuckerberg-says-privacy-is-no-longer-a-social-norm.html.

  7. Beck, U. (1992). Risk society: Towards a new modernity. London: Sage.

    Google Scholar 

  8. Bennett, C. J. (2008). The privacy advocates: Resisting the spread of surveillance. Cambridge, MA: The MIT Press.

    Google Scholar 

  9. “China working on unified national Internet of Things strategic plan.” (2010 July 5). TMCnews. Retrieved on August 10, 2010 from http://www.tmcnet.com/usubmit/2010/07/05/4884535.htm.

  10. Christakos, H. A., & Mehta, S. N. (2002). Annual review of law and technology. Berkeley Technology Law Journal, , 473.

  11. Clarke, R. (1988). Information technology and dataveillance. Communications of the ACM, 31(5), 498–512.

    Article  Google Scholar 

  12. Daly, E. (2010). Personal autonomy in the travel panopticon. Ethics and Information Technology, 12, 97–108.

    Article  Google Scholar 

  13. Denning, T., Borning, A. Friedman, B. Gill, B. Kohno, T., & Maisel, W. (2010). Patients, pacemakers, and implantable defibrillators: Human values and security for wireless implantable medical devices. In Proceedings of CHI 2010 conference on human factors in computing systems (pp. 917–926). New York: Association for Computing Machinery.

  14. DePaulo, B. M., & Kashy, D. A. (1998). Everyday lies in close and casual relationships. Journal of Personality and Social Psychology, 74(1), 63–79.

    Article  Google Scholar 

  15. Dourish, P., & Bell, G. (2011). Divining a digital future: Mess and mythology in ubiquitous computing. Cambridge, MA: The MIT Press.

    Google Scholar 

  16. Duhigg, C. (2012 February 16). How companies learn your secrets. The New York Times Magazine. Retrieved February 17, 2012 from: http://www.nytimes.com/2012/02/19/magazine/shoppinghabits.html?_r=2&pagewanted=1&hp.

  17. Dworkin, R. (1986). Law’s empire. Cambridge, MA: Harvard University Press.

    Google Scholar 

  18. European Commission & Information Society and Media. (2008). Internet of Things in 2020: Roadmap for the future. European technology platform on smart systems integration. Version 1.1 (27 May, 2008).

  19. European Parliament. http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//TEXT+TA+P7-TA-2010-0207+0+DOC+XML+V0.

  20. Federal Trade Commission. (2010 December 1). FTC staff issues privacy report, offers framework for consumers, businesses, and policymakers. Retrieved on November 24, 2011 from http://www.ftc.gov/opa/2010/12/privacyreport.shtm.

  21. Federal Trade Commission. (2011 November 21). FTC announces agenda, panelists for facial recognition workshop. Retrieved on November 24, 2011 from http://www.ftc.gov/opa/2011/11/facefacts.shtm.

  22. Federal Trade Commission. (2012 March 26). Protecting consumer privacy in an era of rapid change: Recommendations for businesses and policymakers. Washington, DC: Federal Trade Commission. Retrieved on March 27, 2012, from http://ftc.gov/os/2012/03/120326privacyreport.pdf.

  23. Floridi, L. (2005). The ontological interpretation of informational privacy. Ethics and Information Technology, 2005(7), 185–200.

    Article  Google Scholar 

  24. Friedman, B. (2008). Value Sensitive Design. In D. Schular (Ed.), Liberating voices: A pattern language for communication revolution (pp. 366–368). Cambridge, MA: The MIT Press.

    Google Scholar 

  25. Friedman, B., & Nissenbaum, H. (1996). Bias in computer systems. ACM Transactions on Information Systems, 14(3), 330–347.

    Article  Google Scholar 

  26. Glenn, J. (2009). Scenarios. In J. C. Glenn & T. J. Gordon (Eds.), Futures research methodologyVersion 3.0. AC/UNU Millennium Project. Washington: American Council for the UN University.

  27. Haggerty, K. D., & Ericson, R. V. (2006). The new politics of surveillance and visibility. In K. D. Haggerty & R. V. Ericson (Eds.), The new politics of surveillance and visibility (pp. 3–25). Toronto: University of Toronto Press.

    Google Scholar 

  28. Hildner, L. (2006). Defusing the threat of RFID: Protecting consumer privacy through technology-specific legislation at the state level. Harvard Civil Rights-Civil Liberties Law Review, 41, 133–176.

    Google Scholar 

  29. Hill, K. (2012 February 16). How Target figured out a teen girl was pregnant before her father did. Forbes. http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/.

  30. International Telecommunication Union. (2005). Privacy and Ubiquitous Network Societies: Background paper. In ITU Workshop on Ubiquitous Network Societies, April 6–8, 2005. Geneva: International Telecommunication Union.

  31. Internet of Things Conference Organizing Committee. (2010). Internet of Things. Retrieved on March 17, 2010, from http://www.iot2010.org/outline/.

  32. Keller, J. (2011 September 29). Cloud-powered facial recognition is terrifying. The Atlantic Monthly. Retrieved on October 1, 2011, from http://www.theatlantic.com/technology/archive/2011/09/cloud-powered-facial-recognition-is-terrifying/245867/.

  33. Kling, R. (2000). Learning about information technologies and social change: The contribution of social informatics. The Information Society, 16(3), 217–232.

    Article  Google Scholar 

  34. Lyon, D. (2002). Surveillance as social sorting: Computer codes and mobile bodies. In D. Lyon (Ed.), Surveillance as social sorting: Privacy, risk and automated discrimination (pp. 14–30). London, UK: Routledge.

    Google Scholar 

  35. Lyon, D. (2006). The search for surveillance theories. In D. Lyon (Ed.), Theorizing surveillance: The panopticon and beyond (pp. 3–20). Portland, OR: Willand.

    Google Scholar 

  36. Marx, G. T. (2006). Varieties of personal information as influences on attitudes towards surveillance. In K. D. Haggerty & R. V. Ericson (Eds.), The new politics of surveillance and visibility (pp. 79–110). Toronto: University of Toronto Press.

    Google Scholar 

  37. Microsoft. (2013, June 6). Privacy by design: How Xbox One and the new Kinect sensor put you in control. Retrieved on June 6, 2013 from: http://news.xbox.com/2013/06/privacy.

  38. Moor, J. H. (2008). Why we need better ethics for emerging technologies. In J. van den Hoven & J. Weckert (Eds.), Information technology and moral philosophy (pp. 26–39)., Cambridge studies in philosophy and public policy Cambridge: Cambridge University Press.

    Google Scholar 

  39. Neumann, P. G., & Weinstein, L. (2006). Risks of RFID. Communications of the ACM, 49(5), 136.

    Article  Google Scholar 

  40. Nissenbaum, H. (2010). Privacy in context: Technology, policy, and the integrity of social life. Stanford, CA: Stanford University Press.

    Google Scholar 

  41. nViso. (2011). Technology. Retrieved on October 11, 2011 from http://www.nviso.ch/.

  42. O’Connor, M. C. (2011 April 6). European Commission issues framework for measuring and mitigating RFID’s privacy impact. RFID Journal. Retrieved on April 6, 2011 from http://www.rfidjournal.com/article/view/8345.

  43. Pommeranz, A., Detweiler, C., Wiggers, P., & Jonker, C. (2011). Elicitation of situated values: Need for tools to help stakeholders and designers to reflect and communicate. Ethics and Information Technology,. doi:10.1007/s10676-011-9282-6.

    Google Scholar 

  44. Schwartz, P. (1996). The art of the long view: Planning for the future in an uncertain world. New York: Currency Doubleday.

    Google Scholar 

  45. Schwartz, P. M., & Solove, D. (2011). The PII problem: Privacy and a new concept of personally identifiable information. New York University Law Review, 86, 1814–1894.

    Google Scholar 

  46. Solove, D. (2011). Nothing to hide: The false tradeoff between privacy and security. New Haven, CT: Yale University Press.

    Google Scholar 

  47. Stahl, B. C. (2004). Information, ethics, and computers: The problem of autonomous moral agents. Minds and Machines, 14(1), 67–83.

    Article  Google Scholar 

  48. Turow, J. (2006). Cracking the consumer code: Advertisers, anxiety and surveillance in the digital age. In K. D. Haggerty & R. V. Ericson (Eds.), The new politics of surveillance and visibility (pp. 279–307). Toronto: University of Toronto Press.

    Google Scholar 

  49. van den Hoven, M. J. (1997). Privacy and the varieties of moral wrong-doing in an information age. Computers and Society, 27(3), 33–37.

    Article  Google Scholar 

  50. Weber, R. H., & Weber, R. (2010). Internet of Things: Legal perspectives. Berlin: Springer.

    Google Scholar 

  51. Winseck, D. (2003). Netscapes of power: Convergence, network design, walled gardens, and other strategies of control in the information age. In D. Lyon (Ed.), Surveillance as social sorting: Privacy, risk and digital discrimination (pp. 176–198). New York: Routledge.

    Google Scholar 

  52. Winter, J. S. (2008). Emerging policy problems related to ubiquitous computing: Negotiating stakeholders’ visions of the future. Knowledge, Technology & Policy, 21, 191–203.

    Article  Google Scholar 

Download references

Acknowledgments

The author wishes to thank the reviewers of this article. The author also wishes to thank the participants who took part in this study and the National Science Foundation Team for Research in Ubiquitous Secure Technology (TRUST) Women’s Institute for Summer Enrichment. Preliminary findings of this study were published by the author in the Proceedings of the Pacific Telecommunications Council Annual Conference. Honolulu, Hawai‘i. January, 2012. “Privacy and the emerging Internet of Things: Using the framework of contextual integrity to inform policy.”

Author information

Affiliations

Authors

Corresponding author

Correspondence to Jenifer Sunrise Winter.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Winter, J.S. Surveillance in ubiquitous network societies: normative conflicts related to the consumer in-store supermarket experience in the context of the Internet of Things. Ethics Inf Technol 16, 27–41 (2014). https://doi.org/10.1007/s10676-013-9332-3

Download citation

Keywords

  • Privacy
  • Surveillance
  • Internet of Things
  • Framework of contextual integrity
  • Radio-frequency identification (RFID)
  • Location-based services (LBS)