Privacy by Design — Principles of Privacy-Aware Ubiquitous Systems

  • Marc Langheinrich
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2201)


This paper tries to serve as an introductory reading to privacy issues in the field of ubiquitous computing. It develops six principles for guiding system design, based on a set of fair information practices common in most privacy legislation in use today: notice, choice and consent, proximity and locality, anonymity and pseudonymity, security, and access and recourse. A brief look at the history of privacy protection, its legal status, and its expected utility is provided as a background.


Ubiquitous Computing Privacy Protection Safe Harbor Explicit Consent Ubiquitous System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    59th Conference of Privacy-Commissioners in Germany. Data Warehouse, Data Mining und Datenschutz. See HTML version of the resolution passed at, March 2000.
  2. 2.
    Gregory D. Abowd and Elizabeth D. Mynatt. Charting past, present and future research in ubiquitous computing. ACM Transactions on Computer-Human Interaction, Special issue on HCI in the new Millenium, 7(1):29–58, March 2000.CrossRefGoogle Scholar
  3. 3.
    Philip E. Agre and Marc Rotenberg, editors. Technology and Privacy: The New Landscape. The MIT Press, 1998.Google Scholar
  4. 4.
    Helmut Baeumler, editor. E-Privacy. Vieweg Verlag, Braunschweig, Germany, 2000.Google Scholar
  5. 5.
    Victoria Bellotti and A. Sellen. Design for privacy in ubiquitous computing environments. In Proc. of the European Conference on Computer-Supported Cooperative Work, 1993.Google Scholar
  6. 6.
    Oliver Berthold and Hannes Federrath. Identitaetsmanagement. In Baeumler [4], pages 189–204.Google Scholar
  7. 7.
    David Brin.The Transparent Society. Perseus Books, Reading MA, 1998.Google Scholar
  8. 8.
    Business Week/Harris Poll. A growing threat. Business Week, March 2000.Google Scholar
  9. 9.
    Peter Cochrane. Privacy. Sovereign, May 1999.Google Scholar
  10. 10.
    Lorrie Cranor, Marc Langheinrich, Massimo Marchiori, and Joseph Reagle. The platform for privacy preferences 1.0 (p3p1.0) specification. W3C Candidate Recommendation, HTML Version at, December 2000.
  11. 11.
    Lorrie Faith Cranor, Joseph Reagle, and Mark S. Ackerman. Beyond concern: Understanding net users' attitudes about online privacy. Technical Report TR 99.4.3, AT&T Labs-Research, April 1999.Google Scholar
  12. 12.
    Mike Esler, Jeffrey Hightower, Tom Anderson, and Gaetano Borriello. Next century challenges: Data-centric networking for invisible computing. In Proceedings of MobiCom'99, Seattle, 1999.Google Scholar
  13. 13.
    Amitai Etzioni. The Limits of Privacy. Basic Books, New York NY, 1999.Google Scholar
  14. 14.
    European Commission. Directive 95/46/ec of the european parliament and of the council of 24 october 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, November 1995.Google Scholar
  15. 15.
    Robert Gellman. Does privacy law work? In Agre and Rotenberg [3], chapter 7, pages 193–218.Google Scholar
  16. 16.
    Ruediger Grimm, Nils Loehndorf, and Philip Scholz. Datenschutz in Telediensten (DASIT). DuD-Datenschutz und Datensicherheit, 23(5):272–276, 1999.Google Scholar
  17. 17.
    Harris Interactive. IBM multi-national consumer privacy survey, October 1999.Google Scholar
  18. 18.
    Marit Koehntopp and Andreas Pfitzmann. Datenschutz next generation. In Baeumler [4], pages 316–322.Google Scholar
  19. 19.
    Lawrence Lessig. Code and other Laws of Cyberspace. Basic Books, New York NY, 1999.Google Scholar
  20. 20.
    James Michael. Privacy and Human Rights: An International and Comparative Study, With Special Reference to Developments in Information Technology. Dartmouth Pub Co. / UNESCO, 1994.Google Scholar
  21. 21.
    E. Mynatt, M. Back, R. Want, M. Baer, and J. Ellis. Designing audio aura. In Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI'98), Los Angeles, CA, April 1998.Google Scholar
  22. 22.
    Organisation for Economic Co-operation and Development (OECD). Recommendation of the council concerning guidelines governing the protection of privacy and transborder flows of personal data, September 1980.Google Scholar
  23. 23.
    Andreas Pfitzmann and Marit Koehntopp. Anonymity, unobservability, and pseudonymity — a proposal for terminology. In Hannes Federrath, editor, Proceedings Workshop on Design Issues in Anonymity and Unobservability, volume LNCS 2009. Springer Verlag, 2001.Google Scholar
  24. 24.
    US Department of Commerce. Safe harbor website.
  25. 25.
    Samuel Warren and Louis Brandeis. The right to privacy. Harvard Law Review, 4:193–220, 1890.CrossRefGoogle Scholar
  26. 26.
    Alan F. Westin. Privacy and Freedom. Atheneum, New York NY, 1967.Google Scholar
  27. 27.
    William Pitt, Earl of Chatam (1708–1778). Speech on the excise bill.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Marc Langheinrich
    • 1
  1. 1.Institute of Information Systems IFW Swiss Federal Institute of Technology, ETH ZurichDistributed Systems GroupZurichSwitzerland

Personalised recommendations