Skip to main content
SpringerLink
Log in

Privacy and Innovation: From Disruption to Opportunities

  • Chapter
Data Protection on the Move

Part of the book series: Law, Governance and Technology Series ((ISDP,volume 24))

  • 3391 Accesses

Abstract

In this chapter I present an approach of privacy from the perspective of innovation theory. I bring two conceptual approaches together. First, I disentangle privacy in three interconnected concepts: information security, data protection and the private sphere. Each of these concepts has its own dynamics and refers to a specific logic: technology in case of information security, regulation in case of data protection and society in case of the private sphere. By interconnecting them, a more nuanced perspective on the innovative incentives stemming from privacy considerations arises. Second, innovation is considered to be hampered by market and system imperfections. These imperfections reduce the efficiency of the innovation system. Analysing which imperfections exist helps in overcoming them by identifying adequate counter-strategies. I will use a policy study that has been performed for the Dutch Ministry of Economic Affairs to elaborate the relation between privacy and innovation in more detail. The resulting tone is optimistic: during the study several indications for a more privacy respecting approach by firms were found. Still, the challenges to be addressed are huge.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 139.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 179.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    World Economic Forum, Unlocking the value of personal data: from collection to usage (World Economic Forum 2013).

  2. 2.

    European Court of Justice (2014). Factsheet on the ‘Right to be Forgotten’ Ruling (C-131/12), http://ec.europa.eu/justice/data-protection/files/factsheets/factsheet_data_protection_en.pdf (visited March 4, 2015).

  3. 3.

    http://www.economist.com/news/international/21621804-google-grapples-consequences-controversial-ruling-boundary-between (visited March 4, 2015).

  4. 4.

    European Court of Justice (2014, p. 2).

  5. 5.

    http://www.theguardian.com/technology/2015/feb/19/google-acknowledges-some-people-want-right-to-be-forgotten (visited March 4, 2015).

  6. 6.

    https://www.google.com/advisorycouncil/ (visited March 12, 2015).

  7. 7.

    http://www.washingtonpost.com/news/morning-mix/wp/2014/05/30/google-ceo-warns-right-to-be-forgotten-could-stifle-innovation-and-empower-repressive-regimes/ (visited March 4, 2015).

  8. 8.

    http://www.pcworld.idg.com.au/article/560060/how-google-dealing-right-forgotten-requests/ (vistied March 4, 2015).

  9. 9.

    https://ovchip.cs.ru.nl/Main_Page (visited March 4, 2015). The hack took place in 2008.

  10. 10.

    The MiFare chip was originally a product produced by Philips, but at the time the hack became public, the chips were made and sold by NXP, the successor of Philips.

  11. 11.

    https://cbpweb.nl/nl/nieuws/ov-bedrijven-bewaren-reisgegevens-studenten-ov-chipkaart-strijd-met-de-wet (visited March 4, 2015).

  12. 12.

    Arnold Roosendaal et al., Actieplan Privacy (Delft: TNO-report R11603, 2014), 24 ff.

  13. 13.

    Roosendaal, 24 ff.

  14. 14.

    We did not publish on this issue, but we encountered this attitude at a number of Dutch organisations. A few of these will be mentioned in this article.

  15. 15.

    See http://pilab.nl/ (visited March 12, 2015).

  16. 16.

    See for instance Rachel Finn, David Wright, and Michael Friedewald, “Seven types of privacy”, in Serge Gutwirth, Yves Poullet et al. (eds.), European Data Protection: Coming of Age (Dordrecht: Springer, 2013) who present a challenging sevenfold dimensioning of privacy, based on previous work by amongst others Roger Clark.

  17. 17.

    EC, Charter of Fundamental Rights of the European Union, (Brussels: Official Journal of the European Communities, C 364/1, 2000).

  18. 18.

    For the FIP, see Robert Gellman, Fair Information Practices: A Basic History, http://bobgellman.com/rg-docs/rg-FIPShistory.pdf (visited March 9, 2015). The title of the EU Data Protection Directive 95/46/EC states: “[O]n the protection of individuals with regard to the processing of personal data and on the free movement of such data”. See: http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML (visited March 9, 2015).

  19. 19.

    Mark Stamp, Information SecurityPrinciples and practice (Hoboken, New Jersey: John Wiley & Sons, 2006): p. 2.

  20. 20.

    With the 95/46/EC directive to be replaced by the General Data Protection Regulation in due time.

  21. 21.

    See http://oecdprivacy.org/ (visited March 5, 2015).

  22. 22.

    One telling example is the response of Phil Zimmerman during the panel on privacy innovations who responded to a question on whether privacy was more than securing data, that, indeed, in the end it all comes down to using encryption for safeguarding data. In my view, which I also introduced during the panel, this perspective falls short to capture on what privacy is about.

  23. 23.

    Raphael Gellert and Serge Gutwirth. “The legal construction of privacy and data protection” Computer Law and Security Review (CLSR) 29 (2013): 522–530.

  24. 24.

    One interesting issue in this respect is the capabilities data protection officers need to have. In the Directive and the Regulation it is emphasized that DPOs should have sufficient legal ánd technical knowledge. Given the need for additional DPOs (triggered by the new Regulation) one would expect multidisciplinary vocational courses to emerge that teach basic and advanced legal ánd technical insights.

  25. 25.

    Examples of these innovations will be provided in the next section. One example relates to the opportunity to organize one’s CV in a data vault, thereby anticipating on the increasing number of self-employed professionals who need to convey their professional details to (potential) clients.

  26. 26.

    OECD Oslo Manual (1997). The measurement of Scientific and Technological activities—Proposed guidelines for collecting and interpreting technological innovation data. http://www.oecd.org/science/inno/2367580.pdf (visited March 4, 2015).

  27. 27.

    Richard Barras, “Towards a theory of innovation theory in services”, Research policy 15 (4) (2000): 161–173. Everett M. Rogers, Diffusion of Innovations (5th edition) (New York: Free Press, 2003).

  28. 28.

    This illustration could be applied to the example I provided before on purpose specification in data analytics situations. Purpose specification as such may not be sufficient to block an innovation in the field of data analytics, but combined with other regulatory requirements it may hinder innovative practices.

  29. 29.

    Martijn Poel, The impact of the policy mix on service innovationThe formative and growth phases of the sectoral innovation system for internet video services in the Netherlands, (Enschede: GildeprintDrukkerijen 2013). Poel discusses these imperfections as market and systems failures. In a study project I have been part of in recent years, some participants urged to use the less intrusive vocabulary of ‘imperfections’ instead of ‘failures’. I will follow this approach in this contribution.

  30. 30.

    James Medhurst et al., An economic analysis of spill overs from programmes of technological innovation support, (Report prepared for ICF GHK 2014). https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/288110/bis-14-653-economic-analysis-of-spillovers-from-programmes-of-technological-innovation-support.pdf.

  31. 31.

    Eric von Hippel and Georg van Krogt, “Open Source Software and the “Private-Collective” Innovation Model: Issues for Organization Science.” (MIT Sloan School of Management Working Paper 4739-09, 2009).

  32. 32.

    See for instance the EC Green Paper on Mobile Health (Com(2014) 219 final, that indicates that 64 % of mobile app have less than 10 employees (p. 7).

  33. 33.

    See https://diasporafoundation.org/.

  34. 34.

    http://www.zdnet.com/article/net-neutrality-becomes-the-law-of-the-land/.

  35. 35.

    http://chrismarsden.blogspot.nl/2015/03/access-on-wolf-in-sheeps-clothing.html.

  36. 36.

    http://www.macgasm.net/2012/02/09/state-apples-ecosystem-lockin/.

  37. 37.

    Technology neutral regulatory frameworks are presented as alternative to this lagging behind, but—as the example of network neutrality shows—they are difficult to maintain.

  38. 38.

    Martijn Poel, The impact of the policy mix on service innovationThe formative and growth phases of the sectoral innovation system for internet video services in the Netherlands, (Enschede: Gildeprint Drukkerijen, 2013), 56.

  39. 39.

    Ann Cavoukian, Privacy by designTake the challenge, (Ontario 2009).

  40. 40.

    http://thepublicvoice.org/TheMadridPrivacyDeclaration.pdf; https://www.priv.gc.ca/information/conf2013/res_06_openness_e.asp.

  41. 41.

    Article 23 of the proposed General Data Protection regulation deals with data protection by design and by default.

  42. 42.

    Thomas M. Lenard and Paul H. Rubin, The Big Data revolutionPrivacy Considerations, (Washington: Technology Policy Institute, 2013), 3.

  43. 43.

    Avi Goldfarb, and Catherine Tucker, “Privacy and innovation”, In: Josh Lerner and Scott Stern (eds.), Innovation Policy and the Economy. (Chicago: University of Chicago Press), 65–89.

  44. 44.

    Avi Goldfarb, and Catherine Tucker, 81.

  45. 45.

    Avi Goldfarb, and Catherine Tucker, p. 77.

  46. 46.

    Avi Goldfarb, and Catherine Tucker, p. 85.

  47. 47.

    Jonathan Cave et al., Does it help or does it hinder? Promotion of innovation on Internet and citizen’s right to privacy, (Brussels: European Parliament, 2011).

  48. 48.

    Jonathan Cave et al., p. 97.

  49. 49.

    Jonathan Cave et al., pp. 98–100.

  50. 50.

    This does not assume that data protection for instance only deals with regulatory innovations. As the example in the text indicate what is manifest in the cross cutting of data protection with information security, and the private sphere, data protection deals with technical and societal innovations as well. The distinctions should help in pinpointing and focusing, reducing complexity.

  51. 51.

    Deloitte. Having it allProtecting privacy in the age of analytics. http://www2.deloitte.com/content/dam/Deloitte/ca/Documents/Analytics/ca-en-analytics-ipc-big-data.pdf (visited March 5, 2015).

  52. 52.

    See https://www.qiy.nl/en/ (visited March 9, 2015).

  53. 53.

    See EC, DG CONNECT INTERNAL REPORT on the implementation of the Commission Recommendation on the implementation of privacy and data protection principles in applications supported by radio-frequency identification, (Brussel 2014).

  54. 54.

    The full implementation period of the GDPR will last for two years. Starting at the end of 2015 thus implies that the GDPR will be fully effective at the end of 2017.

  55. 55.

    The Ministry of Economic Affairs published a policy letter on Big Data and Privacy in which it underscores the relevance of a privacy respecting approach towards big data and in which it stated that the recommendations of the Action Plan Privacy should be implemented by a working group that the Ministry will establish on Big Data and Privacy.

Bibliography

  • Barras, Richard. 2000. Towards a theory of innovation theory in services. Research Policy 15(4): 161–173.

    Article  Google Scholar 

  • Cave, Jonathan, Marc van Lieshout, Neil Robinson, Rebecca Schindler, Gabriela Bodea, and Linda Kool. 2011. Does it help or does it hinder? Promotion of innovation on Internet and citizen’s right to privacy. Brussels: European Parliament.

    Google Scholar 

  • Cavoukian, Anne. 2009. Privacy by design—Take the challenge. Ontario: Information and Privacy Commissioners Office.

    Google Scholar 

  • Edquist, Charles. 1997. Systems of innovation: Technologies. Institutions and Organizations: Pinter.

    Google Scholar 

  • European Commission. 2000. Charter of fundamental rights of the European Union. Brussels: Official Journal of the European Communities C 364/1 Brussels.

    Google Scholar 

  • European Commission. 2014. DG CONNECT internal report on the implementation of the Commission Recommendation on the implementation of privacy and data protection principles in applications supported by radio-frequency identification. Brussel.

    Google Scholar 

  • European Court of Justice. 2014. Factsheet on the ‘right to be forgotten’ ruling (C-131/12). http://ec.europa.eu/justice/data-protection/files/factsheets/factsheet_data_protection_en.pdf.

  • Finn, Rachel, David Wright, and Michael Friedewald. 2013. Seven types of privacy. In European data protection: Coming of age, ed. Serge Gutwirth, Yves Poullet, et al. Dordrecht: Springer.

    Google Scholar 

  • Gellert, Raphael, and Serge Gutwirth. 2013. The legal construction of privacy and data protection. Computer Law and Security Review (CLSR) 29: 522–530.

    Article  Google Scholar 

  • Goldfarb, Avi, and Catherine Tucker. 2012. Privacy and innovation. In Innovation policy and the economy, ed. Josh Lerner, and Scott Stern, 65–89. Chicago: University of Chicago Press.

    Google Scholar 

  • Hippel, Eric von, Georg van Krogt. 2009. Open source software and the “Private-Collective” innovation model: Issues for organization science. MIT Sloan School of Management Working Paper 4739-09.

    Google Scholar 

  • Lenard, Thomas M., and Paul H. Rubin. 2013. The big data revolution: Privacy considerations. Washington: Technology Policy Institute.

    Google Scholar 

  • Medhurst James, Joel Marsden, Angina Jugnauth, Mark Peacock, Jonathan Lonsdal. 2014. An economic analysis of spillovers from programmes of technological innovation support. Report prepared for ICF GHK.

    Google Scholar 

  • Nelson, Richard R. 1993. National innovation systems: A comparative analysis. Urbana: University of Illinois.

    Google Scholar 

  • Poel, Martijn. 2013. The impact of the policy mix on service innovation—The formative and growth phases of the sectoral innovation system for internet video services in the Netherlands. Ph.D thesis, Technical University Delft, Delft.

    Google Scholar 

  • Rogers, Everett M. 2003. Diffusion of innovations, 5th ed. New York: Free Press.

    Google Scholar 

  • Roosendaal, Arnold, Marc van Lieshout, Colette Cuijpers, Ronald, Leenes. 2014. Actieplan Privacy. Delft: TNO-report R11603.

    Google Scholar 

  • Solove, Daniel. 2002. Conceptualizing privacy. California Law Review 90(4): 1087–1155.

    Article  Google Scholar 

  • Stamp, Mark. 2006. Information security: Principles and practice. Hoboken, New Jersey: Wiley.

    Google Scholar 

  • World Economic Forum. 2013. Unlocking the value of personal data: From collection to usage. World Economic Forum.

    Google Scholar 

Download references

Acknowledgments

I would like to thank Arnold Roosendaal (TNO, PI.lab) and the anonymous reviewers for their constructive comments on earlier versions of this chapter.

Author information

Authors and Affiliations

  1. TNO Strategy & Policy, Van Mourik Broekmanweg 6, 2628 XE, Delft, The Netherlands

    Marc van Lieshout

Authors
  1. Marc van Lieshout
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Marc van Lieshout .

Editor information

Editors and Affiliations

  1. Law, Science, Technology and Society (LSTS), Faculty of Law and Criminology, Vrije Universiteit Brussel, Brussels, Belgium

    Serge Gutwirth

  2. Tilburg Institute for Law, Technology, and Society, Tilburg University, Tilburg, The Netherlands

    Ronald Leenes

  3. Law, Science, Technology and Society, Faculty of Law and Criminology, Vrije Universiteit Brussel, Brussels, Belgium

    Paul De Hert

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer Science+Business Media Dordrecht

About this chapter

Cite this chapter

van Lieshout, M. (2016). Privacy and Innovation: From Disruption to Opportunities. In: Gutwirth, S., Leenes, R., De Hert, P. (eds) Data Protection on the Move. Law, Governance and Technology Series(), vol 24. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-7376-8_8

Download citation

Publish with us

Policies and ethics

Search

Navigation