The Privacy Research Group is a weekly meeting of students, professors, and industry professionals who are passionate about exploring, protecting, and understanding privacy in the digital age.
Visit the PRG Blog: Check out all the latest news from the Privacy Research Group.
Joining the PRG: Because we deal with early-stage work in progress, attendance at meetings of the Privacy Research Group is generally limited to researchers and students who can commit to ongoing participation in the group. To discuss joining the group, please contact Professor Helen Nissenbaum or Professor Katherine Strandburg. If you are interested in these topics, but cannot commit to ongoing participation in the PRG, you may wish to join the PRG-All mailing list
September 10: Organizational meeting
September 17: Sebastian Zimmeck // Privee: An Architecture for Automatically Analyzing Web Privacy Policies [with Steven M. Bellovin]
September 24: Christopher Sprigman // MSFT "Extraterritorial Warrants" Issue
October 1: Giancarlo Lee // Automatic Anonymization of Medical Documents
October 8: Joris van Hoboken // The Right to be Forgotten Judgement in Europe: Taking Stock and Looking Ahead
October 15: Karen Levy // Networked Resistance to Electronic Surveillance
October 22: Matthew Callahan // Warrant Canaries and Law Enforcement Responses. As background, he recommends reading, "Twitter's First Amendment Suit & the Warrant Canary Question" by Brett Max Kaufman in the Just Security blog.
October 29: Luke Stark // Discussion on whether “notice” can continue to play a viable role in protecting privacy in mediated communications and transactions given the increasing complexity of the data ecology and economy.
November 5: Seda Guerses // Let's first get things done! On division of labor and practices of delegation in times of mediated politics and politicized technologies
November 12: Elana Zeide // Student Data and Educational Ideals: examining the current student privacy landscape and how emerging information practice and reforms implicate long-standing social and legal traditions surrounding education in America
November 19: Alice Marwick // Scandal or Sex Crime? Ethical and Privacy Implications of the Celebrity Nude Photo Leaks
December 3: Katherine Strandburg // Discussion of Privacy News [which can include recent court decisions, new technologies or significant industry practices]
January 29: Organizational meeting
February 5: Felix Wu // "The Commercial Difference" which grows out of a piece just published in the Chicago Forum called The Constitutionality of Consumer Privacy Regulation
February 12: Ira Rubinstein: "The Ethics of Cryptanalysis // Code Breaking, Exploitation, Subversion and Hacking"
February 19: Report from the Obfuscation Symposium, including brief tool demos and individual impressions
February 26: Doc Searls: "Privacy and Business"
March 5: Claudia Diaz // "In PETs we trust: tensions between Privacy Enhancing Technologies and information privacy law" The presentation is drawn from a paper, "Hero or Villain: The Data Controller in Privacy Law and Technologies” with Seda Guerses and Omer Tene.
March 12: Scott Bulua & Amanda Levendowski // "Challenges in Combatting Revenge Porn"
March 26: Heather Patterson // "When Health Information Goes Rogue: Privacy and Ethical Implications of Decentextualized Information Flows from Consumer Mobile Fitness Devices to Clinician, Insurers, and Employers"
April 2: Elana Zeide// "Student Privacy in Context: Intuition, Ignorance and Trust"
April 9: Florencia Marotta-Wurgler // "The Anatomy of Privacy" - initial findings from her empirical study on privacy policies
April 16: Solon Barocas // "How Data Mining Discriminates" - a collaborative project with Andrew Selbst, 2012-13 ILI Fellow
April 23: Milbank Tweed Forum Speaker // Brad Smith: "The Future of Privacy"
April 30: Seda Guerses // "Privacy is Security is a prerequisite for Privacy is not Security is a delegation relationship"
September 11: Organizational meeting
September 18: Discussion - NSA/Pew Survey
September 25: Luke Stark // "The Emotional Context of Information Privacy"
October 2: Joris van Hoboken // "A Right to be Forgotten"
ABSTRACT: In this talk I will present my ongoing work on the so-called 'right to be forgotten' and the underlying questions relating to balancing privacy and freedom of expression in the context of online services. This right to be forgotten was officially proposed in 2012 by the European Commission as a new element of the EU data protection rules. I will discuss the policy backgrounds of this proposal for a strengthened right to erasure and in particular its relation to new types of publicity facilitated by online intermediaries (search engines and social media in particular). As is clear from an analysis of the proposal which I recently conducted for the European Commission (attached as background) the right to be forgotten has captured the attention of many but fails to address let alone solve the hard issues on the interface of data privacy law, media law and intermediary liability regulations. While the EC proposal may actually be considered 'a right to be forgotten', the underlying questions of how to regulate personal data in online services remain.
October 9: Katherine Strandburg // "Freedom of Association Constraints on Metadata Surveillance"
ABSTRACT: Documents leaked this past summer confirm that the National Security Agency has acquired access to a huge database of domestic call traffic data, revealing information about times, dates, and numbers called. Although communication content traditionally has been the primary focus of concern about overreaching government surveillance, officials are increasingly interested in using sophisticated computer analysis of noncontent traffic data to “map” networks of associations. Despite the rising importance of digitally mediated association, current Fourth Amendment and statutory schemes provide only weak checks on government. The potential to chill association through overreaching relational surveillance is great. This Article argues that the First Amendment’s freedom of association guarantees can and do provide a proper framework for regulating relational surveillance and suggests how these guarantees might apply to particular forms of analysis of traffic data.
October 16: Seda Güerses // "Privacy is Don't Ask, Confidentiality is Don't Tell"
ABSTRACT: Since the end of the 60s, computer scientists have engaged in research on privacy and information systems. Over the years, this research has led to a whole palette of "privacy solutions''. These solutions originate from diverse sub-fields of computer science, e.g., security engineering, databases, software engineering, HCI, and artificial intelligence. From a bird's eye view, all of these researchers are studying privacy. However, a closer look reveals that each community of researchers relies on different, sometimes even conflicting, definitions of privacy, and on a variety of social and technical assumptions. These researchers do have a tradition of assessing the (implicit) definitions and assumptions that underlie the studies in their respective sub-disciplines. However, a systematic evaluation of privacy research practice across the different computer science communities is so far absent. I hope to contribute to closing this research gap by presenting the preliminary results of an empirical study of privacy research in computer science.
October 23: Brian Choi // "The Third-Party Doctrine and the Required-Records Doctrine: Informational Reciprocals, Asymmetries, and Tributaries"
ABSTRACT: Even as many have assailed the third-party doctrine and predicted its impending demise, few have heeded the parallel threat posed by the required-records doctrine. Although the third-party doctrine has been widely criticized as an overbroad exception to the Fourth Amendment, defining a coherent limiting principle has proved exceedingly difficult. The popular “mosaic” theory explains how the aggregation of many seemingly insignificant pieces of data from third parties can reveal comprehensive pictures of private activity ordinarily shielded by the Fourth Amendment. Yet, the inherent paradox of the mosaic theory is that it undercuts the project of distinguishing between third-party data that should be accessible without judicial warrant and third-party data that should not. Likewise, the required-records doctrine—which excludes records kept in compliance with general purpose recordkeeping requirements from the Fifth Amendment privilege against self-incrimination—has been so troubling that it has remained largely dormant since its creation. Efforts to construct a coherent limiting principle have been similarly lacking. Nevertheless, a recent set of tax enforcement cases has resuscitated the required-records doctrine and extended it to compel production of offshore bank account records from individual taxpayers. It is no coincidence that the third party doctrine also grew out of a tax enforcement case, holding that individual taxpayers may not shield financial records held by third-party banks. Three insights can be drawn from the project. The first is a warning that the required records doctrine is poised to follow in the footsteps of the third party doctrine. In both contexts, many of the early cases involved requests for financial records needed to prove tax evasion. With the third party doctrine, those early cases quickly generalized to encompass any document in the possession of a third party, including phone records, loan records, medical records, and more. With the required records doctrine, there is a similar shoddiness in the governing standard that would easily allow the same scope creep. If we dislike the current state of the third party doctrine, we should be wary of retracing the same steps under a different guise. Second, the juxtaposition provides a frame for unraveling our discomfort with both the required records doctrine and the third party doctrine. The easy cases might be those involving data that is readily obtainable through both avenues (e.g., duplicate records such as pay stubs or insurance forms), and those that are off limits under both doctrines (e.g., private diaries). On the other hand, the most vexing cases might be those involving data that can be obtained only through one avenue but not the other—allowing the government to pit one Amendment against another. For example, in the moment where a document is required but has not yet been created, that document still exists in thought only; the required records doctrine could demand it but the third party doctrine would not be able to reach it. That asymmetry also explains our discomfort with commercial aggregators who collect massive databases of personal information that the required records doctrine could never demand. Finally, the required records doctrine is a direct tributary of the third party doctrine, and has played a key role in shaping its watershed. Because business entities cannot assert the Fifth Amendment privilege, many businesses are automatically subject to recordkeeping and reporting requirements. Since the required data can include information about customers or other private citizens, the required records doctrine multiplies the potency of the third party doctrine.
ABSTRACT: How we might interdisciplinarily think through the social, legal, technical, and ethical issues that arise when new technologies create unexpected connections and people get implicated/harmed in cases outside of their control. To do so, we will offer a framework for thinking about networked harm and briefly lay out three cases that we think offer interesting contours for conversation (Maryland v. King, Google's Gmail litigation, and CA SB568). Questions on the table: Are our current models of harm are too limited for thinking through cases where new technologies implicate people in new ways?; How do we get past property models that focus on joint rights when thinking of people being implicated in each other's data traces?; What are good frameworks for moving from an individual-centric model of harm to a network-based one?
November 6: Karen Levy // "Beating the Box: Digital Enforcement and Resistance"
ABSTRACT: I’ll be presenting some research from my dissertation, which (broadly) explores digital enforcement strategies – the use of technologies in place or in support of traditional human rule enforcement regimes as a means to enact more ‘perfect’ behavioral regulation over subjects. Specifically, my research concerns new federal regulations mandating the electronic monitoring of long-haul truck drivers’ work time. Last year in PRG, I talked about how the organizational knowledge practices of trucking firms change around the proliferation of monitoring devices and divest truckers of occupational autonomy. This time around, I’d like to focus on two different areas: First, I explore how truckers (and others) resist monitoring using a variety of technical and organizational strategies, including physical tampering, data manipulation, and [something I’m calling] ‘collaborative omission.’ These tactics serve to construct new gaps between regulatory intent and social practice. But I could use your help in thinking them through in a more systematic way. Second, I consider the challenges faced by law enforcement officers—specifically, commercial vehicle inspectors—when enforcement efforts are augmented by machines. I’m finding that human/machine hybridity creates several challenges on the ground for these officers, including [something I’m calling] ‘decoy compliance’ among drivers that obfuscates actual legal noncompliance, as well as a last-mile problem in acquiring data from digital monitors in the trucks.
November 13: Akiva Miller // "Are access and correction tools, opt-out buttons, and privacy dashboards the right solutions to consumer data privacy" & Heather Patterson: Results of a recent Pew Research Privacy Survey
November 20: Nathan Newman // "Can Government Mandate Union Access to Employer Property? On Corporate Control of Information Flows in the Workplace"
ABSTRACT: A basic question of labor law over the years has been how government can intervene to ensure that workers receive information needed to exercise their rights? A contrary concern has been what rights do property owners have under the 1st, 4th, 5th amendments and under federal labor law to restrict that information flow, both in their own interest and in interests claimed on behalf of their employees? A number of existing and proposed law by state governments—including one before the Supreme Court this term—have sought to mandate physical access to employer property to be able to contact employees and/or customers. Since the goal of unions in gaining that access is to develop a "map" of the workplace, including a strong analysis of all social networks—who is friends with whom, churches and organizations people are affiliated with, and any other useful social information—such mandated access amounts to government granting an independent party access to a range of social network information about individuals in a workplace. Obviously, employers have their own power in the workplace, so the government strengthening this de facto bottom-up data mining by unions has historically been one of the key counter weights to that corporate power in the workplace. However, the Supreme Court has in recent decades struck down requirements by the NLRB to require that unions be given access to employer property in the name of state property rights and may this term strike down a state law mandating access in the name of the first amendment rights of the employer. This tilt of the law towards protecting employer rights to control data flow in their workplace has been a key factor in weakening labor unions and, as many argue, expanding economic inequality over the last generation. An implication of this analysis is: if a rights-based framework over information in the workplace has ill-served workers, are there implications for whether a rights-based framework over privacy may ill-serve consumers and citizens in broader debates on privacy and data collection?
December 4: Akiva Miller // Are access and correction tools, opt-out buttons, and privacy dashboards the right solutions to consumer data privacy?" & Malte Ziewitz: "What does transparency conceal?"
January 30: Welcome meeting and discussion on current privacy news
February 6: Helen Nissenbaum // "The (Privacy) Trouble with MOOCs"
February 13: Joe Bonneau // "What will it mean for privacy as user authentication moves beyond passwords?"
February 20: Brad Smith // "Privacy at Microsoft"
February 27: Katherine Strandburg // "Free Fall: The Online Market's Consumer Preference Disconnect"
March 6: Mariana Thibes // "Privacy at Stake, Challenging Issues in the Brazillian Context"
March 13: Nathan Newman // "The Economics of Information in Behavioral Advertising Markets"
March 27: "Privacy News Hot Topics" // US v. Cotterman, Drones' Hearings, Google Settlement, Employee Health Information Vulnerabilities, and a Report from Differential Privacy Day
April 3: Ira Rubinstein // "Voter Privacy: A Modest Proposal"
April 10: Katherine Strandburg // ECPA Reform; Catherine Crump: Cotterman Case; Paula Helm: Anonymity in AA
April 17: Heather Patterson // "Contextual Expectations of Privacy in User-Generated Mobile Health Data: The Fitbit Story"
April 24: Hannah Block-Wheba and Matt Zimmerman // National Security Letters [NSL's]
September 19: Nathan Newman // "Cost of Lost Privacy: Google, Antitrust and Control of User Data"
September 26: Karen Levy // "Privacy, Professionalism, and Techno-Legal Regulation of U.S. Truckers"
October 3: Agatha Cole // "The Role of IP address Data in Counter-Terrorism Operations & Criminal Law Enforcement Investigations: Looking towards the European framework as a model for U.S. Data Retention Policy"
October 10: Discussion of 'Model Law'
October 17: Frederik Zuiderveen Borgesius // "Behavioural Targeting. How to regulate?"
October 24: Matt Tierney and Ian Spiro // "Cryptogram: Photo Privacy in Social Media"
November 7: Sophie Hood // "New Media Technology and the Courts: Judicial Videoconferencing"
November 14: Travis Hall // "Cracks in the Foundation: India's Biometrics Programs and the Power of the Exception"
November 21: Lital Helman // "Corporate Responsibility of Social Networking Platforms"
November 28: Scott Bulua and Catherine Crump // "A framework for understanding and regulating domestic drone surveillance"
December 5: Martin French // "Preparing for the Zombie Apocalypse: The Privacy Implications of (Contemporary Developments in) Public Health Intelligence"