For privacy's sake: Consumer “opt outs” for smart meters

When balancing consumer privacy and data protection rights with the important societal benefits to be obtained from smart meters, should consumers be allowed to opt out? If so, what should a smart meter opt out mechanism look like? Further, may consumers be charged additional fees for the privilege of opting out without violating their privacy and data protection rights? The EU/U.S. comparative law analysis provided in this paper aims to help energy suppliers and regulators craft opt out mechanisms to protect individual privacy and data protection rights while also achieving important societal benefits from smart meters.     

Privacy,surveillance, and the proportionality principle: The need for a method of assessing privacy implications of technologies used for surveillance

Developments in technology have created the possibility for law enforcement authorities to use for surveillance purposes devices that are in the hands or private premises of individuals (e.g. smart phones, GPS devices, smart meters, etc.). The extent to which these devices interfere with an individual's private sphere might differ. In the European Union, surveillance measures are considered lawful if they have been issued in conformity with the legal rules and the proportionality principle. Taking a fundamental rights approach, this paper focuses on the information needed for adopting proportionate decisions when authorizing the use for surveillance of devices that are not built for surveillance purposes. Since existing methods of privacy assessment of technologies do not offer the required information, this paper suggests the need for a new method of assessing privacy implications of technologies and devices which combines an assessment of privacy aspects with the different dimensions of surveillance.     

Data integration in IoT ecosystem: Information linkage as a privacy threat

Internet of things (IoT) is changing the way data is collected and processed. The scale and variety of devices, communication networks, and protocols involved in data collection present critical challenges for data processing and analyses. Newer and more sophisticated methods for data integration and aggregation are required to enhance the value of real-time and historical IoT data. Moreover, the pervasive nature of IoT data presents a number of privacy threats because of intermediate data processing steps, including data acquisition, data aggregation, fusion and integration. User profiling and record linkage are well studied topics in online social networks (OSNs); however, these have become more critical in IoT applications where different systems share and integrate data and information. The proposed study aims to discuss the privacy threat of information linkage, technical and legal approaches to address it in a heterogeneous IoT ecosystem. The paper illustrates and explains information linkage during the process of data integration in a smart neighbourhood scenario. Through this work, the authors aim to enable a technical and legal framework to ensure stakeholders awareness and protection of subjects about privacy breaches due to information linkage.     

The legal construction of personal information protection and privacy under the Chinese Civil Code

Personal information protection and privacy interact in diverse ways, especially in the contemporary information age. Although books and articles have focused on this topic, the new tendencies of worldwide legislation and judicial practice bring challenges, as the legal construction of personal information protection and privacy differs from culture to culture and time to time. In 2017, the General Provisions of the Civil Law of the People's Republic of China (“the General Provisions of the Chinese Civil Code” hereafter)¹ (expired) addresses the legal concepts of personal information protection and the right to privacy simultaneously, to which this article refers as the dual model, differing from the one-dimensional mode of privacy protection before. Subsequently, the “The Right to Privacy and the Protection of Personal Information,” a chapter of the newly issued Civil Code of the People's Republic of China's (“the Chinese Civil Code” hereafter), ascertains the dual model and details related provisions. It has been dubbed a landmark ruling of China's personal information protection, greatly boosting the modernization of China's civil system.Despite the many articles that discuss approaches to China's civil protections, little attention has been given to the fundamental question concerning what exactly encompasses the personal information protection and privacy to which these laws refer. Based on the regulations and applicability of the General Provisions of the Chinese Civil Code and the Chinese Civil Code, this paper explores the legal construction of personal information protection and privacy under Chinese legal orders, including the differences, similarities, and interplay between the two rights. By distinguishing the legal value, contents and remedial approaches, this paper concludes that the two rights are distinct but overlap. On one side, personal information protection is elevated to the status of a separate civil right in the legal context of China, rather than part of privacy. On the other side, tailored regulations should be establish according to the criteria of the nature of information, the extent of information processing, and the elements of damage when confronted with overlaps in the two rights in judicial practice. Thus, this paper provides a perspective from which to clarify the approaches to civil protection of personal information and privacy in China and a reference model for enactment of the Chinese Personal Information Protection Law in the future.     

Privacy,stigma and public protection: A socio-legal analysis of criminality information practices in the UK

Criminality information practices involve public authorities in the UK (and elsewhere) gathering, retaining and sharing information that connects with an identifiable individual; all with the ostensible aim of upholding and improving standards of public protection. This piece first charts the landscape of contemporary criminality information practices in the UK today. The article then examines recent legal emphases and policy directions for public protection networks. Consideration is then given in the piece to privacy rights and values and the difficulties in providing an exact typology and grounding for these. The piece then outlines a suggested framework for correct legal regulation, as well as a through commentary on the work done by Catherine Bellamy et al. to empirically determine the extent to which public protection information sharing can in fact occur in correct adherence to legal regulation. A socio-legal analysis is undertaken of the nature of public protection networks as variants on Goffman's performance teams within a dramaturgical routine that foregrounds stigmatisation of perceived ‘risky’ individuals as an aspect of that routine. This piece also explores the processes of institutional isomorphism as a reaction to shifting policy directions and legal doctrines, acting as a driving force towards a hierarchical performance of criminality information practices by public protection networks. Three conclusions are offered up for consideration: firstly, that the growing complexity of the law and regulation relating to criminality information practices might improve privacy values in the criminal justice system and help to add precision to necessary processes of stigmatisation in relation to the aim of public protection. Secondly, that these shifts in the law still need ongoing revisions, in order that a hierarchical approach to criminality information practices can be arrived at over time. Thirdly, that if the permanency of potential stigmatisation through the indefinite retention of criminality information cannot change, due to the competing pressure on the criminal justice system from public protection duties, then consultation with ‘risky’ individuals where practicable, before criminality information connected to them is shared across public protection networks becomes essential as a privacy-enhancing value and practice.     

Britain's smart meter programme: A case study in privacy by design

Following requirements in the 1996 EU Energy Efficiency Directive, member states are developing programmes to encourage the installation of ‘smart’ power meters that record much larger quantities of data about power usage than traditional meters. These data can reveal a great deal of information about individual household activity, leading privacy regulators to call for privacy to be ‘designed in’ to these systems. The British smart metering programme has given some attention to this privacy by design process. This article assesses its effectiveness in this case, using documentary analysis, participant observation, and follow-up interviews with a range of stakeholders. It finds that decisions made early in the British programme had negative privacy impacts that have only been partially remedied by the later development of detailed rules on the processing of smart meter data by energy suppliers and distributors. The article also considers broader lessons for the privacy by design approach.     

The Horizontal Effect of the Charter of Fundamental Rights of the EU: Rediscovering the Reasons for Horizontality

This article analyses the horizontal effect of the Charter of Fundamental Rights of the European Union. Horizontal effect has been an integral part of the Union's application of fundamental rights, especially in the field of equality. However, the codification of fundamental rights in the Charter raises important questions as to how horizontal effect will continue to apply in the EU, particularly in the aftermath of the Court's reticent rulings in cases such as Dominguez and Association de Médiation Sociale. This article argues that the emphasis on prior approaches to horizontal effect in recent rulings fails to address the profound constitutional issues that the horizontal effect of a fundamental rights catalogue raises, which concern the role of private responsibility within the developing constitutional order of the European Union. It therefore calls for a more systematically theorised approach towards the horizontal application of fundamental rights under the Charter framework.     

Privacy by design and anonymisation techniques in action: Case study of Match technology

Privacy by Design is now enjoying widespread acceptance. The EU has recently expressly included it as one of the key principles in the revised data protection legal framework. But how does Privacy by design and data anonymisation work in practise? In this article the authors address this question from a practical point of view by analysing a case study on EU Financial Intelligence Units (“FIUs”) using the Ma³tch technology as additional feature to the existing exchange of information via FIU.NET decentralised computer network. They present, analyse, and evaluate Ma³tch technology from the perspective of personal data protection. The authors conclude that Ma³tch technology can be seen as a valuable example of Privacy by Design. It achieves data anonymisation and enhances data minimisation and data security, which are the fundamental elements of Privacy by Design. Therefore, it may not only improve the exchange of information among FIUs and allow for the data processing to be in line with applicable data protection requirements, but it may also substantially contribute to the protection of privacy of related data subjects. At the same time, the case study clearly shows that Privacy by Design needs to be supported and complemented by appropriate organisational and technical procedures to assure that the technology solutions devised to protect privacy would in fact do so.     

The NHS Information Revolution: ‘Choice of Control’ to ‘Choice’ and ‘Control’

This paper provides a novel and critical analysis of the necessary and important balance between ‘individual privacy’ and ‘collective transparency’. We suggest that the onset of the Information Revolution has created a dilemma for the National Health Service (NHS) in terms of how it addresses its obligation to use information to improve best practice in healthcare for society (‘collective transparency’) whilst also keeping sensitive personal information confidential (‘individual privacy’). There is clearly a need to consider both whether the NHS is balancing this critically important informational relationship and whether its approach is fit for purpose. We argue that the NHS's ‘proxy-individual’ information guardian role could inadvertently mask individuals' intended roles, effectively circumventing autonomy-based laws by limiting the power of individuals to be autonomous. In this article we have identified three issues – first the prevailing ‘Mindset’ (the ‘M’) of ‘privacy’, which is viewed as individualistic, resulting in an overpowering concept of confidentiality; second, the quality and control of Information (the first ‘I’); and third, the concept of innovation (the second ‘i’), which is being used as a ‘solution’ rather than a vehicle for transparency. Indeed, transparency is our target of ‘best practice,’ and we suggest that individual privacy and collective transparency are best embedded within a complementary privacy framework that offers a better fit than the current split of control between the roles of the NHS and the roles of the individual. It is suggested that when facilitated by transparency, ‘control’ and ‘privacy’ form a continuum, aligning through the desire for choice. Therefore, the choice of control could facilitate control and choice. Together, they could replace the concept of privacy by empowering ‘informed patients’ to support the NHS's ‘No decision about me, without me’ pledge.     

The fundamental right of data protection in the European Union: in search of an uncharted right

The entry into force of the EU Charter of Fundamental Rights and the ensuing introduction of the right to data protection as a new fundamental right in the legal order of the EU has raised some challenges. This article is an attempt to bring clarity on some of these questions. We will therefore try to address the issue of the place of the right to the protection of personal data within the global architecture of the Charter, but also the relationship between this new fundamental right and the already existing instruments. In doing so, we will analyse the most pertinent case law of the Court of Luxembourg, only to find out that it creates more confusion than clarity. The lesson we draw from this overview is that the reasoning of the Court is permeated by a ‘privacy thinking’, which consists not only in overly linking the rights to privacy and data protection, but also in applying the modus operandi of the former to the latter (which are different we contend). The same flawed reasoning seems to be at work in the EU Charter of Fundamental Rights. Therefore, it is crucial that the different modi operandi be acknowledged, and that any upcoming data protection instrument is accurately framed in relation with Article 8 of the Charter.     

Cultural Challenges to Biotechnology: Native American Genetic Resources and the Concept of Cultural Harm

This article examines the intercultural context of issues related to genetic research on Native peoples. In particular, the article probes the disconnect between Western and indigenous concepts of property, ownership, and privacy, and examines the harms to Native peoples that may arise from unauthorized uses of blood and tissue samples or the information derived from such samples. The article concludes that existing legal and ethical frameworks are inadequate to address Native peoples' rights to their genetic resources and suggests an intercultural framework for accommodation based on theories of intergroup equality and fundamental human rights.     

Real Interrogation: What Actually Happens When Cops Question Kids

Although the Supreme Court repeatedly cautioned that youthfulness adversely affects juveniles' ability to exercise Miranda rights or make voluntary statements, it endorsed the adult waiver standard—knowing, intelligent, and voluntary—to gauge juveniles' Miranda waivers. By contrast, developmental psychologists question whether young people understand or possess the competence necessary to exercise Miranda rights. This article analyzes quantitative and qualitative data of interrogations of three hundred and seven (307) sixteen‐ and seventeen‐year old youths charged with felony offenses. It reports how police secure Miranda waivers, the tactics they use to elicit information, and the evidence youths provide. The findings bear on three policy issues—procedural safeguards for youths, time limits for interrogations, and mandatory recording of interrogations.     

‘Private jurisprudence’ and the right to be forgotten balancing test

Upon receipt of a right to be forgotten request, private actors like Google are responsible for implementing the balancing test between competing rights of privacy and data protection and free expression and access to information. This amounts to private jurisprudence that data subjects, lawyers, and interested parties could, theoretically, game to their advantage. This paper critiques this process and argues two separate, but related points. (1) Search engines have become the sole arbiter of the rights to privacy and data protection under Articles 7 and of the Charter of Fundamental Rights and Articles 8 and 10 of the European Convention of Human Rights, when safeguarding should be a responsibility of state authorities. (2) As private actors face litigation if their decision is not acceptable to the data subject, the right to access information and the public's right to know is compromised. Search engines exert considerable power over access to and Internet usage, yet nevertheless benefit from frameworks that permit a lack of adherence to similar human rights standards as public actors or agencies. As such, empowering search engines as decision-makers over conflicting fundamental rights is problematic. Rather than allow the content of the right to be forgotten to be fleshed out by private actors, the significant body of existing jurisprudence should form the basis for public guidelines on how to implement the right to be forgotten. An analysis of case law of national courts, the European Court of Human Rights and the CJEU reveals two related matters: it is possible to reverse engineer how search engines determine which requests will be actioned and those which will be denied. This paper argues a) collectively the body of jurisprudence is of sufficient standing to develop a public and transparent balancing test that is fair to all stakeholders and b) private actors should no longer be resolving the conflict between competing fundamental rights. The paper closes by positing a framework, loosely based on ICANN's Uniform Domain Resolution Procedure for resolving conflict between conflicting cyber property rights that provides transparency and accountability to the right to be forgotten and removes search engines as arbiters of the balancing test in select cases.     

Data protection in Malaysia and Hong Kong: One step forward,two steps back?

Continuing rapid developments in information communication technology has led to an ever increasing amount of personal information being collected, processed, stored and used, without the individual even knowing about it. For countries which have domestic legislation relating to privacy and data protection, it has afforded the opportunity for a review. For others, it has opened up the opportunity to legislate. The aim of the paper is three-fold. First, the paper aims to deal with data protection regime in Malaysia and in Hong Kong by examining the salient features of the newly enacted Malaysia's Personal Data Protection Act 2010 and the recent recommendations for legislative reform to the Personal Data (Privacy) Ordinance in Hong Kong. Second, it considers whether the laws are more concerned with legitimising data protection practices of organizations and businesses rather than the protection of individuals' privacy interests. Finally, the paper briefly considers whether the laws adequately address the impact to individuals' data privacy brought about by technological advancements before providing a conclusion.     

E-Government users’ privacy and security concerns and availability of laws in Dubai

The purpose of the study was to review privacy and security concerns and their impact on e-government adoption in Dubai. The research analyzed the literature on e-government, security and privacy concerns of e-government adoption and the legislative provision relating to privacy and security protection. A survey on e-government user concerns on privacy, security and ease of use was also carried out. The data for the survey in this research were collected from 190 respondents in Dubai. The results of the analysis revealed that perceived security, privacy and perceived ease of use were important constructs in e-government adoption. The analysis of legal framework showed that the Federal Constitution, the Penal Code, the new Data Protection Act and the Computer Crime Act could be used to address various privacy and security concerns. Thus, it is important that the policy makers facilitate an appropriate awareness campaign of the existence of both information privacy and security to attract more participation towards the e-government services.     

Profiling the mobile customer – Privacy concerns when behavioural advertisers target mobile phones – Part I

Mobile customers are being tracked and profiled by behavioural advertisers to be able to send them personalized advertising. This process involves data mining consumer databases containing personally-identifying or anonymous data and it raises a host of important privacy concerns. This article, the first in a two part series on consumer information privacy issues on Profiling the Mobile Customer, addresses the questions: “What is profiling in the context of behavioural advertising?” and “How will consumer profiling impact the privacy of mobile customers?” The article examines the EU and U.S. regulatory frameworks for protecting privacy and personal data in regards to profiling by behavioural advertisers that targets mobile customers. It identifies potential harms to privacy and personal data related to profiling for behavioural advertising. It evaluates the extent to which the existing regulatory frameworks in the EU and the U.S. provide an adequate level of privacy protection and identifies key privacy gaps that the behavioural advertising industry and regulators will need to address to adequately protect mobile consumers from profiling by marketers. The upcoming second article in this series will discuss whether industry self-regulation or privacy-enhancing technologies will be adequate to address these privacy gaps and makes suggestions for principles to guide this process.¹     

Privacy principles,risks and harms

The protection of privacy is predicated on the individual's right to privacy and stipulates a number of principles that are primarily focused on information privacy or data protection and, as such, are insufficient to apply to other types of privacy and to the protection of other entities beyond the individual. This article identifies additional privacy principles that would apply to other types of privacy and would enhance the consideration of risks or harms to the individual, to groups and to society as a whole if they are violated. They also relate to the way privacy impact assessment (PIA) may be conducted. There are important reasons for generating consideration of and debate about these principles. First, they help to recalibrate a focus in Europe on data protection to the relative neglect of other types of privacy. Second, it is of critical importance at a time when PIA (renamed ‘data protection impact assessment’, or DPIA) may become mandatory under the European Commission's proposed Data Protection Regulation. Such assessment is an important instrument for identifying and mitigating privacy risks, but should address all types of privacy. Third, one can construct an indicative table identifying harms or risks to these additional privacy principles, which can serve as an important tool or instrument for a broader PIA to address other types of privacy.     

Privacy notices versus informational self-determination: Minding the gap

Privacy notices are instruments that intend to inform individuals of the processing of their personal data, their rights as data subjects, as well as any other information required by data protection or privacy laws. The goal of this paper is to clarify the current discourse regarding the (in)utility of privacy notices, particularly in the context of online transactions. The perspective is a European one, meaning that the analysis shall be geared towards the European Data protection framework, particularly the European Data Protection Directive. The paper discusses the role that privacy notices play under the European data protection framework today, summarizes the main critiques regarding the use of privacy notices in practice and develops a number of recommendations.     

Data protection law beyond identifiability? Atmospheric profiles,nudging and the Stratumseind Living Lab

The deployment of pervasive information and communication technologies (ICTs) within smart city initiatives transforms cities into extraordinary apparatuses of data capture. ICTs such as smart cameras, sound sensors and lighting technology are trying to infer and affect persons’ interests, preferences, emotional states, and behaviour. It should be no surprise then that contemporary legal and policy debates on privacy in smart cities are dominated by a debate focused on data and, therefore, on data protection law. In other words, data protection law is the go-to legal framework to regulate data processing activities within smart cities and similar initiatives. While this may seem obvious, a number of important hurdles might prevent data protection law to be (successfully) applied to such initiatives. In this contribution, we examine one such hurdle: whether the data processed in the context of smart cities actually qualifies as personal data, thus falling within the scope of data protection law. This question is explored not only through a theoretical discussion but also by taking an illustrative example of a smart city-type initiative – the Stratumseind 2.0 project and its living lab in the Netherlands (the Stratumseind Living Lab; SLL). Our analysis shows that the requirement of ‘identifiability’ might be difficult to satisfy in the SLL and similar initiatives. This is so for two main reasons. First, a large amount of the data at stake do not qualify as personal data, at least at first blush. Most of it relates to the environment, such as, data about the weather, air quality, sound and crowding levels, rather than to identified or even likely identifiable individuals. This is connected to the second reason, according to which, the aim of many smart city initiatives (including the SLL) is not to identify and target specific individuals but to manage or nudge them as a multiplicity – a combination of the environment, persons and all of their interactions. This is done by trying to affect the ‘atmosphere’ on the street. We thus argue that a novel type of profiling operations is at stake; rather than relying on individual or group profiling, the SLL and similar initiatives rely upon what we have called ‘atmospheric profiling’. We conclude that it remains highly uncertain, whether smart city initiatives like the SLL actually process personal data. Yet, they still pose risks for a wide variety of rights and freedoms, which data protection law is meant to protect, and a need for regulation remains.