Data, privacy & the individual

Data is the main fuel of our digital economies. Our financial transactions, movements, communications, relationships and interactions with governments and businesses, both online and off, generate data that is collected, bought and sold by data brokers and corporations interested in profiling individuals.

As the collection and analysis of data becomes more sophisticated and accurate, and as data sets grow to become Big Data, the opportunities ahead seem infinite. The risks, however, are also great, as the information being handled about individuals is extremely sensitive. This research project explores some of the key ethical questions posed by today’s emerging technologies, and analyzes new technical methods that governments and companies can use to profit from information while respecting regulations and maintaining the trust of both their clients and citizens.

The Project

Understanding of the importance of privacy and the options available to better protect personal data.

The last years established beyond a shadow of a doubt that we are living through a crucial historical moment regarding privacy. Two events stamped 2018 as a landmark year for privacy: the Cambridge Analytica scandal, and the implementation of the European Union’s General Data Protection Regulation. The former showed the extent to which personal data has been shared without data subjects’ knowledge and consent and many times for unacceptable purposes, such as swaying elections. The latter inaugurated the beginning of robust data protection regulation in the digital age.

The aim of this research project is to contribute to a better understanding of the importance of privacy and the options available to better protect personal data. The outcomes of the project are seven research papers on privacy, a survey on privacy, and this final report, which first summarises the research and goes on to offer a set of recommendations to implement best practices regarding privacy.

Research Summary

  • “Introduction to Privacy”, by Kevin Macnish

Kevin Macnish’s paper constitutes an introduction to how legal scholars and philosophers have thought about privacy in the past century. The paper uses historical and contemporary examples to illustrate some of the most pressing ethical concerns regarding privacy.

  • “The Ethics of Data Acquisition”, by Alfred Archer, Nathan Wildman, Huub Brouwer, and Amanda Cawston

One of the central ethical difficulties facing any data acquisition procedure is balancing the rights of data subjects against the potential benefit that data collection and analysis can offer. Alfred Archer, Nathan Wildman, Huub Brouwer, and Amanda Cawston provide a critical overview of various data acquisition models, determining and assessing the ethical issues each raises.

  • Private Data and Property, by Verena Risse

Closely related to the ethics of data acquisition, Verena Risse’s paper explores questions related to the protection and governance of private data by drawing on the analogy between privacy and property. A common proposal to respect people’s rights while using their data is to treat personal data as property, and compensate data subjects accordingly. It is unclear, however, to what extent personal data can be equated to property.

  • Informed Consent, by Kevin Macnish

In this paper, Kevin Macnish explores the importance of consent in the collection and processing of personal data. After an overview of what consent is and different kinds of consent, Macnish focuses on the debate as to whether consent is justified because it helps to respect autonomy, a view defended by Tom Beauchamp and James Childress, or whether it is grounded on limiting harm, a view defended by Onora O’Neill and Neil Manson.

  • Privacy, Autonomy, and Personalised Targeting, by Karina Vold and Jess Whittlestone

While previous papers have been concerned about the ethics of how personal data is collected, Karina Vold and Jess Whittlestone are concerned with how personal data is used. In particular, they examine the ethics of targeting ads and services to individuals.

  • Differentially Private Data Sets: Methods, Limitations and Mitigation Strategies, by Jordi Soria-Comas

Data set releases are often proposed as one way to address some of the ethical concerns related to institutions holding too much data, and hence too much power. Releasing data sets allows data to be available for secondary use and analysis. Data set releases, however, threaten the privacy of data subjects who might not have consented to such a release or who might have consented without realising the privacy risks they were signing up for. One of the ways in which privacy can be better protected when releasing data sets is through the use of differential privacy. In this paper, Jordi Soria-Comas weighs the advantages and disadvantages of differential privacy in the context of data set releases.

  • Formal Versus Empirical Approaches to Data Anonymity, by Paul Francis

Most research on data anonymity focuses on methods with formal guarantees of anonymity, such as differential privacy. In this paper, Paul Francis argues that computer scientists should be open to and encouraged to work on empirical data anonymisation mechanisms in addition to formal ones—in much the same way that researchers work on both formal and empirical approaches to crypto.

Researchers

Carissa Véliz

University of Oxford

Julia Powles

University of Cambridge

Yves-Alexandre de Montjoye

Imperial College London

Ricard Martínez

Universitat de Valencia

Joss Wright

University of Oxford

Kevin Macnish

University of Twente

Jess Whittlestone

University of Cambridge

Paul Francis

Max Planck Institute

Verena Risse

TU Dortmund

Alfred Archer

Tilburg University

Karina Vold

University of Cambridge

Jordi Soria-Comas

Catalan Data Protection Authority

Nathan Wildman

Tilburg University

In partnership with: