Workshop on Privacy in the Making
Time for new thinking?
In the 1890s, intrusive use of newly invented ‘snapshot’ cameras and mechanised processing of personal data registered on ‘punched cards’ illustrated new risks of loss of privacy due to emerging information technologies. Today, more than hundred years later, where do we stand? Have we by now found suitable legal and technical solutions? Do we understand the problems? There is room for doubt and many observers have concluded that new thinking is necessary. For example, the British Information Commissioner’s Office has found that the time has come to start a new debate that recognises the pace of technological change and the pressures on privacy from so many directions. The Swedish Data Inspection Board has carried out a study of the impact of so called ‘ubiquitous computing’. And so on.
Today, most elements that formed part of the early discussions of IT and privacy are still present and relevant. For example, the drafters of the 1973 Swedish Data Act strived to lessen people’s worries of widespread abuse of their personal data regardless of how well-founded these worries were. In other words, the lawmaker found that the sheer risk of abuse should be taken seriously.
But it would be wrong, even seriously wrong, to maintain that this early start means that the privacy protection discussion has by now reached its end and that we have the finished blueprints for regulation. For one thing, there are many ‘privacy discussions’ rather than a single one. And the technological/social scene where these discussions are staged differs essentially from the scene of some forty years ago. We cannot stay with old concepts and perspectives. The traditional focus on a ‘right to be let alone’ needs to be critically examined and this examination should be based on an adequate understanding of today’s and tomorrow’s relationships between humans and machines in diverse social contexts.
The workshop is intended for participants prepared to take an active part in an advanced discussion of IT and the future of privacy protection. The number of participants will be restricted in order to ensure a lively and well-focused exchange of ideas.
The setup of the workshop
The workshop will consist of two three-hour sessions on the 18th and 19th November respectively. It is strongly recommended to participate in both sessions. No less than fourteen invited persons with an expert background in the field will make certain that the discussion stays vigorous, inspiring and well-focused. The workshop should be seen as a welcome opportunity to deepen each participant’s understanding of privacy, not least since the setup is multidisciplinary.
The time allotted to each speaker’s contribution will be very short, so there will be no lectures in a traditional sense. Succinctly put, the invited speakers are ‘helpers’ rather than ‘lecturers’. Their reflections will strive to lift up issues for discussion and, thus, to steer and inspire the workshop as it goes along. Individual speakers may choose to allot more or less of ‘their time’ to comments from the other workshop participants. As pointed out above, all participants will be expected to engage themselves actively and to share their experiences and thoughts with their fellow participants. The results of the workshop will be documented in a special report.
Outline of session one and session two
Session 1 on 18th November will be devoted to basic aspects of privacy protection. In the centre will be the issue of what interests ought to be protected and related basic societal issues. Experts with different backgrounds and perspectives will present their views – the lawmaker, the legal scholar, and the computer and systems scientist. Having dealt with these general issues, three more specific issues will be singled out for scrutiny: (a) the relationships between privacy and information security, (b) the views and practices of ‘data subjects’, i.e. people, and (c) the meaning and impact of the emerging ‘ubiquitous computing’ society. Generous time will be available for discussion among the workshop participants.
Whereas Theme 1 will, generally speaking, have a theoretical slant, Theme 2 on 19th November will be more action-oriented. It will focus on different players who are active in the field of privacy protection. Their views and strivings can both concur and collide. The first part of the theme 2 session will be devoted to presentations of the opinions and experiences of a number of different players in the public and the private sector. The second part will focus on different means to ensure that privacy is appropriately protected. A broad spectrum of means of steering is assumed, from legislation on the constitutional level to codes of behaviour and information system design methods. As in session one, time will be allotted to discussion of the issues and also to a summing up of the conference track.
Detailed description of the sessions
Day One, 18 November
Privacy protection, a broad perspective
|
Introduction |
|
|
1.30 pm – 1.35 pm |
Peter Seipel Welcome and practical information |
|
What is ‘privacy’ and what are the main concerns today? |
|
|
1.35 pm – 1.50 pm |
Olle Abrahamsson Viewpoints of the lawmaker |
|
1.50 pm – 2.05 pm |
Peter Blume Viewpoints of the legal scholar |
|
2.05 pm – 2.20 pm |
Markus Bylund Viewpoints of the computer and systems scientist |
|
General discussion |
|
|
2.20 pm – 3.00 pm |
Mikael Johnson (moderator) |
|
Coffee break |
|
|
Particular issues associated with privacy |
|
|
3.30 pm – 3.45 pm |
Magnus Bergström Privacy and information security |
|
3.45 pm – 4.00 pm
|
Asko Lehmuskallio Privacy and people’s practices |
|
4.00 pm – 4.30 pm
|
Markus Bylund and Peter Seipel Privacy and the changing framework of information and communication technologies |
|
General discussion |
|
|
4.30 pm – 5.00 pm |
Mikael Johnson (moderator) |
Day two, 19 November
|
The many crossing views. A kaleidoscope of concerns |
|
|
9.00 am – 9.15 am |
Göran Gräslund Reflections of a Data Supervisor |
|
9.15 am – 9.30 am |
Sakari Tamminen User studies, human-computer interaction and privacy |
|
9.30 am – 9.45 am |
Anders R Olsson Privacy threats to freedom of information
|
|
9.45 am – 10.00 am |
Markus Bylund Mirroring digital identities. Increasing user awareness |
| General discussion | |
|
10.00 am – 10.30 am |
Peter Seipel (moderator) |
|
Coffee break 10.30 am – 11.00 am |
|
|
How to build privacy protection. Means, needs and difficulties |
|
|
11.00 am – 11.15 am |
Sören Öman Lessons learned from lawmaking |
|
11.15 am – 11.30 am |
Lee Bygrave A present day view of choices and difficulties |
|
General discussion |
|
|
11.30 am – 12.30 pm Peter Seipel (moderator) |
|
