Abstract
In both the academic literature and in the media there have been concerns expressed about the level of surveillance technologies used to facilitate security and its effect upon privacy. Government policies in the USA and the UK are continuing to increase surveillance technologies to counteract perceived terrorist threats. Reflecting upon Ashby’s Law of Requisite Variety, the authors conclude that these policies will not meet espoused ends and investigate an alternative strategy for policy making. The authors develop a methodology by drawing on an isomorphy of concepts from the discipline of Macroeconomics. This proposal is achieved by considering security and privacy as economic goods, where surveillance is seen as security technologies serving ID management and privacy is considered as being supported by ID assurance solutions. As the means of exploring the relationship between surveillance and privacy in terms of the proposed methodology, the authors use scenarios from a public report commissioned by the UK Government. The result of this exercise suggests that the proposed methodology could be a valuable tool for decision making at a strategic and aggregate level.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ashby, W.R.: Design for a Brain. Halstead Press, New York (1960)
Beer, S.: Brain of the Firm, 2nd edn. Wiley, Chichester (1981)
Westin, A.F.: The 1996 Equifax-Harris Consumer Privacy Survey. Equifax Inc., Atlanta (1996)
Williams, M.: The Total Information Awareness Project Lives On (2006), http://www.technologyreview.com/Infotech/16741/
Brunk, B.: Understanding the Privacy Space. First Monday 7(10) (2002), http://www.firstmonday.org/Issues/issue7_10/brunk/
Klopfer, P., Rubenstein, D.: The Concept Privacy and its Biological Basis. Journal of Social Issues 33, 22–41 (1977)
Odlyzko, A.: Privacy, Economics, and Price Discrimination on the Internet. In: ACM, Fifth International Conference on Electronic Commerce, pp. 355–366 (2003)
Westin, A.: Privacy and Freedom. Atheneum, New York (1967)
House of Lords, European Union Committee.: The Passenger Name Record (PNR) Framework Decision, 15th Report of Sessions 2007-08, London, the Stationary Office Limited (2008)
Danezis, G., Wittneben, B.: The Economics of Mass Surveillance and the Questionable Value of Anonymous Communications. In: Fifth Workshop on the Economics of Information Security (2006)
Crosby, J.: Challenges and Opportunities in Identity Assurance, HM Treasury (2008), http://www.hm-treasury.gov.uk/media/6/7/identity_assurance060308.pdf
Schlicht, E.: Isolation and Aggregation in Economics. Springer, New York (1985)
Information Technology Association of America: Identity Management: Building Trust, Mitigating Risks, Balancing Rights. White Paper (2005), http://www.itaa.org/news/docs/idmgmtwhitepaper.pdf
BBC: Brown apologises for records loss (2007), http://news.bbc.co.uk/1/hi/uk_politics/7104945.stm
Collins, T.: HMRC’s Missing Child Benefit CDs - What Went Wrong and Lessons for NPfIT and ID cards. Computer Weekly (2007), http://www.computerweekly.com/blogs/tony_collins/2007/11/hmrcs-missing-child-benefit-cd-1.html
Wang, R.Y., Allen, T.J., Harris, W., Madnick, S.E.: An Information Product Approach for Total Information Awareness. MIT Sloan Working Paper No. 4407-02; CISL No. 2002-15 (November 2002), http://ssrn.com/abstract=376820
Straub, D.W.: Effective IS Security: An Empirical Study. Information Systems Research 1(3), 255–276 (1990)
Lucas, H., Olson, M.: The Impact of Information Technology On Organizational Flexibility. IOMS: Information Systems Working Papers, New York University, IS-93-49 (1993)
Wang, L., Wijesekera, D., Jajodia, S.: Cardinality-based inference control in data cubes. Journal of Computer Security 12(5), 655–692 (2004)
Sweeney, L.: k-anonymity: A Model for Protecting Privacy. International Journal on Uncertainty, Fuzziness and Knowledge-Based Systems 10(5), 557–570 (2002)
Bishop, M.: Computer Security: Art and Science. Addison-Wesley, New York (2002)
Katos, V., Patel, A.: A Partial Equilibrium View on Security and Privacy. Information Management & Computer Security 16(1), 74–83 (2008)
Inness, J.: Privacy, Intimacy and Isolation. Oxford University Press, Oxford (1992)
Branson, W.H., Litvack, J.M.: Macroeconomics, 2nd edn. Harper & Row, New York (1981)
Dornbush, R., Fischer, S.: Macroeconomics, 7th edn. McGraw-Hill, New York (1998)
Grossklags, J., Acquisti, A.: When 25 cents is too much: An experiment on willingness-to-sell and willingness-to-protect personal information. In: Proc. of the 6th Workshop on Economics and Information Security, Pittsburgh, USA (2007)
Schoderbek, P.P., Schoderbek, C.G., Kefalas, A.G.: Management Systems: Conceptual Considerations, Irwin, Boston (1990)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Katos, V., Stowell, F., Bednar, P. (2011). Surveillance, Privacy and the Law of Requisite Variety. In: Garcia-Alfaro, J., Navarro-Arribas, G., Cavalli, A., Leneutre, J. (eds) Data Privacy Management and Autonomous Spontaneous Security. DPM SETOP 2010 2010. Lecture Notes in Computer Science, vol 6514. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-19348-4_10
Download citation
DOI: https://doi.org/10.1007/978-3-642-19348-4_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-19347-7
Online ISBN: 978-3-642-19348-4
eBook Packages: Computer ScienceComputer Science (R0)