research-article

The other side of privacy: surveillance in data control

Authors:

James B. RuleAuthors Info & Claims

British HCI '15: Proceedings of the 2015 British HCI Conference

Pages 184 - 192

https://doi.org/10.1145/2783446.2783584

Published: 13 July 2015 Publication History

Abstract

Privacy and surveillance take on new forms through social software technologies. Privacy may not be achieved by being let alone, rather, by choosing a group of people whom are trusted with one's data. Similarly, surveillance takes the form of monitoring users' data rather than monitoring users themselves. To offer privacy and counter surveillance, the "privacy as control" paradigm focuses on approaches that offer as much data control as possible. In practice, offering control to users depends on assigning control to non-user entities, who may have surveillance capabilities, which results in an interdependency of privacy and surveillance. This interdependency is problematic and contradicts what data control approaches should offer. In this paper, we examine this interdependency in data control within social software. We put forward criteria to evaluate the degree of control and privacy and the degree of surveillance entailed by a data control approach. We perform a comparative analysis of data control approaches in the technical and the legal context. The analysis shows how certain aspects of surveillance are deeply rooted in the realisations of "privacy as control". We argue that data control approaches should offer transparency, reciprocity and a balanced degree of control as a first step towards addressing the interdependency of privacy and surveillance.

References

[1]

A. Acquisti, E. Balsa, B. Berendt, D. Clarke, W. De Groef, R. De Wolf, C. Diaz, B. Gao, S. Gürses, J. Pierson, F. Piessens, R. Sayaf, T. Schellens, F. Stutzman, B. Van Alsenoy, and E. Vanderhoven. SPION project deliverable. D2.1-state of the art, 2010.

[2]

J. Alhadeff, B. Van Alsenoy, and J. Dumortier. The accountability principle in data protection regulation: Origin, development and future directions. In D. Guagnin, L. Hempel, C. Ilten, I. Kroener, D. Neyland, and H. Postigo, editors, Managing privacy through accountability. Palgrave Macmillan, Basingstoke, UK, 2012.

[3]

S. B. Barnes. A privacy paradox: Social networking in the united states. First Monday, 11(9), 2006.

[4]

A. Clement. Considering privacy in the development of multi-media communications. Computer Supported Cooperative Work, 2(1--2):67--88, 1993.

[5]

E. Commission. Article 29 data protection working party, opinion 5/2009 on online social networking. http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2009/wp163_en.pdf, 2009.

[6]

L. Cutillo, R. Molva, and T. Strufe. Safebook: A privacy-preserving online social network leveraging on real-life trust. Communications Magazine, IEEE, 47(12):94--101, dec. 2009.

Digital Library

[7]

G. Danezis and S. Gürses. A critical review of 10 years of privacy technology. In Surveillance Clutures: A Global Surveillance Society, 2010.

[8]

R. Dingledine, N. Mathewson, and P. Syverson. Tor: The second-generation onion router. In USENIX Security Symposium, pages 303--320, 2004.

Digital Library

[9]

Y. Gurevich, H. E., and J. Wing. Inverse privacy. Technical report, Microsoft Research, 2014.

[10]

S. Gürses. Multilateral Privacy Requirements Analysis in Online Social Network Services. PhD thesis, KU Leuven, 2010.

[11]

S. Gürses and B. Berendt. PETS in the surveillance society: A critical review of the potentials and limitations of the privacy as confidentiality paradigm. In Data Protection in a Profiled World, pages 301--321. Springer, 2010.

[12]

S. Gürses and C. Diaz. Two tales of privacy in online social networks. IEEE Security & Privacy, 11(3):29--37, 2013.

Digital Library

[13]

A. Haeberlen and P. Kouznetsov. Peerreview: practical accountability for distributed systems. In Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles, SOSP '07, pages 175--188, NY, USA, 2007. ACM.

Digital Library

[14]

R. Harper, editor. Trust, Computing and Society. CUP: New York, 2014.

[15]

G. Karjoth, M. Schunter, and M. Waidner. Platform for enterprise privacy practices: Privacy-enabled management of customer data. In Privacy Enhancing Technologies, pages 69--84. Springer, 2003.

[16]

J. E. Katz and R. E. Rice. Social consequences of Internet use: Access, involvement, and interaction. MIT press Cambridge, MA, 2002.

[17]

J. McGrath. Loving Big Brother: Performance, privacy and surveillance space. Psychology Press, 2004.

[18]

B. Mroue. Syria Facebook, YouTube Ban Lifted: Reports. The World Post, Feb. 2011.

[19]

I. on Censorship. Syria unblocks Facebook and Youtube. Electronic article: http://www.indexoncensorship.org/2011/02/syria-unblocks-facebook-and-youtube/, Feb. 2011.

[20]

D. M. Pedersen. Model for types of privacy by privacy functions. Journal of Environmental Psychology, 19(4):397--405, 1999.

[21]

S. Preibusch. Privacy behaviors after snowden. Commun. ACM, 58(5):48--55, Apr. 2015.

Digital Library

[22]

J. Preston. Seeking to disrupt protesters, Syria cracks down on social media. Electronic article: http://www.nytimes.com/2011/05/23/world/middleeast/23facebook.html, May 2011.

[23]

J. B. Rule. When it comes to protecting its citizens' data, Europe is way ahead of the U.S. http://www.latimes.com/opinion/op-ed/la-oe-rule-nsa-privacy-european-union-20140513-story.html, May 2014.

[24]

R. Sayaf and D. Clarke. Access control models for online social networks. Social Network Engineering for Secure Web Data and Services, pages 32--65, 2012.

[25]

R. Sayaf, D. Clarke, and R. Harper. CPS²: a contextual privacy framework for social software. In SECURECOMM 2014. Springer, 2014.

[26]

R. Sayaf, J. B. Rule, and D. Clarke. Can users control their data in social software? an ethical analysis of data control approaches. In IEEE S& P Workshops (SPW), pages 1--4, 2013.

[27]

B. Schneier and J. Kelsey. Secure audit logs to support computer forensics. ACM Trans. Inf. Syst. Secur., 2:159--176, May 1999.

Digital Library

[28]

A. Simpson. On the need for user-defined fine-grained access control policies for social networking applications. Proceedings of the workshop on Security in Opportunistic and SOCial networks - SOSOC '08, pages 1--8, 2008.

Digital Library

[29]

A. C. Squicciarini, M. Shehab, and J. Wede. Privacy policies for shared content in social network sites. The VLDB Journal---The International Journal on Very Large Data Bases, 19(6):777--796, 2010.

Digital Library

[30]

A. C. Squicciarini and S. Sundareswaran. Web-traveler policies for images on social networks. World Wide Web Internet And Web Information Systems, 12(4):461--484, 2009.

Digital Library

[31]

C. Wang and H.-f. Leung. A secure and private clarke tax voting protocol without trusted authorities. In Proceedings of the 6th international conference on Electronic commerce, ICEC '04, pages 556--565, New York, NY, USA, 2004. ACM.

Digital Library

[32]

S. Warren and L. Brandeis. The right to privacy. Harward Law Review, 4(5):193--220, 1890.

Cited By

Sayaf RPreibusch SClarke D(2015)Contextual Healing: Privacy through Interpretation Management2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity)10.1109/SmartCity.2015.98(360-365)Online publication date: Dec-2015
https://doi.org/10.1109/SmartCity.2015.98

Index Terms

The other side of privacy: surveillance in data control

Recommendations

W3-privacy: understanding what, when, and where inference channels in multi-camera surveillance video

Huge amounts of video are being recorded every day by surveillance systems. Since video is capable of recording and preserving an enormous amount of information which can be used in many applications, it is worth examining the degree of privacy loss ...
Privacy-awareness information for web forums: results from an empirical study
NordiCHI '10: Proceedings of the 6th Nordic Conference on Human-Computer Interaction: Extending Boundaries

While interacting with others on the internet, users share a lot of personal data with a potentially large but "invisible" audience. An important issue is maintaining control over personal data and therefore, in the first place, users need to be aware ...
Inaccuracy as a privacy-enhancing tool

The accuracy principle is one of the key standards of informational privacy. It epitomises the obligation for those processing personal data to keep their records accurate and up-to-date, with the aim of protecting individuals from unfair decisions. ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

British HCI '15: Proceedings of the 2015 British HCI Conference

July 2015

334 pages

ISBN:9781450336437

DOI:10.1145/2783446

General Chairs:
Shaun Lawson
University of Lincoln, UK
,
Patrick Dickinson
University of Lincoln

Copyright © 2015 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 July 2015

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

IWT

Conference

British HCI 2015

British HCI 2015: 2015 British Human Computer Interaction Conference

July 13 - 17, 2015

Lincolnshire, Lincoln, United Kingdom

Acceptance Rates

British HCI '15 Paper Acceptance Rate 28 of 62 submissions, 45%;

Overall Acceptance Rate 28 of 62 submissions, 45%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
240
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sayaf RPreibusch SClarke D(2015)Contextual Healing: Privacy through Interpretation Management2015 IEEE International Conference on Smart City/SocialCom/SustainCom (SmartCity)10.1109/SmartCity.2015.98(360-365)Online publication date: Dec-2015
https://doi.org/10.1109/SmartCity.2015.98

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten