ICTlogy

Student research seminar: Karen McCullagh

It is often said that we have a righ to a private life, yet what this means remains unclear. This presentation reports 3 Phases of research:
1) How does the concept of private data interplay with the concept of sensitive data?
2) In the blog era what is private data? Is the technology changing perceptions and expectations?
3) Would a definition of private data be useful? How should it be defined?

The principle of sensitivity holds that the processing of certain types of data should be subjet to more stringent controls

• Test sensitivity ratings of seven categories of data recognized in the Directive (UK) as sensitive
• Test perceptions of sensitivity of eight not legally recognized categories of sensitive data which emerged in interviews with data protection and privacy experts: employment history, education qualifications, membership of political party/organization, clickstream data, personal contact detaisl, genetic information, biometric information, financial data

It’s curious to notice that most respondents — and even more bloggers — find most non recognized categories of sensitive data as being more sensitive than most recognized ones.

There are important lacks of categories both in the recognized and the non-recognized ones, such as gender or race that are very likely to be perceived as highly sensitive by some people

Related to bloggers, 24.8% posted personal information on their blogs all the time. Among those that did not post personal information, this personal information was about personally identifying information, information regarding others, emotions, sex/relationships, arguments, financial information, work, health information, illegal activities, political beliefs, religious believes, etc. About this issue, John Kelly states that for this issues, it is usual to find specific blogs (second blogs) dedicated precisely to this purpose.

Some people maintain both a (paper) diary and a public blog, being the main reason to keep private the most private issues (i.e. emotions) on their diary, and let the most trivial ones be public on the blog.

Proposed definition of private data

• Work on the boundaries of what is private and what is not
• Disclosing issues, definition of disclosing contexts
• Right to disclose should not be compulsory
• Maybe the focus should be put not on data collection, but on the backend (uses)
• Is private data, personal data and sensitive data overlapping concepts?

Conclusions

• there are new (non-recognized) categories of sensitive data emerging
• grading data according sensitivity is fraught with difference, as it requires a casuistic form of regulation
• Privacy in the blogosphere is a dynamic, dialectic process of negotiation conditions by people’s expectations
• this negotiation is dependent on people controlling the information and the context

My reflections

• Will there be a compared Law analysis across countries (i.e. in Europe)?
• Could there be a bias on the perception of recognized categories as less sensitive just because you’re already confident that they are recognized as sensitive ones?

More info

• American Civil Liberties Union Surveillance Campaing (Pizza Palace)
• What Is Private Data?, by Daithí Mac Síthigh

Previous post: OII SDP 2007 (X): Social Technologies and Ongoing Relationship Management

Next post: OII SDP 2007 (XII): The Tools of Government in a Digital Age