Ubiquitous Computing, Privacy and Data Protection: Options and Limitations to Reconcile the Unprecedented Contradictions

The emerging paradigm of ubiquitous computing promises unprecedented levels of support of human activities by information technologies working invisibly in the background and providing their services in an unobtrusive and effortless manner. At the same time, these systems will bring about so far inconceivable levels of surveillance, collection of personal data, their merging and continuous transfer and processing, creating unprecedented threats to privacy and data protection. As a consequence ubiquitous computing is also challenging central human values that are affiliated to privacy, embracing items like individual autonomy, democracy or societal sustainability. The inherent threats to privacy have been recognised from the very beginning of the development of this vision and numerous attempts have been undertaken to reconcile the obviously conflicting objectives of ubiquitous computing and the principles of current data protection. The core of contemporary data protection is based on a general limitation of the generation, processing and use of personally identifiable data, supplemented by sets of rules which define exceptions from the general prohibition and regulate these specific cases. A major stream of efforts to preserve privacy under the new technological regime focused on the integration of privacy protection principles into ubiquitous computing technologies; in more recent times, the suitability of current regulatory framework for the emerging new paradigm of information technologies moved closer to the centre of attention. Both directions, the development of privacy enhancing, ubiquitous computing technologies and adaptations of legislation to accommodate the enormous threats for privacy possess certain mitigating potentials, but are either insufficient or incompatible with the core objectives of the new technical paradigm. Measures that are sufficient to confront the vision of ubiquitous computing with more than an illusion of privacy will probably also require changes in the paradigm of current data protection principles and a reshaping of the vision towards societal sustainability.

[1]  Mark Weiser The computer for the 21st century , 1991 .

[2]  Serge Gutwirth,et al.  Profiling the European Citizen, Cross-Disciplinary Perspectives , 2008 .

[3]  Mireille Hildebrandt,et al.  Profiling and the Identity of the European Citizen , 2008, Profiling the European Citizen.

[4]  Serge Gutwirth,et al.  Legal safeguards for privacy and data protection in ambient intelligence , 2008, Personal and Ubiquitous Computing.

[5]  Antoinette Rouvroy,et al.  Privacy, Data Protection, and the Unprecedented Challenges of Ambient Intelligence , 2007 .

[6]  G. lachello Protecting personal data: can IT security management standards help? , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[7]  Y. Poullet,et al.  The Right to Informational Self-Determination and the Value of Self-Development: Reassessing the Importance of Privacy for Democracy , 2009 .

[8]  Ching-Yi Liu,et al.  The Architecture of Privacy , 1998 .

[9]  Abigail Sellen,et al.  Design for Privacy in Ubiquitous Computing Environments , 1993, ECSCW.

[10]  Roger A. Clarke,et al.  Information technology and dataveillance , 1988, CACM.

[11]  Mireille Hildebrandt,et al.  Who is Profiling Who? Invisible Visibility , 2009 .

[12]  Anne Adams,et al.  Privacy in Multimedia Communications: Protecting Users, Not Just Data , 2001, BCS HCI/IHM.

[13]  M. Foucault,et al.  Discipline and Punish: The Birth of the Prison. , 1978 .

[14]  Johann Cas,et al.  Privacy in pervasive computing environments - a contradiction in terms? , 2005, IEEE Technology and Society Magazine.

[15]  Sarah Spiekermann,et al.  Critical RFID Privacy-Enhancing Technologies , 2009, IEEE Security & Privacy.

[16]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[17]  Roger Brownsword Reinventing Data Protection , 2009 .