"Tool Clinics" - Embracing Multiple Perspectives in Privacy Research and Privacy-Sensitive Design

Computer scientists or engineers are continually asked to “solve problems” or “improve” existing situations, by selecting from available design features to produce the “best” technical solution. For example, a software developer faced with the problem of securing data must choose between different encryption algorithms – each with different characteristics. Factors such as strength of encryption, speed of encryption, usability, key management and hardware requirements must all be considered. Other requirements such as the sensitivity and amount of data to be protected, the estimated resources of potential attackers, the operational context of the required solution, etc. must also be taken into account. It is impossible for any solution to be 100% perfect, e.g. encrypting data with no detectable delay using an algorithm which cannot be broken. Trade-offs during the design and development process are therefore inevitable as requirements are balanced, e.g. speed vs. strength of encryption. These trade-offs are dilemmas faced by the specialist in arriving at the final design. However, what is the “best solution”, and who decides what “best” means, requires more involved discussion and reflection. The engineer, with their narrow focus on solving the technical problem, might not be best equipped to solely decide what the optimum solution is, particularly if there are likely to be unintended consequences when the solution is deployed, or the proposed technology is decoded differently by users, those directly or indirectly affected, and other stakeholders.

[1]  J. Rall Why Things Bite Back: Technology and the Revenge of Unintended Consequences. , 1997 .

[2]  Simon Joss,et al.  Participatory technology assessment: European perspectives , 2002 .

[3]  L. Cranor,et al.  An Analysis of P3P Deployment on Commercial, Government, and Children's Web Sites as of May 2003 , 2003 .

[4]  Rutger O. van Merkerk,et al.  Tailoring CTA for emerging technologies , 2008 .

[5]  Anne Adams,et al.  Privacy in Multimedia Communications: Protecting Users, Not Just Data , 2001, BCS HCI/IHM.

[6]  Eric Ries,et al.  The lean startup : how constant innovation creates radically successful businesses , 2011 .

[7]  S. Wyatt Technological determinism is dead; Long live technological determinism. , 2008 .

[8]  Jo Pierson,et al.  Configuring Living Labs For A ‘Thick’ Understanding Of Innovation , 2005 .

[9]  G. Loewenstein,et al.  Wouldn't it be nice? Predicting future feelings. , 1999 .

[10]  Simon Heilesen,et al.  Designing for Networked Communications: Strategies and Development , 2007 .

[11]  Sabrina Sauer,et al.  User innovativeness in living laboratories: everyday user improvisations with ICTs as a source of innovation , 2013 .

[12]  D. Kahneman,et al.  Does Living in California Make People Happy? A Focusing Illusion in Judgments of Life Satisfaction , 1998 .

[13]  Joyce Fortune,et al.  The project‐specific Formal System Model , 2009 .

[14]  Lorrie Faith Cranor,et al.  P3P: Making Privacy Policies More Useful , 2003, IEEE Secur. Priv..

[15]  C. Chabris,et al.  Gorillas in Our Midst: Sustained Inattentional Blindness for Dynamic Events , 1999, Perception.

[16]  W. Smit,et al.  De wederzijdse beinvloeding van technologie en maatschappij: een Technology Assessment-benadering , 1999 .

[17]  Lorrie Faith Cranor,et al.  Web Privacy with P3p , 2002 .

[18]  Sven Ove Hansson,et al.  The case for ethical technology assessment (eTA) , 2006 .

[19]  D. Kahneman,et al.  Well-being : the foundations of hedonic psychology , 1999 .

[20]  M. Lynch,et al.  The handbook of science and technology studies , 2008 .

[21]  D. Gilbert,et al.  Focalism: a source of durability bias in affective forecasting. , 2000, Journal of personality and social psychology.

[22]  Pieter Ballon,et al.  Fostering Innovation in Networked Communications: Test and Experimentation Platforms for Broadband Systems , 2007 .

[23]  J. Scholes,et al.  Soft Systems Methodology in Action: Including a 30-Year Retrospective , 2000 .

[24]  Scott Dick,et al.  A Survey and Analysis of the P3P Protocol's Agents, Adoption, Maintenance, and Future , 2007, IEEE Transactions on Dependable and Secure Computing.

[25]  Audley Genus Rethinking constructive technology assessment as democratic, reflective, discourse , 2006 .

[26]  Joyce Fortune,et al.  Using systems thinking to evaluate a major project: The case of the Gateshead Millennium Bridge , 2012 .

[27]  Helen Nissenbaum,et al.  Privacy in Context - Technology, Policy, and the Integrity of Social Life , 2009 .

[28]  A. Valle,et al.  Diffusion of nuclear energy in some developing countries , 2014 .

[29]  Peter Checkland,et al.  Systems Thinking, Systems Practice , 1981 .

[30]  Lorrie Faith Cranor,et al.  Necessary But Not Sufficient: Standardized Mechanisms for Privacy Notice and Choice , 2012, J. Telecommun. High Technol. Law.

[31]  Leon G. Higley,et al.  Forensic Entomology: An Introduction , 2009 .

[32]  Richard P. Eibach,et al.  Focalism and the Failure to Foresee Unintended Consequences , 2011 .