PETs in the Surveillance Society: A Critical Review of the Potentials and Limitations of the Privacy as Confidentiality Paradigm

“Privacy as confidentiality” has been the dominant paradigm in computer science privacy research. Privacy Enhancing Technologies (PETs) that guarantee confidentiality of personal data or anonymous communication have resulted from such research. The objective of this chapter is to show that such PETs are indispensable but are short of being the privacy solutions they sometimes claim to be given current day circumstances. We will argue using perspectives from surveillance studies that the computer scientists’ conception of privacy through data or communication confidentiality is techno-centric and displaces end-user perspectives and needs in a surveillance society. We will further show that the perspectives from surveillance studies demand a critical review for their human-centric conception of information systems. Last, we re-position PETs in a surveillance society and argue for the necessity for multiple paradigms for privacy and related design.

[1]  Martin Lindsay,et al.  The house of commons , 1947 .

[2]  J. D. Babcock A brief description of privacy measures in the RUSH time-sharing system , 1967, AFIPS '67 (Spring).

[3]  James P. Titus,et al.  Security and Privacy , 1967, 2022 IEEE Future Networks World Forum (FNWF).

[4]  Edward L. Glaser,et al.  A brief description of privacy measures in the multics operating system , 1967, AFIPS '67 (Spring).

[5]  H. E. Petersen,et al.  System implications of information privacy , 1899, AFIPS '67 (Spring).

[6]  Willis H. Ware,et al.  Security and privacy: similarities and differences , 1967, AFIPS '67 (Spring).

[7]  Willis H. Ware,et al.  Security and privacy in computer systems , 1899, AFIPS '67 (Spring).

[8]  Cornelius E. Gallagher,et al.  The computer and the invasion of privacy , 1967, SIGCPR '67.

[9]  Joseph Gray Jackson,et al.  Privacy and Freedom , 1968 .

[10]  H. P Gassmann,et al.  OECD guidelines governing the protection of privacy and transborder flows of personal data , 1981 .

[11]  R. Golembiewski Trust and Power Two Works by Niklas Luhmann . By Niklas Luhmann. (New York: John Wiley, 1980. Pp. xix + 208. $28.95.) , 1981, American Political Science Review.

[12]  M. Foucault The Subject and Power , 1982, Critical Inquiry.

[13]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[14]  R. Putnam Diplomacy and domestic politics: the logic of two-level games , 1988, International Organization.

[15]  Herbert Burkert,et al.  Some Preliminary Comments on the DIRECTIVE 95/46/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. , 1996 .

[16]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[17]  Stefan A. Brands,et al.  Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy , 2000 .

[18]  Lawrence Lessig,et al.  Code and Other Laws of Cyberspace , 1999 .

[19]  Kazue Sako,et al.  Efficient Receipt-Free Voting Based on Homomorphic Encryption , 2000, EUROCRYPT.

[20]  N. Luhmann Familiarity, Confidence, Trust: Problems and Alternatives , 2000 .

[21]  Pekka Nikander,et al.  Users and Trust in Cyberspace , 2000, Security Protocols Workshop.

[22]  Pekka Nikander,et al.  Users and Trust in Cyberspace (Transcript of Discussion) , 2000, Security Protocols Workshop.

[23]  F. Cunningham,et al.  Theories of Democracy: A Critical Introduction , 2001 .

[24]  Eric R. Verheul,et al.  Self-Blindable Credential Certificates from the Weil Pairing , 2001, ASIACRYPT.

[25]  Lawrence Lessig The Future of Ideas , 2001 .

[26]  Serge Gutwirth,et al.  Privacy and the Information Age , 2001 .

[27]  C. Andrew Neff,et al.  A verifiable secret shuffle and its application to e-voting , 2001, CCS '01.

[28]  Herman T. Tavani,et al.  Privacy protection, control of information, and privacy-enhancing technologies , 2001, CSOC.

[29]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[30]  B. Roessler,et al.  Der Wert des Privaten , 2001 .

[31]  Nick Mathewson,et al.  Reputation in privacy enhancing technologies , 2002, CFP '02.

[32]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[33]  Rebecca T. Mercuri A better ballot box , 2002 .

[34]  Latanya Sweeney,et al.  k-Anonymity: A Model for Protecting Privacy , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[35]  Dahlia Malkhi,et al.  E-Voting Without 'Cryptography' , 2002, Financial Cryptography.

[36]  David Lyon,et al.  Surveillance Studies: understanding visibility, mobility and the phenetic fix. , 2002 .

[37]  Latanya Sweeney,et al.  Achieving k-Anonymity Privacy Protection Using Generalization and Suppression , 2002, Int. J. Uncertain. Fuzziness Knowl. Based Syst..

[38]  Felix Stalder,et al.  The Failure of Privacy Enhancing Technologies (PETs) and the Voiding of Privacy , 2002 .

[39]  Ian Goldberg,et al.  Privacy-Enhancing Technologies for the Internet, II: Five Years Later , 2002, Privacy Enhancing Technologies.

[40]  Elizabeth D. Mynatt,et al.  Privacy Mirrors: Understanding and Shaping Socio-technical Ubiquitous Computing Systems , 2002 .

[41]  Walter Peissl,et al.  Surveillance and Security - a Dodgy Relationship , 2002 .

[42]  Privacy is the issue , 2003, IEEE Security & Privacy Magazine.

[43]  George Cybenko,et al.  A Critical Need, An Ambitious Mission, A New Magazine , 2003, IEEE Secur. Priv..

[44]  André Zúquete,et al.  REVS – A ROBUST ELECTRONIC VOTING SYSTEM , 2003 .

[45]  Athman Bouguettaya,et al.  Privacy on the Web: Facts, Challenges, and Solutions , 2003, IEEE Secur. Priv..

[46]  Bart Preneel,et al.  APES - Anonymity and Privacy in Electronic Services , 2003, Datenschutz und Datensicherheit.

[47]  Paul Dourish,et al.  Unpacking "privacy" for a networked world , 2003, CHI '03.

[48]  D. Lyon Surveillance as social sorting : privacy, risk, and digital discrimination , 2003 .

[49]  Elizabeth Sheehy Editorial , 2003 .

[50]  Colin J. Bennett The governance of privacy , 2003 .

[51]  D. Zwick,et al.  Whose Identity Is It Anyway? Consumer Representation in the Age of Database Marketing , 2004 .

[52]  Tim Storer,et al.  Practical Remote Electronic Elections for the UK , 2004, PST.

[53]  Bart Jacobs,et al.  Counting Votes with Formal Methods , 2004, AMAST.

[54]  John E. McGrath,et al.  Loving Big Brother: Performance, Privacy and Surveillance Space , 2004 .

[55]  David J. Phillips Privacy policy and PETs , 2001, New Media Soc..

[56]  Sangjin Kim,et al.  A New Universally Verifiable and Receipt-Free Electronic Voting Scheme Using One-Way Untappable Channels , 2004, AWCC.

[57]  Ted Selker,et al.  Security Vulnerabilities and Problems with VVPT , 2004 .

[58]  James A. Landay,et al.  Personal privacy through understanding and action: five pitfalls for designers , 2004, Personal and Ubiquitous Computing.

[59]  H. Nissenbaum Privacy as contextual integrity , 2004 .

[60]  David Lyon,et al.  Surveillance as Social Sorting : Privacy, Risk and Automated Discrimination , 2005 .

[61]  Wolter Pieters,et al.  RIES - Internet Voting in Action , 2005, COMPSAC.

[62]  P. Verbeek What Things Do: Philosophical Reflections on Technology, Agency, and Design , 2005 .

[63]  W. Peissl „ICT and Privacy“ – das erste gemeinsame EPTA-Projekt , 2005 .

[64]  Alessandro Acquisti,et al.  Information revelation and privacy in online social networks , 2005, WPES '05.

[65]  Paul De Hert,et al.  Camera Surveillance and Workplace Privacy In Belgium , 2005 .

[66]  Oliver Günther,et al.  Privacy in e-commerce: stated preferences vs. actual behavior , 2005, CACM.

[67]  Wolter Pieters,et al.  Ethics of e-voting: an essay on requirements and values in Internet elections , 2005 .

[68]  S. Graham Software-sorted geographies , 2005 .

[69]  Markus Jakobsson,et al.  Coercion-resistant electronic elections , 2005, WPES '05.

[70]  Clare-Marie Karat,et al.  Designing Natural Language and Structured Entry Methods for Privacy Policy Authoring , 2005, INTERACT.

[71]  Roy G. Saltman The history and politics of voting technology , 2006 .

[72]  Yves Deswarte,et al.  Current and future privacy enhancing technologies for the internet , 2006, Ann. des Télécommunications.

[73]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[74]  Melanie Volkamer,et al.  New Generation of Voting Machines in Germany The Hamburg Way to Verify Correctness , 2006 .

[75]  E. Guild,et al.  Security and the Two-Level Game: The Treaty of Prüm, the EU and the Management of Threats. CEPS Working Documents No. 234, 1 January 2006 , 2006 .

[76]  ASHWIN MACHANAVAJJHALA,et al.  L-diversity: privacy beyond k-anonymity , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[77]  J. Borges,et al.  A TAXONOMY OF PRIVACY , 2006 .

[78]  Wolter Pieters,et al.  What proof do we prefer? Variants of verifiability in voting , 2006 .

[79]  Sandra Braman,et al.  Tactical memory: The politics of openness in the construction of memory , 2006, First Monday.

[80]  E. J. Dommering,et al.  Coding regulation : essays on the normative role of information technology , 2006 .

[81]  Ashwin Machanavajjhala,et al.  l-Diversity: Privacy Beyond k-Anonymity , 2006, ICDE.

[82]  Hugo Liu,et al.  Unraveling the Taste Fabric of Social Networks , 2006, Int. J. Semantic Web Inf. Syst..

[83]  Stephen A. Weis Privacy Enhancing Technologies , 2006, IEEE Security & Privacy Magazine.

[84]  Wolter Pieters,et al.  Acceptance of Voting Technology: Between Confidence and Trust , 2006, iTrust.

[85]  Brian Randell,et al.  Voting Technologies and Trust , 2006, IEEE Security & Privacy.

[86]  F. Dehousse,et al.  Les nouvelles perspectives de la cooperation de Schengen: le traite de Prum. = New Perspectives on Schegen Cooperation: The Treaty of Prum. Egmont European Affairs Publication, 2006 , 2006 .

[87]  Johan Eriksson,et al.  International Relations and Security in the Digital Age , 2007 .

[88]  W. Orlikowski Sociomaterial Practices: Exploring Technology at Work , 2007 .

[89]  Joerg Arzt-Mergemeier,et al.  The Digital Voting Pen at the Hamburg Elections 2008: Electronic Voting Closest to Conventional Voting , 2007, VOTE-ID.

[90]  Alessandro Acquisti,et al.  When 25 Cents is Too Much: An Experiment on Willingness-To-Sell and Willingness-To-Protect Personal Information , 2007, WEIS.

[91]  Ninghui Li,et al.  t-Closeness: Privacy Beyond k-Anonymity and l-Diversity , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[92]  Jörn Müller-Quade,et al.  Bingo Voting: Secure and Coercion-Free Voting Using a Trusted Random Number Generator , 2007, VOTE-ID.

[93]  Wolfgang Jung,et al.  Compliance of POLYAS with the BSI Protection Profile - Basic Requirements for Remote Electronic Voting Systems , 2007, VOTE-ID.

[94]  Antoinette Rouvroy,et al.  Privacy, Data Protection, and the Unprecedented Challenges of Ambient Intelligence , 2007 .

[95]  The Reform Treaty and Justice and Home Affairs - Implications for the common Area of Freedom, Security and Justice. CEPS Policy Brief No. 141, 17 August 2007 , 2007 .

[96]  Flavio D. Garcia,et al.  A Practical Attack on the MIFARE Classic , 2008, CARDIS.

[97]  Josep Domingo-Ferrer,et al.  From t-Closeness to PRAM and Noise Addition Via Information Theory , 2008, Privacy in Statistical Databases.

[98]  Mireille Hildebrandt,et al.  Profiling and the Identity of the European Citizen , 2008, Profiling the European Citizen.

[99]  Serge Gutwirth,et al.  Profiling the European Citizen, Cross-Disciplinary Perspectives , 2008 .

[100]  David Evans,et al.  Reverse-Engineering a Cryptographic RFID Tag , 2008, USENIX Security Symposium.

[101]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[102]  Y. Benkler,et al.  The Wealth of Networks , 2008 .

[103]  Wolter Pieters,et al.  La volonté machinale: understanding the electronic voting controversy , 2008 .

[104]  Kirsten Bock Trust Certification An approach to strengthen user confidence through privacy certification , 2008 .

[105]  Luc Bouganim,et al.  Restoring the Patient Control over Her Medical History , 2008, 2008 21st IEEE International Symposium on Computer-Based Medical Systems.

[106]  Jan Zibuschka,et al.  Legal considerations on privacy-enhancing Location Based Services using PRIME technology , 2008, Comput. Law Secur. Rev..

[107]  Clay Shirky Here Comes Everybody: The Power of Organizing Without Organizations , 2008 .

[108]  Thomas Böckenförde,et al.  Auf dem Weg zur elektronischen Privatsphäre , 2008 .

[109]  Bart Jacobs,et al.  Dismantling MIFARE Classic , 2008, ESORICS.

[110]  B. Schutter,et al.  International transfers of data in the field of JHA: The lessons of Europol, PNR and Swift , 2008 .

[111]  Wolfgang Hoffmann-Riem,et al.  Das Grundrecht auf Schutz der Vertraulichkeit und Integrität eigengenutzter informationstechnischer Systeme , 2008 .

[112]  Daniel Le Métayer,et al.  A Formal Privacy Management Framework , 2009, Formal Aspects in Security and Trust.

[113]  Josep Domingo-Ferrer,et al.  A Critique of k-Anonymity and Some of Its Enhancements , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[114]  Bart Jacobs,et al.  Privacy-Friendly Electronic Traffic Pricing via Commits , 2008, Formal Aspects in Security and Trust.

[115]  Nicola Zannone,et al.  Towards the development of privacy-aware systems , 2009, Inf. Softw. Technol..

[116]  Gerrit Hornung,et al.  Data protection in Germany I: The population census decision and the right to informational self-determination , 2009, Comput. Law Secur. Rev..

[117]  Burkhard Schafer,et al.  The German Constitutional Court on the Right in Confidentiality and Integrity of Information Technology Systems , 2009 .

[118]  Y. Poullet,et al.  The Right to Informational Self-Determination and the Value of Self-Development: Reassessing the Importance of Privacy for Democracy , 2009 .

[119]  Lise Getoor,et al.  To join or not to join: the illusion of privacy in social networks with mixed public and private user profiles , 2009, WWW '09.

[120]  Justine Becker Measuring privacy risk in online social networks , 2009 .

[121]  D. A. Blas First Pillar and Third Pillar: Need for a Common Approach on Data Protection? , 2009 .

[122]  B. Jacobs Keeping Our Surveillance Society Non-Totalitarian , 2009 .

[123]  Antoinette Rouvroy,et al.  Technology, Virtuality and Utopia. , 2009 .

[124]  Stuart Reeves,et al.  Facebook as a political weapon: Information in social networks , 2009 .

[125]  Gerrit Hornung,et al.  Data protection in Germany II: Recent decisions on online-searching of computers, automatic number plate recognition and data retention , 2009, Comput. Law Secur. Rev..

[126]  B. Jacobs,et al.  Safety in Numbers -- Road Pricing beyond `Thin' and `Fat' , 2009 .

[127]  Wiebke Abel Agents, Trojans and tags: The next generation of investigators , 2009 .

[128]  Daniel Le Métayer Privacy by Design: A Matter of Choice , 2010, Data Protection in a Profiled World.

[129]  Christoph Herrmann Das Grundrecht auf Gewährleistung der Vertraulichkeit und Integrität informationstechnischer Systeme , 2010 .

[130]  Yves Poullet,et al.  About the E-Privacy Directive: Towards a Third Generation of Data Protection Legislation? , 2010, Data Protection in a Profiled World.

[131]  Bart Jacobs Architecture Is Politics: Security and Privacy Issues in Transport and Beyond , 2010, Data Protection in a Profiled World.

[132]  Tomas A. Lipinski,et al.  The Privacy Advocates: Resisting the Spread of Surveillance , 2011 .

[133]  Christoph Wegener Ein neues Grundrecht , 2012, Datenschutz und Datensicherheit - DuD.