1. Privacy and Sensor Networks: Do Sensor Networks fit with Fair Information Practices Deirdre K. Mulligan Acting Clinical Professor of Law Director, Samuelson Law, Technology & Public Policy Clinic Boalt Hall http://www.samuelsonclinic.org

2. Privacy  Legal protections for privacy have multiple roots  Important norm– individuals have own concepts of privacy; can vary greatly between cultures  Different things in different settings; Know it when you lose it

3. 3 Result: Patchwork Privacy Protection  Constitutional, statutory, common law, State, Federal  Sectoral  Focus on a business, a record keeper, a format (electronic v. paper; oral v. visual; electronic v. aural), a piece of information  Multiple overlapping, sometimes difficult to reconcile rules AND inconsistencies - same practices receive different treatment

4. 10 Thinking about privacy in Sensor Networks Fair Information Practice Principles Basic framework of statutory protections in US and worldwide  Collection Limitation  Purpose specification  Openness  Consent  Individual participation  Data Quality  Use Limitation  Security  Accountability

5. 7 Thinking about Privacy in Sensor Networks: Statutory protections Limits on government intrusion -- conversation between Court and Congress  Title III (1968) – restrictions on wiretapping and electronic surveillance (Katz; Smith) (extended by ECPA 1986 and CALEA 1995; altered by Patriot Act 2001)  Right to Financial Privacy (Miller)

6. 13 Beliefs underlying privacy law  Data collection is exception  Public/private spaces distinct - personal will exist in private space  Wall between private sector and government is thick  Data collection is engaged in by limited set of corporate or commercial entities  Communications are ephemeral; distinction between content and other  Regulatory patchwork; notice and consent  Protections weaken as information moves away from home/person out into network/third party storage  Little regulation of government acquisition of personal information from private entities  Regulatory framework focuses on specific record keepers rather than the protection of the information itself  Protections for records related to individual maintained by third parties are weak

7. 14 Sensor Networks  “The most profound technologies are those that disappear. They weave themselves into the fabric of everyday life until they are indistinguishable from it.” M. Weiser, “The computer for the 21st Century,” 1991.  “In the future, interconnected devices will be so commonplace that "the internet" becomes invisible. Devices span from the so tiny that the computer disappears, to servers so large that storage limits vanish. It will be possible to track and relate everything...” The Endeavour Expedition: Charting the Fluid Information Utility

8. 15 Existing privacy law is a poor fit for Sensor Networks  Data collection as norm  Absence of cues that signal data collection  Porous barriers between public and private spaces  Everyone is a potential data collector  New kinds of data “sensed” created, stored  Increased ability to create patterns, knowledge out of seemingly unrevealing bits of data  Ability to influence behavior/alter environment in realtime based on data that may not meet definitions of PII found in traditional data protection statutes  Always on, broad accessibility

9. Big questions  Given importance of whether tech is broadly available to public to question of 4 th A “reasonableness” premium put on what kind of world technology gives us. Do we want a world with no privacy?  Who “should” be responsible?  How do we consider system design and policy issues in multi-use technology?

10. 16 Challenges for system designers and policy makers  How do you facilitate transparency and control where being unobtrusive is an explicit system goal?  How do you evaluate privacy risks when you don’t know who is accessing the information and to what else they may be privy?  To what extent do you design around the weaknesses of the existing privacy law? (preference for client side storage? Destruction of data? Limits on certain kinds of collection?)

11. 17 Key questions for business adoption  What are the implications of these systems given the ability of private actors and governmental entities to access information? (privacy, business confidentiality, various sorts of litigation)  Given limits of law, how to deploy? (Limit data collection; purge quickly; keep identification information separate from other forms of data)  Need to fix the law?