Since approval of the EU General Data Protection Regulation (GDPR) in 2016, it has been widely and repeatedly claimed that the GDPR will legally mandate a ‘right to explanation’ of all decisions made by automated or artificially intelligent algorithmic systems. This right to explanation is viewed as an ideal mechanism to enhance the accountability and transparency of automated decision-making. However, there are several reasons to doubt both the legal existence and the feasibility of such a right. In contrast to the (...) right to explanation of specific automated decisions claimed elsewhere, the GDPR only mandates that data subjects receive meaningful, but properly limited, information (Articles 13-15) about the logic involved, as well as the significance and the envisaged consequences of automated decision-making systems, what we term a ‘right to be informed’. Further, the ambiguity and limited scope of the ‘right not to be subject to automated decision-making’ contained in Article 22 (from which the alleged ‘right to explanation’ stems) raises questions over the protection actually afforded to data subjects. These problems show that the GDPR lacks precise language as well as explicit and well-defined rights and safeguards against automated decision-making, and therefore runs the risk of being toothless. We propose a number of legislative and policy steps that, if taken, may improve the transparency and accountability of automated decision-making when the GDPR comes into force in 2018. (shrink)

We have seen through many examples that data science and artificial intelligence can reinforce structural inequalities like sexism and racism. Data is power, and that power is distributed unequally. This book offers a vision for a feminist data science that can challenge power and work towards justice. This book takes a stand against a world that benefits some (including the authors, two white women) at the expense of others. It seeks to provide concrete steps for data scientists seeking to learn (...) how feminism can help them work towards justice, and for feminists seeking to learn how their own work can carry over to the growing field of data science. It is addressed to professionals in all fields where data-driven decisions are being made, as well as to communities that want to better understand the data that surrounds them. It is written for everyone who seeks to better understand the charts and statistics that they encounter in their day-to-day lives, and for everyone who seeks to better communicate the significance of such charts and statistics to others. This is an example-driven book written with a broad audience of scholars, students, and practitioners in mind. It offers a way of thinking about data, both their uses and their limits, that is informed by direct experience, by a commitment to action, and by the ideas associated with intersectional feminist thought. (shrink)

The debate on the ethics of privacy has been mainly dominated by Western perspectives, to the exclusion of broader ethical theories and socio-cultural perspectives. This imbalance carries risks; transplanted ethical norms and values can collide with those of the communities in which they are deployed. The consequent homogenization might also represent a missed opportunity to enrich and develop the current paradigm of privacy protection so as to effectively face new technological challenges. This article introduces and discusses the sub-Saharan philosophy of (...) Ubuntu and argues how its conception of the self helps to reinterpret some of the emerging issues revolving digital information technologies. To begin with, a general overview of the debate on the ethics of privacy is provided by distinguishing between individual and relational privacy. Also, the challenges of 'group privacy' are discussed. Then, we introduce basic principles of Ubuntu focusing on how these may have affected privacy conceptions and related legal practices. By outlining opportunities and risks of intercultural information ethics, we argue how Ubuntu—similarly to other communitarian moral philosophies—strengthens the development of the concept of relational privacy and, in particular, of group privacy. (shrink)

This paper aims to provide an overview of surveillance theories and concepts that can help to understand and debate surveillance in its many forms. As scholars from an increasingly wide range of disciplines are discussing surveillance, this literature review can offer much-needed common ground for the debate. We structure surveillance theory in three roughly chronological/thematic phases. The first two conceptualise surveillance through comprehensive theoretical frameworks which are elaborated in the third phase. The first phase, featuring Bentham and Foucault, offers architectural (...) theories of surveillance, where surveillance is often physical and spatial, involving centralised mechanisms of watching over subjects. Panoptic structures function as architectures of power, not only directly but also through disciplining of the watched subjects. The second phase offers infrastructural theories of surveillance, where surveillance is networked and relies primarily on digital rather than physical technologies. It involves distributed forms of watching over people, with increasing distance to the watched and often dealing with data doubles rather than physical persons. Deleuze, Haggerty and Ericson, and Zuboff develop different theoretical frameworks than panopticism to conceptualise the power play involved in networked surveillance. The third phase of scholarship refines, combines or extends the main conceptual frameworks developed earlier. Surveillance theory branches out to conceptualise surveillance through concepts such as dataveillance, access control, social sorting, peer-to-peer surveillance and resistance. With the datafication of society, surveillance combines the physical with the digital, government with corporate surveillance and top-down with self-surveillance. (shrink)

In 2016, the European Parliament approved the General Data Protection Regulation (GDPR) whose core aim is the safeguarding of information privacy, and, by corollary, human dignity. Drawing on the field of philosophical anthropology, this paper analyses various interpretations of human dignity and human exceptionalism. It concludes that privacy is essential for humans to flourish and enable individuals to build a sense of self and the world.

Post-mortem privacy is becoming a vital topic of public and scholarly legal concern. Post-mortem privacy is understood as the right of a person to preserve and control what becomes of his reputation and dignity after death. The assumption that the deceased does not qualify for privacy rights, because his bodily presence has been terminated, no longer holds in our networked society. In the digital age, the phenomenon of the digital legacy that an Internet user leaves behind after his demise, has (...) led to new challenges for the legal system. The deceased is no longer in a position to exercise human autonomy as an active agent. The article reconsiders the notion of human autonomy with regard to these digital representations. Taking the point of view that the control over personal information is essential in protecting one’s privacy in the antemortem life, the article explores whether this principle may have validity in the postmortem context. Legal philosophical arguments are advanced in a discourse about the quandary if digital personae of deceased persons can be bestowed with a legal basis of personality rights and concomitantly privacy rights. Therefore much attention is given to the problem of the subject, which does not seem to be functioning in the case of the absence of a living subject. Briefly referring to novel personae, it is argued that fundamental human rights need not be limited to the rights of living human beings. (shrink)

Particular applications of Privacy by Design (PbD) have proven to be valuable tools to protect privacy in many technological applications. However, PbD is not as promising when applied to technologies used for surveillance. After specifying how surveillance and privacy are understood in this paper, I will highlight the shortcomings of PbD when applied to surveillance, using a web-scanning system for counter-terrorism purposes as an example. I then suggest reworking PbD into a different approach: the Minimum Harm by Design (MHbD) model. (...) MHbD differs from PbD principally in that it acknowledges that the potential harms of surveillance bear not only upon privacy but also values that define the very constitution of a society and its political character. MHbD aims to identify and systematise the different categories of such harms and links them to current theories on surveillance on the one hand and on possible design measures on the other. (shrink)

This Article takes the perspective of law and philosophy, integrating insights from computer science. First, I will argue that in the era of big data analytics we need an understanding of privacy that is capable of protecting what is uncountable, incalculable or incomputable about individual persons. To instigate this new dimension of the right to privacy, I expand previous work on the relational nature of privacy, and the productive indeterminacy of human identity it implies, into an ecological understanding of privacy, (...) taking into account the technological environment that mediates the constitution of human identity. Second, I will investigate how machine learning actually works, detecting a series of design choices that inform the accuracy of the outcome, each entailing trade-offs that determine the relevance, validity and reliability of the algorithm’s accuracy for real life problems. I argue that incomputability does not call for a rejection of machine learning per se but calls for a research design that enables those who will be affected by the algorithms to become involved and to learn how machines learn — resulting in a better understanding of their potential and limitations. A better understanding of the limitations that are inherent in machine learning will deflate some of the eschatological expectations, and provide for better decision-making about whether and if so how to implement machine learning in specific domains or contexts. I will highlight how a reliable research design aligns with purpose limitation as core to its methodological integrity. This Article, then, advocates a practice of “agonistic machine learning” that will contribute to responsible decisions about the integration of data-driven applications into our environments while simultaneously bringing them under the Rule of Law. This should also provide the best means to achieve effective protection against overdetermination of individuals by machine inferences. (shrink)

Recently, there has been renewed interest in so-called evidence-based policy making. Enticed by the grand promises of Big Data, public officials seem increasingly inclined to experiment with more data-driven forms of governance. But while the rise of Big Data and related consequences has been a major issue of concern across different disciplines, attempts to develop a better understanding of the phenomenon's historical foundations have been rare. This short commentary addresses this gap by situating the current push for numerical evidence within (...) a broader socio-political context, demonstrating how the epistemological claims of Big Data science intersect with specific forms of trust, truth, and objectivity. We conclude by arguing that regulators' faith in numbers can be attributed to a distinct political culture, a representative democracy undermined by pervasive public distrust and uncertainty. (shrink)

According to the theory of contextual integrity (CI), privacy norms prescribe information flows with reference to five parameters — sender, recipient, subject, information type, and transmission principle. Because privacy is grasped contextually (e.g., health, education, civic life, etc.), the values of these parameters range over contextually meaningful ontologies — of information types (or topics) and actors (subjects, senders, and recipients), in contextually defined capacities. As an alternative to predominant approaches to privacy, which were ineffective against novel information practices enabled by (...) IT, CI was able both to pinpoint sources of disruption and provide grounds for either accepting or rejecting them. Mounting challenges from a burgeoning array of networked, sensor-enabled devices (IoT) and data-ravenous machine learning systems, similar in form though magnified in scope, call for renewed attention to theory. This Article introduces the metaphor of a data (food) chain to capture the nature of these challenges. With motion up the chain, where data of higher order is inferred from lower-order data, the crucial question is whether privacy norms governing lower-order data are sufficient for the inferred higher-order data. While CI has a response to this question, a greater challenge comes from data primitives, such as digital impulses of mouse clicks, motion detectors, and bare GPS coordinates, because they appear to have no meaning. Absent a semantics, they escape CI’s privacy norms entirely. (shrink)

Personal information is key to informational privacy and the algorithmically generated profiles of individuals. However, the concept of personal information and its nature is rarely discussed. The concept of personal information thus seems to be based on an idea of information as objective and truthful—as natural information—that is depicted as digital footprints in the online and digital realm. I argue that the concept of personal information should exit the realm of natural information and enter the realm of nonnatural information—grounded in (...) meaning, intention, and convention—as this will provide us with a concept that can account for potential misleadingness, inaccuracies, and mistakes. (shrink)

Recognizing that many of the modern categories with which we think about people and their activities were put in place through the use of numbers, we ask how numbering practices compose contemporary sociality. Focusing on particular forms of algorithmic personalization, we describe a pathway of a-typical individuation in which repeated and recursive tracking is used to create partial orders in which individuals are always more and less than one. Algorithmic personalization describes a mode of numbering that involves forms of de- (...) and re- aggregating, in which a variety of contexts are continually included and excluded. This pathway of a-typical individuation is important, we suggest, to a variety of domains and, more broadly, to an understanding of contemporary economies of sharing where the politics of collectivities, ownership and use are being reconfigured as a default social. (shrink)