The paper examines today’s debate on “privacy by design” and the idea that data protection should be embedded in ICT through default settings. On one hand, it seems possible to achieve the perfect enforcement of the law via design in order to solve, say, matters of jurisdiction on the internet. On the other hand, scholars often stress the technical unfeasibility of automatizing all the mechanism of data protection and highlight why self-enforcement technologies would erode the public understanding of the law by eliminating useful interfaces between the terms and the application of the law. In the light of the current state-of-the-art, the paper suggests that we should understand both people’s privacy claims and data protection ‘by’ design, not ‘as’ design, that is, as if the goal were to design regulatory standards that hit their target with infallible accuracy. Both for technical and ethical reasons, it is unlikely that the science of design will offer the one-size-fits-all solution to the problems of data protection. Rather, as moral enablers, these technological devices offer the key to grasp how we are coping with today’s privacy issues. An example is current work on AI & Law and legal ontologies which further illustrates how artificial intelligence and operation research may aid design and, in doing so, impact on the structure and evolution of legal systems. The stake is the integration of compliance with regulatory frameworks through data protection policies, so that privacy protection must ideally become a default mode of operation for ICTs.
Privacy e design
PAGALLO, Ugo
2009-01-01
Abstract
The paper examines today’s debate on “privacy by design” and the idea that data protection should be embedded in ICT through default settings. On one hand, it seems possible to achieve the perfect enforcement of the law via design in order to solve, say, matters of jurisdiction on the internet. On the other hand, scholars often stress the technical unfeasibility of automatizing all the mechanism of data protection and highlight why self-enforcement technologies would erode the public understanding of the law by eliminating useful interfaces between the terms and the application of the law. In the light of the current state-of-the-art, the paper suggests that we should understand both people’s privacy claims and data protection ‘by’ design, not ‘as’ design, that is, as if the goal were to design regulatory standards that hit their target with infallible accuracy. Both for technical and ethical reasons, it is unlikely that the science of design will offer the one-size-fits-all solution to the problems of data protection. Rather, as moral enablers, these technological devices offer the key to grasp how we are coping with today’s privacy issues. An example is current work on AI & Law and legal ontologies which further illustrates how artificial intelligence and operation research may aid design and, in doing so, impact on the structure and evolution of legal systems. The stake is the integration of compliance with regulatory frameworks through data protection policies, so that privacy protection must ideally become a default mode of operation for ICTs.
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
