Special Workshop on Information Privacy

The Special Workshop on Information Privacy will consist of a one-day presentation of high-quality research in the area of information privacy. It will include 1) invited papers by scholars from participating schools and 2) submitted papers. The day will include four sessions, each of which will feature two paper presentations by authors and ample time for discussion facilitated by a designated commentator. Our goal is to enhance ties between scholars within the iSchool communities researching privacy and related topics. iSchool faculty, alumni, and students consistently make important contributions to research and policy developments around privacy. This special workshop seeks to facilitate dialogue between different parts of the privacy community, support its continued growth, and identify areas for potential collaboration. The following papers were selected for the workshop: Peer-produced Privacy Protection: A Common-pools Approach Vaibhav Garg, Sameer Patil, Apu Kapadia, L Jean Camp Abstract: Privacy risks have been addressed through technical solutions (e.g., privacyPrivacy risks have been addressed through technical solutions (e.g., privacyenhancing technologies) as well as regulatory measures (e.g., Do Not Track). These approaches are inherently limited as they are grounded in the paradigm of a rational end user who can determine, articulate, and manage his or her consistent privacy preferences. An implication of the rational end user paradigm is that self serving efforts to implement individual privacy preferences lead to socially optimal outcomes regarding information sharing. As a result, solutions to specific privacy risks are developed, and even mandated, without effective reduction in overall harm. We present a systematic framework to examine the limitations of current technical and policy solutions. To address the shortcomings, we argue for considering information sharing to be transactions within a community. Outcomes of privacy management can be improved at a lower overall cost if peers -as a community -are empowered by appropriate technical and policy mechanisms. Design for a community requires encouraging dialogue, enabling transparency, and supporting enforcement of community norms. We provide examples of technical design and policy initiatives that leverage such commons based communal governance through peer production of privacy protection. Theorizing Privacy's Contestability: A Multi-Dimensional Analytic of Privacy Deirdre K. Mulligan, Colin Koopman Abstract: The concept of privacy, despite its centrality for contemporary liberal democratic cultures, remains remarkably contested. The scholarly literatures on privacy theory, privacy law, and the morality of privacy present a dizzying array of diverging conceptualizations and analyses of privacy. This contestability of privacy has been widely observed by privacy scholars. A common thread running throughout these observations is that privacy is polysemous not only in the context of theoretical disputes about privacy’s meaning, but also in the context of privacy’s everyday use. The concept of privacy, despite its centrality for contemporary liberal democratic cultures, remains remarkably contested. The scholarly literatures on privacy theory, privacy law, and the morality of privacy present a dizzying array of diverging conceptualizations and analyses of privacy. This contestability of privacy has been widely observed by privacy scholars. A common thread running throughout these observations is that privacy is polysemous not only in the context of theoretical disputes about privacy’s meaning, but also in the context of privacy’s everyday use. iConference 2013 February 12-15, 2013 Fort Worth, TX, USA 1027 This article argues that privacy’s ambiguity reflects its keen social importance—not as some have suggested a lack of due attention or emptiness. Privacy is an “essentially-contested concept”: its value and power—its ability to do work in the world—derives, in part, from its ambiguity. Like other essentiallycontested concepts, privacy cuts so much to the heart of our moral, political, legal, and cultural selfunderstandings that we cannot but disagree over its meaning, application, implementation, and justification. The attendant debates surrounding privacy, while often frustrating, evidence productive negotiations over meaning in rapidly-changing social contexts. Yet, the disagreement at both the theoretical and practical levels over privacy’s meaning and purpose has intensely troubling practical consequences. It can stymie action as an assumed commonality of purpose gives way to an underlying plethora of meanings with separate goals, privacy is decreed too fickle and indeterminate to be advanced through collective decisions in legislative, regulatory, and scientific fora. It can leave wrongs experienced as privacy violations orphaned as theories of privacy fail to connect with human experience. Bandied about but never richly mapped, privacy becomes easy to devalue and less likely to organically evolve and extend. Ambiguity becomes an excuse for disregarding privacy claims—despite visceral and broad appeal, and vociferous support. The challenge is to bring the strength of privacy—its rhetorical power and supple and polysemous nature—into action. The core contribution of this article is a multi-dimensional analytic of privacy that facilitates a richer analysis of operative concepts of privacy. This analytic mapping provides a toolkit for performing anatomies of privacy as experienced. The analytic delineates a range of dimensions across which concepts of privacy vary including: objects, justifications, exemplars, targets, subjects, actions, offenders, mechanisms, providers, contexts of practice, and scope. In the article’s penultimate section, we use our privacy analytic to illuminate a set of three prominent privacy cases. These examples reveal the value of a more rigorous approach to privacy analysis in legislative drafting, technical design, and argumentation. In the final section, we return to our central argument that privacy’s essential contestability is key to its ongoing relevance and utility in political and social life but only under the guidance of detailed analytical tools that enable us to discern the contours of our many privacies, map them onto contexts, and construct mechanisms to protect them. The Impact of Privacy Regulation on Technology Adoption: The Case of Health Information Exchanges Idris Adjerid, Alessandro Acquisti, Rema Padman, Rahul Telang, Julia Adler-Milstein Abstract: Health Information Exchanges (HIEs) are innovative healthcare technology initiatives that increase coordination between healthcare providers. Their purpose is to improve efficiency and quality of care through enhanced sharing of patient data. To soothe privacy concerns associated with HIE development, however, numerous states have enacted laws establishing strict patient consent requirements for medical data shared through HIEs. We investigate the impact of privacy consent regulation on the adoption and success of HIEs. We find that among all states with laws intended to promote HIE adoption, those that had requirements for patient consent experienced greater HIE adoption and success, while also reporting lower levels of privacy concerns. These findings contribute to the debate over the impact of privacy regulation on technological progress, and provide insights on the delicate balance between privacy concerns and the benefits of technology adoption. Health Information Exchanges (HIEs) are innovative healthcare technology initiatives that increase coordination between healthcare providers. Their purpose is to improve efficiency and quality of care through enhanced sharing of patient data. To soothe privacy concerns associated with HIE development, however, numerous states have enacted laws establishing strict patient consent requirements for medical data shared through HIEs. We investigate the impact of privacy consent regulation on the adoption and success of HIEs. We find that among all states with laws intended to promote HIE adoption, those that had requirements for patient consent experienced greater HIE adoption and success, while also reporting lower levels of privacy concerns. These findings contribute to the debate over the impact of privacy regulation on technological progress, and provide insights on the delicate balance between privacy concerns and the benefits of technology adoption. Libraries, Electronic Resources, and Privacy: The Case for Positive Intellectual Freedom