Request For Research Presentations For the PrivacyCon Conference #00004

Submission Number:
Ewa Luger
Outside the United States
Initiative Name:
Request For Research Presentations For the PrivacyCon Conference
Promoting Data Protection and Privacy by and for Design The notion of privacy by design is gaining ground within academic and legal communities. However, this is considerably less the case regarding the practical implementation of creative and systems design/architecture. This can be attributed to a number of factors; (a) Legal rules are convoluted, uncertain, and not geared towards operationalisable heuristics or development guidelines for system designers, (b) the concept is currently poorly specified, (c) that privacy has been reduced from a social concern to a matter of data protection compliance, (d) that such compliance is seen as a post hoc activity to be carried out by legal experts, and (e) that the pragmatics of design within industrial contexts do not allow for privacy considerations at the point of system conception. The danger, however, is that such infrastructural and attitudinal realities inhibit creative solutions to privacy protection and allow for potentially gross privacy violations to be worked around, rather than dealt with at the early stages of systems design. Our research asks the question; how might we make privacy law more accessible and engaging to designers within corporations, start-ups and the wider creative industries community? To this end we created a set of ideation cards, aligned to the draft EU data protection regulations, which tested positively with designers. The purpose of the cards is to sensitise systems designers to data protection issues as well as to stimulate creative thought around privacy preserving solutions. These cards are newly funded by NSF EAGER (2015-16), in partnership with NYU Polytechnic, Microsoft (Redmond), Intel Security, Corpus Christi College (University of Cambridge, UK), and Horizon Digital Economy Research (University of Nottingham, UK). A multidisciplinary team of privacy, legal, Human Computer Interaction and Design experts will develop a range of cards to reflect US privacy law and consumer privacy issues. These will be embedded in computer science undergraduate programmes and tested with both corporate engineering teams and start-ups. We propose that we would report our current findings (see attached paper). The cards will be fully customisable and freely available.