Developing Foundations for Accountability Systems: Informational Norms and Context-Sensitive Judgments
Annual Computer Security Applications Conference, Workshop on Governance of Technology, Information, and Policies, 2010
6 Pages Posted: 25 Nov 2010 Last revised: 21 Aug 2012
Date Written: November 24, 2010
Adequately protecting informational privacy in an increasingly interconnected world poses two problems. What are the appropriate privacy polices? And, how should one ensure compliance with them? Accountability systems are an attractive solution to both problems. Current work on accountability systems assumes a generally accepted set of privacy rules for the subsequent use of information, and has focused on developing a formal representation of a process for the use of information. Our focus is on fundamental policy issues that arise in developing the models of the privacy rules themselves. This focus leads to the suggestion that accountability systems can be used, not only to enforce compliance with a given set of rules but also to resolve conflicts among conflicting sets of rules. So far, accountability systems have modeled unrealistically simple privacy rules. While this may be an appropriate first step toward more complex systems, we need to define the realistic target at which accountability systems should ultimately aim if adequate systems are eventually to be developed. We specify a number of hurdles to developing accountability systems that adequately constrain the use of information. Some of the problems are wholly nontechnical; some are of a mixed nature, part social science or public policy and part technical. The unifying theme is the role of informational norms in ensuring adequate informational privacy.
Keywords: Accountability, Norms, Privacy, Information Accountability
Suggested Citation: Suggested Citation