17 Pages Posted: 6 Feb 2012
Date Written: August 15, 2009
For decades, the Codes of Fair Information Practice have served as a model for data privacy, protecting personal information collected by governments and corporations. But professional data management standards such as the Codes of Fair Information Practice do not take into account a world of distributed data collection, nor the realities of data mining and easy, almost uncontrolled, dissemination. Emerging models of information gathering create an environment where recording devices, deployed by individuals rather than organizations, disrupt expected flows of information in both public and private spaces.
We suggest expanding the Codes of Fair Information Practice to protect privacy in this new data reality. An adapted understanding of the Codes of Fair Information Practice can promote individuals’ engagement with their own data, and apply not only to governments and corporations, but software developers creating the data collection programs of the 21st century. To support user participation in regulating sharing and disclosure, we discuss three foundational design principles: primacy of participants, data legibility, and engagement of participants throughout the data life cycle. We also discuss social changes that will need to accompany these design principles, including engagement of groups and appeal to the public sphere, increasing transparency of services through voluntary or regulated labeling, and securing a legal privilege for raw location data.
Suggested Citation: Suggested Citation
Shilton, Katie and Burke, Jeff and Estrin, Deborah and Govindan, Ramesh and Hansen, Mark and Kang, Jerry and Mun, Min, Designing the Personal Data Stream: Enabling Participatory Privacy in Mobile Personal Sensing (August 15, 2009). TPRC 2009. Available at SSRN: https://ssrn.com/abstract=1999839