Privacy and Contextual Integrity: Framework and Applications

Showcased in "The Logic of Privacy," The Economist, January 2007

Proceedings of the IEEE Symposium on Security and Privacy, May 2006

15 Pages Posted: 21 Feb 2015

See all articles by Adam D Barth

Adam D Barth

Stanford University

Anupam Datta

Carnegie Mellon University - School of Computer Science

John Mitchell

Stanford University

Helen Nissenbaum

Cornell Tech; Cornell Tech NYC

Date Written: 2007

Abstract

Contextual integrity is a conceptual framework for understanding privacy expectations and their implications developed in the literature on law, public policy, and political philosophy. We formalize some aspects of contextual integrity in a logical framework for expressing and reasoning about norms of transmission of personal information. In comparison with access control and privacy policy frame- works such as RBAC, EPAL, and P3P, these norms focus on who personal information is about, how it is transmitted, and past and future actions by both the subject and the users of the information. Norms can be positive or negative depending on whether they refer to actions that are allowed or disallowed. Our model is expressive enough to capture naturally many notions of privacy found in legislation, including those found in HIPAA, COPPA, and GLBA. A number of important problems regarding compliance with privacy norms, future requirements associated with specific actions, and relations between policies and legal standards reduce to standard decision procedures for temporal logic.

Keywords: privacy, contextual integrity, privacy policy, privacy law, cyberlaw, computing ethics, ethics

Suggested Citation

Barth, Adam D and Datta, Anupam and Mitchell, John and Nissenbaum, Helen F. and Nissenbaum, Helen F., Privacy and Contextual Integrity: Framework and Applications (2007). Showcased in "The Logic of Privacy," The Economist, January 2007, Proceedings of the IEEE Symposium on Security and Privacy, May 2006, Available at SSRN: https://ssrn.com/abstract=2567438

Adam D Barth

Stanford University ( email )

Stanford, CA 94305
United States

Anupam Datta

Carnegie Mellon University - School of Computer Science ( email )

5000 Forbes Avenue
Pittsburgh, PA 15213
United States

John Mitchell

Stanford University ( email )

Stanford, CA 94305
United States

Helen F. Nissenbaum (Contact Author)

Cornell Tech

111 8th Avenue #302
New York, NY 10011
United States

Cornell Tech NYC

111 8th Avenue #302
New York, NY 10011
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
198
Abstract Views
1,228
rank
223,830
PlumX Metrics