Download this Paper Open PDF in Browser

Designing Without Privacy

51 Pages Posted: 4 Apr 2017  

Ari Ezra Waldman

New York Law School

Date Written: March 31, 2017

Abstract

In Privacy on the Ground, the law and information scholars Kenneth Bamberger and Deirdre Mulligan showed that empowered chief privacy officers (CPOs) are pushing their companies to take consumer privacy seriously, integrating privacy into the designs of new technologies. But their work was just the beginning of a larger research agenda. CPOs may set policies at the top, but they alone cannot embed robust privacy norms into the corporate ethos, practice, and routine. As such, if we want the mobile apps, websites, robots, and smart devices we use to respect our privacy, we need to institutionalize privacy throughout the corporations that make them. In particular, privacy must be a priority among those actually doing the work of design on the ground — namely, engineers, computer programmers, and other technologists.

This Article presents findings from an ethnographic study of how, if at all, technologists doing the work of technology product design think about privacy, integrate privacy into their work, and consider user needs in the design process. It also looks at how attorneys at private firms draft privacy notices for their clients. Based on these findings, this Article presents a narrative running in parallel to the one described by Bamberger and Mulligan. This alternative account, where privacy is narrow, limited, and barely factoring into design, helps explain why so many products seem to ignore our privacy expectations. The Article then proposes a framework for understanding how factors both exogenous (theory and law) and endogenous (corporate structure and individual cognitive frames and experience) to the corporation prevent the CPOs’ robust privacy norms from diffusing throughout technology companies and the industry as a whole. This framework also helps elucidate how reforms at every level — theory, law, organization, and individual experience — can incentivize companies to take privacy seriously, enhance organizational learning, and eliminate the cognitive biases that lead to discrimination in design.

Keywords: Privacy, Information Privacy, Ethnography, Privacy by Design, Engineering, Technology, Law and Society

Suggested Citation

Waldman, Ari Ezra, Designing Without Privacy (March 31, 2017). Houston Law Review, Forthcoming; NYLS Legal Studies Research Paper No. 2944185. Available at SSRN: https://ssrn.com/abstract=2944185

Ari Ezra Waldman (Contact Author)

New York Law School ( email )

185 West Broadway
New York, NY 10013
United States
212.431.2864 (Phone)

Paper statistics

Downloads
332
Rank
75,773
Abstract Views
1,926