Predictability for Privacy in Data Driven Government
32 Pages Posted: 3 Apr 2018 Last revised: 19 May 2019
Date Written: March 28, 2018
The Deferred Action for Childhood Arrivals program (DACA) required individuals to provide a great deal of personal information in order to participate and remain in the United States legally; could information in the same system now be used for deportations? More broadly, how should systems of data that are created legitimately by United States agencies and compiled for one reason, be used for other reasons? The increasing emphasis on “smart cities” that use data to efficiently provide and plan for service delivery will require the integration of data from multiple government and non-government sources, in ways that citizens may not expect. There are increasing calls for the federal government to open up and share the data collected for one reason for use in additional, unrelated ways, and to combine that data with data collected by commercial, private entities. Systems design for enabling citizen privacy is essential for a foundation of trust between public agencies and citizens. For example, the Census Bureau is beginning to take additional steps to protect the facially anonymous statistics that it releases, due to concerns that individuals may be identified by increasingly sophisticated technical means that link data to persons. To address privacy in fast growing and evolving government information systems, the National Institute for Standards and Technology (NIST) proposes a systems approach to protect the privacy of personally identifiable information held by federal agencies. It adopts a privacy engineering and risk management approach with three privacy engineering objectives: predictability, manageability, and disassociability. Because of its fundamental importance to the effective protection of privacy, this article focuses on the first privacy engineering objective: predictability. Predictability is not an established term in the privacy literature. Therefore, this article analyzes the concept of predictability, what it may mean and how it may evolve, and then analyzes it by means of established legal concepts. Nonobviousness in patent law and the reasonable expectation standard in privacy jurisprudence provide lessons for the creation and maintenance of more trustworthy systems and the protection of citizen privacy.
Keywords: privacy, FIPPs, government policy, NIST, privacy framework, privacy engineering, predictability, privacy by design
JEL Classification: K2, K29, O33, O38
Suggested Citation: Suggested Citation