security of e-government european parliament 19 february 2013

Transparency and (dis)honesty Prof. Juliet Lodge

Expert Group, Privacy Committee, Biometrics Institute

Security of e-GovernmentEuropean Parliament

19 February 2013

European Technology Assessment Group

ETAG European Parliament 19/2/13 Room 7C-050 Paul-Henri Spaak Bldg

Transparency & the 60% rule

• Constitutional• Procedural• Practice as deception

‘It’s only a problem of labelling ‘ (UK Min)


eGov :Eroding Transparency?

Constitutional: ‘EU Council worse than a papal enclave’. Duff,

MEP Procedural : … foreign ‘hysteria over EU data

protection laws ‘Jan Albrecht MEP Fundamental rights v. Profits: ‘IT giants ...

trying to lobby away right to privacy’ Max Shrems

Does the cyberworld redefine meaning + interaction?


Back to the future?

• Who benefits?Whose interests are core? EU Citizens? Global Commerce?

• Can T disentangle private – public responsibilities?• Who is honest? No longer a question of what ICTs

can we trust but WHOM can we trust? Can we see and know that face?

Recommendation: understand the importance of Quality of info, and the symbiotic reln between transparency and trust in eGov


Where do I begin and end?Physical v. virtual self and identity• Invisible Commodifying private spaceImplications for Vulnerable• Other people’s clips of you without your

consent• Avatars and Advergames; info fusion• Google private ownership of ‘ biometric’ data

collected for public purposes : murky PPPs


Practice : eGov and T challenge:your body as commerce

Do you (or unknown others and chips) own you and control your data? And your virtual money and goods?

Who’s liable for mistakes and machine malfunctions? You? Chip? PPPs? Redress?

Assistive ICTs and vulnerable


Transparency challenge

• Is there a contradiction between thedata subject as data controller(social networking) with individual responsibility, and

the data subject as commodity with no individual

right or responsibility for giving consent to the use of his personal data?

Challenge for Govt : be open about who controls PPPs

• Right to be forgotten – depends on the requirement to be known to the ‘authorities’ (usually hidden in PPPs)

• What are the implications of relying on automated (robotic) d-m in all settings, from borders to social networking to ‘know us’ for our understanding of our rights and enforceable laws?

• How Are EU DP and outsourcing laws enforceable in an outside EU?



Lessons from biometrics: a future in Steering behaviour?

Biometrics for honest purposesRely on credibility of verification and authentication; robust

resilient systems; credibility and trust of users, vendors, ICTs and handling practices; implicit ethical codes

Biometrics for dishonest purposes rely on a breach of trust – multi purpose use

Biometrics to steer behaviour rely on agreement as to the ethical and desirable end purpose (eg honest medical therapeutic purpose) or can be misappropriated for malign intent


Ethical transparency and trusted eGov

Selling behaviour

• Quantum surveillance in public space (security rationale) and in private and space via m- play (conven+com); vanishing interfaces

• Mining, mash-ups, blending virtual and real (eg virtual currency, like Amazon’s Feb 2013

• Multiple clouds and & data blending; convegent ICTs

• Geo-referencing and map-making

Withstanding q-surveillance

• Privacy as a right • Stronger data protection• PETs/PEDs – pseudo

technical fixes?

= online definition of reality affects real world choices : mediates power; ethicsand societal acceptability of ICT applicatns


Egov magnifies the ‘who dunnit’ burden of proof and responsibility

Technical fixes– forensic genomics,

biometrics neuro-imaging, digi tracking

– IP, Censorship, Anonymity

Politico-legal agency• Locus of authority+dm by

machine• Responsibility /accountability• DP + Forgetting + linkage• Redefining Private sphere• Morality and Ethics – access• Mobiles and vanishing

interfaces - georeferencing• Netiquette & human dignity• Transhumanism & Roboethics

http://amberhawk.typepad.com/.a/6a0115709c6f9d970b0120a95384ce970b-pi


Recommendation: Awareness of linkage by potent forensics for multi-purpose/dishonest steering

• Misappropriation of ICTs, apps and info from quantum surveillance to steer behaviour

• Mind-reading/prediction and anticipation • Self-censorship versus open society and total disclosure without your

knowledge or consent?• What is at the basis of trust relationships in ICT moderated or dominated

societies?• What are the limits of regulation? • Transparency exceptions eg security; what is critical and what is not. Protect

vulnerable and cits from abuse

RECOMMENDATION : enforce and require ICT and apps developers to have transparent ethical codes/mores regarding multipurpose use


Recommendations : review balance of interests

• Cookies: ending denial of service if person objects to cookie tracking

• Education: Helping people see how much information they share; end of privacy

• Control: ensure people know how to control sensitive information• LAW : would a "privacy bill of rights" guarantee greater control

over personal data

Inject realism into real time real life privacy and its protection. Eg tension between personal responsibility v corporate duty v legal requirement


T and O for trust or deception?

• constitutional• procedural• practice as deceptionResult (dis)trust and (dis)honestyPushing d-m to machines deceives citizens. It masks a lack

of human analysis and undermines trust in IT, govt and private sector.

What and whom we trust and why. That is the biggest challenge to eGov transparency : failure risks trust in government and authority.

http://www.suemoffitt.com/products/134-tabitha-limited-edition-print.aspx


Conclusion

• Trying to trust technology to act as a privacy guardian is insufficient

• Who’s in control? You or the machine? And does it own you?

• Ethical values and practice must inform info collection, handling etc and can do so only if human intervention is visible, identifiable and accountable. Secure eGov must uphold T accountability to ensure trust when society is permanently online.

Communicating control‘Citizens must be able to understand

the system so that they can identify its problems, criticise it, and

ultimately control it.’

Final report of the Convention on the Future of Europe Working Group IX on Simplification 29 Nov 2002

[CONV 424/02 WGIX 13]


Juliet Lodge , Privacy Committee Biometrics Institute

Research, evidence and publications on• EU freedom, security and justice, Europol, automated

decisionmaking and data exchange, border management and security, biometrics, ethics, compliance with law & democracy

• egov, EU citizenship in e-digital spaces• EP, transparency, legitimacy , accountable egovernance in

security and internal market of EU27• f7p ICT Ethics; BEST; Fp6 (Challenge; r4eGov; ejustice) • Advisory role in RISE;HIDE (& f6p Mediated Citizenship)• EU-China programme (EU funded on multilateralism and soft

diplomacy); 17+ books; 240 published peer reviewed papers


security of e-government european parliament 19 february 2013

Documents