The Privacy and Big Data Debate

From CS378H Public Policy and the Digitally Native Technologist
Jump to: navigation, search

(also see Topics Organized by Teams )

Class Letter to the President regarding the Consumer Privacy Bill of Rights Act discussion draft

Background and Introduction

(US perspective) The legal "right to privacy": Does it exist? What is its history?

(Non-US perspective) The legal "right to privacy": Does it exist? What is its history?

What data is necessary for the world we live in (or want)?

How should we think about balancing privacy with the public good?

How does data privacy relate to data security?

Big Data

What is Big Data?

What are the benefits of big data and of policies that encourage innovation in its collection and use?

How important are the distinctions between different kinds of data?

What risks are unique to Big Data?

Should social networking data be treated differently from some other kinds of data (e.g., because one person implicitly supplies data about another, who may not be consenting)?

What are, or should be, the rights of individuals to collect data on others themselves (e.g., cell phone photos)?

Perspective of law enforcement, and of the intelligence community, on big data and privacy

Present and Future Technology Trends

What are the main current technologies for data mining?

Are some kinds of privacy "just gone" and we should get used to it? Which kinds?

What are the limits of anonymization as a protection? What are methods of re-identification, and how successful are they?

What can a data holder be expected to know, and not know, about their own data?

What are the most likely scenarios involving some loss of privacy?

What are the most threatening scenarios created by loss of privacy?

What are risks associated with unsanctioned (i.e., "black hat", or by existing repressive governments) uses of big data?

Regulating Big Data: General Principles

Should the consumer have a right to know about all the data collected on them? How would this work, technically?

Is "Notice and Consent" a viable continuing framework?

The "right to be forgotten": Should there be one? If so, how extensive? Who should enforce it and how?

Should we regulate collection? How?

Should we regulate the analysis or combining of data? How?

Should we regulate the use of data, either raw or analyzed? How?

How should collection by government entities be regulated differently than collection by private entities?

Legislative Solutions and International Implications

ECPA: What is it? How well has it stood the test of time? How should it be amended now? Any lessons about how to craft legislation in rapidly changing areas of technology?

Should the Obama administration's proposed Consumer Privacy Bill of Rights Act of 2015 be made into law? and What are possible unintended consequences of the CPBR Act of 2015, if enacted?

What are possible unintended consequences of the CPBR Act of 2015, if enacted?

CPBR uses the phrase "as a practical matter" several times. How would you interpret this if you were the FTC? If you were a company?

What is the European perspective on big data and privacy?

What would happen if Europe went one way and the U.S. went another (the "Balkanized Internet" issue)?