Advanced search
Publication Cover
International Review of Law, Computers & Technology Volume 32, 2018 - Issue 2-3: Smart Cities or Smart Machines: Data Infrastructures and the Rule(s) of Law (Guest Editor: Joseph Savirimuthu)
Submit an article Journal homepage
1,660
Views
0
CrossRef citations to date
0
Altmetric
Articles

Right engineering? The redesign of privacy and personal data protection

N. van DijkLSTS, Law, Science, Technology and Society Studies; d.pia.lab, Brussels Laboratory for Data Protection & Privacy Impact Assessments, Vrije Universiteit Brussel, Brussels, Belgium;d.pia.lab – Brussels Laboratory for Data Protection & Privacy Impact Assessments, Vrije Universiteit Brussel, Brussels, BelgiumView further author information
,
A. TanasLSTS, Law, Science, Technology and Society Studies; d.pia.lab, Brussels Laboratory for Data Protection & Privacy Impact Assessments, Vrije Universiteit Brussel, Brussels, BelgiumCorrespondence[email protected]
View further author information
,
K. RommetveitSVT, Centre for the Study of the Sciences and Humanities, University of Bergen, Bergen, NorwayView further author information
&
C. RaabSchool of Social and Political Science, University of Edinburgh, Edinburgh, UKORCID Iconhttp://orcid.org/0000-0002-4579-0320View further author information
ORCID Icon
Pages 230-256 | Received 12 Jan 2018, Accepted 12 Mar 2018, Published online: 10 Apr 2018

References

  • Agre, P. E., and M. Rotenberg. 1998. Technology and Privacy: The New Landscape. Cambridge, MA: MIT Press.
  • Article 29 Data Protection Working Party. 2010. Opinion 5/2010 on the Industry Proposal for a Privacy and Data Protection Impact Assessment Framework for RFID Applications. Brussels. http://www.dataprotection.ro/servlet/ViewDocument?id=722.
  • Article 29 Data Protection Working Party. 2014. Opinion 8/2014 on the Recent Developments on the Internet of Things. Brussels. http://www.dataprotection.ro/servlet/ViewDocument?id=1088.
  • Bellotti, V., and A. Sellen. 1993. “Design for Privacy in Ubiquitous Computing Environments.” In Proceedings of the Third European Conference on Computer Supported Cooperative Work (ECSCW 93), 77–92. Milano: Kluwer.
  • Bennett, C. 2008. The Privacy Advocates. Resisting the Spread of Surveillance. Cambridge, MA: MIT Press.
  • Bennett, C. J., and M. Howlett. 1992. “The Lessons of Learning: Reconciling Theories of Policy Learning and Policy Change.” Policy Sciences 25: 275–294. doi: 10.1007/BF00138786
  • Bennett, C., and C. Raab. 2006. The Governance of Privacy: Policy Instruments in Global Perspective. Cambridge, MA: MIT Press.
  • Beslay, L., and A. C. Lacoste. 2012. “Double-take: Getting to the RFID PIA Framework.” In Privacy Impact Assessment, edited by D. Wright and P. De Hert, 347–362. Dordrecht: Springer.
  • Brownsword, R. 2005. “Code, Control, and Choice: Why East Is East and West Is West.” Legal Studies 25 (1): 1–21. doi: 10.1111/j.1748-121X.2005.tb00268.x
  • Burkert, H. 1998. “Privacy-Enhancing Technologies: Typology, Critique, Vision.” In Technology and Privacy: The New Landscape, edited by P. E. Agre and M. Rotenberg, 125–142. Cambridge, MA: MIT Press.
  • Bygrave, L. 2017. “Data Protection by Design and by Default: Deciphering the EU’s Legislative Requirements.” Oslo Law Review 4 (2): 105–120. doi: 10.18261/issn.2387-3299-2017-02-03
  • Callon, M. 1986. “Elements of a Sociology of Translation: Domestication of the Scallops and the Fishermen of St Brieuc Bay.” In Power, Action and Belief: A New Sociology of Knowledge?, edited by J. Law, 196–233. London: Routledge.
  • Castells, M. 2010. The Rise of the Network Society. Vol. 1 of the Information Age, Economy, Society and Culture. 2nd ed. with a new preface. Oxford: Wiley-Blackwell.
  • Cavoukian, A. 2006. Creation of a Global Privacy Standard. Ontario: Information & Privacy Commissioner.
  • Cavoukian, A. 2009. Privacy by Design: The 7 Foundational Principles. Inf. Priv. Comm. Ont. Can.
  • Cavoukian, A., S. Shapiro, and R. J. Cronk. 2014. Privacy Engineering: Proactively Embedding Privacy, by Design. Inf. Priv. Comm. Ont. Can.
  • Chaum, D. 1981. “Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms.” Communications of the ACM 24 (2): 84–88. doi: 10.1145/358549.358563
  • Clarke, R. 2009. “Privacy Impact Assessment: Its Origins and Development.” Comput Law Secur Rev 25: 123–135. doi: 10.1016/j.clsr.2009.02.002
  • Cranor, L., and N. Sadeh. 2013. “Privacy Engineering Emerges as a Hot New Career.” IEEE Potentials 32 (6): 7–9. doi: 10.1109/MPOT.2013.2277492
  • Danezis, G., J. Domingo-Ferrer, M. Hansen, J.-H. Hoepman, D. Le Métayer, R. Tirtea, and S. Schiffner. 2014. Privacy and Data Protection by Design – From Policy to Engineering. ENISA. doi:10.2824/38623.
  • Davies, S. G. 1998. “Re-engineering the Right to Privacy: How Privacy Has Been Transformed from a Right to a Commodity.” In Technology and Privacy: The New Landscape, edited by P. E. Agre and M. Rotenberg, 143–166. Cambridge, MA: The MIT Press.
  • De Hert, P. 2012. “A Human Rights Perspective on Privacy and Data Protection Impact Assessments.” In Privacy Impact Assessment, edited by D. Wright and P. De Hert, 33–76. Dordrecht: Springer.
  • de Vries, E., and N. van Dijk. 2013. “A Bump in the Road. Ruling Out Law from Technology.” In Law as Code Meets Law as Literature, edited by M. Hildebrandt and J. Gakeer, 89–121. Dordrecht: Springer.
  • Doty, N., and D. K. Mulligan. 2013. “Internet Multistakeholder Processes and Techno-Policy Standards, Initial Reflections on Privacy at W3C.” Journal on Telecommnication & High Technology 11: 135–182.
  • Finneran Dennedy, M. F., J. Fox, and T. R. Finneran. 2014. A Privacy Engineering Lifecycle Methodology the Privacy Engineer’s Manifesto – Getting from Policy to Code to QA to Value. Apress. https://link.springer.com/content/pdf/10.1007%2F978-1-4302-6356-2.pdf.
  • Friedman, B. 1996. “Value-sensitive Design.” Interactions 3: 16–23. doi: 10.1145/242485.242493
  • Funtowicz, S., and J. R. Ravetz. 1993. “Science for the Post-Normal Age.” Futures 25: 735–755. doi: 10.1016/0016-3287(93)90022-L
  • Gonzalez Fuster, G. 2014. The Emergence of Personal Data Protection as a Fundamental Right of the EU. Dordrecht: Springer.
  • Gutwirth, S. 2015. “Providing the Missing Link: Law After Latour’s Passage.” In Latour and the Passage of Law, edited by K. McGee, 122–159. Edinburgh: University Press.
  • Gutwirth, S., and P. De Hert. 2007. “Privacy, Data Protection and Law Enforcement. Opacity of the Individual and Transparency of Power.” In Privacy and the Criminal Law, edited by E. Claes, A. Duff, and S. Gutwirth, 61–104. Oxford: Intersentia.
  • Gutwirth, S., P. De Hert, and L. De Sutter. 2008. “The Trouble with Technology Regulation from a Legal Perspective. Why Lessig’s Optimal Mix Will Not Work.” In Regulating Technologies, edited by R. Brownsword and K. Yeung, 193–118. Oxford: Hart Publishers.
  • Gürses, S., and J. M. Del Álamo. 2016. “Privacy Engineering: Shaping an Emerging Field of Research and Practice.” IEEE Security & Privacy 14 (2): 40–46. doi: 10.1109/MSP.2016.37
  • Gürses, S., C. Troncoso, and C. Diaz. 2015. Engineering Privacy by Design Reloaded. Amsterdam Privacy Conference, October. https://iapp.org/media/pdf/resource_center/Engineering-PbD-Reloaded.pdf.
  • Gürses, S., and J. van Hoboken. 2017. “Privacy After the Agile Turn.” In Handbook of Consumer Privacy, edited by J. Polonetsky, O. Tene, and E. Selinger, 579–598. Cambridge: Cambridge University Press.
  • Haas, P. M. 1992. “Knowledge, Power, and International Policy Coordination.” International Organization 46 (1): 1–35. doi: 10.1017/S0020818300001442
  • Harrison, J. 2013. “Establishing a Meaningful Human Rights Due Diligence Process for Corporations: Learning from Experience of Human Rights Impact Assessment.” Impact Assessment and Project Appraisal 31 (2): 107–117. doi: 10.1080/14615517.2013.774718
  • Hes, R., and J. Borking. 2000. Privacy-enhancing Technologies: the Path to Anonymity. The Hague: Rev. ed. Registratiekamer.
  • Hildebrandt, M. 2011. “Legal Protection by Design.” Legisprudence 5: 223–248. doi: 10.5235/175214611797885693
  • Hildebrandt, M., and B. J. Koops. 2010. “The Challenges of Ambient Law and Legal Protection in the Profiling Era.” The Modern Law Review 73 (3): 428–460. doi: 10.1111/j.1468-2230.2010.00806.x
  • Hoepman, J. H. 2014. “Privacy Design Strategies.” In ICT Systems Security and Privacy Protection. SEC 2014. IFIP Advances in Information and Communication Technology, vol 428, edited by N. Cuppens-Boulahia, F. Cuppens, S. Jajodia, A. Abou El Kalam, and T. Sans, 446–459. Berlin: Springer. https://link.springer.com/chapter/10.1007%2F978-3-642-55415-5_38#citeas.
  • Jasanoff, S. 2007. “Making Order: Law and Science in Action.” In In The Handbook of Science and Technology Studies, edited by E. J. Hackett, O. Amsterdamska, M. Lynch, and J. Wajcman, 761–786. Cambridge: MIT Press.
  • Kamara, I. 2017. “Co-regulation in EU Personal Data Protection: The Case of Technical Standards and the Privacy by Design Standardisation ‘Mandate’.” European Journal of Law and Technology 8 (1). http://ejlt.org/article/view/545/723.
  • Koops, B. J., and R. Leenes. 2014. “Privacy Regulation Cannot Be Hardcoded. A Critical Comment on the ‘Privacy by Design’ Provision in Data-Protection Law.” International Review of Law, Computers & Technology 28 (2): 159–171. doi: 10.1080/13600869.2013.801589
  • Langheinrich M. 2001. “Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems.” In Ubicomp 2001: Ubiquitous Computing. Lecture Notes in Computer Science, vol 2201, edited by G. D. Abowd, B. Brumitt, and S. Shafer, 273–291. Berlin: Springer.
  • Latour, B. 1999. Pandora’s Hope. Cambridge, MA: Harvard University Press.
  • Leenes, R. 2011. “Framing Techno-Regulation: An Exploration of State and Non-State Regulation by Technology.” Legisprudence 5 (2): 143–169. doi: 10.5235/175214611797885675
  • Lessig, L. 1999. Code and Other Laws of Cyberspace. New York: Basic Books.
  • Murphy, T., and N. Whitty. 2009. “Is Human Rights Prepared? Risk, Rights and Public Health Emergencies.” Medical Law Review 17: 219–244. doi: 10.1093/medlaw/fwp007
  • Notario, N., A. Crespo, Y. S. Martín, J. M. del Álamo, D. Le Métayer, T. Antignac, A. Kung, I. Kroener, and D. Wright. 2015. “ PRIPARE: Integrating Privacy Best Practices into a Privacy Engineering Methodology.” In IEEE CS Security and Privacy Workshops, 151–158. San Jose, CA: IEEE. http://doi.ieeecomputersociety.org/10.1109/SPW.2015.22.
  • OECD. 2006. Information Technology Outlook 2006 Highlights. Paris: OECD.
  • Prahalad, C. K., and V. Ramaswamy. 2004. “Co-creating Unique Value with Customers.” Strategy & Leadership 32 (3): 4–9. doi: 10.1108/10878570410699249
  • Raab, C. 1997. “Co-Producing Data Protection.” International Review of Law, Computers & Technology 11 (1): 11–24. doi: 10.1080/13600869755785
  • Raab, C. 2012. “The Meaning of ‘Accountability’ in the Information Privacy Context.” In Managing Privacy Through Accountability, edited by D. Guagnin, L. Hempel, C. Ilten, I. Kroener, D. Neyland, and H. Postigo, 15–32. London: Palgrave Macmillan.
  • Reidenberg, J. R. 1998. “Lex Informatica: The Formulation of Information Policy Rules Through Technology.” Texas Law Review 76 (3): 553–584.
  • Rommetveit, K., A. Tanas, and N. van Dijk. Forthcoming. “Data Protection by Design: Promises and Perils in Crossing the Rubicon Between law and Engineering.” In Proceedings IFIP Summer School 2017 on Privacy and Identity Management, edited by M. Hansen, E. Kosta, I. N. Fovino, and S. Fischer-Hübner. Springer.
  • Rommetveit, K., N. van Dijk, K. Gunnarsdóttir, K. O’Riordan, S. Gutwirth, R. Strand, and B. Wynne . Forthcoming. Working Responsibly Across Boundaries? Some Practical and Theoretical Lessons. In Handbook of Responsible Innovation, edited by R. von Schomberg. Edgar Elgar Publishers.
  • Spiekermann, S., and L. F. Cranor. 2009. “Engineering Privacy.” IEEE Transanctions on Software Engineering 35 (1): 67–82. doi: 10.1109/TSE.2008.88
  • Thompson, C. 2013. Good Science: The Ethical Choreography of Stem Cell Research. Cambridge, MA: MIT Press.
  • van Dijk, N. 2015. “The Life and Deaths of a Dispute. An Inquiry into Matters of Law.” In Latour and the Passage of Law, edited by K. McGee, 160–196. Edinburgh: University Press.
  • van Dijk, N., R. Gellert, and K. Rommetveit. 2016. “A Risk to a Right? Beyond Data Protection Risk Assessments.” Computer Law & Security Review: The International Journal of Technology Law and Practice 32: 286–306. doi: 10.1016/j.clsr.2015.12.017
  • van Dijk, N., and K. Rommetveit. 2015. A Risk to a Right? Cross-Cutting Lessons for Data Protection Impact Assessments, EPINET Project (FP 7) Policy Report to European Commission (EC). http://epinet.no/content/cross-cutting-perspectives#collapse-1.
  • van Gestel, R., and H. W. Micklitz. 2013. “European Integration Through Standardisation: How Judicial Review Is Breaking Down the Club House of Private Standardisation Bodies.” Common Market Law Review 50: 145–182.
  • von Schomberg, R. 2011. Towards Responsible Research and Innovation in the Information and Communication Technologies and Security Technologies Fields. Luxembourg: European Union.

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.