The genesis of 'privacy by design'

From: POLITICO's Digital Future Daily - Wednesday Jun 08,2022 08:01 pm
Presented by the Coalition for App Fairness: How the next wave of technology is upending the global economy and its power structures
Jun 08, 2022 View in browser
 
POLITICO's Digital Future Daily newsletter logo

By Rebecca Kern

Presented by
the Coalition for App Fairness

With help from Derek Robertson and Ben Schreckinger

Hands type on a backlit computer keyboard.

Sean Gallup/Getty

The U.S. has never had a national data privacy law. That might be set to change with a new draft bill being debated in both chambers of Congress, with support from leaders in both parties.

The American Data Privacy and Protection Act includes requirements that any organization that “collects, processes, or transfers” information that can be linked to a particular individual follow the principles of “privacy by design.”

It’s a decades-old idea that the only way to ensure data privacy is to build it into applications in the earliest stages. It’s in Europe’s General Data Protection Regulation as well as Brazil’s national privacy law, among numerous other jurisdictions.

But applying that idea to continually evolving technology is likely to require some serious iterating, to use a Silicon Valley term.

We asked Ann Cavoukian, who coined the term and came up with seven “foundational principles ” in 1997 when she was Ontario’s information and privacy commissioner, about the history — and the future — of the concept.

This interview has been edited for length and clarity.

What is privacy by design?

Privacy by design is all about baking privacy into the code. It takes the pressure off of individuals — data subjects — from remembering to ask for privacy.

What prompted you to create the privacy by design principles? 

I'm trained in psychology and I wanted to take a psychological approach to it. I wanted to have a proactive model that ideally prevented privacy harms from arising. I wanted to get involved before — not after — the harm happened. So I literally created privacy by design at my kitchen table over three nights and came up with the seven foundational principles and then I took it into the office and I “sold it to them.” The lawyers came along and that's how we developed it.

Privacy forms the foundation of our freedom. You have to be free to choose how you want to have your personal information used and to whom you want to have it disclosed. I want this reflected in privacy by design, but also wanted to reflect it's not one interest versus another.

It’s not privacy versus security, or privacy versus data utility.

I wanted both. I wanted privacy and data utility to go hand in hand. I wanted privacy and data security to go hand in hand. So we did that, and it just took off.

What do you think of the privacy by design provisions in the American Data Privacy and Protection Act draft bill? 

I'm actually quite pleased with this bill because I think it will provide high standards of data security and data minimization. And I think it takes so long in the U.S. to get one of these laws and it's high time; you've gotta move on it now.

I think this comes close to doing that — which is saying a lot. It will end the discriminatory use of your personal data. It prohibits the transfer of sensitive data to third parties and without “express affirmative consent.” That's huge. That’s the essence of privacy by design--- that the individual will be the one to consent to the particular uses of their personal data. I thought that was wonderful.

I think it's an excellent way to move forward. Nothing is ever perfect, of course, but this has enough in it that I think it will appeal to many groups.

How do you see privacy by design evolving in the future, especially with more decentralized systems? 

It’s all about preserving control for the data subject. If that is reflected in the advances being made, then you are completely consistent with privacy by design.

The general principles — they’re general for a very specific reason, because we want to preserve the data subject’s ability to have control. Privacy is all about control — personal control over the use and disclosure of your personal information.

If you can capture that through privacy by design — which you can — and then apply it generally in some other development, then you're golden.
 

A message from the Coalition for App Fairness:

For too long, Apple & Google have abused their monopoly power to eliminate competition on mobile devices. For consumers, that has meant fewer choices, reduced innovation and higher costs. In fact, 8 in 10 developers say it’s time to open up mobile app stores to competition.

It’s time to make app stores freer, fairer, and more competitive. The Open App Markets Act will create a level playing field for developers and give consumers choice and freedom.
 
going mainstream

Cynthia Lummis speaks during the Bitcoin 2022 Conference.

Cynthia Lummis, who’s enthralled the Bitcoin faithful with appearances at crypto festivals across the country, has been teasing the contents of her comprehensive digital currency regulation plan for much of this past year. | Marco Bello/Getty Images

Things tend to move fast in the crypto world. But all of a sudden this week, regular old institutions are catching up: Sens. Cynthia Lummis and Kirsten Gillibrand introduced their long-awaited crypto regulatory bill; PayPal announced it would start allowing crypto transfers ; and a cluster of traditional brokerages made public their plans to launch a crypto platform.

That was all within 24 hours. It’s a sign of the technology becoming more and more entrenched in institutional life, even as the value of cryptocurrencies has taken a serious dip and several of its biggest players have been embroiled in scandal.

I asked Justin Slaughter, policy director at the crypto-focused VC firm Paradigm and a former SEC official from January to September 2021, why this flood of institutional adoption is happening now, and what it means for crypto’s future. He said that after years of analysts predicting the tech’s demise, this moment is a fairly significant indicator it’s here to stay.

“Crypto’s engagement with institutional actors has historically come in waves, and this is a pretty significant one,” Slaughter said, adding that the potential impact of the Lummis/Gillibrand bill is especially major. “For just about everybody, the status quo isn’t working — government agencies don't know how to get their hands around crypto, and the crypto industry is caught between vague, competing, and sometimes contradictory regulatory agendas at both the national and state levels.” — Derek Robertson
for the record

On Monday we wrote about 3OH DAO, a Web3 advocacy group that launched a new super PAC, and CultDAO, a group listed as an investor on 3OH DAO’s website. At the time, 3OH DAO spokesman Dave Barmore said he knew little about CultDAO. Following publication, another representative for 3OH DAO, Jennifer Mullin, told us that CultDAO was an early investor in 3OH DAO but is no longer involved in the project and does not hold tokens in 3OH's DAO. — Ben Schreckinger
 

A message from the Coalition for App Fairness:

Advertisement Image

 
afternoon snack

LONG BEACH, CALIFORNIA - APRIL 09: A customer waits in line at the grand opening of the Bored & Hungry pop-up burger restaurant, which uses NFT art for its branding, on April 9, 2022 in Long Beach, California. The restaurant is using images from the popular Bored Ape Yacht Club NFT (non-fungible token) art series with the owner stating that Bored & Hungry is the first food concept to utilize crypto art for branding. The Bored Ape Yacht Club NFT series generated more than $1 billion in sales last year. (Photo by Mario Tama/Getty Images)

The Bored & Hungry pop-up burger restaurant in Long Beach, California. | Mario Tama/Getty Images

Monkey JPGs. They’re the most popular, valuable NFTs. But are they any good?

The digital art historian and critic Tina Rivers Ryan weighed in on the critical value of NFTs today, noting to The Verge that there are actually several different distinct categories of art that represent the blockchain-powered token which theoretically gives them their value.

In her estimation there is:

  • “Blockchain art, which are projects that not only use the blockchain but actively explore its limits to make us rethink concepts like value, ownership, and authenticity” 
  • “Crypto art... that celebrates cryptocurrency and its attendant subcultures” 
  • And everything else that can’t be neatly categorized as such, “digital art or digital design that’s been tokenized in order to allow it to be bought and sold.”

The way much popular NFT art — like Bored Apes, or CryptoPunks — functions is actually not dissimilar from the postmodern art pioneered by artists like Andy Warhol. Each item might be unique, but they’re not the product of painstaking attention to detail, but a randomized assemblage of existing digital elements.

Some, like CryptoPhunks , even tweak existing NFTs as a meta-commentary on the ecosystem itself. Crude and overtly commercial as it might be, there’s plenty of analog precedent for the way NFT artists interact with the art world. — Derek Robertson
The Future In 5 Links
  • Read about how a felon convicted for Bitcoin laundering tapped into a growing field of white-collar “prison consultants.”
  • White hat hackers are fighting the recent rash of crypto heists.
  • The once-seemingly-invincible investment firm Tiger Capital has found itself on its back heel amid a tech downturn.
  • The team leader for Microsoft’s HoloLens AR technology has resigned amid accusations of abuse and harassment.
  • Another one of the biggest crypto exchanges, Binance, is drawing scrutiny for widespread hacking and fraud on the platform.

Stay in touch with the whole team: Ben Schreckinger (bschreckinger@politico.com); Derek Robertson (drobertson@politico.com); Konstantin Kakaes (kkakaes@politico.com);  and Heidi Vogt (hvogt@politico.com).

Ben Schreckinger covers tech, finance and politics for POLITICO; he is an investor in cryptocurrency.

If you’ve had this newsletter forwarded to you, you can sign up here. And read our mission statement here.
 

A message from the Coalition for App Fairness:

The Open App Markets Act is a commonsense, bipartisan solution that would bring an end to the anti-competitive practices of mobile gatekeepers. It would open up app stores, giving consumers the freedom to choose where to get apps and how to make purchases inside apps. It would allow developers to communicate directly with their customers, without a middleman. And it would ban app store owners from giving their apps an advantage over others.

The bill has widespread support from developers and consumers alike, along with security experts who say greater competition on mobile devices will increase security and accountability.

It’s time for Congress to bring an end to the anticompetitive practices of Apple and Google and pass the Open App Markets Act.
 
 

Follow us on Twitter

Ben Schreckinger @SchreckReports

Derek Robertson @afternoondelete

Konstantin Kakaes @kkakaes

Heidi Vogt @HeidiVogt
 

Follow us

Follow us on Facebook Follow us on Twitter Follow us on Instagram Listen on Apple Podcast
 

To change your alert settings, please log in at https://www.politico.com/_login?base=https%3A%2F%2Fwww.politico.com/settings

This email was sent to by: POLITICO, LLC 1000 Wilson Blvd. Arlington, VA, 22209, USA

Please click here and follow the steps to .

More emails from POLITICO's Digital Future Daily

Jun 07,2022 08:06 pm - Tuesday

Human rights in the metaverse

Jun 06,2022 08:58 pm - Monday

A DAO has a PAC, and it’s spooky

Jun 03,2022 08:36 pm - Friday

Blockchain — and the world — explained

Jun 02,2022 08:52 pm - Thursday

5G is so passé

Jun 01,2022 09:15 pm - Wednesday

A metaverse prophet’s warning

May 31,2022 08:33 pm - Tuesday

Fiats of the Caribbean

May 27,2022 08:02 pm - Friday

Hard lessons for the virtual future
©2021 emailfrombrands.com, Inc.