by Ninja Marnau and Christoph Sorge
Abstract:
Privacy and data protection regulation tries to strike a balance between legitimate data use and the right to personal privacy. Nevertheless, the advances in computer science pose new challenges to this careful balance. Data-driven analytics as well as resulting data use and business models e.g. for machine learning, big data and automated decision-making threaten to make individuals, their behaviour and their decision-making completely transparent and predictable, deepening the power asymmetry between individuals and data controllers. But the nature of computer science with regards to privacy is Janus-faced. The ever-progressing digitalization also requires digital solutions for effective privacy protection. Computer science can and has to act as an enabler of privacy-friendly data processing. The role of privacy engineering and privacy-enhancing technologies by far exceeds just guaranteeing legal compliance. In fact, the crucial value of privacy engineering is to lessen the latent conflict arising from this power asymmetry by empowering the individual and building trust by giving technical privacy assurances. In this chapter, we discuss the core concepts of privacy engineering, provide some examples of the state of the art, and discuss the relation between privacy principles and technical measures.
Reference:
Ninja Marnau and Christoph Sorge: From Law to Engineering: A Computer Science Perspective on Privacy & Data Protection, Chapter in Research Handbook on Privacy and Data Protection Law: Values, Norms and Global Politics, Edward Elgar Publishing, pp. 197–213, 2022.
Bibtex Entry:
@InCollection{ marnau19law,
year = {2022},
editors = {Gonz{\'a}lez-Fuster, Gloria and van Brakel, Rosamunde and
De Hert, Paul},
booktitle = {Research Handbook on Privacy and Data Protection Law:
Values, Norms and Global Politics},
publisher = {Edward Elgar Publishing},
author = {Ninja Marnau and Christoph Sorge},
title = {From Law to Engineering: A Computer Science Perspective on
Privacy \& Data Protection},
pages = {197--213},
month = {January},
abstract = {Privacy and data protection regulation tries to strike a
balance between legitimate data use and the right to
personal privacy. Nevertheless, the advances in computer
science pose new challenges to this careful balance.
Data-driven analytics as well as resulting data use and
business models e.g. for machine learning, big data and
automated decision-making threaten to make individuals,
their behaviour and their decision-making completely
transparent and predictable, deepening the power asymmetry
between individuals and data controllers.
But the nature of computer science with regards to privacy
is Janus-faced. The ever-progressing digitalization also
requires digital solutions for effective privacy
protection. Computer science can and has to act as an
enabler of privacy-friendly data processing. The role of
privacy engineering and privacy-enhancing technologies by
far exceeds just guaranteeing legal compliance. In fact,
the crucial value of privacy engineering is to lessen the
latent conflict arising from this power asymmetry by
empowering the individual and building trust by giving
technical privacy assurances. In this chapter, we discuss
the core concepts of privacy engineering, provide some
examples of the state of the art, and discuss the relation
between privacy principles and technical measures.}
}