Hardwiring Privacy
Chapter accepted for publication in Roger Brownsword, Eloise Scotford and Karen Yeung (eds.), The Oxford Handbook of the Law and Regulation of Technology (Oxford University Press), Forthcoming
University of Oslo Faculty of Law Research Paper No. 2017-02
27 Pages Posted: 18 Jan 2017 Last revised: 17 Mar 2017
Date Written: January 18, 2017
Abstract
This chapter parses the interrelated policy discourses on ‘privacy-enhancing technology’, ‘privacy by design’ and ‘data protection by design’, highlighting similarities and differences between them. The chapter also considers the myriad factors that undermine attempts to embed or ‘hardwire’ safeguards for the protection of privacy and personal data into the design and operation of information systems. In doing so, the chapter examines European attempts to provide legal backing for such hardwiring, focusing particularly on weaknesses in the provisions on ‘data protection by design and default’ in the European Union’s General Data Protection Regulation of 2016. The basic argument advanced in the chapter is that the privacy-hardwiring enterprise will continue to struggle to gain broad traction, despite increasingly explicit legal backing for it. This is due to a wide array of factors, the most important of which is that such enterprise, at least if ambitiously conceived, runs counter to powerful business and state interests at the same time as it remains peripheral to the concerns of most consumers and engineers.
Suggested Citation: Suggested Citation