The FISMA Focus IPD

From: Law Technology News

By Monica Bay

The ninth Annual Georgetown Law Advanced E-discovery Institute opened today with a provocative keynote address from J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals, about the the quickly expanding realm of privacy issues in the digital age. The two-day continuing legal education program is being held at the Ritz-Carlton Tysons Corner in Mclean, Va., near Washington, D.C.

Hughes dramatically illustrated his presentation with images ranging from fine art to YouTube, to drive home the nuances of how privacy issues permeate our legal world — and how the subtleties can have many unexpected consequences. “Privacy issues are complex — my privacy is not your privacy,” said Canada-born Hughes. He framed his discussion around Daniel Solove‘s book, Understanding Privacy, which offers a taxonomy of the varieties of privacy issues that now affect our global interactions. (Solove is a law professor at the George Washington University Law School.)

The explosion of “big data” — the ability of companies and governments to collect vast amounts of personal data, with or without individual permission — is changing everything, including the definition of privacy itself, Hughes noted. His presentation focused on 16 of Solove’s definitions, starting with surveillance and interrogation. “We feel vulnerable when being watched,” he said, showing the image of a sculpture of a naked woman shielding herself from view. “When we feel vulnerable we try to hide ourselves.” Then, while showing a painting based on the John Milton poem, “Paradise Lost,” he discussed the psychic and emotional concepts of vulnerability: embarrassment and shame.

He continued with a discussion about how observation changes behavior, and used as an exemplar the development of “Panopticon” prisons where prisoners were constantly under surveillance. The sheer act of observation can trigger shame, said Hughes.

Today’s information processing is escalating the issues that arise, explained Hughes. While not directly addressing the impact of privacy on electronic data discovery, the audience of about 500 legal professionals could easily do the math to extrapolate how privacy issues are crucial in litigation. (See “Defending Big Data“). “We create a data stream constantly, whether we know it or not, and that has changed the way we think about privacy,” Hughes explained. Issues include aggregation, identification, secondary use — all of which can be “a good thing” or treacherous.

The dark side of privacy is especially difficult he noted, because historically, the use of data can fundamentally dehumanize people. One of the most sobering moments of his presentation was his discussion of how the Holocaust has influenced the European approach to privacy, and Hughes illustrated his comments with a chilling piece of art that showed railroad tracks heading into a wall of numbers, evoking the tattoos forced upon doomed Jewish prisoners in concentration camps during World War II.

But even benign cultural differences reflect different attitudes toward what is private and public, he said, citing the difference between the behavior of American and French families when entertaining guests. Americans typically offer guests “the tour” of their abodes, which often are open spaces; where French homes usually perceive bedrooms and other areas as private — and often use more walls in their homes. And Americans can be more sensitive about their personal space, he noted, citing the iconic “close talker” episode on the television show, Seinfeld. In India, sharing your child’s salary at a new job is a source of pride, but such a discussion would generally be anathema in the U.S.

There is an increasing concept that “our attention is something to protect — that we have a limited amount of attention.” Junk mail, spam, also fall under the umbrella of privacy, he noted. “For most people, it’s a value exchange. What do you get for giving up private information.” For example, you might want to get that catalog from a favorite retailer, so it’s worth giving them your address. “There are many different attitudes toward privacy. College kids on spring break in Florida may be the group that least cares about privacy,” Hughes said.

The bottom line these days may boil down to “notice and choice,” he said. Nutrition Facts labels are a good way to quickly understand information, but lengthy disclaimers may get completely ignored. But as Big Data explodes, “there are deep concerns about privacy in the market place, and current protocols are not working. Big Data “moves so quickly that regulators are always chasing the tail.” One successful example of an attempt to protect privacy that was completely embraced by consumers was the “Do Not Call” registry, said Hughes. “More than 151 million registrants love this,” and the registry completely decimated telemarketing, he said.

The challenge moving forward is “data environmentalism” in the information economy, said Hughes. “There is no app for privacy. It’s not fixed, and it’s incredibly complex.” It’s no longer “mere compliance … . It’s a deep and rich and complex field that is exploding.”