Helen Nissenbaum on Data Privacy and Consent

This is a fantastic Q&A with Cornell Tech Professor Helen Nissenbaum on data privacy and why it's wrong to focus on consent.

I'm not going to pull a quote, because you should read the whole thing.

Posted on October 4, 2018 at 6:32 AM • 30 Comments

Comments

WinterOctober 4, 2018 6:55 AM

She is, obviously, right about the meaningless nature of the current implementation of "consent". However, a law like the GDPR demands a meaningful choice, not a meaningless yes/no question. Also, service should be made available too to those who do NOT consent to giving up data.

I have seen several sites that ask me to set cookie preferences that run from "necessary to make the site work" to "better ads". Every still works if you only allow minimal cookies to let the site work.

So, yes, most companies still try to hoodwink the user. But not all of them. There still is hope.

echoOctober 4, 2018 7:52 AM

Most of this Q&A is answered very rapidly by consumer protection law and case law. Essentially, any contract(and a relationship of any kind implies a contract) cannot be too complex or onerous for the man or woman in the street. Any UK company at least should be aware of this. I know companies can and do (to one degree or another) impose terms and conditions which are overly burdensome or overly complex or do not properly respect a citizens rights in law which unlike the US cannot be signed away but this opens them up to action.

The article is fine for the US and anyone new to the basics of the overlapping fields. It doesn't port very well to the wider EU or UK because the legal foundations for "harm" and "consent" are different.

What bothers me most about the UK is the complete failure of the media to explain anything of any bsaic complexity. Another failure is people whose opinion should matter tend to keep their contributions locked up within instititions or paywalled journals. Civic activism in the UK is lower than both the US and EU, and the recent punishment by judge of regressive provenance of environmental protestors in breach of the understanding which has built up between authorities and the public, which is actually an issue of common law with standing, is yet another worrying sign of authoritarianism and agendas hidden behind walls of instititional "golden age" omerta and inertia.

SomeoneOctober 4, 2018 8:58 AM

Hello. Just as a small correction, Helen is now a Professor at Cornell Tech (https://tech.cornell.edu/people/helen-nissenbaum/).

Clive RobinsonOctober 4, 2018 9:34 AM

@ Bruce,

I'm not going to pull a quote, because you should read the whole thing.

I'm thinking you should do this more often. It adds a sort of "minimalism" that artists apparently desire these daus ;-)

AlejandroOctober 4, 2018 10:47 AM

"It’s time to stop bashing our heads against a brick wall figuring out how to perfect a consent mechanism when the productive approach is articulating appropriate constraints on dataflow that distributes costs and benefits fairly and promotes the purposes and values of social domains: health, democracy, education, commerce, friends and family, and so on."

So, I am thinking she has put a pretty ribbon on Zuckerberg's Dictum:

"Privacy is Dead".

As for some government policy doffering "constraints" designed to benefit motherhood, the flag and apple pie....uh,....no.

My data, is my data and I want a law that says if you take it from me, in any way, without my explicit, detailed, informed consent, you go to jail. For a long time. And, the corporation is impoverished in a meaningful way. Every time.

vas pupOctober 4, 2018 10:52 AM

@all:
That statement got my attention:"But once society understands that the policies we have in place create systematic imbalances, and may even undermine critical societal institutions, the situation calls for recalibration."
I agree with @echo on how those contracts are made.
When you have monopolist international corporation with billions of $$ capitalization with huge law department of many qualified lawyers on one side, and You (average Joe/Jane even with Law degree) company draft their service agreement on privacy in particular that you have close to ZERO bargaining power with such contract. You agree or you out of business with them. Same applied with banking accounts, insurances you name it. In all those case Government (I mean not dysfunctional)should be on the side of Joe/Jane (bleep) away self-regulation by fixing imbalance of power by recalibration through established in Law minimum standard of privacy and invalidating any provision of contract which is not in compliance. Those type of contracts (kind of pro-forma agreements preprinted and not negotiable at all) should be at focus of functional government[I mean government recruited by objective merits criteria. period].
When you have contract between two big businesses they do have both (or multilateral) bargaining power to compromise on both sides and generate mutually agreeable terms of relations. They usually will generated balance of interest because courts could invalidate unbalanced provisions thereafter in case of litigation.
And last but not least, there is something you can't monetize: privacy, trust, friendship, etc. But that is just my humble opinion.

Petre Peter October 4, 2018 1:56 PM

There is an illusion of consent-the companies that ask your consent reserve the right to change the terms; therefore, does it really matter if i read the terms?

WinterOctober 4, 2018 2:01 PM

"the companies that ask your consent reserve the right to change the terms; "

Not under the GDPR. And consent is not a contract or license. Only the data subject can give consent and the subject can withdraw it unilaterally at any moment without reason.

Clive RobinsonOctober 4, 2018 4:46 PM

@ All,

Did anyone else go "what the..." when they read this,

    So consumers don’t know what they’re consenting to, data collectors can’t say for sure how they’ll use the information

From the host Scott Berinato?

Of course the "data collectors" can tell you what they are going to do with your data, to think otherwise is how do I put it "daft",

The "data collectors" chose very deliberatly not to tell you and for good reason...

That is the "data collectors" have gone to a lot of time, trouble and expense,

    To not just get your data but store it, cross refrence it, correlate it with other data sources, and then repackage it and sell it in whatever way they can over and over, all at your expense in a multi-trilian dollar market place.

Which is the single sentance the "data collectors" don't want you thinking about.

Because then the odds are you will think --unless you are daft-- that their service is the information world equivalent of a home invading psychopath,

    Who not just breaks into your house and steals, but does all sorts of unpleasent things such as spreading excrement across your walls, peeing all over your cloths and beding, before coming back when you are in to do even worse...

Or perhaps worse the equivalent of a white collar criminal,

    Who will steal all the money you have, including that you have saved up for your and your childrens future, not to mention the roof over your head...

Which have all happened and worse to people who have lost control of their PII and other data on the Internet to "Data Collectors" of one form or another.

Because "site crackers" who steal the data that has been collected are "data collectors" as well. Only you are encoraged by the original "data collectors" to think of those "site crackers" as the thieves rather than the original "data collectors" themselves...

It's time people realised that all "data collectors" are "criminals" plain and simple, and as the old saying has it,

    There is no honour amongst thieves.

There never has been and they will sell each other out way faster than look at a victim of their crime (think Facebook questionnaires and Cambridge Analytica...).

So the likes of Facebook, Equifax and a multitude of others run by sociopaths who are only interested in spending money to aquire and process your PII, but certainly not a penny to protect it from other "data collectors"...

And people think I'm odd for turning off both cookies and javascript... Hey ho, they'll learn in time when they become the next lowest hanging fruit...

From my point of view it's not a question of consent, but being insufficiently informed and educated about risk.

Talking about even thinking of alowing "data collection" is,

    Giving Criminals free licence to "Rape Pillage and Plunder".

Thinking anything else means you've already started drinking that poison laced cool aid those phony messiahs of the new age cults have given you...

Call the likes of Peter Thiel etc what they realy are "Sociopathic criminals" who will slice and dice you mentally whilst robbing you blind.

Oh and remember, they are just the enablers for something far far nastier. That is those who you don't get to see, who hide behind the enablers. And no I do not mean the crackers who steal your data from the original thieves, I mean those who hide behind politicians and legislators, who brain wash you from birth via the myth of the Great American Dream whilst robbing you every which way they can, often at the point of "Guard Labour" or other authoritarian followers, each "only following orders"...

echoOctober 4, 2018 5:33 PM

@Clive

From my point of view it's not a question of consent, but being insufficiently informed and educated about risk.

Consent implies knowledge as well as knowledge of the risks. Capacity and capability are issues obviously too especially with vulnerable people and people with learning difficulties. This is a reasonably well informed discussion within healthcare and social providers, and within the legal sphere with respect to powers of attorney.

Bullying and abuse of power and deceit obviously follow on as other modifiers deployed to create the impression of consent. It is not many steps, as you suggest, to the Nuremberg trials.

HumdeeOctober 4, 2018 7:11 PM

I'm with @Clive on this one. I found the interview dull, not informative, and rather slip-shop especially from a philosophy professor. So I'd like to know why @Bruce found so interesting about it.

HumdeeOctober 4, 2018 7:41 PM

On of the major problems I have with Nissenbaum's work in general is that it doesn't port well to other areas of human relations. Imagine that if instead of talking about privacy we started talking about her ideas in terms of sexual consent: people would be outraged. Almost all of modern law is based upon the notion of consent as the sin qa non of human sexual relationships. And here she is saying that consent has become meaningless. Ok. Maybe it has become meaningless in the privacy context but if that is true it just adds stress to the fact that one can't really generalize from click boxes to bedrooms, which diminishes the force of her arguments considerably. In fact, I think her approach socially irresponsible. Consent has a powerful hold in contract formation, in criminal law, and in torts. One can't just toss all that aside to fix a problem in her own little sideshow.

echoOctober 4, 2018 7:54 PM

@Humdee

I once demolished a professor of comparative religions in less than 3-5 sentences. I thought his blustering afterwards was a bit arrogant from soneone who should have known better. I also sent a person online who claimed to be a professional negotiator and who produced a photograph with, according to his claim, himself in a group representing one relatively minor nation state. For some reason I managed to put in him a complete obsessive rage. I seem to hae a talent for this with some people especially those with professional settled views and ingrained routine.

Academia is known to be a bullying culture and riddled with sex discrimination. I won't make excuses but this can to some degree explain why female academics and women in other "high status" professions like medicene and to some degree the law tend to "box tick" key items and be avoidant especially in male dominated strongly vertically hierarchial organisations. I tend not to be which gets me in all kinds of trouble.

echoOctober 4, 2018 8:05 PM

@Humdee

On of the major problems I have with Nissenbaum's work in general is that it doesn't port well to other areas of human relations. Imagine that if instead of talking about privacy we started talking about her ideas in terms of sexual consent: people would be outraged. Almost all of modern law is based upon the notion of consent as the sin qa non of human sexual relationships. And here she is saying that consent has become meaningless.

I noticed this too. I didn't want to mention it and was half hoping I wouldn't have to. I do agree her comment about consent is problematic and another reason why I completely oppose Clive's sidelining of consent in favour of knowledge. Ultimately if you follow everything through it does involve consent as consent is the end point.

I already had one man this month try to flip a dinner date into a dinner date followed by sex at my place. Fat chance. I wouldn't date a man who thought I was as stupid as him in a month of Sundays much less invite him back.

WinterOctober 5, 2018 10:34 AM

"Almost all of modern law is based upon the notion of consent as the sin qa non of human sexual relationships. "

Indeed, and consent in intercourse has zero overlap with informed consent in privacy questions. I do not even understand why you would make this connection.

However, this example is a perfect illustration of Nissenbaum's point. Everyone can be expected to know what they are consenting to when they consent to sex. But no one, not even Bruce or Helen know what they consent to when they tick the box in facebook or google.

HumdeeOctober 5, 2018 11:23 AM

@winter writes, "However, this example is a perfect illustration of Nissenbaum's point. Everyone can be expected to know what they are consenting to when they consent to sex. But no one, not even Bruce or Helen know what they consent to when they tick the box in facebook or google."

Certainly the right solution to this problem to make consent clear in the world of privacy rather than abandoning consent entirely. Why allow "privacy" to its own little walled conceptual garden where "things just work differently here". I mean we can go down that road but why should we?

In my mind this gets in a much larger meta debate about the use and misuse of language. Douglas Harper recently wrote a neat little post on "The impossibility of a dictionary."

https://www.etymonline.com/columns/post/the-impossibility-of-a-dictionary

He's right. The question is whether we, as a community of English language users, are going to let English devolve into nothing but idiosyncratic ape marks and noises like you and Nissenbaum want or whether we are going to come to an agreement in plain terms about what consent means. I want the latter solution. That's the way we English language users have behaved since Shakespeare. And I thin the burden of proof on is on Nissenbuam and others like her to explain why we should abandon a century old tradition that has served us well.

vas pupOctober 5, 2018 11:48 AM

@Humdee:
How about consent on taking polygraph test?
Is refusal itself proof of guilt?
How credible are lie detector tests?

https://www.bbc.com/news/world-us-canada-45736631

"However, he says that interviewing victims presents a separate problem.
"Testing victims is a whole different ball game because of the nature of what they're being asked about, you would expect a lot of arousal anyway," he says.
This means a victim, especially one recounting a traumatic experience, may appear as if they are lying because they are in an emotional state.
Ultimately, experts say there are many caveats to polygraphs and a number of different factors which can lead to an inaccurate result."
On sex consent - there is very good Comedy Central Dave's Chapelle's show on that. In short, he asked his partner-lady to sign consent agreement (with details) and discloser agreement before having sex. It was before #meetoo movement and was considered as joke, but now it is not funny anymore, but reality.

Sancho_POctober 5, 2018 5:38 PM

@Clive Robinson

Wait a moment, your rant is good but but starts with a mistake:
Scott Berinato’s
”data collectors can’t say for sure how they’ll use the information”
is true, because even the data collectors can not predict the future.
No one knows what a today collected single data point will “reveal” next week or next year, how it is used and what could be the consequences of that gained “intelligence”.

As a result I don’t agree with your alternative to consent:
”From my point of view it's not a question of consent, but being insufficiently informed and educated about risk.”
Nope, to inform and educate means to have “higher knowledge”, which is impossible following the point with our all ignorance about the future.
To inform and educate would need a clairvoyant or deity.

Yes, forget about consent in this context, there is a fundamental no-no:

Our society is based on mutual respect, we are used to understand the world as a community of humans.
Some are good and some are bad, and our capability to “read” even our partners are (sadly) very poor.
Nevertheless, we believe to understand the risks when dealing with them, based on the assumption that they are human.

But here our partners are not human(s) [1] but machines and structures, often constructed to exploit knowledge about us.
So, from the very basic, there can’t be mutual trust between humans and machines (algorithms) because machines are not human(s).

Now, in 2018, we are still in awe like innocent kids at Xmas when we talk about computers and their capabilities (esp. AI), but we do not realize that these are only tools, like a hammer.
It would take decades to comprehend advantage and danger of such complex tools, but likely we won’t have that time any more.

[1] Forget the CEO, in an organization people are commodities.
Corporations are comparable to dead AI structures, programmed to make money.

Sancho_POctober 5, 2018 5:43 PM

@all sex-bombs ;-)

Consent is a human term based on (self) consciousness, meaningless when dealing with a dead algorithm.
Think of an OTA update of your partner, changing the whole brain, would “consent” have any meaning in such a context?

WinterOctober 6, 2018 1:13 AM

"Certainly the right solution to this problem to make consent clear in the world of privacy rather than abandoning consent entirely. "

The actual term of the arts is "informed consent". The idea is not that the subject ticks a box, but that the subject does so only after having understood what the consequences and risks of ticking the box are. This is well developped practice in medical research. There, a lot of effort is spend to ensure that each participant fully understands what they are up to.

In matters of privacy, even the lawyers that draw up the information do not really understand the risks and consequences of ticking the box.

If you do understand it yourself, I see a brilliant career opportunity for you.

HumdeeOctober 6, 2018 2:21 PM

@winter writes, "In matters of privacy, even the lawyers that draw up the information do not really understand the risks and consequences of ticking the box."

Just because lawyers are dumb doesn't mean everyone else has to follow their lead.

WinterOctober 6, 2018 3:30 PM

"Just because lawyers are dumb doesn't mean everyone else has to follow their lead."

Name calling does not get this discussion forward. It seems you are less interested in understanding the problem than dissing those who do try to improve understanding.

Clive RobinsonOctober 7, 2018 5:27 AM

@ Sancho_P,

To inform and educate would need a clairvoyant or deity.

I don't happen to believe in either for various reasons.

But I likewise don't actually think machine intelligence / "hard AI" will progress very far in the next hundred years or so.

As for "Soft AI" yes the rules will get more complex, but even they at the end of the day are subject to the laws of physics.

There are fundemental reasons why there is only so far you can go with extracting signals out of noise especially when the necessary sampling process becomes a Bernoulli Trial.

Therefore even perfecting Quantum Computing and using that for Soft AI, I don't think is going to get you much further on the signal to noise issue. Infact in all probability it will get worse.

Whilst engineers are good and often appear beter than magicians, they are not deities and they know that.

As I've indicated befor the US Sigint Agency has been trying to build a time machine, but it's one way. That is it only sees backwards in time with good but imperfect knowledge. That imperfection is in effect the noise in the system beyond which a signal can not be drawn to make future predictions. You will always get imperfect results from imperfect training data when building rules based decision systems.

Oh and don't forget "inteligent agency" it's in the interests of others to ensure that the data available is polluted in some way.

Remember whilst for the data polluter they job is "linear" for the rules builder their job increases by atleast the square of the polluter's job. Thus as in cryptography the advantage does not belong to the third party.

But even supposing AI does get beyond a certain point, my original premise of,

    To not just get your data but store it, cross refrence it, correlate it with other data sources, and then repackage it and sell it in whatever way they can over and over, all at your expense in a multi-trilian dollar market place.

Still stands, in part because it is just another way of describing a "living greedy process" which is what evolution is all about in a universe of entropy.

Whilst I can not tell you the "how" of each way such living greedy processes will work. That is no different than we are today with any life science. We have knowledge based on observation of the past but it does not allow us to see the future further than the limits of our existing knowledge, nor does it allow us to see the effects of what is currently outside our ability to sense thus know.

A simple example of this is the question of "What happened to the dinosaurs?" we know they became extinct but we do not know why, we have a number of educated guesses bassed on what we can sense. One such is the "big rock in space" idea, we can see from the moon's surface that "rocks drop in" and a large amount of energy gets released in various ways. We also have some knowledge from one or two little rocks that have hit the earth in recent times. But what we do not know because we can not sense them is the "Where, When, and How big" of the next rocks.

Thus there may never be a "Human replaced by AI" future, it might well be a "Human wiped out" event instead, actually it's more likely based on what we currently know.

But there is something we do know, which is the flexability of the DNA system gets less with each evolutionary step. Thus the resilience of life as we currently know it is also decreasing, thus at some point there will be an event such as a rock that wipes out life on earth, and probably it will occure in less than a couple of million years, unless life gets off of this planet first.

Yes we can make predictions on what we can sense and turn into knowledge to reason with, but we are not omnipresent nor are we omnipotent and as far as we know we never can be. Thus our predictive abilities will always be flawed and subject to the noise of the universe that we can not predict.

WinterOctober 7, 2018 5:36 AM

"But there is something we do know, which is the flexability of the DNA system gets less with each evolutionary step. "

I cannot see where you got this idea. The pool of available nucleotide sequences has not become smaller in the last 200My. Most of it is viral and microbial. But this also holds for higher animals.

PS, many dinosair species were wiped out 60My ago. But the dinosaurs as an animal group is still alife and thriving.

Sancho_POctober 7, 2018 6:25 PM

@Clive Robinson

Not sure if I understood all your thoughts, let me try to make my point:

Today a data collector( call it “First”) piles up, say 5 data points of you and sells them in bunch by the thousands, anonymized of course (ha, ha), to a company, call it London Analytica. They mix it with points of other sources, and by chance sell a sample for a medical study, just to be added to other points.
Now, as B follows A, suddenly they can identify you and, probably years later, present your grandson a complete picture of your and your son’s life, where you both were sitting and had a beer, including a reason why his knees are hurting now at 53 and why he is allergic to soy.

So “First” collector could never know what is finally done with and could be concluded from your data points, because the knowledge may be fuzzy today, but adding one bit could change the whole picture.
Data can be stolen or lost, too.
- Unfortunately, never forgotten.

They could say: Your consent means ‘It will be used, we can’t know how’.

And I do not think of AI or QC, the already known correlation methods to find a known signal in noise may suffice if more data is added.

And beware of the wrong conclusions that may be drawn …

Little LambOctober 7, 2018 11:05 PM

Interesting.

When a woman talks so much about "consent" or the lack thereof, I get the impression that she feels like she is being raped.

Sweden is said to have the highest reported rape rate in the world. The Swedes talk much about "myndighetsålder" or literally the "age of consent" in a context of teenage dating.

Now "myndighet" is "authority" but a special kind of authority, the authority to say yes or no to something. Congress might be voting aye or nay, or the police might be called to tell some girl's boyfriend no, or a justice of the peace to fill our papers if the answer is yes.

We need to grow up and move beyond the much-discussed "myndighetsålder" to "majoritetsålder" which is a true "age of majority" when a person can independently make legal decisions on her (or his) own initiative, purchase or own real property, etc., not just answer yes or no to what another person has proposed.

PeterOctober 8, 2018 8:10 AM

First of all, thank you Bruce for creating dialog in this space, and for the thought provoking ideas and articles that you share.

I was underwhelmed by the article. I would like to hear more ideas from academics on how to solve problems, not just how to reiterate what problems exist.

I am disappointed that data collectors in general do not work harder to disclose plainly how their information is collected, stored, for what purpose, and how long the retention period is.

Of course all of these items can be complex and detailed, but I think maybe one approach could be where we sort of need a "nutrition information" label for data collection and use. I often decide to purchase products not only based on cost, but based on the ingredients they may contain; the country of origin; or the nutritional value.

In cases where we have no input into information collection, the problem is not data, it is; how the data is used? How is it being interpreted? And, ultimately what lies in the heart of generally a few individuals making decisions? This problem is not related to data; but is the same for a vast array of other resources.

WinterOctober 8, 2018 9:45 AM

"I am disappointed that data collectors in general do not work harder to disclose plainly how their information is collected, stored, for what purpose, and how long the retention period is."

That vagueness is intentional. They either have no idea yet how they will try to monetize your data, or they do not wsnt you to know.

In both cases, the consent given is not valid in the EU under the GDPR. I assume any click is considered valid consent to anything in the USA.
See the Human Centipede episode if South Park.

FrançoisOctober 9, 2018 2:32 AM

A lot of people commented in this way already, but it is very important to stress that this professor is not talking about consent as defined in Europe. Most non EU website missunderstood the legal requirements and their consent box is not valid.

The way she described consent is not considered valid in EU under GDPR (lookup article 7, it’s clear and concise) and it is also important to remember that consent is only one of 6 valid legal basis for processing personal data:

- The data subject has given clear, specific, free, revocable consent for the processing;
- The processing is necessary for the performance of a contract to which the data subject is party;
- The processing is necessary for the compliance of a legal obligation;
- The processing is necessary to protect the vital interest of the data subject;
- The processing is necessary for the performance of a task carried out in the public interest;
- The processing is necessary for the purpose of the legitimate interest of the controller, except where such interest are overridden by the interest or fundamental rights and freedoms of the data subject;

Consent is the worse to manage as a company given you need to demonstrate you had consent at the moment of processing, and that the individual as the right to withdraw consent at any moment. So when implementing GDPR at clients, we advise to find ways (contracts/ anonymization ...) to avoid the consent legal basis as much as possible.

The examples she gives about heathcare data are not even dealt based on consent...

Bruce, when you want a briefing on GDPR, drop me a line :-)

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.