Fraunhofer-Institut für System- und Innovationsforschung ISI

Filters

9
9
Reset filters

Settings
Now showing 1 - 9 of 9
  • Publication
    Das Recht von Kindern und Jugendlichen auf Privatheit in digitalen Umgebungen. Handlungsempfehlungen des Forum Privatheit
    ( 2021)
    Stapf, Ingrid
    ;
    Meinert, Judith
    ;
    Heesen, Jessica
    ;
    Krämer, Nicole
    ;
    Ammicht Quinn, Regina
    ;
    Bieker, Felix
    ;
    Friedewald, Michael orcid-logo
    ;
    Geminn, Christian
    ;
    Martin, Nicholas orcid-logo
    ;
    Nebel, Maxi
    ;
    Ochs, Carsten
  • Publication
    Search and indignify: Automatic number plate recognition in Europe
    ( 2018)
    Ball, Kirstie
    ;
    Dahm, Sebastien
    ;
    Friedewald, Michael orcid-logo
    ;
    Galetta, Antonella
    ;
    Goos, Kerstin
    ;
    Jones, Richard
    ;
    Lastic, Erik
    ;
    Norris, Clive
    ;
    Raab, Charles
    ;
    Spiller, Keith
    Chapter 4 examines the harms and controversies associated with the deployment of Automatic Number Plate Recognition in Belgium, Germany, Slovakia and the UK. The chapter explains the surveillance practice, how it is formally governed and any evidence of surveillance harm. In the case of ANPR, it is evident that it was initially deployed in a closed institutional setting and its use was only questioned after implementation, following controversy and as a result of adversarial power relations, such as legal challenges and public enquiries. Using the participatory lens, the case of ANPR demonstrates how institutions can become open to scrutiny in a variety of ways and how surveillance practices can sometimes be renegotiated. However, in practice the power to renegotiate ANPR is reserved for political and regulatory elites, rather than ordinary citizens.
  • Publication
    Drones - dull, dirty or dangerous? The social construction of privacy and security technologies
    ( 2018)
    Lieshout, Marc van
    ;
    Friedewald, Michael orcid-logo
    Introduction The Western world has experienced brutal attacks on a number of capitals over the past 10 years (Madrid, London, Paris, Brussels). While the background of the attacks may differ in the sense that different groups of terrorists were responsible for these attacks (Al Qaida and IS), each attack gave rise to intensified discourses on the need to invest additional resources in identifying potential terrorists in order to prevent new attacks from happening. While some organizations point at the astonishing fact that terrorist attacks overall have caused far more casualties among the Muslim population than among the non-Muslim population in the West, the attacks were clearly considered an attack on Western norms and values and an attempt to cause panic in the Western population. Understandably, part of the discourse was directed at the need to be able to collect more and more relevant information on potential terrorists. Commenting on this, some pointed at the fact that usually it is not so much the lack of information but more the abundance of information (in combination with failing exchanges of information among the law enforcement agencies and intelligence services) that causes problems for the timely identification of potential terrorists in Western airports and cities. After an attack, the 'balance' between privacy and security appears to shift in the direction of sacrificing privacy in exchange for better security, and after some time the pendulum starts swinging back. We put the term 'balance' deliberately in quotation marks to indicate that this is a false representation of what is really at stake (Valkenburg, 2015). In a four-year research project we have been able to study the relationship between privacy and security in depth from a variety of perspectives. In the PRISMS project (Privacy and Security Mirrors), a number of renowned research institutes studied this relationship from a socio-technological, policy, legal, criminological and media perspective.1 The project performed a pan-European survey in which European citizens were asked how they value privacy and security as a social norm and a social objective (van den Broek et al., 2017). All results were brought together in a decision support system that supports decision makers in adopting a more nuanced perspective on the relationship between privacy and security as a design principle for novel surveillance systems (van Lieshout, van Veenstra and Barnard-Wills, 2015). In this chapter we will focus on the way security and privacy are institutionally embedded and how they function as socio-technical concepts in the construction of novel security systems. To start with the first, the presentation of the relationship between privacy and security as a trade-off implicitly qualifies security and privacy as equally relevant concepts and norms. While this may be so when looking at it from the perspective of constitutionally relevant rights to be respected (we have a right to privacy as well as a right to security2), this is far less trivial when looking at the means that are offered to realize a secure or a privacy-respecting situation. It is precisely this intriguing difference between the ideological role(s) of privacy and security and the manner in which these norms are embedded in practice that formed part of the research we performed in PRISMS (van Schoonhoven, Roosendaal and Huijboom, 2014). A second and equally interesting perspective we explored is the way privacy and security are inscribed in technologies that are considered to enhance privacy and/or security. For some technologies, it is obvious that they can enhance both security and privacy. Encryption technologies, for instance, may both secure communications and help to secure privacy as well. The dual role of encryption technologies is an obvious example of the ambiguous relationship between a technological system or artefact and its role or use in practice. While encryption may secure communications and as such help secure part of life, criminals and terrorists may at the same time use it to secure their communications.3 Depending on the context of use, encryption may thus qualify as a security technology, a privacy technology or both. An in-depth evaluation of precisely what norms are used when constructing specific technologies helps us understand the way social norms and behaviours are manifested in specific designs and layouts of technologies. While common sense presumes technologies are what they are (a door is a door, and a safety belt is a safety belt), the social construction of technology presumes all technologies are intrinsically shaped by social norms and practices and vice versa: the social understanding of technologies is shaped by the technologies at hand (Bijker, 1987, 1995; Latour, 2000). A relevant perspective we have used is the inscription of social norms in technology. We have explored this process for the construction of several different technologies, and in this chapter we will focus on a technology that is relatively new: the drone. We will start with a presentation of the research methodology in order to explore our first research question: What do European research programmes reveal about the relevance of privacy and security as research topics, their interrelationship and the institutional backing towards achieving objectives in privacy and security as social norms? We will present and discuss our findings based on an analysis of a number of European research programmes (focusing on the European Commission's 6th and 7th Framework Programmes for Research and Technological Development - referred to as FP6 and FP7). In the second part of the chapter we will present our research methodology for exploring the so-called mutual shaping perspective on society and technology in the case of the development of drones. We will then present our analysis of the socio-technical construction of drones. Finally, we will present our overall conclusions, integrating both approaches and perspectives.
  • Publication
    The cases: ANPR, credit scoring and Neighbourhood Watch
    ( 2018)
    Ball, Kirstie
    ;
    Dahm, Sebastien
    ;
    Friedewald, Michael orcid-logo
    ;
    Goos, Kerstin
    ;
    et al.
    This chapter outlines the three different case study surveillance practices examined in this book, namely: Automatic Number Plate Recognition (ANPR), credit scoring and Neighbourhood Watch. The chapter sets out the "mechanics" of each practice and an analysis of the stakeholders involved in each. These cases were chosen because they represent different kinds of surveillant relations: between citizens and the state (ANPR), citizens and the private sector (credit scoring), and citizens and each other (Neighbourhood Watch). This chapter examines the nature and history of each surveillance practice in the countries under investigation, as well as a stakeholder map for each surveillance practice. In doing so, this chapter highlights the range of organisations involved in these surveillance practices and the degree to which they are intertwined within their institutional settings.
  • Publication
    Die Fortentwicklung des Datenschutzes. Einleitung
    ( 2018)
    Roßnagel, Alexander
    ;
    Friedewald, Michael orcid-logo
    ;
    Hansen, Marit
    Vielfältige Innovationen in der Informationstechnik, in digitalen Infrastrukturen, in allgegenwärtigen Anwendungen und in der Massendatenverarbeitung erzeugen fundamentale Herausforderungen für den Schutz von Grundrechten und Freiheiten. Neue Entwicklungen in der Informationstechnik wie Künstliche Intelligenz, automatisierte selbstlernende Systeme, vielfältigste Sensoren zur Erfassung der körperlichen Welt, Bilderkennung, Emotionsanalyse, Roboter und andere Assistenzsysteme sowie individualisierte Dienste und Produkte sammeln und verarbeiten personenbezogene Daten. Digitale Infrastrukturen wie Suchmaschinen, Social Networks, Kommunikations- und Logistikdienste bilden das Rückgrat der digitalen Gesellschaft.
  • Publication
    Die grundrechtskonforme Ausgestaltung der Datenschutz-Folgenabschätzung nach der neuen europäischen Datenschutz-Grundverordnung
    ( 2017)
    Bieker, Felix
    ;
    Hansen, Marit
    ;
    Friedewald, Michael orcid-logo
    Die Europäische Union verfügt seit dem Inkrafttreten des Vertrags von Lissabon im Jahr 2009 über die rechtlich verbindliche Grundrechtecharta (GRC), die das Recht auf Privatsphäre, wie es seit den fünfziger Jahren aus Art. 8 der Europäischen Menschenrechtskonvention (EMRK) bekannt ist, um ein eigenständiges Recht auf den Schutz personenbezogener Daten erweitert. Allerdings klafft eine Lücke zwischen dem Schutz dieser Rechte und der Umsetzung neuer Technologien. Einen Ansatz, um die Lücke zu schließen, bietet die in der neuen Europäischen Datenschutz-Grundverordnung (DS-GVO) erstmals verbindlich geregelte Datenschutz-Folgenabschätzung (DSFA). Um Unternehmen und Behörden für die Einhaltung dieser Rechte zu sensibilisieren, schreibt Art. 35 DS-GVO die Durchführung einer DSFA vor, die dazu dient, Risiken für Individuen, die sich aus der Verwendung einer bestimmten Technologie oder eines bestimmten Systems ergeben, zu erkennen und zu analysieren. Auf der Grundlage dieser Analyse sind angemessene Maßnahmen auszuwählen und umzusetzen, um die festgestellten Risiken zu bewältigen. Seit der Einführung von Folgenabschätzungen gab es immer wieder Ansätze, diese auch auf dem Gebiet des Privatsphären- und Datenschutzes fruchtbar zu machen. Auf freiwilliger Basis wurden diese jedoch in der Praxis oft nicht umgesetzt oder eher als Form des Produkt-Marketings verstanden. Wenn die Grundverordnung im Mai 2018 anwendbar wird, müssen Unternehmen und Behörden im Fall eines voraussichtlich hohen Risikos ihrer Datenverarbeitung für die Rechte und Freiheiten natürlicher Personen den Datenschutzaufsichtsbehörden auf Anfrage ihre Datenschutz-Folgenabschätzungen vorlegen.
  • Publication
    The context-dependence of citizens' attitudes and preferences regarding privacy and security
    ( 2016)
    Friedewald, Michael orcid-logo
    ;
    Lieshout, Marc van
    ;
    Rung, Sven
    ;
    Ooms, Merel
    This paper considers the relationship between privacy and security and, in particular, the traditional "trade-off" paradigm that argues that citizens might be willing to sacrifice some privacy for more security. Academics have long argued against the trade-off paradigm, but these arguments have often fallen on deaf ears. Based on data gathered in a pan-European survey we discuss which factors determine citizens' perceptions of concrete security technologies and surveillance practices.