| L Jean Camp | Lesa Lorenzen-Huber | Kay Connelly |
| ljean@ljean.com | lehuber@indiana.edu | connelly@cs.indiana.edu |
| Associate Professor | Assistant Professor | Assistant Professor |
| School of Informatics | Health, Physical Education and Recreation | Department of Computer Science |
| 901 E 10th St | 133 HPER | Lindley Hall |
|
Indiana University Bloomington, IN |
||
The ubicomp transformation has the ability to lead us to an Orwellian society where people will no longer be aware when they are interacting with the network and creating data records. The potential negative implications of this are clear, and frightening. However, ubicomp has immense potential to improve lives, including the lives of vulnerable individuals who can leverage the abilities of ubicomp to reach or maintain personal independence and autonomy.
Currently, design for privacy requires a user who understands the social implications of ubicomp technology, demands a design that respects privacy, and articulates specific technical design requirements. Design for privacy also requires a ubicomp designer with mastery of privacy enhancing technologies, security mechanisms, and a profound understanding of privacy. Data protection and fair information practices require a transactional approach to data management, where users make discrete decisions about data flows that are then integration. None of these is an adequate approach to the myriad problems in privacy in ubicomp.
Privacy is a socially constructed value that differs significantly across environments and age cohorts of individuals. The impact of ubicomp on privacy will be the greatest in terms of privacy in home-based health care. Value-sensitive design has the potential to make this transformational change less disruptive in terms of personal autonomy and individual boundaries by integrating privacy into ubicomp home health care. Yet value- sensitive design must be predicated upon a shared concept of the particular value under consideration.
In this paper we provide a high-level overview of the competing concepts of privacy. We critique each of these concepts in terms of its applicability to the specific domain of home-based health care. We also critique privacy as constructed in home-based ubicomp systems, and in ubicomp systems that present themselves as privacy-enhancing. We introduce the strengths and weaknesses of value-sensitive design for the case of ubicomp, particularly in the home. We enumerate the possible interactions between home-based ubicomp, various privacy regimes, and design for values.
We conclude that not only is no single theory of privacy applicable; but also that the knowledge of both the technology and the privacy risks is an unreasonable requirement for ubicomp users and designers. We argue that intimacy of the technology, the continuity of the data flow, and the invisibility of the risk in ubicomp limits the efficacy of data protection and fair information practices. Data protection must be augmented by more subtle mechanisms, and standards of care in privacy design should be developed before the Orwellian default becomes installed base.