scispace - formally typeset
Search or ask a question
Posted Content

Big Data and Due Process: Toward a Framework to Redress Predictive Privacy Harms

TL;DR: It is argued that individuals who are privately and often secretly “judged” by big data should have similar rights to those judged by the courts with respect to how their personal data has been used in such adjudications, and analogizes a system of regulation that would provide such rights against private big data actors.
Abstract: The rise of “big data” analytics in the private sector poses new challenges for privacy advocates. Unlike previous computational models that exploit personally identifiable information (PII) directly, such as behavioral targeting, big data has exploded the definition of PII to make many more sources of data personally identifiable. By analyzing primarily metadata, such as a set of predictive or aggregated findings without displaying or distributing the originating data, big data approaches often operate outside of current privacy protections (Rubinstein 2013; Tene and Polonetsky 2012), effectively marginalizing regulatory schema. Big data presents substantial privacy concerns – risks of bias or discrimination based on the inappropriate generation of personal data – a risk we call “predictive privacy harm.” Predictive analysis and categorization can pose a genuine threat to individuals, especially when it is performed without their knowledge or consent. While not necessarily a harm that falls within the conventional “invasion of privacy” boundaries, such harms still center on an individual’s relationship with data about her. Big data approaches need not rely on having a person’s PII directly: a combination of techniques from social network analysis, interpreting online behaviors and predictive modeling can create a detailed, intimate picture with a high degree of accuracy. Furthermore, harms can still result when such techniques are done poorly, rendering an inaccurate picture that nonetheless is used to impact on a person’s life and livelihood. In considering how to respond to evolving big data practices, we began by examining the existing rights that individuals have to see and review records pertaining to them in areas such as health and credit information. But it is clear that these existing systems are inadequate to meet current big data challenges. Fair Information Privacy Practices and other notice-and-choice regimes fail to protect against predictive privacy risks in part because individuals are rarely aware of how their individual data is being used to their detriment, what determinations are being made about them, and because at various points in big data processes, the relationship between predictive privacy harms and originating PII may be complicated by multiple technical processes and the involvement of third parties. Thus, past privacy regulations and rights are ill equipped to face current and future big data challenges.We propose a new approach to mitigating predictive privacy harms – that of a right to procedural data due process. In the Anglo-American legal tradition, procedural due process prohibits the government from depriving an individual’s rights to life, liberty, or property without affording her access to certain basic procedural components of the adjudication process – including the rights to review and contest the evidence at issue, the right to appeal any adverse decision, the right to know the allegations presented and be heard on the issues they raise. Procedural due process also serves as an enforcer of separation of powers, prohibiting those who write laws from also adjudicating them.While some current privacy regimes offer nominal due process-like mechanisms in relation to closely defined types of data, these rarely include all of the necessary components to guarantee fair outcomes and arguably do not apply to many kinds of big data systems (Terry 2012). A more rigorous framework is needed, particularly given the inherent analytical assumptions and methodological biases built into many big data systems (boyd and Crawford 2012). Building on previous thinking about due process for public administrative computer systems (Steinbock 2005; Citron 2010), we argue that individuals who are privately and often secretly “judged” by big data should have similar rights to those judged by the courts with respect to how their personal data has been used in such adjudications. Using procedural due process principles, we analogize a system of regulation that would provide such rights against private big data actors.
Citations
More filters
01 Jan 2014
TL;DR: In this paper, Cardozo et al. proposed a model for conflict resolution in the context of bankruptcy resolution, which is based on the work of the Cardozo Institute of Conflict Resolution.
Abstract: American Bankruptcy Institute Law Review 17 Am. Bankr. Inst. L. Rev., No. 1, Spring, 2009. Boston College Law Review 50 B.C. L. Rev., No. 3, May, 2009. Boston University Public Interest Law Journal 18 B.U. Pub. Int. L.J., No. 2, Spring, 2009. Cardozo Journal of Conflict Resolution 10 Cardozo J. Conflict Resol., No. 2, Spring, 2009. Cardozo Public Law, Policy, & Ethics Journal 7 Cardozo Pub. L. Pol’y & Ethics J., No. 3, Summer, 2009. Chicago Journal of International Law 10 Chi. J. Int’l L., No. 1, Summer, 2009. Colorado Journal of International Environmental Law and Policy 20 Colo. J. Int’l Envtl. L. & Pol’y, No. 2, Winter, 2009. Columbia Journal of Law & the Arts 32 Colum. J.L. & Arts, No. 3, Spring, 2009. Connecticut Public Interest Law Journal 8 Conn. Pub. Int. L.J., No. 2, Spring-Summer, 2009. Cornell Journal of Law and Public Policy 18 Cornell J.L. & Pub. Pol’y, No. 1, Fall, 2008. Cornell Law Review 94 Cornell L. Rev., No. 5, July, 2009. Creighton Law Review 42 Creighton L. Rev., No. 3, April, 2009. Criminal Law Forum 20 Crim. L. Forum, Nos. 2-3, Pp. 173-394, 2009. Delaware Journal of Corporate Law 34 Del. J. Corp. L., No. 2, Pp. 433-754, 2009. Environmental Law Reporter News & Analysis 39 Envtl. L. Rep. News & Analysis, No. 7, July, 2009. European Journal of International Law 20 Eur. J. Int’l L., No. 2, April, 2009. Family Law Quarterly 43 Fam. L.Q., No. 1, Spring, 2009. Georgetown Journal of International Law 40 Geo. J. Int’l L., No. 3, Spring, 2009. Georgetown Journal of Legal Ethics 22 Geo. J. Legal Ethics, No. 2, Spring, 2009. Golden Gate University Law Review 39 Golden Gate U. L. Rev., No. 2, Winter, 2009. Harvard Environmental Law Review 33 Harv. Envtl. L. Rev., No. 2, Pp. 297-608, 2009. International Review of Law and Economics 29 Int’l Rev. L. & Econ., No. 1, March, 2009. Journal of Environmental Law and Litigation 24 J. Envtl. L. & Litig., No. 1, Pp. 1-201, 2009. Journal of Legislation 34 J. Legis., No. 1, Pp. 1-98, 2008. Journal of Technology Law & Policy 14 J. Tech. L. & Pol’y, No. 1, June, 2009. Labor Lawyer 24 Lab. Law., No. 3, Winter/Spring, 2009. Michigan Journal of International Law 30 Mich. J. Int’l L., No. 3, Spring, 2009. New Criminal Law Review 12 New Crim. L. Rev., No. 2, Spring, 2009. Northern Kentucky Law Review 36 N. Ky. L. Rev., No. 4, Pp. 445-654, 2009. Ohio Northern University Law Review 35 Ohio N.U. L. Rev., No. 2, Pp. 445-886, 2009. Pace Law Review 29 Pace L. Rev., No. 3, Spring, 2009. Quinnipiac Health Law Journal 12 Quinnipiac Health L.J., No. 2, Pp. 209-332, 2008-2009. Real Property, Trust and Estate Law Journal 44 Real Prop. Tr. & Est. L.J., No. 1, Spring, 2009. Rutgers Race and the Law Review 10 Rutgers Race & L. Rev., No. 2, Pp. 441-629, 2009. San Diego Law Review 46 San Diego L. Rev., No. 2, Spring, 2009. Seton Hall Law Review 39 Seton Hall L. Rev., No. 3, Pp. 725-1102, 2009. Southern California Interdisciplinary Law Journal 18 S. Cal. Interdisc. L.J., No. 3, Spring, 2009. Stanford Environmental Law Journal 28 Stan. Envtl. L.J., No. 3, July, 2009. Tulsa Law Review 44 Tulsa L. Rev., No. 2, Winter, 2008. UMKC Law Review 77 UMKC L. Rev., No. 4, Summer, 2009. Washburn Law Journal 48 Washburn L.J., No. 3, Spring, 2009. Washington University Global Studies Law Review 8 Wash. U. Global Stud. L. Rev., No. 3, Pp.451-617, 2009. Washington University Journal of Law & Policy 29 Wash. U. J.L. & Pol’y, Pp. 1-401, 2009. Washington University Law Review 86 Wash. U. L. Rev., No. 6, Pp. 1273-1521, 2009. William Mitchell Law Review 35 Wm. Mitchell L. Rev., No. 4, Pp. 1235-1609, 2009. Yale Journal of International Law 34 Yale J. Int’l L., No. 2, Summer, 2009. Yale Journal on Regulation 26 Yale J. on Reg., No. 2, Summer, 2009.

1,336 citations

Journal ArticleDOI
TL;DR: This work uses Edwards’ (1979) perspective of “conteste... to explore how algorithms may reshape organizational control in the rapidly changing environment.
Abstract: The widespread implementation of algorithmic technologies in organizations prompts questions about how algorithms may reshape organizational control. We use Edwards’ (1979) perspective of “conteste...

508 citations


Cites background from "Big Data and Due Process: Toward a ..."

  • ...…may encroach on procedural due process, that is, “the constitutional requirement that any government deprivation of a liberty or property right must be preceded—at a minimum—by notice and the opportunity for a hearing on the matter before an impartial adjudicator” (Crawford & Schultz, 2014: 111)....

    [...]

Journal ArticleDOI
TL;DR: The increased amount of health care data collected brings with it ethical and legal challenges for protecting the patient while optimizing health care and research, and possible ways forward for the regulatory system are sketched.
Abstract: Big data has become the ubiquitous watch word of medical innovation. The rapid development of machine-learning techniques and artificial intelligence in particular has promised to revolutionize medical practice from the allocation of resources to the diagnosis of complex diseases. But with big data comes big risks and challenges, among them significant questions about patient privacy. Here, we outline the legal and ethical challenges big data brings to patient privacy. We discuss, among other topics, how best to conceive of health privacy; the importance of equity, consent, and patient governance in data collection; discrimination in data uses; and how to handle data breaches. We close by sketching possible ways forward for the regulatory system.

475 citations

Journal ArticleDOI
TL;DR: It is argued that blockchain's decentralized feature is likely to result in a low susceptibility to manipulation and forgery by malicious participants, and public policy efforts directed at protecting privacy using blockchain should focus on providing training to key stakeholders and increasing investment in this technology.

430 citations

Journal ArticleDOI
11 Jul 2019
TL;DR: A framework for identifying a broad range of menaces in the research and practices around social data is presented, including biases and inaccuracies at the source of the data, but also introduced during processing.
Abstract: Social data in digital form—including user-generated content, expressed or implicit relations between people, and behavioral traces—are at the core of popular applications and platforms, driving the research agenda of many researchers. The promises of social data are many, including understanding “what the world thinks” about a social issue, brand, celebrity, or other entity, as well as enabling better decision-making in a variety of fields including public policy, healthcare, and economics. Many academics and practitioners have warned against the naive usage of social data. There are biases and inaccuracies occurring at the source of the data, but also introduced during processing. There are methodological limitations and pitfalls, as well as ethical boundaries and unexpected consequences that are often overlooked. This paper recognizes the rigor with which these issues are addressed by different researchers varies across a wide range. We identify a variety of menaces in the practices around social data use, and organize them in a framework that helps to identify them. “For your own sanity, you have to remember that not all problems can be solved. Not all problems can be solved, but all problems can be illuminated.” –Ursula Franklin1

379 citations


Cites background from "Big Data and Due Process: Toward a ..."

  • ...The reliance on automated decision making processes based on statistical methods, can inherit, propagate, or even amplify the biases and prejudice present in the training data with respect to various factors such as race, age, gender or socioeconomic groups (Crawford and Schultz, 2014; Barocas and Selbst, 2016)....

    [...]

References
More filters
Journal Article
TL;DR: Data fundamentalism, the notion that correlation always indicates causation, and that massive data sets and predictive analytics always reflect objective truth, is a major obstacle in big data hype as mentioned in this paper.
Abstract: This looks to be the year that we reach peak big data hype. From wildly popular big data conferences to columns in major newspapers, the business and science worlds are focused on how large datasets can give insight on previously intractable challenges. The hype becomes problematic when it leads to what I call “data fundamentalism,” the notion that correlation always indicates causation, and that massive data sets and predictive analytics always reflect objective truth. Former Wired editor-in-chief Chris Anderson embraced this idea in his comment, “with enough data, the numbers speak for themselves.” But can big data really deliver on that promise? Can numbers actually speak for themselves?

224 citations

MonographDOI
01 Jan 2013
TL;DR: This chapter discusses privacy, due process and the Computational Turn in the context of data-behaviourism vs. due-process, as well as political and Ethical perspectives on Data Obfuscation.
Abstract: Privacy, Due process and the Computational Turn: The Philosophy of Law Meets the Philosophy of Technology engages with the rapidly developing computational aspects of our world including data mining, behavioural advertising, iGovernment, profiling for intelligence, customer relationship management, smart search engines, personalized news feeds, and so on in order to consider their implications for the assumptions on which our legal framework has been built. The contributions to this volume focus on the issue of privacy, which is often equated with data privacy and data security, location privacy, anonymity, pseudonymity, unobservability, and unlinkability. Here, however, the extent to which predictive and other types of data analytics operate in ways that may or may not violate privacy is rigorously taken up, both technologically and legally, in order to open up new possibilities for considering, and contesting, how we are increasingly being correlated and categorizedin relationship with due process – the right to contest how the profiling systems are categorizing and deciding about us.

69 citations

Journal Article
TL;DR: Big Data is the jargon du jour, the tech world's one-size-fits-all (so long as it's triple XL) answer to solving the world's most intractable problems as mentioned in this paper.
Abstract: “Big data” is the jargon du jour, the tech world’s one-size-fits-all (so long as it’s triple XL) answer to solving the world’s most intractable problems. The term is commonly used to describe the art and science of analyzing massive amounts of information to detect patterns, glean insights, and predict answers to complex questions. It might sound a bit dull, but from stopping terrorists to ending poverty to saving the planet, there’s no problem too big for the evangelists of big data.

31 citations

Posted Content
TL;DR: This paper examined the historical evidence regarding the original public meaning of the Due Process Clauses of both the Fifth and Fourteenth Amendments with a single question in mind: Did the original meaning of each Clause, at the time of its enactment, encompass a recognizable form of substantive due process.
Abstract: The nature and scope of the rights protected by the Due Process Clauses of the Fifth and Fourteenth Amendments is one of the most debated topics in all of constitutional law At the core of this debate is the question of whether these Clauses should be understood to protect only “procedural” rights, such as notice and the opportunity for a hearing, or whether the due process guarantee should be understood to encompass certain “substantive” protections as well An important, though little explored assumption shared by participants on both sides of this debate is that the answer to the substantive-due-process question must be the same for both provisions This article questions that assumption by separately examining the historical evidence regarding the original public meaning of the Due Process Clauses of both the Fifth and Fourteenth Amendments with a single question in mind: Did the original meaning of each Clause, at the time of its enactment, encompass a recognizable form of substantive due process‘ At the time of the Fifth Amendment’s ratification in 1791, the phrase “due process of law,” and the closely related phrase “law of the land,” were widely understood to refer primarily to matters relating to judicial procedure with the second phrase having a somewhat broader connotation referring to existing positive law Neither of these meanings was broad enough to encompass something that would today be recognized as “substantive due process” Between 1791 and the Fourteenth Amendment’s enactment in 1868, due process concepts evolved dramatically, both through judicial decisions at the state and federal levels and through the invocation of due-process concepts by both pro-slavery and abolitionist forces in the course of constitutional arguments over the expansion of slavery By 1868, a recognizable form of substantive due process had been embraced by courts in at least 20 of the 37 then-existing states as well as by the United States Supreme Court and by the authors of the leading treatises on constitutional law As a result, my conclusion is that the original meaning of one, and only one, of the two Due Process Clauses – the Due Process Clause of the Fourteenth Amendment – was broad enough to encompass a recognizable form of substantive due process

22 citations