Michael Birnhack

Privacy by designers: software developers’ privacy mindset

Privacy by design (PbD) is a policy measure that guides software developers to apply inherent solutions to achieve better privacy protection. For PbD to be a viable option, it is important to understand developers’ perceptions, interpretation and practices as to informational privacy (or data protection). To this end, we conducted in-depth interviews with 27 developers from different domains, who practice software design. Grounded analysis of the data revealed an interplay between several different forces affecting the way in which developers handle privacy concerns. Borrowing the schema of Social Cognitive Theory (SCT), we classified and analyzed the cognitive, organizational and behavioral factors that play a role in developers’ privacy decision making. Our findings indicate that developers use the vocabulary of data security to approach privacy challenges, and that this vocabulary limits their perceptions of privacy mainly to third-party threats coming from outside of the organization; that organizational privacy climate is a powerful means for organizations to guide developers toward particular practices of privacy; and that software architectural patterns frame privacy solutions that are used throughout the development process, possibly explaining developers’ preference of policy-based solutions to architectural solutions. Further, we show, through the use of the SCT schema for framing the findings of this study, how a theoretical model of the factors that influence developers’ privacy practices can be conceptualized and used as a guide for future research toward effective implementation of PbD.

The hidden human rights curriculum of surveillance cameras in schools: due process, privacy and trust

Abstract This article explores how school principals integrate Closed Circuit TV systems (CCTVs) in educational practices and analyses the pedagogical implications of these practices through the lens of human rights. Drawing on interviews with school principals and municipality officials, we found that schools use CCTVs for three main purposes: (1) Discipline: gathering evidence by semi-legal procedures, which replace educational processes and are inattentive to pupils’ voices; (2) Monitoring: real-time surveillance of pupils, which includes both caring and policing practices; and (3) Producing trust, by refraining from accessing the footage. This usage attempts to invert the concern that CCTVs undermine trust, but it may prove a double-edged sword if the pupils do not believe the principal. We argue that each of these approaches shapes the schools’ hidden human rights curriculum, by which pupils learn about due process, privacy, and autonomy, and about the power relations that determine the scope of these rights.

CCTV surveillance in primary schools: normalisation, resistance, and children’s privacy consciousness

Abstract This study explored how primary school children perceive school surveillance by Closed Circuit TV systems (CCTVs) and how their perceptions relate to their privacy consciousness. It drew on interviews with 57 children, aged 9–12, who were enrolled in three Israeli public schools that had installed CCTVs, and on information gathered from members of the management team of each school. The findings indicated that in all three schools, educators did not discuss the CCTVs with the children. Consequently, most children had various erroneous assumptions regarding the CCTVs, leading some children to wrongly believe that they were seen and heard in almost every corner of the school, including toilets and classrooms. The findings also revealed a tension between normalisation of school surveillance on the one hand, and resistance to excessive surveillance on the other. In addition, the findings demonstrated that even young children, having been born and raised in a digital world with its ubiquitous surveillance, value their privacy and are willing to relinquish it only when they perceive it as justified. The moral balance voiced by the children regarding the circumstances that justify trading privacy for security resembles constitutional analysis.

Colonial Copyright: Intellectual Property in Mandate Palestine

More than a century ago, when the British discussed colonial copyright, they meant their own interests in the colonies. They hardly referred to the local cultural and legal interests. Until recently, scholarly engagement with colonial copyright still followed the imperial path of the nineteenth century, and was told almost exclusively from a British, imperial point of view. This file contains the table of contents and Introduction of Colonial Copyright: Intellectual Property in Mandate Palestine (OUP, 2012). The book reverses the perspective and provides an account as seen and understood from the colonized side.The book explores the legal history of copyright law in the British Empire, during the first decades of the twentieth century by focusing on Mandate Palestine (1917–48) as a leading case study. It is a story about the use of law as a tool to secure British interests throughout the Empire, but also as a tool applied to promote progress and culture, at least according to the imperial vision of culture.Colonial copyright is the widespread imposition of copyright law throughout the British Empire. It occurred when a foreign power exported its own legal toolkit from home and applied it to territories and its peoples, previously unfamiliar with the idea of legal protection for creative works, at least not in the form today known as copyright. Accordingly, Colonial Copyright is a legal and cultural category about the diffusion and transplanting of the legal field that regulates some of the main institutional aspects of culture, under conditions of an imperial rule.

Hebrew Authors and English Copyright Law in Mandate Palestine

This Article discusses the first steps of Israeli copyright law, dating it back to Ottoman times, which is earlier than thus far discussed in the literature. The account provides an early case of legal globalization through colonialism (although Palestine was a Mandate, not a colony). The imposition of copyright law in Palestine enables us to observe the difficulties of applying an uninvited legal transplant and to trace its dynamics. The discussion queries the fate of copyright law in Mandate Palestine from two perspectives. First, the Colonial-Imperial point of view: I ask why the British government imposed copyright law in the newly administered territory only a month after the establishment of the civil administration in 1920 and then replaced it in 1924. The answers are to be found in the general imperial agenda, its Palestine agenda, as well as the nature of copyright and the personal background of those involved. Second, from the local point of view, I trace the first steps of copyright law within the Hebrew community and especially within the literary circle in the 1920s. The local needs of the literary field concerned the author-publisher relationship, attribution, the integrity of the work and international transactions. However, the answers to these problems were not found in the law but rather in private ordering, namely contracts and social norms.

The Political Premises of Contemporary Urban Concepts: The Global City, the Sustainable City, the Resilient City, the Creative City, and the Smart City

Abstract Numerous studies have focused on the global city, the sustainable city, the resilient city, the creative city, and the smart city, analyzing their politics, ideologies, and social implications. However, the literature lacks synthetic analysis that addresses these concepts by juxtaposing them and exploring their similarities and differences. This paper provides synthetic analysis, followed by a discussion of the concepts’ competing and complementary logics of governance and citizenship. The concluding section addresses the importance of taking into account these diverse concepts as political ideas and discusses how these concepts become a prescriptive mix promoted by public officials and private developers.

A Process-Based Approach to Informational Privacy and the Case of Big Medical Data

Data protection law has a linear logic, in that it purports to trace the lifecycle of personal data from creation to collection, processing, transfer, and ultimately its demise, and to regulate each step so as to promote the data subject’s control thereof. Big data defies this linear logic, in that it decontextualizes data from its original environment and conducts an algorithmic nonlinear mix, match, and mine analysis. Applying data protection law to the processing of big data does not work well, to say the least. This Article examines the case of big medical data. A survey of emerging research practices indicates that studies either ignore data protection law altogether or assume an ex post position, namely that because they are conducted after the data has already been created in the course of providing medical care, and they use de-identified data, they go under the radar of data protection law. These studies focus on the end-point of the lifecycle of big data: if sufficiently anonymous at publication, the previous steps are overlooked, on the claim that they enjoy immunity. I argue that this answer is too crude. To portray data protection law in its best light, we should view it as a process-based attempt to equip data subjects with some power to control personal data about them, in all phases of data processing. Such control reflects the underlying justification of data protection law as an implementation of human dignity. The process-based approach fits current legal practices and is justified by reflecting dignitarian conceptions of informational privacy.