Review of Privacy's Blueprint: The Battle to Control the Design of New Technologies | Leonardo/ISAST

Review of Privacy's Blueprint: The Battle to Control the Design of New Technologies

Privacy's Blueprint: The Battle to Control the Design of New Technologies
Woodrow Hartzog

Harvard University Press, Cambridge, MA, 2018

384 pp., illus. 20 b/w.
Trade, $35.00
ISBN: 978067497600.

Reviewed by: 
John F. Barber
December 2018

You are reading this review online. The chances are almost certain that your visit to this webpage has been recorded and is now being actively monitored, waiting to see where you will go, what you will view, next. This information will be collected, cross-referenced with your personal data, also online, to develop a profile of your interests and activities.

This profile might be used for marketing purposes. Or, says Woodrow Hartzog in his new book, Privacy's Blueprint: The Battle to Control the Design of New Technologies, it could be used to undermine your privacy.

It is difficult, says Hartzog, to guard our personal information. Social media apps, technologies that track our movements and online actions, the Internet of Things, and other online applications and portals are purpose built to harvest this information. There are few laws to protect users. In fact, most privacy statements make the user responsible for protecting personally identifiable information.

Current privacy laws and user agreements consider technology as value neutral. The user decides whether it functions for good or evil, and can, supposedly, adjust the levels of privacy and security associated with their use of online, connected interfaces, applications, and information. But, says Hartzog, current models for regulating use of online technologies fosters exploitation. Popular digital tools, he says, are designed to manipulate users into disclosing personal information. They may provide no promises of respecting your privacy (38).

Hartzog, a Professor of Law and Computer Science at Northeastern University School of Law and College of Computer and Information Science, builds his case in a series of logically ordered chapters. The first is an in-depth discussion of the importance of design of technologies that are used by consumers and others whose privacy is at stake. He critiques the idea that technology is value neutral, that there are no bad technologies, only bad technology users. This view, he argues, leads to an argument for regulation of uses of technologies rather than the technologies themselves. Design is everywhere, and everything. Design is power. Design is political. People do not use technologies for whatever tasks or goals they wish to accomplish. Instead, technologies shape how people use them. Technologies shape users' behavior, choice, even attitudes, says Hartzog.

In Chapter 2, Hartzog argues that current privacy laws fail to consider the design of consumer technologies. "Nobody reads privacy policies, but all users are affected by design" (15). Good design, as has been incorporated in automobiles, airplanes, buildings, pharmaceuticals, technologies implanted in our bodies, and even some consumer products can, argues Hartzog, ease the burden of conduct-based privacy laws.

Chapter 3 presents Hartzog's blueprint for a three-part design agenda for privacy law: values, boundaries, and tools. The three are intertwined but critically affect privacy by influencing, if not determining, relationships that involve exchanging information and transaction costs associated with finding and using information. In this chapter, Hartzog focuses on the values that lawmakers and the courts should focus on when considering privacy laws.

In Chapter 4, Hartzog proposes boundaries for lawmakers when setting privacy laws: design rules and goals that nurture trust, obscurity, and autonomy. Drawing from product safety and consumer protection laws, he proposes that lawmakers should set standards to discourage deceptive, abusive, and dangerous design.

The tools that lawmakers might use to achieve these ends are discussed in Chapter 5. Lawmakers, says Hartzog, should seek balance, but provide appropriate responses to design applications that do not support, or worse, seek to subvert, privacy. Designing for privacy, just as designing for efficiency or aesthetics, is continuous, never finished, never perfect.

Hartzog provides specific examples of his ideas in Chapter 6 where he explores how the design of social media shapes online experiences, and makes users feel either vulnerable, or safe. He demonstrates how layout, forced choices, and defaults are designed to force users into sharing their personal information. He also demonstrates how privacy design of interfaces can provide a privacy promise, rather than presenting, as now, long, unreadable privacy policies. He also discusses how design should limit online harassment and abuse by others.

Search engines, browsers, deletion tools, spyware, drones, license plate readers, and facial recognition are the subject of Chapter 7. Hartzog argues the design of surveillance technologies must be justified by their overriding benefits to society, especially those made vulnerable by the surveillance. Simultaneously, he says, technologies should help users to preserve, or increase, the transaction costs to finding and using information. This includes embracing, not crippling encryption, anti-surveillance masks, ad blockers, and other technologies that allow users to preserve their obscurity.

Chapter 8 considers the Internet of Things and its multiplicity of connected objects and devices, all capable of collecting and sharing information about users and their lives. Currently, Hartzog argues, we do not think that our toasters or smart speakers, things deeply embedded in our lives, even transferred to members of our family, are collecting information about us. But recent revelations of smart speakers recording private conversations prove this not to be the case. Privacy and data security law should better understand this point and work to protect our trust, privacy, and autonomy.

Hartzog's overarching argument is that the design of popular technologies is critical to privacy, and laws should take this fact more seriously. Technologies need to improve with regard to protecting our privacy. His blueprint provides a plan and will ensure that information technologies work for everyone, not just the companies deploying them. His blueprint for privacy is bold, insightful, innovative, passionate, and important. Privacy within a context of online interconnectedness is complicated, and not without effort. For these reasons it is easy to set aside, even ignore. Privacy's Blueprint defines the stakes, provides numerous examples, and suggests a multi-layered structure that will make technology worthy of our trust.