Networked Privacy and Security - Examples and Suggestions

Abstract

Much existing analysis of privacy seeks to clarify differences between data protection and privacy, e.g. by incorporating ethical rules like: voluntary participation; clear and optimised value; meaningful and informed consent; respect for privacy, identity and confidentiality preferences; ‘ethics by design’; and clarity regarding specific interests. These are all relational considerations, so attention naturally shifts from data protection to data governance and from individual privacy to relational privity. This is already bearing concrete fruit in e.g. data science and cyberphysical systems (including the IoT). But it is still relatively insensitive relationship structures; the objective of this research is ultimately to apply network game theory methods to the understanding of information access and utilisation structures, hoping to replace crude privacy, data protection and cybersecurity rules – which focus on the individual level (e.g. data protection as a fundamental right of individuals), pairwise links (confidentiality rules) and entire groups (security rules and ‘public information’) with something that more accurately reflects the importance and dynamics of structures as they have emerged in practice. Network game theory replaces: i) the ‘big group’ of non-cooperative games (where all the players ‘play together’) with explicit structures that determine who plays with whom; and ii) the ‘coalitions’ of cooperative game theory with a specific geometry of (binary or higher) interactions. To apply these tools to privacy and security, it is necessary to clarify the nodes and links that make up the network and the impact on what people know and do. It is already clear that informational or data privacy can be straightforwardly represented; people are the nodes, and access to or flows of their personal information determine the links. One contribution of the work described in this paper is to give privacy an explicit topological structure. Access and permitted actions define proximity and explicit contacts and contracts are supplemented by shared norms. People may be ‘close’ either in the sense that they are less private or secure from each other than from others or by having similar (consensus) views of privacy and security – and thus similar responses to unexpected developments, willingness to support changes in law and availability to enter new relationships. The present paper formalises privacy and security in terms of access as observation rules (how what is observable relates to private information) and protocols (who can observe whom and when). It considers how these affect the degree to which private information or private actions become common knowledge, and sketches a basic framework for introducing strategic considerations and for policy impact assessment. This allows: i) a characterisation of outcomes and the impact of rules and norms for different structures; ii) the analysis of models of the evolution of privacy, privity and security conventions along the lines of behavioural conventions (in particular that ‘slow-growth’ topologies favour rapid convergence to risk-dominant outcomes); and iii) modelling the evolution of networks along pairwise stability lines. Information shared (or withheld) changes the payoffs and alters higher-order beliefs embodying reputations or trust relations. While standard network game models have fixed strategies and payoffs (the evolution of conventions model) or fixed notions of what each player gets in each network structure (in the structural evolution model); the network privacy model allows these to change as information is shared and used. It also raises some questions such as whether the formation of common knowledge about private information or individual actions is an undesirable consequence of reasonable private protocols and whether mandated disclosure might remove some inequities and inefficiencies associated with partial privacy.