DARPA lays out bedrock R&D privacy principles
Privacy is one of those squishy issues that government has typically not been very good with. It usually gets conflated with data security, but in fact it’s a very different animal. Security is about protecting data from prying eyes, whereas privacy is about protecting people from the effects of information being seen by those prying eyes. And what is privacy to one government bureaucrat is just an annoyance to another. As I said, squishy.
A recent New York Times blog post points to the silence of the Obama Administration on privacy, at least so far, compared to the very loud pronouncements it’s made on such things as cybersecurity. One of the theories proffered for this was the dichotomy the administration is facing between the need for privacy on the one hand and the increasingly privacy-deficient world of Web 2.0, which the administration champions.
Interesting, therefore, to see that the boffins at DARPA have come up with a set of privacy principles that, at least at first glance, seem to give some hope that privacy could become a part of fundamental technology R&D. In other words, privacy would no longer be an afterthought of technology, or something to be layered on top, but the technology itself would be defined by the potential impact it will have on privacy.
As DARPA itself points out, the administration’s recent National Security Strategy lays out some of the criteria for privacy protection, though really it only mentions it in passing as a part of its rhetoric on cybersecurity, without really defining what privacy is or how it should be protected.
Which, if it can really turn its privacy principles into something concrete, is why DARPA’s approach seems potentially so important. It’s going to get the National Academy of Sciences to conduct a study on the ethical implications of technology advances, create an independent privacy review panel to tell it what effect its bleeding edge R&D is likely to have on privacy and work with the National Science Foundation to assess the dangers to “personally identifiable information” of science and technology development.
That could all turn out to be as squishy as the original issue, of course. The trick is how it’s implemented into DARPA’s work. If it’s successful, that could turn out to be as equally a high-payoff development as any of the actual technology it produces.
Posted on Aug 10, 2010 at 6:47 AM