Archives for category: Science

(This is a provocation for the workshop “10 Years Of Profiling The European Citizen”, June 12-13, 2018, Brussels, for the panel on “Transparency theory for data driven decision making”)


Perhaps Louis Brandeis can be considered the father of all transparency theory because of this famous quote of his:

“Publicity is justly commended as a remedy for social and industrial diseases. Sunlight is said to be the best of disinfectants; electric light the most efficient policeman.”

Indeed transparency is commonly seen as an important tool to counter the ill effects of automated, data driven, decision making.

But I cannot fail to wonder: what if the sun does not shine?…. Wouldn’t that render transparency useless? Indeed, wouldn’t that turn transparency into a perfect cover-up, allowing organisations to hide in plain sight, pretending not to be engaged in any nefarious activities?

Below I will discuss the limits of transparency and discuss six different reasons why transparency by itself is not enough. First, transparency only helps if there are enough experts to verify the information provided. Second, transparency is useless if subjects do not have agency and have no meaningful way to challenge a decision. Third, transparency requirements may be subverted or sidestepped by providing information in an opaque way. Fourth, certain decision making process are hard to explain to begin with. Fifth, a decision may be hard to challenge because scrutinising the decision requires domain expertise and sufficient (computational) resources. And finally, transparency may conflict with business or government interests.

These six arguments are presented in detail below, followed by a brief conclusion.

Read the rest of this entry »

Ter ere van het feit dat de AVG vandaag, 25 mei, van kracht is geworden publiceer ik het blauwe boekje over privacyontwerpstrategieën. Deze gids maakt privacy by design concreet.

In celebration of the GDPR coming into force today, May 25, I am releasing the little blue book on privacy design strategies. This little guide makes privacy by design concrete.

Last week I attended the third International Cyber Operations Symposium (ICOS) in Amsterdam. The symposium was organised by the Dutch Ministry of Defence, with a mix of military and civilian delegates. The symposium was held under the Chatham House Rule, so I am free to speak about what was said, but cannot attribute it to who said it. The symposium offered an interesting insight into how the military thinks about cyberspace.

Read the rest of this entry »

I was invited to speak at the Bitcoin in Education (BCINED) conference held in Groningen, September 5, 2017. Topic of my presentation: “Blockchain & Identity: Why you should avoid the blockchain like the plague“. While listening to the morning keynotes, praising the many benefits of using blockchains in education and for managing (academic) credentials in particular, I realised my message might provide a very much needed counterpoint. The short summary: using blokchain for identity management is ridiculous.
Read the rest of this entry »

The Internet Privacy Engineering Network (IPEN/EDPS), the University of Leuven (KU Leuven), and the Future of Privacy Forum (FPF) will host a transatlantic workshop dedicated to Privacy Engineering Research and the GDPR on Friday, 10 November, 2017 at the University of Leuven in Belgium. In preparation they asked a few people for a shortlist of the most pressing issues to be discussed at the workshop. I started thinking, came up with a short list, which then grew longer as I started explaining what I meant. I’m sharing the result in the hope to receive feedback and to sharpen my thinking.

Read the rest of this entry »

This week we run the Interdisciplinary Summerschool on Privacy in Berg en Dal, the Netherlands. Here is a summary of the talks of Thursday June 22.
Read the rest of this entry »