Paper short abstract:

This paper studies the techno-epistemic network emerging around the idea of designing privacy safeguards into smart ICT infrastructures and its techniques for stabilization and alignment. Through an extended peer consultation, tensions and limits are identified in addressing 'privacy by network'.

Paper long abstract:

The notion of 'privacy by design', the idea of designing privacy safeguards into ICT systems, is increasingly picked up in regulatory agendas and entering legislation, like the new European General Data Protection Regulation. The building of smart, highly interconnected ICT infrastructures (IoT, smart cities, etc.) poses specific challenges to such approaches in scaling up efforts beyond single organizations and technologies and interlinking them. Standardization exercises emerge as a crucial hybrid 'meeting place' for the co-ordination and alignment of the various design approaches, conceptions and expectations of the actors, disciplines and sectors involved. Through the notion of 'privacy by network', this article studies how the concept of privacy becomes itself re-constituted as 'normative transversal' in these processes. It works as a stabilizing promise for networking efforts around responsible smart innovation, but simultaneously catalyzes the uprooting of the notion of privacy from legal settings where it traditionally has been articulated according to established procedures and checks. This paper studies the broader techno-epistemic network emerging around this idea of privacy design, both historically and empirically. We present the findings of an 'extended peer consultation' with representatives of the emerging network and with representatives from communities outside its boundaries, including regulators, entrepreneurs, software engineers, interaction designers, civil rights associations, 'savvy' users, ethical hackers and legal practitioners. This allows sketching the gaps, tensions and limits of these efforts and to identify opportunities for learning.