'Fool's Gold: an Illustrated Critique of Differential Privacy' by Jane R. Bambauer, Krish Muralidhar & Rathindra Sarathy in (2014) 16
Vanderbilt Journal of Entertainment & Technology Law argues that
Differential privacy has taken the privacy community by storm. Computer scientists developed this technique to allow researchers to submit queries to databases without being able to glean sensitive information about the individuals described in the data. Legal scholars champion differential privacy as a practical solution to the competing interests in research and confidentiality, and policymakers are poised to adopt it as the gold standard for data privacy. It would be a disastrous mistake.
This Article provides an illustrated guide to the virtues and pitfalls of differential privacy. While the technique is suitable for a narrow set of research uses, the great majority of analyses would produce results that are beyond absurd: average income in the negative millions, or correlations well above 1, for example.
The legal community has been misled into thinking that differential privacy can offer the benefits of data research without sacrificing privacy. In fact, differential privacy will usually produce either very wrong research results or very useless privacy protections. Policymakers and data stewards will have to rely on a mix of approaches: perhaps differential privacy where it is well-suited to the task, and other disclosure prevention techniques in the great majority of situations where it isn’t.
'Confidential Information as Property?' by Tanya Aplin in (2013) 24(2)
King's Law Journal 172-201
comments
There has been a long-standing debate about whether the protection of confidential information is a property right. The eminent Professor Finn once described this as ‘[p]erhaps the most sterile of debates’. So why risk venturing into this arena again? My motivation for doing so is the Court of Appeal decision in Veolia ES Nottinghamshire Ltd v Nottinghamshire County Council (‘Veolia’) where it was held, with fairly sparse reasoning, that Article 1 of the First Protocol of the ECHR (‘A1P1’) embraced confidential information. This seemed a surprising conclusion in light of substantial authority to the contrary in English law and the scholarly views on this issue, but also in terms of the potential impact of such a view, i.e. creating a human or fundamental right to the protection of confidential information. Therefore, I want to revisit the question of whether the protection of confidential information that is provided by the (English common law) action for breach of confidence is or should be recognised as property, in particular from the human rights perspective. I intend to tackle this question by first outlining the Veolia decision and subsequently critiquing it in light of relevant authorities. I will then explore the conceptual difficulties of characterising confidential information as ‘property’ and finally, some of the potential risks of doing so.