UC Berkeley, School of Information
December 16, 2020
Also available as: pdf
This is a section of a chapter on findings from a published dissertation: Enacting Privacy in Internet Standards.
At the opening of this chapter, I outlined the two high-level research questions of this project and the five clusters of themes from my empirical findings that speak to those questions. Those themes have touched in different ways on the two research questions. But they also recommend a challenge and an opportunity for the larger justification of my project: how to better support values such as privacy through the techno-policy standard-setting process. Below I summarize the findings in relation to my research questions and the opportunity and challenge they present. In both cases, I see a common key, the deeper and more nuanced integration: of values into engineering work, of different kinds of expertise, of technocratic and democratic process.
Regarding the impacts of multistakeholder techno-policy standards-setting processes on resolving public policy disputes for the Internet:
Consensus-based multistakeholder technical standard-setting process provides a real opportunity for stable, cross-boundary collaborative solutions to disputes over public policy values in socio-technical systems. Those solutions, though, would require overcoming difficulties at several stages in the standard-setting process, under conditions where implementation and interoperability are well-aligned with substantive protection of values and accommodation of ongoing contestation. And under those conditions, we should still anticipate tension between representational vs collaborative views of the individual or democratic vs technocratic views of the process and heated conflicts from diverse or antagonistic participants.
To take advantage of this opportunity, I argue, we must embrace the integration of those representational and collaborative views and design processes to accommodate heterogeneous perspectives. As described in Chapter 1, collaborative governance requires a problem-solving orientation and ongoing participation from stakeholders; findings show both the promise and the deep challenges to productive engagement among potentially antagonistic parties (5.2). As described in Chapter 2, engineering is inherently ethically-laden and the engineering ethos is individual, practical and engaged; individual participation has proven to enable autonomy and principled contribution at the price of conflict over who one represents (5.4). As described in Chapter 3, privacy is and will be contested and that contestation can be productive; we have seen that participants evaluate communication and learning, especially across disciplines, as an important success (5.2). Put together, opportunities to address values such as privacy in socio-technical systems need multistakeholder processes where engineers are actively engaged in problem-solving, in learning and in negotiating with stakeholders.
Regarding standards-setting participants’ views of privacy and the resulting impacts on Internet user privacy:
Findings on participation (5.5) emphasize the relevance of this inquiry into views of privacy from those who are designing Internet protocols and negotiating Internet standards. Standard-setting participants are not generally representative – in demographics, in level of expert knowledge, or otherwise – of the population of Internet users. Lack of representation presents a substantial challenge to the legitimacy and responsiveness of techno-policy standards in addressing privacy.
But a substantial challenge is not a lost cause. Privacy, accessibility and other areas of public policy interest may already attract relatively more diverse participation. Furthermore, we should proactively seek better ways to support privacy from our current systems of design and governance based on what we have learned about current participants. Standard-setting participants have widely varying views on the conception of privacy and directly acknowledge that views and priorities differ. Even more intimately, the parent-child relationship or other views of family present a touchpoint for considering privacy (and other values) for differently-situated others, and not just in the sense of paternalism but also in valuing the autonomy of others. The work of privacy is seen as simultaneously continuing to figure out privacy as well as realizing or stewarding it.
As described in Chapter 1, both procedural and substantive legitimacy are important for governance and focus on interoperability and rough consensus will not be enough to assuage all concerns, particularly given non-implementer stakeholders (5.5). As described in Chapter 2, the numerous detailed decisions of engineers can have a large impact on the deployed technology of the Internet and the Web and as we’ve seen (5.4), engineers have remarkable independence even from their employer in the positions they take in technical standard-setting. As described in Chapter 3, privacy is essentially-contested and so debates over privacy will not be settled and should be considered both in concrete user needs and in high-level goals and technical architecture; in the findings, we have seen (5.6) that privacy views vary and are recognized as diverse and that interdisciplinary expertise – involving policy, ethics and technology – is especially valuable. To respond to the challenge of representation and the need for legitimacy in governance, addressing privacy, a value inherent to the social use of the Internet, will require increasingly interdisciplinary work – involving policy, ethics and technology.
Key to the answers to both research questions is integration: of values into engineering, of different kinds of expertise, of technocratic and democratic process.
That integration is key, or that integration is worth pursuing as an opportunity, does not imply that the result is simple. These findings do not support a simplistic integration of the form of embedding or hard-coding an unchangeable value in a permanent, unquestionable or unaccountable piece of architecture. Similarly, they don’t guarantee that multistakeholderism is a panacea that will guarantee integration of every diverse interest or perspective.
Rather, this suggests integrating the debate over values along with expert evaluation of technical design and integrating training and collaboration to encourage more professionals with tech, policy and ethical expertise. That integrated work and training can prepare us for the more holistic project of technology and the good life. But this nuanced integration should also accommodate diverse, conflicting participants and the impulse for separation and flexibility. Indeed, this is a hallmark of Internet standard-setting and the Internet’s architecture: a contentious but collaborative development that supports common goals while maintaining diverse and flexible uses.
Handoffs are a theoretical tool for this more nuanced view of integration: handoffs are shifts in distribution of multi-actor responsibility in the context of a larger socio-technical system. Looking at Do Not Track as a potential handoff,1 a new distribution is possible where a value of privacy is both integrated into a technical design but also enforced through a distinctive distribution of technology, regulations and norms. Values are often going to be integrated or embodied in technical designs one way or another, but we can choose how to intentionally enact the values we care about and design the form of their distributions.
In looking to future directions, I will, finally, consider some possible direct interventions related to this promise of nuanced integration and suggest how to recognize future handoffs.