Privacy violations committed by citizens (social or horizontal privacy) has recently gained new momentum. The tools that enable citizens to easily collect and disseminate data about each other, such as products designed specifically for these purposes (so called spy or espionage products) and products that offer far-reaching possibilities to do so (smartphones, drones, smart doorbells, etc.), are becoming increasingly available and accessible to ordinary citizens. In addition, costs have continued to dwindle, so that economic barriers to the purchase and use these products have been removed almost completely. This has led to a democratisation of these products. How to regulate horizontal privacy in the 21th century?
Together with colleagues from Tilburg University, I've conducted a study for the Dutch government on the regulation of drones and spyproducts (e.g. mini-camera's, gps-trackers, etc.). The main question investigated in this report is how the regulation of hobbydrones and spy products in a narrow sense can be optimised in light of protecting citizens’ privacy.
Answers to this question are based on desk research, legal analysis on Dutch, German and French law and the acquis of the European Union, internet quickscans, two focus groups on hobby drones and 10 semi-structured interviews with stakeholders connected to hobby drone flying and experts on drones (including academics, practitioners, organisations).
In this editorial, I sum up a number of conclusions on the regulation of horizontal privacy in the 21th century, especially focussing on two questions: the choice between ex ante and ex post regulation and the question of who should be the primary norm addressee.
While current regulation of horizontal privacy is mosly ex post, given the difficulties connected to the enforcement of such legal doctrines, there is an argument for more ex ante regulation. However, this would come at the price of restricting or prohibiting potentially unproblematic uses of technology by citizens. Similar difficult questions arise when assigning duties to a norm adressee. Should the state, internet providers or citizens be tasked with upholding privacy in horizontal relationships and ..... how?
Download the editorial here.
Together with a colleague from Leiden University, I've conducted a study for the Dutch government on the regulation of horizontal privacy. This study included comparative legal analysis. The research addresses a problem statement that can be divided into three sub-statements:
• What lessons can be learned from the approach taken by other European countries with regards to the protection of horizontal privacy?
• To what extent can these solutions be applied in the context of the Netherlands?
• Are there any undesirable consequences or side-effects associated with the opportunities to provide effective protection to horizontal privacy in the Netherlands?
The countries that are involved in the legal comparative analysis are: Germany, Poland, Sweden and the United Kingdom.
Together with colleagues from Tilburg University, I've conducted a study for the Dutch government on the regulation of facial recognition in horizontal relationships. There were two main questions:
1) How is facial recognition technology used by Dutch citizens and companies and how can the
use of facial recognition technologies by citizens and companies infringe the privacy of citizens
(now and in five years)?
2) How can privacy violations, both current and potential, be prevented or limited?
This research includes a broad literature study into automated facial recognition technology and privacy violations in for these domains: the event sector, smartphone apps, the smart doorbell and the retail sector. For these domain studies, 11 stakeholder and expert were interviewed.