Title: SCENARIO III: ONE UPON A TIME, IN THE KINGDOM OF AMBIENT LAW

Introduction 

Li-lian is the wife of David Cragg. They have a lovely daughter, Zoe, who is 7 years old, and they have moved from the north of England to London, due to a very interesting job offer for Li-lian, who is now marketing manager at a prestigious 4-star hotel.  

Scene 1: Waking up to a smart home 

Li-lian wakes up to an artificial light that increases its intensity, somewhere between 5.30 and 6.30, when the smart dust within her body has registered the optimal moment to rise from sleep. Similarly, Zoe wakes up to an artificial light and some light music, adjusted to her biological profile. Li-lian suffers mildly from winter depressions, so the light’s intensity remains relatively high for about 20 minutes while she prepares and enjoys a light breakfast with her daughter in the kitchen. Based on ubiquitous monitoring of her gait, eye movements, skin temperature, and specific hormonal levels, the house anticipates Li-lian’s moods and adjusts waking time, bright light duration and intensity, as well as the supplies in her fridge and larder. The house also advises her on physical exercises that improve her moods and decrease fatigue.  

As Li-lian opens the fridge to replace the milk, the kitchen screen suggests that she do five more bending exercises – a welcome decrease from last month now that she managed to lose 0.424 pounds in weight last week. The house sensors also note that Li-lian is blinking rather more than usual, and since she hasn’t really had much vitamin-A-rich food lately, the KitchAid places carrots on the autonomic shopping list. Before Li-lian is off to work, she screens the shopping list and is just in time to replace the carrots – odd that the system hasn’t noticed until now that Zoe hates carrots! – with yellow peppers. When Li-lian tries to access the home network for information about her daughter’s state of mind, the network refuses access on grounds of privacy protection. Although as a parent she can override this, the system’s audit mechanism will notify Zoe, and Li-lian in this case has no good reason other than mere curiosity to explain her action to her daugther, so she decides against further intrusion. 

All data that are stored and mined within the context of the home remain within the private network of intelligent agents that are running the house. These agents do not – as a default – provide external access to these data and if – after consultation with Li-lian – data are disclosed, they are tagged to trace their whereabouts and include a set of commands that restrict their use to specific purposes. The smart home network regularly checks to what use disclosed data have been put, and profiles the findings for interesting patterns.  

Scene 2: Stepping into a smart outdoors 

When David – who takes their daughter to school every morning – leaves the house, he steps into a whirlpool of wireless machine to machine (M2M) communication. Today, his smart car has picked up a traffic congestion on the way to school, advising him to walk or cycle to school. David decides, however, not to follow the advice and to go by car nonetheless.  

Once in the car, he is tacitly aware of the permanent real-time car-to-car (C2C) communication. At a certain point, when he is distracted by persistent queries of Zoe, the car automatically slows down, even though he has actually stepped on the gas to move faster. The car has detected another vehicle at close range and anticipates a potential collision. The other day, when David drove home after a trying day at the office, the car moved into automatic pilot as the driver fatigue detector reset the default of the car. To restrict central storage of personal data of driving, most of this M2M communication around public roads does not follow a tree or star topology but runs as a mesh topology, discarding information as soon as it is outdated. 

Scene 3: A smart office 

When Li-lian enters her office, her chair automatically resets to accommodate the present state of her bodily fitness. Li-lian has suffered from lower back-aches ever since the birth of her daughter, and the sensor technologies and RFID systems monitor her biometric behaviour for signs of upcoming pain or fatigue. The chair has learned to which positions she responds best. In fact, her chair has detected a potential attack of lower back pain just now and forces her to continuously regain her balance (like sitting on a huge ball), because this trains the muscles and prevents a wrong posture. As she sits down and gazes at the display embedded in her desk, the desk traces all attempts from colleagues and customers to reach her and surveys all other tasks awaiting her, organising them in terms of urgency and importance, based on Li-lian’s past behaviour. When the display is ready, Li-lian screens the priorities and takes some time to adjust the list, while occasionaly moving into an item to check its content.  

Li-lian then takes a small break to reset her mind and starts making videocalls, skipping through reports (of which a summary has been extracted autonomically, based on pattern recognition with regard to what is deemed relevant for marketing managers in general, and personalised on the basis of her own tacit and expressed needs of information), discussing the reports with other departments and external partners, and sending them back into the content management system with tags of what she finds crucial. In the course of the day she takes a series of decisions, which feed back into the knowledge management system. Li-lian – like most marketing managers in these days – believes in open innovation, aiming for ‘do your best, partner the rest’. This, of course, does not mean that she is not striving for competitive advantages; it rather indicates that she must be sharp about which information she shares with whom. The knowledge-management system continuously advises her on alternative courses of action, while her individual digital business assistant takes over negotiations whenever this is deemed more effective. Sometimes, machines come up with creative solutions their boss could not have imagined, but often, they are just used to run routine negotiations.  

All personal information regarding Li-lian’s health, dietary habits, and other data from which such information can be inferred is kept in a separate context. It is up to Li-lian to trade with these data or to even delete them. Information stored on the individual digital business assistant is – by default – shared with a specified set of others (meaning software agents of other employees, departments, or external partners). Both the individual private and the individual business digital assistants function as a kind of butlers or management assistants; they are professional, and relatively independent but highly dependable. At least, usually – Li-lian shudders when she recalls the latest Digital Assistant scandal, where a new operating-system release had a major flaw, enabling employers to access data in blatant violation with built-in data-protection policies. She is careful to use only digital assistants with proven trusted computing.  

Scene 4: A smart school 

When David arrives at school, Zoe kisses him goodbye and enters the building. The building recognises her behavioural biometrics and turns on the screen of her virtual learning environment (VLE). By the time she reaches her desk, a program for the day is already on the screen: she will have to start with math and then do some grammar. The program is based on her progress so far in relation to the end terms that have been set for this year, month, and week. After about half an hour, the program adapts to include less grammar exercises and more math, because the VLE anticipates she will make better progress this way. Her interactions are monitored, her memory and understanding are tested, and she receives real-time feedback to speed up the learning process, this time applauding her efforts in math.  

Her learning schedule of this week includes periods of intense interactive learning, regarding mathematics, the bio-natural sciences, the social sciences, infonomics, cognitics, and the arts. One of the mainstream techniques she works with is designing and testing simulations of ‘natural’ phenomena, foreign ‘natural’ languages, and history. This should provide her with an adequate sense of both the resistance of reality and the plurality of its manifestations.  

After some time, the VLE is shut off, tasking Zoe to get involved in real-world learning processes, and forcing her to stay tuned to her schoolmates, tutors, and the world outside the school.  

When she is allowed to re-enter the VLE, she presents herself to a peergroup of pupils from different schools, categorised to have a shared background, need, or interest. She enjoys exchanging information on playing chess, one of her favorite pastimes, but she also shares information on how to tackle particular problems in her math course in order to meet the targets set for this week.  

Though the VLE personalises her learning tasks to fit and elaborate her interests, it also confronts Zoe with the unexpected or undesired, in order to prevent the development of narrow and biased perspectives. Today, Zoe has to study and discuss the impact of animal testing on the researchers that perform the tests, a topic far outside her range of interest. All her personal data and profiles that are used to monitor her progress and adapt the learning environment to match her level of understanding are compiled in a protected virtual environment. The data can be mined anonymously for group profiling, including data from other schools. This has enabled a more refined understanding of a learning disability that Zoe suffers from, allowing the VLE to anticipate its negative effects by developing strategies to avoid whatever triggers the fatigue that blocks her capacity to take in more information.  

When David enters to pick up his daughter, he asks her tutor to give him access to her personal profile. As he knows, he does not have unlimited access to her profile, and as she grows older he will need her permission. This is not a problem to David, who is convinced of the importance of respecting his daughter’s growing autonomy.  

Bibliography 

Beckwith, R. , "Designing for Ubiquity: The Perception of Privacy." Pervasive computing 2003 (April-June): 40-46

Bellotti, V. and A. Sellen, "Design for Privacy in Ubiquitous Computing Environments." Proc. of the European Conference on Computer-Supported Cooperative Work 1993

Berman, H., J. , Law and Revolution. The Formation of the Western Legal Tradition. Cambridge Massachusetts and London, England, 1983, Harvard University Press.

Berthold, S., Clauß, S. , ‘Linkability Estimation Between Subjects and Message Contents Using Formal Concepts’, accepted at DIM’07, ACM Workshop on Digital Identity Management, November 2007, to appear in the proceedings 2007. 

Bizer, J., Spiekermann, S., Günther, O. (Eds.), Technikfolgenabschätzung Ubiquitäres Computing und Informationelle Selbstbestimmung (TAUCIS), Berlin 2006. Download: https://www.datenschutzzentrum.de/taucis/ita_taucis.pdf 

Blavin, J. H. and I. G. Cohen , "GORE, GIBSON, AND GOLDSMITH: THE EVOLUTION OF INTERNET METAPHORS IN LAW AND COMMENTARY." Harvard Journal of Law & Technology (16) 2002-1: 265-285.

Brückner, L., ‘Aktiver Datenschutz mit Data Journals’, Datenschutz und Datensicherheit 5/2003, p. 300, Wiesbaden 2003. 

Brückner, L., Voss, M., ‘MozPETs – a privacy enhanced Web Browser’, Proceedings of the Third Annual Conference on Privacy, Security and Trust (PST05). St. Andrews, New Brunswick, Canada; October 12-14, 2005. Download: http://www.ito.tu-darmstadt.de/projects/prima/

Bygrave, L. , Automated Profiling – Minding the machine: Article 15 of the EC data protection directive and automated profiling, CLSR, Vol. 17 no 1, 2001, p.17-24

Caplan, J. and J. Torpey, Documenting Individual Identity. Princeton and Oxford, 2001,Princeton University Press.

Čas, J., ‘Privacy in Pervasive Computing Environments – A Contradiction in Terms’, IEEE Technology and Society Magazine, pp. 24-33, Spring 2005. Download: http://www-personal.si.umich.edu/~rfrost/courses/SI110/paper_support/Cas,%20Privacy%20and%20Ubiquity.pdf 

Casassa Mont, M., Pearson, S., Bramhall, P., ‘Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services’, HP Technical Reports, Bristol 2003. Download: http://www.hpl.hp.com/techreports/2003/HPL-2003-49.pdf.

Chevallier, J., L’Etat de droit. Parijs, Montchrestien 1994.

Daskala, B. & Maghiros, I., D1gital Territ0ries - Towards the protection of public and private space in a digital and Ambient Intelligence environment, 2007, IPTS EUR 22765 EN. Available at: http://www.jrc.es/publications/pub.cfm?id=1474.

De Hert, P., “What are the risks and guarantees need to be put in place in view of interoperability of police databases?” in European Parliament. Directorate-General for Internal Policies of the Union (ed.), Area of Justice, Freedom & Security, Collection of Standard Briefing Notes by External Experts, Brussels 2006, Parlement Européen (Ed.).

Dommering, E. J. and L. Asscher, Eds. , Coding Regulation. Essays on the Normative Role of Information Technology. IT & Law Series. The Hague 2006, T.M.C. Asser Press.

Dumortier, J., “Privacy en gegevensbescherming”, Vlaamse Jurist Vandaag, 1993, 6. 

Eder, K., Die Entstehung staatlich organisierter Gesellschaften. Ein Beitrag zu einer Theorie sozialer Evolution. Frankfurt am Main: Suhrkamp 1976.

Eisenstein, E. , The Printing Revolution in Early Modern Europe. Cambridge New York 2005 (second edition) Cambridge University Press.

Flanagan, M., D. Howe, et al., Values in Design: Theory and Practice. Information Technology and Moral Philosophy. J. Van den Hoven and J. Weckert. Cambridge 2007, Cambridge University Press.

Friedwald, M., E. Vildjiounaite and D. Wright, SWAMI: The brave new world of ambient intelligence: a state-of-the-art review, January 2006. Download: http://swami.jrc.es/pages/documents/SWAMI_D1_Final_001.pdf.  

Geisler, D. M., "Modern Interpretation Theory and Competitive Forensics: Understanding Hermeneutic Text." The National Forensic Journal, 1985 III (Spring): 71-79.

Goody, J. and I. Watt, "The Consequences of Literacy." Comparative Studies in Society and History (5) 1963-3: 304-345.

Grimm, R., Puchta, S., Müller, M., Bizer, J., Möller, J., Will, A., Müller, A., Jazdzejewiski, S., Privacy4DRM, Ilmenau and Kiel, May 2005. Download: http://www.bmbf.de/pub/privacy4drm_studie.pdf

Hansen, M., ‘Marrying transparency tools with user-controlled identity management’, in: Proceedings of the IFIP & FIDIS Summer School, 6-10 August, 2007 in Karlstad, Sweden, IFIP International Federation for Information Processing, Springer, to appear in 2008. 

Hansen, M., Fischer-Hübner, S., Pettersson, J. S., Bergmann, M. (2007a), ‘Transparency Tools for User-Controlled Identity Management’, accepted for publication in the Proceedings of eChallenges, 2007. 

Hansen, M., et al. (2007b),  ‘Verkettung digitaler Identitäten’, Study commissioned by the Federal Ministry of Education and Research, Germany, 2007, in German, Executive Summary available in English, to appear.

Hansen, M., Krasemann, H., Krause, C., Rost, M., Genghini, R., Identity Management Systems: Identification and Comparison Study, Sevilla 2003. Download: http://www.datenschutzzentrum.de/projekte/idmanage/study.htm

Hildebrandt, M. , Straf(begrip) en procesbeginsel. Een onderzoek naar de betekenis van straf en strafbegrip en naar de waarde van het procesbeginsel. Deventer 2002, Kluwer/Sanders Instituut.

Hildebrandt, M., A Vision of Ambient Law. Regulating Technologies. R. Brownsword and K. Yeung, eds. Oxford 2008, Hart (forthcoming).

Hildebrandt, M. and S. Gutwirth (Eds), Profiling the European Citizen. Cross-disciplinary Perspectives. Dordrecht 2008, Springer (forthcoming).

ISTAG (Information Society Technology Advisory Group), Scenarios for ambient intelligence in 2010, February 2001, Seville 2001, available at: http://www.cordis.lu/ist/istag-reports.htm.

ISTAG (Information Society Technology Advisory Group), Ambient Intelligence: From vision to reality, 2003, available at: http://www.cordis.lu/ist/istag-reports.htm.

Jay, R. & A. Hamilton, Data protection – Law and Practice, London, Sweet & Maxwell, 2003

Jiang, X., Safeguard Privacy in Ubiquitous Computing with Decentralized Information Spaces: Bridging the Technical and the Social. Berkeley 2002, Computer Science Division University of California. 

Kamp, M., Weichert, T., Scoringsysteme zur Beurteilung der Kreditwürdigkeit – Chancen und Risiken für Verbraucher, Study commissioned by the Federal Ministry of Food, Agriculture and Consumer Protection, Germany, 2006, in German, Summary available in English. Download: http://www.bmelv.de/cln_045/nn_752314/SharedDocs/downloads/02-Verbraucherschutz/Finanzdienstleistungen/scoring.pdf 

Kranzberg, M., "Technology and History: ‘Kranzberg’s Laws’." Technology and Culture (27) 1986: 544-560.

Juels, A., Rivest, R., Szydlo, M., ‘The blocker tag: selective blocking of RFID tags for consumer privacy’, CCS’03, October 2003, Washington. 

Kolari, P., Ding, L., Ganjugunte, S., Kagal, L., Joshi, A., Finin, T., ‘Enhancing Web Privacy Protection through Declarative Policies’, in Proceedings of the IEEE Workshop on Policy for Distributed Systems and Networks (POLICY 2005), June 2005. Download: http://ebiquity.umbc.edu/_file_directory_/papers/156.pdf 

Koops, B.J., ‘Criteria for Normative Technology. An essay on the acceptability of ‘code as law’ in a democratic constitutional state’, TILT Law & Technology Working Paper Series 2007, No. 03/2007 (forthcoming)  

Kuner, Ch., European Data Protection Law, Oxford University Press, 2nd edition 2007

Langheinrich, M., Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems. Proc. 3rd. Int’l Conf. Ubquitous Computing, 2001, Springer: 273-291

Lessig, L., "Commentaries. The law of the horse: What cyberlaw might teach." Harvard Law Review (113) 1999: 501-546.

Lévy, P. "Sur les chemins du virtuel." from http://hypermedia.univ-paris8.fr/pierre/virtuel/virt0.htm. 

Meints, M., ‘Protokollierung bei Identitätsmanagementsystemen’, Datenschutz und Datensicherheit, 5/2006, pp. 304-307, Wiesbaden 2006. Download: http://www.fidis.net/fileadmin/fidis/publications/2006/DuD05_2006_304.pdf

Meints, M., Möller, J., Privacy Preserving Data Mining – a Process Centric View from a European Perspective, to be published 2007. 

Müller, Günter and Kai Rannenberg: Multilateral Security for Global Communication - Technology, Application, Business, 1999 Addison-Wesley-Longman.

Nissenbaum, H., "Privacy as Contextual Integrity." Washington Law Review (79) 2004: 101-140

Oliveira, S. R. M., Zaïane, O. R., Towards Standardization in Privacy-Preserving Data Mining, Edmonton 2004. Download: http://www.cs.ualberta.ca/%7Ezaiane/postscript/dm-ssp04.pdf

PRIME Project: White Paper V2, June 2007. Download: https://www.prime-project.eu/prime_products/whitepaper/ 

Reinhardt, A., "Bookreview of: Gutenberg in Shanghai: Chinese Print Capitalism, 1876-1937. By Christopher A. Reed. Vancouver: University of British Columbia Press, 2004." Technology and Culture (46) 2005-2: 411-413.

Ricoeur, Oneself as other. Chicago 1992, The University of Chicago Press.

Rieback, M., Crispo, B., Tanenbaum, A., ‘RFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management’, Proceedings of the 10th Australasian Conference on Information Security and Privacy. (ACISP 2005), Brisbane, Australia, July 2005. Download: http://www.cs.vu.nl/~melanie/rfid_guardian/papers/acisp.05.pdf 

Roussos, G., D. Peterson, et al., "Mobile Identity Management: An Enacted View." International Journal of Electronic Commerce (8) 2003-1: 81-100

Schoemaker, P. J. H., "Scenario Planning: A Tool for Strategic Thinking." Sloan Management Review (36) 1995-2: 25-41.

W. Schreurs, M. Hildebrandt, E. Kindt & M. Vanfleteren, ‘Chapter 13: Cogitas, ergo sum. The role of data protection law and non-discrimination law in group profiling in the private sector’, in M. Hildebrandt, S. Gutwirth (eds.) Profiling the European Citizen - Cross-disciplinary perspectives, Dordrecht 2008 Springer (forthcoming).

Scott, J. C., Seeing Like a State. How Certain Schemes to Improve the Human Condition Have Failed. New Haven and London 1998, Yale University Press. 

Torpey, J., The Invention of the Passport. Surveillance, Citizenship and the State. Cambridge 2000, Cambridge University Press. 

Von Mohl, R., Die Polizei-Wissenschaft nach den Grundsätzen des Rechtsstaates. Tübingen: Laupp 1866.

Wesel, U., Frühformen des Rechts in vorstaatlichen Gesellschaften. Umrisse einer Frühgeschichte des Rechts bei Sammlern und Jägern und akephalen Ackerbauern und Hirten. Frankfurt am Main, Suhrkamp 1985.

Wong, R., Data Protection Online: Alternative Approached to Sensitive Data?, Journal of International Commercial Law and Technology, Vol. 2, No. 1, 2007.

Wright, D., SWAMI project, Final Report, August 2006. Download http://swami.jrc.es/pages/documents/SWAMID4-final.pdf.