Understanding the Concepts and Implications of Privacy in the Global South

A. The objective of the workshop was to find how the issue of privacy is perceived in the global south.

During the discussion, it had become apparent that the perceptions regarding the privacy that are prevalent in the west which do not apply to India and other countries in the global south. There were differences in the perceptions of what mobile phone meant to individuals. In India, mobile phones are shared frequently among family members and close friends. One participant said that “as we share food with each then we can share mobile phone as well.” In the sociopatel scenarios, the perceptions of the risk lower. It should be obvious that the risk of harm due to privacy breach should increase when it reaches in a stranger's hand. That means the risk of sharing the data with closeness particularly who are bound by social norms is low. However, the problem happens when the change of relationship is too long. In other words, the data reaching to friend's brother's friend poses risk. The implication of the technology of such a scenario is profound. The perception of risk is low and therefore an individual might not be aware of the risk.

B. The other thing which is critical in the global south is the usability of the security mechanisms. Data cannot be kept private without adequate security features.

However, if these features are not usable, individuals tend to bypass them. It is bypassing security features which is not common even with people well versed with technology. One participant who was a designer in reputed IT company said that “Even I have same passwords for most of my login credentials.” The way systems are designed requires that many passwords need to be remembered which increases the cognitive load to many folds. For somebody who is less educated and less exposure to digital technologies, the barriers against usability become severely critical. For example, a person who does not know English would find it difficult to form a novel and unique passwords, let alone remember them. In that case, if the criticality of the task - talking to someone or watching a video, the security protocols will be bypassed. So this is a critical aspect where designers can help with privacy.

C. In addition, the cogs and wheels of digital technologies are opaque to its users therefore, how the data is captured and transmitted is difficult to fathom. That means appropriate mental models play an important role in the case of privacy.

Take the example of digital payment, someone who has been accustomed to transact in the form of paper currency would not be able to discern that money transferred online involves encryption and decryption. The right mental model here is of someone making a duplicate key to the lock of your vault which is likely to be absent because in a physical bank, the security of the vault is prerogative of the bank. While in the online banking, transacting the responsibility has to be shared with the user.

D. Informed consent is also a tricky affair. In a scenario, where people are not exposed to the highest legal language it is unlikely that people will read the privacy policies. Most often it is considered to be in comprehensive.

One may say that this problem could be solved by simplifying the notice or translating it into Indian languages. However, these types of solutions are not going to work. The reason being many of the users do not have the conceptual understanding related to issue related to privacy. For example, take the word ‘ACCESS’, this word has come from the early days of computer networks and it is closely related to file permission. While the word ‘ACCESS’ or its Hindi equivalent like ‘Aana Jaana’, signifies an ability for a person to reach somewhere. However, that may sound absurd to a person who is not initiated to the computers. For example, it is ambiguous to say “card ke through khate mai ghus ne ko milta hai” rather in his world view he may understand that in the following terms “card dal ne par paise milte hai”. Instead of seeing the debit card as a lock and key to open the gates, he may look it the card the depository of money itself. And then how do we fit the notion of privacy in this, when are the mental models flawed.

Privacy plays an important role in technology, policy and everyday life. Yet it is hard to define privacy or agree upon its boundaries. Each domain of life comes with its own expectations and conceptualization of what privacy is and how it should be regulated, maintained or limited. Privacy is an idea which is hard to agree upon. It’s an ongoing debate that will have provisional solutions. Meanwhile it is important to understand what privacy means and how it is valued in India, Bangladesh, Sri-Lanka, Pakistan, Nepal and other developing Asian and African countries. We intend to bring together perspectives on privacy from different regional contexts to understand privacy contextually.

Everyday decision making about where we go, what we eat, where we shop and who we meet all entail a negotiation of privacy. Whether we are shopping online, using bank cards, filling forms, applying for a job, using a social network account, participating in a survey or being annoyed by direct marketing — anything that requires or uses personal information potentially invades the territory of our privacy. In today’s world of digital technologies, information has become valuable. Personal information and data have acquired economic value in ways we do not fully comprehend. Yet, our online activities result in data-sharing that may be prone to identity theft and fraud easier than ever, and that is why we can never be too vigilant and cautious. Again, the people do not aware about how the privacy policies are applied maintained and privacy laws or acts implied on them regarding social privacy and online privacy context. Social and cyber security strategies are not in the knowledge of people in global south. We are trying to focus to come up with some design interventions which will help people to understand the overall picture of the privacy and security.

We intend to explore:

• How do we think about privacy and what are the ways in which we enact it?

• How people of the global south perceive privacy?

• What is privacy’s relationship to data security?

• What are the alternatives to constantly sharing information in order to make life more convenient? E.g. online banking, shopping etc.

• What are the different understandings of privacy from a legal, social, scientific, technological, design and layman perspective?

• How privacy policies work, and what are the implications?

Keeping the conceptual malleability of privacy in mind, this workshop brings together, scholars, academic researchers, research students, industry professionals and legal and civil society practitioners for a multi-disciplinary dialogue on privacy in South Asia. This workshop helps to bring sociologist, technologist and policy makers in a same table.

The dialogue on privacy aims to generate insights about the unique challenges, opportunities and collaborations in the work ahead on privacy regarding global south context. It looks outwards to global and comparative national contexts in the west where the privacy discourse is instructive from a legal and technological standpoint. As well the workshop considers the specific ways in which privacy will stand at the crossroads among society, law and technology. In terms of output, the workshop holds to expand the conceptual vocabulary of privacy and enrich ‘discipline specific’ intervention. The main goal of this one-day workshop is to highlight individual privacy and everyday privacy concerns (e.g., age, culture, personal preference, data breach, privacy breach) that influence users’ experiences and privacy related outcomes and to formulate best practices to account for these differences within privacy research, system design, and the policies that regulate online privacy practices.

Participating Workshop: We require a write up up to 500 words (which will discuss his/her current research in Privacy) in any Format including participants interest and purposes of joining the workshop. A short CV will be attached with the position paper.

Selection Procedure: Based on the position paper and details/interest of the other participants we will select the attendees. Thus, authors of the accepted submissions will be invited to attend the workshop.

New Agenda:

• 10:45 am- 11 am Settle down

• 11 am - 12 pm - Welcome/Introduction- Lightning talk presentations of position papers

• 12 pm - 1 pm - Keynote Speaker- Nithya Sambasivan (tentative)

• 1 pm - 1:30 pm- Lunch

• 1:30 pm - 2:30 pm- Large-group Discussion: Discuss the global perception of privacy and different understandings of privacy from a legal, social, scientific, technological, design and layman perspective.

• 2:30 - 3:30 pm - Break-out Activity: Individuals will form small groups based on different types of technologies. Each group will conduct a design activity in which they will be asked to document their design methods, procedures, major considerations, and outcomes.

• 3:30 pm - 4:30 pm- Report/Synthesize: Present results to larger groups, with time for full group discussion.

Next Steps:Draft a road-map on how to facilitate collaborations among researchers and practitioners from different communities.

• 5 pm- Opening ceremony of India HCI 2019

IMPORTANT DATES

• Submission Deadline: 24 October, 2019

• Notification of acceptance: 26 October, 2019

• Registration Open 18 October, 2019

• Registration deadline 1st November, 2019

• Workshop 1st November, 2019