This essay defends the following propositions. (1) It is pointless to object to choice architecture or nudging as such. Choice architecture cannot be avoided. Nature itself nudges; so does the weather; so do spontaneous orders and invisible hands. The private sector inevitably nudges, as does the government. It is reasonable to object to particular nudges, but not to nudging in general. (2) In this context, ethical abstractions (for example, about autonomy, dignity, and manipulation) can create serious confusion. To make progress, those abstractions must be brought into contact with concrete practices. Nudging and choice architecture take diverse forms, and the force of an ethical objection depends on the specific form. (3) If welfare is our guide, much nudging is actually required on ethical grounds. (4) If autonomy is our guide, much nudging is also required on ethical grounds. (5) Choice architecture should not, and need not, compromise either dignity or self-government, though imaginable forms could do both. (6) Some nudges are objectionable because the choice architect has illicit ends. When the ends are legitimate, and when nudges are fully transparent and subject to public scrutiny, a convincing ethical objection is less likely to be available. (7) There is, however, room for ethical objections in the case of well-motivated but manipulative interventions, certainly if people have not consented to them; such nudges can undermine autonomy and dignity. It follows that both the concept and the practice of manipulation deserve careful attention. The concept of manipulation has a core and a periphery; some interventions fit within the core, others within the periphery, and others outside of both.
06 December 2014
Cass Sunstein in 'The Ethics of Nudging' comments -
'The New Cognitive Property: Human Capital Law and the Reach of Intellectual Property' by Orly Lobel in (2015) Texas Law Review (Forthcoming) comments -
Contemporary law has become grounded in the conviction that not only the outputs of innovation – artistic expressions, scientific methods, and technological advances – but also the inputs of innovation – skills, experience, know-how, professional relationships, creativity and entrepreneurial energies – are subject to control and propertization. In other words, we now face a reality of not only the expansion of intellectual property but also cognitive property. The new cognitive property has emerged under the radar, commodifying intellectual intangibles which have traditionally been kept outside of the scope of intellectual property law. Regulatory and contractual controls on human capital – post-employment restrictions including non-competition contracts, non-solicitation, non-poaching, and anti-dealing agreements; collusive do-not-hire talent cartels; pre-invention assignment agreements of patents, copyright, as well as non-patentable and non-copyrightable ideas; and non-disclosure agreements, expansion of trade secret laws, and economic espionage prosecution against former insiders – are among the fastest growing frontiers of market battles. This article introduces the growing field of human capital law, at the intersections of IP, contract and employment law, and antitrust law, and cautions against the devastating effects of the growing enclosure of cognitive capacities in contemporary markets.
03 December 2014
'Data Protection and the Right to Reputation: Filling the 'Gaps' after the Defamation Act 2013' by David Erdos in (2014) 73(3) Cambridge Law Journal 536-569 argues
The Court stated
Defamation law has historically occupied a position of overwhelming dominance in the vindication of the traditional right to reputation. Nevertheless, liberalisation of this legal framework including through the Defamation Act 2013 has led to a concern that, when analysed from a fundamental rights perspective, “gaps” in the protection provided for natural persons may have emerged. In this new context, there has been a renewed focus on whether data protection may fill the potential lacunae. Data protection law contains a number of important limitations and exceptions and its jurisprudence has been both limited and sometimes confused. Nevertheless, this article argues that its broad purpose and complex structure ensure it will play a significantly augmented role in the future, especially in actions against website operators facilitating the dissemination of information posted by a third party, the publication of opinion, or where either injunctive relief or the correction of inaccurate information is sought (in particular in cases of continuing online disclosure).In Pedavoli v Fairfax Media Publications Pty Ltd  NSWSC 1674 the Supreme Court of New South Wales has awarded $350,000 to a high school teacher wrongly identified by a newspaper as the teacher involved in the allegations of unlawful sexual misconduct with a number of boys in St Aloysius College.
The Court stated
The defamation greatly damaged Ms Pedavoli's impeccable reputation and caused her immense hurt. She is entitled to a large award of damages and to have the court declare to all the world the falsity of that which has been imputed to her by the newspaper.The NSWSC rejected the newspaper's defence of offering to make amends for its mistake, because the newspaper failed to include in its apology the versions of the article posted in social media and in a syndicated news group. The Court stated
The only defence relied upon by the defendants is the statutory defence created by s 18 of the Defamation Act 2005 of failure to accept an offer to make amends.
The defence under s 18 is relatively new and has received little judicial consideration. Its operation must be considered in the context of the objects stated in s 3 of the Defamation Act, which are:
"(a) to enact provisions to promote uniform laws of defamation in Australia, and
(b) to ensure that the law of defamation does not place unreasonable limits on freedom of expression and, in particular, on the publication and discussion of matters of public interest and importance, and
(c) to provide effective and fair remedies for persons whose reputations are harmed by the publication of defamatory matter, and
(d) to promote speedy and non-litigious methods of resolving disputes about the publication of defamatory matter."
The defence under s 18 serves those objects (particularly the object of promoting speedy and non-litigious methods of resolving disputes) by creating a powerful incentive for defendants to make amends rather than to fight the cause. The making of a reasonable offer has the potential, one way or the other, to stymy the litigious path to vindication of reputation. If the offer is accepted, the plaintiff cannot pursue proceedings in court: s 17. If the offer is rejected then, provided the requirements of s 18 are satisfied, there is a complete defence, notwithstanding the establishment of an otherwise actionable defamation. Whereas a defendant can apologise, in aid of the defence, with impunity (see s 13(4) and s 20 of the Act), a plaintiff who fails to accept a reasonable offer to make amends risks everything.
In the face of that draconian sanction for failure to accept an offer, it is unsurprising that the Act is quite prescriptive as to its content. Section 15 of the Act provides:
"15 Content of offer to make amends
(1) An offer to make amends:
(a) must be in writing, and
(b) must be readily identifiable as an offer to make amends under this Division, and
(c) if the offer is limited to any particular defamatory imputations-must state that the offer is so limited and particularise the imputations to which the offer is limited, and
(d) must include an offer to publish, or join in publishing, a reasonable correction of the matter in question or, if the offer is limited to any particular defamatory imputations, the imputations to which the offer is limited, and
(e) if material containing the matter has been given to someone else by the publisher or with the publisher's knowledge-must include an offer to take, or join in taking, reasonable steps to tell the other person that the matter is or may be defamatory of the aggrieved person, and
(f) must include an offer to pay the expenses reasonably incurred by the aggrieved person before the offer was made and the expenses reasonably incurred by the aggrieved person in considering the offer, and
(g) may include any other kind of offer, or particulars of any other action taken by the publisher, to redress the harm sustained by the aggrieved person because of the matter in question, including (but not limited to): (i) an offer to publish, or join in publishing, an apology in relation to the matter in question or, if the offer is limited to any particular defamatory imputations, the imputations to which the offer is limited, or (ii) an offer to pay compensation for any economic or non-economic loss of the aggrieved person, or (iii) the particulars of any correction or apology made, or action taken, before the date of the offer.
(2) Without limiting subsection (1)(g)(ii), an offer to pay compensation may comprise or include any one or more of the following:
(a) an offer to pay a stated amount,
(b) an offer to pay an amount to be agreed between the publisher and the aggrieved person,
(c) an offer to pay an amount determined by an arbitrator appointed, or agreed on, by the publisher and the aggrieved person,
The Court went on to conclude -(d) an offer to pay an amount determined by a court."
In accordance with s 18(1) of the Act, the elements of the defence of failure to accept an offer of amends are:
(a) that the publisher made the offer as soon as practicable after becoming aware that the matter was defamatory, and
(b) that, at any time before the trial the publisher was ready and willing, on acceptance of the offer by the plaintiff, to carry out the terms of the offer, and
(c) that in all the circumstances the offer was reasonable.
The third element presents a challenge for the philosophy of space and time. On its face, s 18(1) appears to require proof that the offer was reasonable in all the circumstances as they existed at the time when the offer was made. However, subs (2) provides a list of considerations (some mandatory, some permissible) for determining whether the offer "is" reasonable. The temporal glitch within the section is apparently not accidental. One of the mandatory considerations is "any correction or apology published before any trial". In terms, that provision would require the court, in determining the reasonableness of an offer, to have regard to a correction or apology published after the plea of failure to accept a reasonable offer had been put on. The section thus entails an element of paradox, requiring the court to make a determination as to circumstances at a fixed point in time with mandatory reference to later events.
It was suggested in the plaintiff's written submissions that the offer was not made as soon as practicable in the present case. However, the evidence established that, during part of the relevant period, the defendants were awaiting a response from the plaintiff's solicitor to correspondence in respect of the offer. Whilst I accept that a defendant must act promptly in making an offer of amends, I do not think the period that passed between publication of the matters complained of and the making of the offer detracted from its reasonableness in the present case.
Ms Pedavoli does not dispute that the defendants were ready and willing, upon acceptance of the offer, to carry out its terms.
Whether the offer was reasonable
The real contest is as to whether, in all the circumstances, the offer was reasonable.
Mr Blackburn addressed that issue by asking, rhetorically, how is the defendants' offer unreasonable?
At the risk of boxing at semantic shadows, I think it is preferable to address the question in the terms posed by the statute, which requires the defendants to prove that in all the circumstances the offer was reasonable.
As already noted, s 18(2) guides the determination of that issue. It is appropriate to set out the full text of the subsection:
"(2) In determining whether an offer to make amends is reasonable, a court:
(a) must have regard to any correction or apology published before any trial arising out of the matter in question, including the extent to which the correction or apology is brought to the attention of the audience of the matter in question taking into account: (i) the prominence given to the correction or apology as published in comparison to the prominence given to the matter in question as published, and (ii) the period that elapses between publication of the matter in question and publication of the correction or apology, and
(b) may have regard to: (i) whether the aggrieved person refused to accept an offer that was limited to any particular defamatory imputations because the aggrieved person did not agree with the publisher about the imputations that the matter in question carried, and (ii) any other matter that the court considers relevant."
The starting point is to consider that for which amends are to be made. The reasonableness of an offer will be critically informed by its capacity to address the hurt and harm done by the publication in question, both as to its seriousness and its extent. The extent to which the defendants' apology was brought to the attention of the audience of the matter complained of is a mandatory consideration which must take into account the prominence given to the apology as published in comparison to the prominence given to the matter complained of: s 18(2)(a)(i).
The reach and prominence of the apology
An important consideration in assessing that issue in the present case is that the matter complained of did not name Ms Pedavoli. Rather, it identified her by the inclusion of a wrong description of the teacher concerned. It follows that her reputation was harmed only among those who read the matter complained of and understood it to refer to her. That undoubtedly complicated the task of making amends. On the one hand, a reasonable correction only had to be brought to the attention of a smaller audience than the whole audience to whom the matter complained of was published. However, in order to be reasonable, the correction had to be calculated in some way to attract the attention of that smaller audience.
Newspaper editors understand as well as anyone the capacity of a headline to draw the attention of the reader. Each of the matters complained of was published under a headline likely to attract the attention of a large number of readers, including many who knew Ms Pedavoli ("female teacher quits top Catholic school after claim of sex with boys"; "Sex with students claims: female teacher quits top Catholic boys school"). The correction was less gripping. It was published under the headline "apology". The headline contained no words to indicate the subject matter of the apology, such as "apology to female teacher at Catholic school" or "correction of article on sex with boys".
Further, the prominence given to the apology was unequal to the prominence given to the matter complained of. It was, in my view, highly unlikely to draw the attention of anything like the audience of the matter complained of. The first matter complained of (as it appeared in the print newspaper) stretched over pages 2 and 3 of the Sydney Morning Herald, on a Friday. In addition to the compelling headline, it was visually stark, appearing under a large photograph (illustrating a different story).
The estimated readership for the newspaper that day was 769,000. For obvious reasons, it is not possible for the defendants to estimate the portion of the readership that read the matter complained of, but the overwhelming likelihood is that many readers opened the newspaper to read page 2.
The online version of the article was first uploaded onto the Sydney Morning Herald website at approximately 8.57 pm on 30 January 2014. It remained online in its defamatory form until it was amended at approximately 8.42am the following morning in response to Ms Pedavoli's approach to her friend who knew an editor. The defendants do not hold information which enables them to distinguish between the estimated viewing or downloading of the article prior to its amendment. In their answers to interrogatories, the defendants provided an estimated number of unique page views of the article, both in its initial form and as subsequently amended (from 31 January 2014 until it was taken down altogether on 13 February 2014). Based on those estimates, the article was downloaded 18,693 times in New South Wales alone before the incorrect information was removed.
Of course, only a subgroup of each audience (print and online) would have identified Ms Pedavoli but, as already explained, the apology was not well aimed to reach those subgroups.
As published, the apology was barely noticeable. On the website, it was available for download via a link at the very bottom of the homepage headed "apology". In the case of the online apology, the absence of any headline such as to invite the attention of readers who had read the matter complained of is all the more significant. The difference between the interest likely to have been generated by the headlines of the matters complained of and the unobtrusive "apology" could scarcely be more stark. In my view, it did not have sufficient prominence to bring it to the likely attention of roughly the same audience, or even a small percentage of the audience who read the matters complained of and understood them to refer to Ms Pedavoli.
Further, there is no evidence that the apology was published to all of the audience of the matter complained of. Even if the apology published in the printed newspaper and online was of sufficient prominence to reach roughly the same audience as the matter complained of in those two forms of publication (which I do not accept), there was no evidence that it was published to the recipients of the tablet app. Mr Blackburn submitted that it was enough that it was published online. He went so far as to suggest (at T209.41) that the onus was on the plaintiff to prove "that what was published in the iPad was different to what the reader would have seen when one went on the computer". He submitted that the fact that the apology was published online was "the end of that issue". I do not accept that submission. There were 9,129 unique page views of the first matter complained of using the tablet app. There is no evidence whatsoever to establish any prospect of the apology having reached that audience. This is an issue on which the defendants bear the onus of proof.
On my analysis of the issue raised by s 15(1)(e), the defendants did not have to offer to publish the apology to the Twitter followers or in The Age. I would nonetheless regard it to be a relevant and significant consideration, in determining whether the offer was reasonable, to determine whether any steps were taken to tell those persons that the matter complained of was defamatory of Ms Pedavoli. Further, for the purposes of s 18(2)(a) (the mandatory requirement to consider any correction or apology published before any trial), it is relevant to determine whether any apology or correction was in fact published to those persons (accepting that there was no express statutory requirement to offer to do so).
No correction was tweeted to the Twitter followers and no step was taken to tell them that the matter complained of was defamatory of Ms Pedavoli. Whatever the correct analysis of the requirements of s 15(1), I consider the fact that there was no relevant tweet whatsoever to be a significant additional reason for reaching the conclusion that the offer was not reasonable.
As to The Age, the position is complicated by a measure of confusion in the evidence. Mr Blackburn submitted that there is no evidence that the matter complained of was downloaded by any person via The Age website. There was evidence of a search conducted by the solicitor for the plaintiff suggesting that a link to the defamatory version of the article was available on The Age website as at 9.52pm on 30 January 2014 (affidavit of Andrea Rejante sworn 3 October 2014, exhibits W and X). Notwithstanding Mr Blackburn's protestations to the contrary, I am satisfied as to the reliability of that evidence. However, unless I have missed something, I think it is correct to say that there was no direct evidence that the article was in fact downloaded via that link or from The Age website by any reader. A conclusion as to publication (downloading) from The Age could only arise as a matter of inference.
The confusion arises from a document tendered by Mr Blackburn, produced on subpoena by The Age (exhibit 2). The document appears to be a screenshot of the non-defamatory version of the article (that is, the version that remained after the incorrect information had been removed) together with the apology, all on the same page. As I understood the purpose of the tender, it was to prove that the apology was published, even though it was denied that the article was published.
With no witness to explain the precise implications of the document, it is difficult to draw any firm conclusion on that issue. It seems likely that the apology was made available for downloading on The Age website in some form at some time, but there was no evidence as to how one would find it or whether anyone did.
In the result, there is no evidence on the strength of which I could be comfortably satisfied as to either the likely audience of the article or the likely audience of the apology on The Age website. I would observe that the complexity surrounding this issue highlights the need for a plaintiff to be told at an early point the identity of all other persons to whom the matter complained of has been given, which is the clear object of s 15(1)(e).
In any event, even leaving aside the position of Twitter and The Age, in my view the measures taken by the defendants were unlikely to bring the apology to the attention of anything near the audience of the matter complained of (by which I mean those to whom the matter was published who understood it to refer to Ms Pedavoli). That is a factor which strongly militates against a finding that the offer was or is reasonable.
For completeness, I should record a submission put by the plaintiff that the offer was not reasonable because it was subjectively insincere and intended not to correct the damage done but to avoid liability. I do not think a basis has been established for drawing that inference.
Other components of the offer
It is of course necessary to consider all of the elements of the offer taken together. The offer included reliance upon the steps that had already been taken at the request of Ms Pedavoli to correct the online version of the article. I accept that that was a prompt and significant step towards making amends.
Offer to pay damages
The offer also included an offer to pay damages in the sum of $50,000. Having regard to the seriousness of the defamatory imputations conveyed by the article, I consider that a monetary payment was essential to achieve a reasonable offer in the present case, even if the apology had been of equal prominence to the matter complained of and carefully targeted to reach roughly the same audience (which I am not persuaded it was). There may be cases in which the publication of a reasonable correction combined with a contrite apology (entailing acceptance of responsibility for the defamation) might obviate the occasion for payment of damages as well, but this is not such a case. The defendants' submissions implicitly acknowledged that, in order to repair the hurt suffered by Ms Pedavoli, some monetary payment was required.
Mr Blackburn submitted that the adequacy of any monetary offer as part of an offer of amends should not be judged by reference to the range of damages the plaintiff would have received at trial. If what was meant was that a reasonable offer does not have to include an offer to pay an amount within the range of a full assessment of damages as if after a trial, that is undoubtedly correct. Apart from anything else, that would overlook the reparation achieved by the mandatory components of the offer, particularly the requirement to publish a reasonable correction. The reasonableness of any monetary offer is necessarily informed by the reasonableness of the correction, including the extent of its reach. To adopt any different approach would subvert the object of the Act of encouraging the non-litigious resolution of defamation disputes. But the seriousness of the defamation undoubtedly remains a relevant factor in assessing the reasonableness of the monetary component of an offer.
I also accept, as submitted by Mr Blackburn, that the Court must be mindful of the fact that the grounds of aggravation now relied upon by the plaintiff were not known to her at the time the offer was made (and hence had not aggravated her damage). However, even at the time the offer was made, the defendants ought to have appreciated that the defamation was such as to cause extreme hurt and distress to Ms Pedavoli.
The seriousness of the defamation could scarcely be any worse. But for the fact that the plaintiff was not named in the article and the prompt correction of the online edition, this defamation would clearly have fallen within the worst class of case. Accepting that the assessment as to the adequacy of the sum offered must be informed by the other components of the offer and the fact that acceptance of it would have made amends and obviated the need for a trial, I do not think the sum offered was enough to bring the whole of the offer, with all its components, up to the mark of being one which could be characterised as reasonable in all the circumstances. That conclusion is based upon both my assessment as to the inadequacy of the correction and apology and my assessment of the seriousness of the imputations (with the extreme hurt they would inevitably have caused).
For those reasons, I am not satisfied that the defence of failure to accept an offer of amends is established.
The Australian Human Rights Commission has released a report titled KA, KB, KC and KD v Commonwealth of Australia: report into arbitrary detention, inhumane conditions of detention and the right of people with disabilities to live in the community with choices equal to others [PDF]. The report argues that the Commonwealth has failed to work with the Northern Territory to provide accommodation and other support services, other than accommodation in a maximum security prison, for people with intellectual disabilities who are unfit to plead to criminal charges.
The Commission comments that
The Commission comments that
Four Aboriginal men with intellectual and cognitive disabilities were held for years in a maximum security prison in the Northern Territory despite being found unfit to stand trial or not guilty by reason of insanity. If two of these men had been found guilty they would have received a sentence of 12 months. Instead, they were imprisoned for four and a half years and six years respectively. The Australian Human Rights Commission conducted an inquiry into whether this involved any breach of human rights by Commonwealth.
The Commission found that there was a failure by the Commonwealth to work with the Northern Territory to provide accommodation and other support services, other than accommodation in a maximum security prison, for people with intellectual disabilities who are unfit to plead to criminal charges.
There was an obligation at international law on the Commonwealth to act. This obligation was consistent with domestic obligations undertaken by the Commonwealth to the Northern Territory. The need for action was well known and had been well known for many years. Specific administrative measures to take this action were provided for by legislation.
The failure to act was inconsistent with or contrary to the complainants’ rights under articles 9(1) and 10(1) of the International Covenant on Civil and Political Rights and articles 14(1), 19, 25, 26(1) and 28(1) of the Convention on the Rights of Persons with Disabilities. In particular, it was contrary to their right not to be arbitrarily detained, and their right as people with disabilities to live in the community with choices equal to others.
In the case of Mr KA and Mr KD, the failure to act was also inconsistent with article 7 of the ICCPR and article 15 of the CRPD which prohibit inhuman or degrading treatment. Mr KA was subject to regular restraint including being strapped to a chair and the use of shackles when outside his cell, seclusion and use of tranquilizers. Mr KD was subject to regular seclusion and use of tranquilizers. The prison environment in which they continue to be detained is inappropriate for people with their disabilities.The consequent recommendations are that -
The Commonwealth provide a copy of the Commission’s findings to the Northern Territory and seek assurances from the Northern Territory that it will take immediate steps to identify alternative accommodation arrangements for each of the complainants so that Mr KA and Mr KD are no longer detained in a prison and Mr KB and Mr KC are progressively moved out of held detention. These arrangements should be the least restrictive arrangements appropriate to each individual and should include a plan to progressively move each of them into the community along with necessary support services.
The Commonwealth cooperate with the Northern Territory to establish an appropriate range of facilities in the Northern Territory so that people with cognitive impairment who are subject to a custodial supervision order can be accommodated in places other than prisons. This range of facilities should include secure care facilities and supported community supervision. The number of places available in these facilities should be sufficient to cater for the number of people who are anticipated to make use of them.
The Commonwealth cooperate with the Northern Territory to ensure that people with cognitive impairment who have not been convicted of an offence are detained as a measure of last resort, for the shortest appropriate period of time, and in the least restrictive appropriate environment.
The Commonwealth cooperate with the Northern Territory to ensure that when a person with a cognitive impairment is detained under a custodial supervision order, a plan is put in place to move that person into progressively less restrictive environments and eventually out of detention.
The Commonwealth cooperate with the Northern Territory to develop model service system standards for the detention of people with a cognitive impairment.
The Commonwealth cooperate with the Northern Territory to ensure that when a person with a cognitive impairment is detained he or she is provided with appropriate advice and support, including the appointment of a guardian or advocate.The Commission notes that
The Commonwealth did not directly respond to these recommendations, on the basis that it considered that the Commission did not have jurisdiction to inquire into the complaints. As this decision can be reviewed under the Administrative Decisions (Judicial Review) Act 1977 (Cth), this is the only statement the Commission will be making on this matter.
Recommendation 7.1 in the Productivity Commission Access To Justice report noted here is that -
The Law, Crime and Community Safety Council, in consultation with universities and the professions, should conduct a systemic review of the current status of the three stages of legal education (university, practical legal training and continuing professional development).
The review should commence in 2015 and consider the:
- appropriate role of, and overall balance between, each of the three stages of legal education and training
- ongoing need for each of the core areas of knowledge in law degrees, as currently specified in the 11 Academic Requirements for Admission, and their relevance to legal practice
- best way to incorporate the full range of legal dispute resolution options, including non adversarial and non court options, and the ability to match the most appropriate resolution option to the dispute type and characteristics into one (or more) of the stages of legal education
- relative merits of increased clinical legal education at the university or practical training stages of education
- regulatory oversight for each stage, including the nature of tasks that could appropriately be conducted by individuals who have completed each stage of education, and any potential to consolidate roles in regulating admission, practising certificates and continuing professional development.
Consideration should be given to the Western Australian and Victorian models in this regard. The Law, Crime and Community Safety Council should consider the recommendations of the review in time to enable implementation of outcomes by the commencement of the 2017 academic year.The recommendation reflects the Commission's conclusion that -
An efficient and responsive legal profession improves access to justice.
There are several elements that affect the quality of, and competition in, legal services markets — the education and training of lawyers, their entry into the profession, and the regulation of the profession itself.
The education and training of law students influences the future legal profession. – Despite concerns about a potential oversupply of graduates, there is no policy rationale in the legal market — beyond ensuring baseline quality standards — for restricting numbers. – While there are examples of leading practices in various institutions, a systemic review of the legal education system is overdue. More emphasis should be placed on skills, rather than accumulating knowledge. The systemic review should examine:
- the need for each of the current 11 Academic Requirements
- including alternative dispute resolution as a required area of study
- practical training, including pro bono placements, interpersonal skills and business management courses
- the necessity, role and conduct of separate admission and practising certificate requirements.
More radical changes in legal education would only be effective if coupled with reforms to the profession. – Building on existing examples, ‘limited licences’ should be implemented to allow appropriately qualified professionals to perform select tasks in particular areas that are currently the exclusive domain of lawyers.
Specific advertising restrictions appear unnecessary given broader economywide regulation and general legal professional standards of conduct.
While restrictions on professional indemnity insurance can be justified on consumer protection grounds, they should be subject to periodic independent review to ensure they remain a targeted and proportionate response to the problem.
Implementation of the National Legal Profession Reform, which was initiated in 2009, has been stymied by jurisdictional differences. – Progress made by Victoria and New South Wales provides other jurisdictions with a ‘preview’ of the benefits of reforms. Further gains depend on evaluation of these reforms.
The Productivity Commission has released its two volume report on Access To Justice.
The first volume deals with the accessibility of the justice system, use of alternative forms of dispute resolution, regulation of the legal profession and the structure and operations of ombudsmen, tribunals and courts. The second volume discusses private funding of litigation and the provision of legal aid (generally and specifically to Aboriginal and Torres Strait Islander people).
Key points are
The first volume deals with the accessibility of the justice system, use of alternative forms of dispute resolution, regulation of the legal profession and the structure and operations of ombudsmen, tribunals and courts. The second volume discusses private funding of litigation and the provision of legal aid (generally and specifically to Aboriginal and Torres Strait Islander people).
Key points are
- There are widespread concerns that Australia’s civil justice system is too slow, too expensive and too adversarial. But the notion of a civil justice ‘system’ is misleading. Parties can resolve their disputes in many ways, including through courts, tribunals and ombudsmen. Each differs in its formality, cost and timeliness. Such a complex system resists both a single diagnosis and remedy.
- While much focus is on the courts, the central pillar of the justice system, much is done in their shadow, with parties resolving their disputes privately. Community legal education, legal information (including self-help kits) and minor advice help ensure that parties are better equipped to do so. Better coordination and greater quality control in the development and delivery of these services would improve their value and reach.
- Where disputes become intractable, parties often have recourse to a range of low cost and informal dispute resolution mechanisms. But many people are unnecessarily deterred by fears about costs and/or have difficulty in identifying whether and where to seek assistance. A well-recognised entry point or gateway for legal assistance and referral would make it easier to navigate the legal system.
- Most parties require professional legal assistance in more complex matters. But the interests of lawyers and their clients do not always align. Reforms to professional regulation are required to ensure clients are better informed and have more options for selecting the tasks they want assistance with, and how they will be billed. Clients should also have independent and effective options for redress when professional standards fall short.
- Some disputes, by their nature, are more appropriately handled through the courts. While these disputes may be small in number, many individuals are poorly placed to meet the associated costs. Court processes in all jurisdictions have undergone reforms to reduce the cost and length of litigation. But progress has been uneven and more needs to be done to avoid unnecessary expense.
- The ways in which parties interact with each other and with courts and tribunals also needs to change. The adversarial behaviour of parties and their lawyers can hinder the resolution of disputes or even exacerbate them. Changes to rules governing the conduct of parties and lawyers, and the way in which costs are awarded, would improve incentives to cooperate.
- Court fees vary widely across courts and jurisdictions and are not set with reference to a common framework. A more systematic approach is required for determining fees. Parties can derive significant private benefits from using the court system; these benefits need to be reflected in court charges, which in many cases should be increased.
- Disadvantaged Australians are more susceptible to, and less equipped to deal with, legal disputes. Governments have a role in assisting these individuals. Numerous studies show that efficient government funded legal assistance services generate net benefits to the community.
- The nature and predictability of funding arrangements constrain the capacity of legal assistance providers to direct assistance to the areas of greatest benefit. This needs to change and, in some cases, funding should be redirected.
- While there is some scope to improve the practices of legal assistance providers, this alone will not address the gap in services. More resources are required to better meet the legal needs of disadvantaged Australians.
1. an assessment of the real costs of legal representation and trends over time
2. an assessment of the level of demand for legal services, including analysis of: (a) the number of persons who cannot afford to secure legal services but who do not qualify for legal assistance services, and (b) the number of pro bono hours provided by legal professionals
3. the factors that contribute to the cost of legal representation in Australia, including analysis of: (a) the supply of law graduates and barriers to entering the legal services market (b) information asymmetry (c) other issues of market failure (d) the structure of the legal profession in State and Territory jurisdictions (e) legal professional rules and practices (f) court practices and procedures (g) models of billing practices (h) the application of taxation laws to legal services expenditure, and (i) other features of the legal services market which drive costs
4. whether the costs charged for accessing justice services and for legal representation are generally proportionate to the issues in dispute
5. the impact of the costs of accessing justice services, and securing legal representation, on the effectiveness of these services, including analysis of: (a) the ability of disadvantaged parties, including persons for whom English is a second language, to effectively self-represent, and (b) the extent to which considerable resource disparity impacts on the effectiveness of the adversarial system and court processes
6. the economic and social impact of the costs of accessing justice services, and securing legal representation
7. the impact of the structures and processes of legal institutions on the costs of accessing and utilising these institutions, including analysis of discovery and case management processes
8. alternative mechanisms to improve equity and access to justice and achieve lower cost civil dispute resolution, in both metropolitan areas and regional and remote communities, and the costs and benefits of these, including analysis of the extent to which the following could contribute to addressing cost pressures: (a) early intervention measures (b) models of alternative dispute resolution (c) litigation funding (d) different models of legal aid assistance (e) specialist courts or alternative processes, such as community conferencing (f) use of technology, and (g) expedited procedures
9. reforms in Australian jurisdictions and overseas which have been effective at lowering the costs of accessing justice services, securing legal representation and promoting equality in the justice system, and
10. data collection across the justice system that would enable better measurement and evaluation of cost drivers and the effectiveness of measures to contain these.
'Participatory Sensing: Enabling interactive local governance through citizen engagement' [PDF] by Slaven Marusic, Jayavardhana Gubbi, Helen Sullivan, Yee Wei Law and M. Palaniswami of the Department of Electrical and Electronic Engineering at the University of Melbourne argues that
Local government (such as the City of Melbourne) is accountable and responsible for establishment, execution and oversight of strategic objectives and resource management in the metropolis. Faced with a rising population, Council has in place a number of strategic plans to ensure it is able to deliver services that maintain (and ideally improve) the quality of life for its citizens (including residents, workers and visitors). This work explores participatory sensing (PS) and issues associated with governance in the light of new information gathering capabilities that directly engage citizens in collecting data and providing contextual insight that has the potential to greatly enhance Council operations in managing these environments.Their paper examines:
- Key hurdles affecting the viability and uptake of PS from different stakeholder perspectives
- The capacity of PS as a new and mutually beneficial communication link between citizens and government; the respective value propositions in participating, whilst simultaneously increasing engagement and enhancing City operations through co-production with citizens
- Technological elements of PS and associated privacy impacts through the application lens of noise monitoring
- Social impacts of emerging pervasive technologies, particularly the encroachment upon privacy, associated risks and implications, not only for the individual but also the impact in shared environments
- Responsibilities and avenues for mitigation assigned to respective stakeholders; including user awareness factors, policy frameworks and design level strategies
- The role of reputation and trust management between stakeholders in fostering productive links, along with the capacity for citizen empowerment
- The balance of perceived competing objectives of privacy and transparency, ethical strategies to address this challenge
- User perceptions of related issues taken from studies of internet and social media usage through computing and mobile platforms
- A development platform to measure user awareness of privacy risks, behavioural responses to a spectrum of engagement options effectively returning to the user a level of control over their participation
- Essential requirements for responsible implementation of PS platforms, considering ethical issues, responsibilities, privacy, transparency and accessibility
• The active role of the user is critical for the success of PS, requiring effective engagement, but also mitigation of disincentives, such as privacy concerns. As privacy risks increase in the context of multiplied information sources, despite available privacy preservation strategies, user awareness and control remain key elements. • Establishment and management of mutual trust is key to PS functioning as an effective medium for communication between stakeholders and for ensuring accountability. • Citizen empowerment is only achieved with the provision of information to assist individual decision-making, as well as the opportunity for responsibility and control over level of participation. • Incentivisation schemes need to recognise the value of the data/service being supplied by the user, the accessibility of the organiser provided service and ongoing value propositions .....
Privacy vs transparency
• Privacy is one’s control over access and flow of their information. Legal protections are limited to specific circumstances, so ethical means for supplementary privacy protection offer transparency with respect to data accuracy and embed privacy in the design. System transparency and verifiable privacy measures can build trust between stakeholders. • Social implications warrant mechanisms for managing data history. Additionally, informed user consent needs to be the goal and supported by effective communication of risks. Accordingly, users will utilise various means for protecting privacy, according to their level of awareness and evaluation of risks
• Systems for protection of personal information are essential for maintaining/building trust between organisations and citizens. This includes discovery of breaches and recourse for compensation. Existing policies cover data collection and handling; citizen engagement strategies; and feedback management. They reflect privacy concerns; principles of open and responsive government; and value in citizen contributions to governance. • Limitations of privacy legislation demands supplementary principles/guidelines for system implementation, including industry self-regulation, privacy by design and privacy impact assessment (PIA). Existing and supplementary measures thus need to be utilised and adapted for effective PS.
• The pilot study is based on a noise measurement app and central server for data aggregation and display. The app provides a spectrum of privacy level options, to be selected by the user, that reflect the type and amount of data to be collected/shared. • The privacy level selection interface serves to inform the user of data handling (and implies associated risk), while a refined interface can more explicitly convey this. This capability demonstrates a means for increasing user control over their level of participation. • A larger study can expand this capability; provide detailed assessment of public participation capacity; conduct a PIA; reach broader demographics; and further evaluate the issues raised throughout this paper.
• Prior to embarking on PS implementations, organisations thoroughly analyse all stakeholder concerns and ensure necessary steps are taken to address these, as outlined here • The City of Melbourne look for opportunities to test participatory sensing as a means of addressing specific community concerns in relation to noise nuisance • Policy makers review existing policy frameworks to ensure that they offer the appropriate combination of incentives and safeguards to facilitate greater citizen involvement in addressing issues of community concern (co-production) • Policy makers review existing organisational structures and professional cultures to identify any additional barriers to effective citizen engagementIn discussing privacy the authors comment
In literature associated with PS, social media platforms and now IoT, privacy concerns are listed as a significant issue. However, insufficient attention is given to the nature of these concerns, such as: the implications and risk factors of inadequate privacy protection measures; the impact on technology utilisation of users’ actual understanding of existing risk factors and any safeguards that may be available. Solutions that are provided are often limited in scope. Indeed, there is a risk that designers will focus on development of new system capabilities, neglecting the necessary ethical dilemmas by associating these challenges with data utilisation and so a task for someone else (Shilton, Participatory Sensing: Building Empowering Surveillance 2010). A survey of PS applications and associated challenges is provided in (Christin, Reinhardt, et al. 2011). Importantly, they acknowledge the lack of flexibility needed to reflect diverse viewpoints and awareness of privacy risk, implications and available mitigation strategies.
The first privacy requirement is the provision of secure communication links between the user and platform (hosted by the service provider). Conventional data encryption methods available on mobile computing platforms (such as Secure Socket Layer (SSL)/Transport Layer Security (TLS)) intend to ensure that only the intended receiver of the data transmissions is able to access the contents (De Cristofaro and Soriente 2013).
One of the obvious risks associated with PS applications is the same as that of any data sharing application, where the information being shared may actually reveal more about the user than is being intended, or agreed upon. It is now widely accepted that users of social media platforms need to take care in the way personal information is shared or publicly displayed, particularly when utilising multiple platforms. It has been demonstrated that seemingly innocuous postings can reveal information about location, behaviour, routine, social networks and identity. This may be described as information leakage, where it crosses over to another domain or platform to reveal either something more detailed or completely new when combined with other data. Each of the sensing modalities available on smartphones present the risk of revealing private information, from: daily routine (based on time stamped location); identity (from photos, gait analysis, voice recognition); or associations (from photos and voice recognition).
Importantly, the nature of participatory sensing has the capacity to reveal information, not only about the user, but also about others in their vicinity. Therefore, in addition to personal risk of exposure, awareness also needs to be established of the secondary exposure introduced into a given environment. Providing adequate safeguards is thus a multidimensional problem (Christin, Reinhardt, et al. 2011). When the associated services are primarily location focussed, such information has real-world implications. Location can be established, with varying degrees of accuracy, from GPS signals, cell tower locations, as well as from Wi-Fi and Bluetooth links to associated infrastructure. For example, some traffic authorities have deployed infrastructure to detect Bluetooth devices of vehicle users in order to map vehicle paths and travel times. Whilst in such instances, the information is being utilised to improve traffic flow and road infrastructure services, it demonstrates the vulnerability of individuals in allowing unsecured access to their communications and the secondary information that can be extracted from doing so. These concepts have also been explored in the context of Intelligent Transportation Systems that utilise various means of vehicle identification from license plate recognition, electronic tags for tolling systems or GPS devices. The roles of different interested stakeholders are noted along with the potential for establishing personally identifiable location information and how existing US privacy law impacts such operations (Garry, Douma and Simon 2012). Similar challenges have been faced by location based services on mobile phone or computing platforms for some time (Anderson, Henderson and Kotz 2007) (He, Wu and Khosla 2004) (Shahabi and Khoshgozaran 2007).
There exists a suite of proposed solutions for preserving privacy in participatory sensing whilst still permitting a desired level of engagement in the program, with some taken directly from networked computing strategies.
The first option is to provide some degree of anonymity for the user. It must be determined then, from whom anonymity is required, or rather, for the meaningful operation of the PS platform, for whom is identification required/permitted. It is widely acknowledged that users demonstrate different degrees of willingness in sharing data, depending on the relationship with the other party (or parties) involved.
Degrees of identity revelation maybe classed as:
• Completely anonymous • System Organisers/Network Operators o Requires secure end-to-end communications regardless of the number hops or network types utilised in the transmissions (e.g. Tor). • Selected peers/participants o A user/organiser defined subgroup, established based on certain criteria, such as predetermined trust or existing community group. • Other participants on the system o Identifiable to other users with access rights to the system. • Anyone able to eavesdrop given communications links somewhere along the network • Notionally hidden, but unsecured. • Open o Unrestricted publishing of identity linked with data contributions
Providing anonymity is not without its own implications. If not carefully designed, a system permitting anonymous contributions can be easily compromised if there is no means of verifying the quality and validity of the data. In such cases, it may leave organisers with no recourse to identify or manage misbehaving or malicious users. In this respect, the same tools that protect the privacy of the innocent also hide the identity of the malicious or criminal.
The common argument that is often posed in shifting the balance of privacy towards transparency is that some privacy must be sacrificed in order to ensure security. If this is indeed true and unavoidable, then certain questions immediately follow: to what degree must privacy be sacrificed; to whom is privacy to be sacrificed; and what level of trust can be assigned to this authority? Indeed, is it even possible to apply a threshold in trying to answer these highly debatable questions? Consideration must be given to the risk and implications associated with any subsequent abuses of this trust. So whilst a goal may be set for balancing privacy and security, according to some established value system, the viability of such thresholds only exist in as much as aggrieved parties have recourse to compensation from any breaches. Where this is implausible to guarantee, a more cautious approach would be to first question whether the emerging capability is actually increasing the degree of vulnerability of users without adequate protection and for insufficient return/reward for their participation.
From a practical perspective, a number of measures can be implemented at the design level, that provide users with varying levels of protection. Some of these include:
• Masking identity (utilising independent verification methods; allowing anonymous data contribution; simulating high participant density) • Masking location (data perturbation or reduced granularity) • Limited data release (sharing of aggregated or filtered rather than raw data)
Essentially, such methods rely on the existence or appearance of a large number of users within the system and within the specified location (k-anonymity), so increasing the difficulty with which a single user (or their data) may be identified. In this way, the system can compensate for malicious users (e.g. supplying misleading data); unreliable users (e.g. supplying incorrect/erroneous/low-quality data); collaborating users (e.g. to uncover identity or other restricted information about other participants; bias overall measurements; manipulate user reputations).
Self-surveillance describes the personal information that is captured, stored and potentially transmitted though the complicity of individuals. To combat the increased vulnerability to privacy breaches arising from self-surveillance and indeed the expected decreasing privacy, the concepts of Personal Data Vaults (PDV) and Personal Data Guardians (PDG) have been proposed as a means of giving users greater control over how their data is shared, whilst still making use of cloud infrastructure (Kang, et al. 2012). Self-surveillance applications relate more to measurement of biological parameters, activity and mobility. As such, whilst obviously of interest to the individual, there is also substantial interest from third-parties in being able to analyse and aggregate such data to deliver population-wide insights. There is a need then to balance the usefulness to the individual of such applications, whilst also being able to share some aspects of this data (agreeable to the user) with outside entities. The PDG serves as a trusted entity, with whom the user enters into a legal, fiduciary and confidential relationship (in a similar fashion to that with lawyers or doctors). In proposing PDG to act as trusted intermediaries, the flow of data is slowed, thereby preserving some degree of privacy.
Despite the advantages that PDVs seemingly provide, the privacy guarantee of a system that proposes secure storage in the cloud and transmission utilising many layers of communications infrastructure is difficult to ensure, particularly in light of many well publicised hacking and spying episodes. Two issues remain unresolved; the first is public perception of the degree of security available, whilst the second considers user behaviour in light of available security of privacy options and concern for associated risks. Investigating user perceptions of cloud computing security and data vulnerability in (Ion, et al. 2011), it is observed that a large degree of scepticism still exists impacting what users will store. There is also general acceptance that existing means for presenting Terms of Service (TOS) are largely ineffective, in that they are difficult to understand or generic and thus often ignored. As many as 51% of users don’t read online privacy policies, with most perceived as too long or complex and of those who read privacy policies, only 37% are able to gain the necessary information to decide whether or not to use the site (OAIC, Community attitudes to privacy survey 2013). This results in mismatched expectations of users as to their rights and the actual requirements of the service provider. Further complexity is introduced by changes across demographics and culture, in how privacy risk is perceived and trust of organisations assigned (Bélanger and Crossler 2011). Analysis of TOS for cloud services has also revealed a tendency for bias towards more detail regarding user obligations rather than the provider’s, with the authors recommending a legal framework (albeit in the US context) offering greater control and portability for the user for the management of their data (Kesan, Hayes and Bashir 2013). Ultimately, the effectiveness of any service guarantee is only as effective as one’s ability to detect contravening behaviour and the scope for compensation.
It must be considered whether the majority of users interact with these services naively or wellinformed. The significance of such factors is often merely assumed and only interpreted in terms of the effect on the total number of users, following which a range of privacy preservation measures are proposed in order to mitigate any detrimental impact on participation rates. In (De Cristofaro and Soriente 2013), the provision of adequate privacy protection is considered the single most important factor affecting the willingness of users to contribute data. Consequently, they propose a cryptographic system for Privacy-Enhanced Participatory Sensing Infrastructure (PEPSI), based on Identity Based Encryption and third-party generation of decryption keys (private key generator). They also acknowledge challenges in protecting query privacy from organisers; node privacy from network operators; and collusion attacks.
Reputation and trust
Trust management systems may be categorized as either rule-based or reputation-based (Yang, Zhang and Roe 2012). A rule-based system applies credential matching, based on credentials (certification), chain discovery (with importance placed on associated storage locations) and trust negotiation (protecting credentials, avoiding unnecessary exposure). Reputation-based trust management characterises user behaviour by collecting, distributing and aggregating assessments of user contributions in a way that may identify malicious behaviour. They describe the different stages of trust management as establishment of initial trust; observation of behaviour; and evolution of reputation and trust. Initialisation is always problematic, as there is little on which to base an applied trust level. Approaches have been proposed that draw on community ratings of new participants; however, this does not preclude other participants from providing biased or malicious reports.
The more conservative approach will allocate a low trust level to new users with a period of time for this reputation to be improved. The alternative is to assume trustworthiness and then downgrading the assigned trust level if warranted. In observing behaviour, anomaly detection methods may be applied to automatically detect potential misuse, by first classifying normal behaviour in a way that enables rapid detection of anomalous behaviour.
The impacts of these respective decisions needs to be quantified and related to the number of users in the system in order to determine the effectiveness and suitability of the associated trust management framework. This is particularly important when considering the concept of sharing reputations across communities, reputations on which other communities can then initialise their own trust levels for new users. This reaches back into questions of privacy, with identification being required across different domains. It also draws into question the reliability of trust management frameworks in one domain and their impacts on other domains. This may point to the need for a central trusted authority. Yet a distributed approach, applied with certain safeguards and agreed criteria, provides some protection against attacks on a single central repository of reputations.
Existing reputation models include: summation and average (aggregation of ratings to produce a single reputation score); discrete trust models (assigning labels to actions for ease of interpretability); and Bayesian systems (applying positive or negative ratings along with a probability distribution to determine reputation) (Reddy, Estrin and Srivastava, Pevasive 2010 2010). The first is susceptible to bias if the number rating is heavily skewed towards one side, while discrete models (non-mathematical) do not inherently support statistical inference of reputation confidence. Bayesian systems, however, offer the ability to establish a measure of confidence in the reputation score, by determining the probability that the expectation of a distribution (which determines the reputation) is within a certain error margin. It also allows for weighting of new and old measurements, effectively applying a forgetting factor, to more effectively update reputations giving preference to either more recent or historical behaviour. Another system evaluates a number of different attributes that are combined to determine reputation (Abdulmonem and Hunter 2010). These include: direct rating between members; inferred trustworthiness; rating of observations; contributor’s role/qualifications; quality of past contributed data; completed training programs; amount of contributed data; frequency of contributions.
In a similar fashion, (Yang, Zhang and Roe 2012) proposed a combination of direct information (objective evaluation based observable parameters), personal information (personal information which infers a degree of accountability if accurately provided) and indirect reputation (subjective measures such as community and organiser’s trust). As mentioned earlier, the last criteria is problematic and thus needs to be weighted accordingly, while personal information can similarly be weighted according to the level of detail supplied and its verifiability. In fact, this challenge was reflected in their experiments, observed in a small number of participants not willing to supply personal details.
In (Christin, Roßkopf, et al. 2012), the user reputation is cloaked utilising cryptographic primitives. Similarly based on k-anonymity, in (Huang and Kanhere 2012) a trusted reputation server is utilised in a manner that masks the reputation in transit so as to reduce prospects of linking user identity to reputation by external parties, whilst claiming greater flexibility in reputation assignment and accuracy. In (Wang, et al. 2013) anonymity and reputation challenges are balanced through the separation of the data reporting and reputation update processes. ...
4 Privacy vs Transparency
A commonly understood definition of privacy is the right to have one’s personal environment (and information contained therein) protected from intrusion. In this way, it is also interpreted as the right to be left alone (Brandeis and Warren 1890). Indeed a focus of this view by Brandeis and Warren in 1890, was in the provision of compensation of suffering resulting from privacy invasion, and so drew attention to dignitary harms (such as reputation) (Kesan, Hayes and Bashir 2013). Alternatively, in the modern context, it can be defined as control over personal information (Shilton and Estrin, Ethical Issues in Participatory Sensing 2012). It implicitly draws a contrast between what constitutes private space and public space and the subsequent delineation of private information versus public information. It also draws into question the status of private activity that necessarily crosses over to public spaces. To appreciate the significance of privacy protection, the function of privacy in a societal context “protects situated practices of boundary management through which the capacity for self-determination develops,” while “conditions of diminished privacy also impair the capacity to innovate” (Cohen 2013).
With specific reference to participatory sensing, privacy has been interpreted as “the guarantee that participants maintain control over the release of their sensitive information” including “protection of information that can be inferred from both the sensor readings themselves as well as from the interaction of the users with the participatory sensing system.” (Christin, Reinhardt, et al. 2011). Formal definitions have been established with reference to what is protected by law. As such, it varies in differing degrees according to the jurisdiction to which the law is being applied. According to the Victorian Government Privacy Commissioner, the common element is the ability to keep “your own actions, conversations, information and movements free from public knowledge and attention.” This can be interpreted differently in the context of the home, workspace or other environments. Importantly, associated legislation only covers certain types of information and activities. It is important to recognise that protections tied explicitly to identity are inadequate, as enough consolidated information may be used to identify an individual’s activities, locations and relationships and in that way leaves them vulnerable to exploitation, without ever requiring the establishment of identity (Wright, et al. 2009). To appreciate the legal boundaries applied in privacy law, it is necessary to acknowledge that it is different from both confidentiality and secrecy. Confidentiality in legal terms relates to information given under the obligation that it not be shared further. Such information is not usually publically available or easily accessed. Secrecy relates to the prevention of information becoming known, where such action may assist in privacy protection or in serving the public interest.
Limitations of existing US legal frameworks to effect genuine protections through combinations of privacy, data protection and communications laws, have been explored in (Bast and Brown 2013). In light of the inability to singularly protect privacy in that context, a combined approach is recommended that employs education, empowerment and enforcement (where available) (Thierer 2013).
Ethics in Design
Ideally, privacy safeguards embedded in the system design should give users the necessary control over the collection and release of their data. However, the personal nature of PS as well as the proximity to other persons not actively participating in the PS program raises certain complications. In this respect, it is important to consider alongside privacy, the notions of consent, equity and social forgetting (Shilton and Estrin, Ethical Issues in Participatory Sensing 2012).
Balancing the need for privacy and proposed means for satisfying it raises further questions about the fundamental ethics being applied and about the strength of those ethical principles when considered in the light of seemingly necessary compromise. When such principles are applied at the design level, applied haphazardly, or not applied at all, the implications for the user are likely to be an increased vulnerability from having shared revealing data and for the organisers, exposure from basing released information on inaccurate and possibly malicious data.
Design objectives can be easily placed in opposition as a means of more easily arriving at a certain outcome. For example, privacy versus accuracy has been proposed as such a compromise, where in order to preserve some degree of privacy, it has been suggested to perturb data supplied to the system in order to mask the real data that reveals perhaps the actual location or actual time at which samples were collected. Consideration must be given to how this is achieved. If the granularity of the data is merely reduced, it is more a reflection of the preparedness of the user to supply a certain level of detail. Therefore, it is not the accuracy of the data in question, but rather the quality. Transparency in the system ensures that the error margin or data granularity is known, such that subsequent operations on this data can factor in the associated data quality. This is different from intentionally supplying incorrect data, albeit with the same intention to mask activity or identity. In this instance, there is little recourse to separate legitimate users from malicious users, as both courses of action seek to bias the data pool. Social forgetting is raised in (Shilton and Estrin, Ethical Issues in Participatory Sensing 2012) as another element of the system necessary to reflect the broader principles at stake. PS presents the possibility for a historical archive of activity. The social media generation are slowly becoming aware of the longer term impacts of seemingly frivolous sharing of photos or posts, as what may be considered private moments suitable for perhaps a circle of friends is not seen in the same light by current or potential employers. As many as 17% of Australians regret something they have posted on a social networking site (increasing to 33% for young people) (OAIC, Community attitudes to privacy survey 2013). It has been suggested that such long-term recording and retention, reduces the capacity for a fresh start, or to be able to recover from one’s mistakes. In the US, this has been referred to as the “Eraser button” approach, whilst a similar EU version refers to a “Right to be forgotten” (Thierer 2013). As raised in the analysis of reputation management, to what extent does recent activity predict future behaviour compared with more distant activity? In that context the challenge was, rather, how to establish reputation quickly in the absence of historical data. Also important, is the duration of data and activity retention, and associated weighting applied in determining other factors such as reputation. In this instance, it becomes a factor for the user in establishing a trust that they (and their data) will be treated fairly and justly (Shilton and Estrin, Ethical Issues in Participatory Sensing 2012). Mechanisms exist within law to address such issues, so measures must surely be applied to extend such a capacity to emerging technologies that in principle seek to reflect social systems.
System transparency also applies where user consent is concerned. It is essential that where users are relied upon to actively participate in the sensing process, adequate consent be obtained for the utilisation of associated data contributions. This is challenging in an environment that by its nature encroaches upon people’s personal environments and furthermore by the degree of consent which may be obtained. Active and informed consent is essential if any sort of parity between users and organisers is to be established. As noted earlier in the challenge of overly complex Terms of Service Agreements, it is difficult to infer the level of understanding reached by a user in order to obtained informed consent. However, the level of consent can be qualified and ranges from:
• Passive consent – where utilisation of the platform implies consent given, and so utilised by organisers to extract content at will (so called ‘soft surveillance’ (Shilton and Estrin, Ethical Issues in Participatory Sensing 2012)). • Active consent – requires some action by the user to acknowledge agreement (standard TOS agreement), but does not necessarily indicate understanding, rather places responsibility upon the user. • Qualified consent - contingent on circumstances specified by users or guarantees provided by organisers, with the system operation reflecting selected preferences. • Informed consent – effective communication of usage conditions and implications, with consent elicited in a manner that reflects the level of understanding and agreement.
The extent of the implications and subsequent agreement required still needs to be explored in order to establish the level of risk that applies to each of the stakeholders. This can be extended to include a more thorough analysis of demographics within stakeholder groups, particularly where it concerns more vulnerable participants. Where the implications impact only the individual user, the direct and active consent suffices. However, where sensing applications increasingly extend to environments shared with others (be they private or public, home or work) the same mechanism may no longer be adequate. The system may protect the privacy of the user, but what of bystanders who may have no knowledge of sensing taking place, no knowledge of implications and potentially different views on the conditions for qualified consent. Is the user in a position to take responsibility for the privacy of people within the vicinity of the sensing system? The significance of these flow-on effects is dependent on the type of sensing taking place. In any case, due consideration must be given to these impacts in the design and in communicating any vulnerabilities to the user.
In order to establish trust, organisers need to be able to provide assurances of how the data is used, whilst system designers embed related functionality within the design. Where insufficient trust exists between users and organisers, users can still have the option of reducing the granularity of data shared or applying some other means of anonymisation (such that the supplied data may still contribute something meaningful).
In the context of citizen engagement and promoting interactive government, applying such procedures is a means for demonstrating transparency and for growing trust. The functionality of the PS platform then enables users to better understand the significance of risk factors as well as the measures applied by organisers (e.g. government) to mitigate such risks. It is ultimately the responsibility of the system operator to adequately inform users, particularly in the absence of adequate risk mitigation and vulnerabilities being exposed.
In determining the viability of such deployments, it must be established whether the introduction of such technology platforms is potentially increasing the vulnerability of particular demographics, or whether through careful design and deployment it acts to reduce such vulnerabilities. Whilst as many as 60% of Australian youth acknowledge the privacy risk of personal information and online services (OAIC, Community attitudes to privacy survey 2013), this still leaves too large a number unaware of the implications associated with what they perceive as ordinary online activity. If it is not possible at the development stage to mitigate these risks, than it may still serve this purpose by providing effective and explicit information transfer relating to the data sharing risks.
Requiring further investigation is the existing knowledge level of such issues as well as the relationship of risk awareness to participation rates.
Research by the Australian Communications and Media Authority (ACMA) has found increasing concern regarding security and privacy amongst mobile and online platform users. This is reflected in user online behaviour, where users commonly employ different digital identities (transactional, social and personal) as a proactive means for restricting access to personal information. In these different scenarios, users were more or less willing to contribute detailed identity information, responding to information demands by going elsewhere for the same service, or even providing misleading information (defensive inaccuracy). In this way, some users could be found exercising their own balance of data integrity and pseudonymity (ACMA, Digital footprints and identities Community attitudinal research 2013). At the same time, whilst nearly 40% of respondents were confident they could effect their desired privacy level through available privacy setting options, another 40% were only hopeful that this was the case, with remaining number holding a negative view.
More than two-thirds were concerned about the level of information shared when using location-based services. Other important findings, included: increased usage does not translate to greater understanding; risks are poorly understood; knowledge of risks and available protections were poor; and users desired more information to assist them to protect personal data (ACMA, Here, there and everywhere—Consumer behaviour and location services 2012).
There was found to be substantial trust in government and established banks for securing transactions and using them only for legitimate purposes. Significant trust and responsibility for managing and policing digital identity and breaches was still placed in government. The distinct roles of individual stakeholders have also been acknowledged, with: individuals having primary responsibility for protecting their personal information; service providers and industry operators responsible for enabling a secure environment; and government providing information and education services, raising awareness and enforcing safeguards (ACMA, Here, there and everywhere—Consumer behaviour and location services 2012). Indeed, high standards of transparency in data handling are also universally expected from all organisations, as well as demands for notification of handling breaches and protection and management practices (OAIC, Community attitudes to privacy survey 2013).
Similar studies of mobile user attitudes to privacy conducted by other agencies across Australia and around the world have also revealed concerns for users of mobile and online platforms. This includes apps that do not intrinsically incorporate data sharing.
GSMA studies of mobile user attitudes to privacy conducted across the UK, Spain and Singapore, with follow-up studies in Malaysia, Indonesia, Mexico, Columbia and Brazil, found that approximately half of the respondents expressed concern about sharing personal data whilst using mobile online services or apps, with over three quarters subsequently very selective about who they shared such information with. Before sharing location information of mobile phones, as many as 81% of people wanted their permission to be requested. It was also noted that most users took less security/privacy precautions when using mobile devices compared with PC use. Interestingly, 47% of users would change their usage behaviour if apps were found to use their personal information without consent, whilst 41% would limit their use (FutureSight 2011).
The Office of the Australian Information Commissioner (OAIC) survey on community attitudes to privacy, revealed some user awareness of privacy risks associated with online activity (OAIC, Community attitudes to privacy survey 2013). This naturally translates (in some degree) to mobile apps. Some of the key findings are noted here.
With respect to personal information, online services are viewed as the biggest privacy risks (including ID fraud and theft, followed by data security). Concerns about handling of personal information are evident in dissatisfaction with such data being sent offshore (with 90% expressing concern). This certainly raises questions about data ownership and the ability to guarantee associated protections according to how this data is handled (including communication and storage).
As many as 78% of Australians dislike having their activities monitored covertly on the internet. Some awareness of this activity exists, with around half respondents of the view that most websites and smartphone apps collect user information. Of those aware of such risks, more are actively seeking to protect their information, with 90% at times declining to provide personal information, 80% first checking website security, 72% clearing browser histories and 62% not using smartphone apps because of related concerns and around 30% providing false names or details.
There is seemingly a point at which user demands for privacy are relaxed or traded, with over a quarter of the population prepared to provide personal information in exchange for improved service or reduced prices.
How much then do breaches of trust by system operators or government affect user perceptions and ongoing behaviour? One third of those surveyed experienced problems with the treatment of their personal information. But while there is a better understanding of ombudsmen schemes, many still aren’t aware of reporting or complaint procedures. More trust is placed in government organisations than private companies (with only health and financial institutions exceptions). Due to concerns about the handling of personal information, 60% decided not to interact with a private company. No figures were reported regarding continued engagement with given organisations following a data breach. Efforts to embed privacy with associated guarantees, means of retribution or compensation for data breaches and adequate transparency of data usage all surely contribute to building or rebuilding trust between different stakeholders. In this way, robust technological and policy frameworks for emerging ICT are essential. Participatory sensing is one such capability that occupies a unique space that can mutually benefit users and organisers, if implemented accordingly. Implemented haphazardly, it simply reflects the existing flaws and lopsided exchange dynamics that often exist respectively between users, commercial operators and governments. It goes one step further than straight forward app development principles. Likewise, it extends beyond activities of disengaged mass-surveillance, principally because it actively engages the user to contribute data and collection resources. So, the respective parties enter into an agreement or contract for the exchange of information. The user is only able to provide informed consent if they are made adequately aware of the system’s operation and their associated role and rights in interacting with the system.
• Privacy is one’s control over access and flow of their information • Legal protections are limited to specific circumstances • Ethical means for privacy protection offer transparency with respect to data accuracy and embed privacy in the design • System transparency and verifiable privacy measures can build trust • Social implications warrant mechanisms for managing data history • Informed user consent needs to be the goal and supported by effective communication of risks • Users will utilise various means for protecting privacy, according to their level of awareness and evaluation of risks
02 December 2014
'Modern fiduciary liability: the sick man of equity?' by Dyson Heydon in (2014) 20(10) Trusts & Trustees 1006-1022 argues that
Some think that fiduciary liability has shrunk, is shrinking and should be shrunk further. In particular, it has been said that traditional equitable duties of skill and care are not fiduciary, and, indeed, are not even equitable. It has also been said that no positive duty can be fiduciary. The article contends that these trends conflict with established authority, are unsound in principle, and have undesirable effects in practice.Heydon begins by stating
Czar Nicholas I of Russia is a potentate on whom history has not looked kindly. Almost no-one has ever stood to the right of him, and he has correspondingly few supporters. Every time he drifted into the pages of Tolstoy, the author let fly. Things have not improved since. Now his reputation is at its lowest. For President Putin has selected a portrait of his predecessor for visitors to gaze at as they wait in an antechamber before an audience. But he did utter one memorable phrase that provides the theme for this lecture.
In 1853 Czar Nicholas I had a celebrated conversation with Sir Hamilton Seymour, the British Ambassador to St Petersburg. He broached the ugly subject of dismembering the Ottoman Empire. He remarked:
The affairs of Turkey are in a very disorganised condition. We have on our hands a sick man – a man gravely ill. It would be a grave misfortune if one of these days he slips through our hands, especially before the necessary arrangements are made.
These words were unfortunate, for the Czar soon after succumbed, in the prime of life, to an attack of influenza, shortly before his own Empire lost the Crimean War to a group of allies which included Turkey.
It was true that by the time the Czar spoke, the rulers of the Ottoman Empire had had to endure, almost every decade, the loss of some additional province in Europe, Africa, or Asia or some humiliating peace treaty or both. The process lasted another seven decades. Every so often the Sublime Porte would default on its loans from foreigners and enter a condition of national bankruptcy, as the process of entering new loans simply to pay the interest on continuing loans reached the conclusion which our own adoption of that technique may soon result in. The world called Turkey “the sick man of Europe”. Innumerable cartoons portrayed the sultan as emaciated, enervated, addicted to the hookah and the harem, clad in primitive looking robe and fez, worn out by vice. These judgments were short sighted. A regime which for centuries had kept both the Balkans and the Middle East under some not wholly inhumane control deserves respect. For there were frightful consequences for the world when the Balkans and the Middle East fell out of control. The sultans and their advisers asked themselves:
Are we on a downward path to inevitable extinction? Or do these setbacks strengthen the Empire by making it more manageable?
In hindsight the second question can probably be answered “Yes”, even though the servants of the Empire were only getting it into a fit shape to fall into the hands of its gravedigger, Mustafa Kemal Ataturk.
Similar questions arise about modern fiduciary liability. For this conference, centred on trusts, they are crucial, because the trustee is the archetypical fiduciary. Is fiduciary liability so sick that its life will soon move peacefully to its close? Or will it, by becoming smaller, also become leaner and more effective? Or will its greedy and expectant heirs—contract, tort, restitution, and, most insatiably greedy of all, statute—, together with the agitation of their academic paladins, cause it to be torn apart by judicial violence?Heydon concludes
Assessing the health of that body of equity which controls fiduciaries is not easy. If some of what is said in the theses described above is correct, it is already dead. But assessing whether it is actually dead, or even dying, would depend on the happening of various events which have not yet happened. One is a thorough examination, by counsel and court, of both the validity and the utility of the five theses referred to above. At least so far as counsel were concerned, the authority which came closest to this examination is Mothew’s case. But there has not been any post-Mothew examination of the problem in Australia. In the course of that examination, many questions will arise. What did Millett LJ mean by “loyalty”? What did he mean by “fidelity”? What did he mean by “good faith”? What earlier authorities were inconsistent with his analysis? How were they to be dealt with? How could they be dealt with? Why is it that a duty of “loyalty” or “fidelity” does not create strict liability?
Other questions will arise in relation to the other theses. But there is one fundamental issue to be confronted. It arises in relation to the topics referred to in this lecture. It also arises in relation to other important topics this lecture has not specifically dealt with. One is the courts’ recognition of the power of fiduciaries to contract out of what would otherwise be their obligations. Another is the claim that the generous rules about causation and remoteness in relation to the reconstitution of trust funds do not apply in suits for equitable compensation in relation to other breaches of fiduciary duty.
It is difficult to judge whether standards of fiduciary honesty, and standards of fiduciary care, skill and diligence have risen or fallen in the last century. But it is easy to conclude that modern standards are not high. That is a factor which ought to weigh strongly against any narrowing of the fiduciary regime. For to narrow the fiduciary regime not only reduces the remedies available to principals in particular instances. It also weakens the deterrent effect of the law in relation to future conduct. Thus, writing in criticism of Mothew’s case, Getzler said:
The prophylactic pressures of equitable procedure and remedy as applied to the loyalty duties may have point even in the sphere of duty of care; the stringent rules of causation, for example, are designed to put deterrent pressure on the fiduciary to reach a high standard where proof of misfeasance may be difficult to gather.
What will happen if the fiduciary regime withers or even dies? Are those owed duties by fiduciaries, as a class, likely to be better off if that takes place? Not in my opinion. That is why the signs of continuing or reinvigorated life in the fiduciary regime should be encouraged. The advent of new heirs to the fiduciary empire must be resisted more successfully than the Ottoman Empire resisted its would-be heirs—Greeks, Serbs and other Slavs, Arabs, and Ataturks.