The near future promises to turn a new paradigm of information technologies from rather futuristic visions into potential realities. Rapid progress in information and communication technologies increasingly allows the transformation of the visions of ubiquitous computing from the brains of scientists, technology developers and ICT stakeholders into real world applications and services. On one hand, the new paradigm promises to overcome many insufficiencies and inconveniences of current information systems; on the other, it brings about tremendous threats to individual rights and societal values.
Ubiquitous computing technologies have the potential to provide previously inconceivable levels of support for human activities in different spheres of life by systems working unobtrusively in the background, based on technology invisibly embedded in everyday environments and artefacts. Keyboards or other artificial input devices are replaced by natural language interfaces that observe the users and interpret spoken words, gestures or mimes as potential commands.
Biometric procedures replace the need to remember passwords or to actively prove any authorization. The envisioned range of services, the aimed unobtrusiveness of their provision and convenience of use require also previously inconceivable levels of knowledge about the inhabitants of ambient intelligence environments, created by corresponding technical capacities of surveillance and dataveillance3 as well as of merging and processing these data in an unrestricted manner. This new paradigm also brings about a permanently extending inescapability from pervasive surveillance. Whereas in the past the release of data was mostly tied to activities the data subjects were conscious of and which were therefore, in principle, under the individuals’ control, the new paradigm deprives them of the freedom to make such decisions. Although the freedom of choice may in practice not exist for many persons, or be coupled to unacceptable losses in participation in economic or private life, the inevitability of exposing oneself nevertheless creates totally different circumstances for the protection of privacy.
Consequently, ubiquitous computing presents unprecedented challenges not only to privacy, but to the many constituents of democratic and liberal societies in which privacy plays a functional role. These challenges to privacy are widely acknowledged within the R&D community engaged in ubiquitous computing. Considerable research efforts have been devoted to developing privacy with respect to ubiquitous computing environments. What is missing, however, are convincing concepts for the design of ubiquitous computing systems which could guarantee acceptable levels of personal privacy in the future. Most of the currently discussed solutions may render future technologies, to some extent, less invasive of privacy. However, they are insufficient to overcome their inherently privacy destructive potential; and sometimes even contain new threats, e.g. by the compulsive identification of all data subjects involved. Also in the case of pseudonymous data capture, protective measures are hardly conceivable that could resist the re-personalisation of pseudonymous data by advanced data analysis or mining technologies or by subsequent biometric identification procedures as long as not all data and traces are completely destroyed.
The increase in the number of sensors, to which data subjects living in ubiquitous computing will be exposed, regardless of whether they are invisibly embedded into environments or into personal devices or belongings carried with oneself, is one factor responsible for a corresponding increase in the generated data. More critical than the sheer number and the resulting growth in the quantity of data that can be captured are the qualitative changes linked to it. A first and crucial change concerns the extension of exposure to potentially all spheres of private or professional activities. Currently the generation of digital traces is, with a very few exceptions, restricted to active use of information or communication technologies. A major exemption relates to the location information generated by switched-on mobile phones as knowledge of their approximate location is required for routing calls to the nearest base stations. With ubiquitous computing the regular situation is reversed; invisible sensors observe the users and their surroundings permanently to provide services or to adjust the environment according to expressed orders or perceived needs, interpreting the actual context and relating its users’ preferences, gained from past experiences and condensed into constantly refined profiles. The growing outreach into previously untouched spheres of life is accompanied by a factual impossibility of excluding oneself from being observed. Already today full participation in economic and social life of modern societies is in many cases inseparably linked to the use of communication technologies and Internet services. A renunciation of using such services in order to preserve privacy is hence in a number of situations rather a theoretical concept than a viable alternative, contesting the requirement of “free”, informed consent. Nevertheless the use, non-use or shift to more privacy respecting providers or technologies remains basically under the discretion of the individual user. If and to what extent this right can be preserved depends on the concrete architecture and design of the system, e.g., in a world of ambient intelligence this choice will be practically non-existent. Potentially effective solutions to mitigate or eliminate the privacy challenges will necessarily imply refraining from the implementation of fully fledged versions of the new paradigm.
