Thinking about privacy risks with respect to the broad range of adverse consequences to individuals as well as society as expressed in this proposed bill opens the door for thoughtful ethical design in systems. The specified privacy risks are thoughtful and generous to individuals and/or consumers. In an era of SmartTVs, smart refrigerators, smart doorbells and alarm systems, the inclusion of thoughtful risk mitigation to avoid adverse consequences that affect an individual’s private life is welcome. Information Technologies are increasingly being placed in homes where individuals have traditionally had a basic expectation of privacy.
From a privacy engineering perspective, asking engineers to reason about and design systems that avoid causing “psychological harm,” or “significant inconvenience or loss of time” is important to do. But, how can an engineer reason about all the possible ways in which a given technology may cause “psychological harm” to such a diverse population of users. I can imagine some engineers cringing at the sight of such “moralistic” requirements. Codifying agreed upon privacy risks in law, however, would make explicit the need for engineers to ethically think about the goals and requirements that a system should achieve.
Intel’s leadership in drafting a bill that supports innovation while also seeking privacy protections in an effort to start a dialogue should be commended.