Takes you to the main page for this section

Main Journals Page | Ends and Means Home Page

Trust, Technology and Privacy

[1]

BY Charles D.Raab

The application of information and communications technologies (ICTs) to the provision of goods and services in transactions that involve personal data requires trust, and has implications for the way trust is understood and managed. Burkert (1994: 239) has remarked: '[u]sing computers and communicating electronically are dependent on trust: trust in people, in organizations, in technology. The trust dimension in these information processes, commercial or governmental functions, and society more generally is gradually receiving the attention it deserves, both in practice and in academic analyses (e.g., Misztal 1996; Fukuyama 1995; Giddens 1991; Gambetta 1988; Barber 1983; Luhmann 1979). 'Virtualising' public-sector functions is more than a technical or organisational change, but involves ethical dimensions of state-citizen interaction in which, in a democracy, trust and consent are at least as important as legal authority. Alongside face-to-face and other interactions amongst mutually known actors, virtual transactions with strangers and abstract systems extend chains of (inter)dependence into new territory in which familiar ways of establishing trust are absent and the reliability of new mechanisms remains to be tested.

For different reasons, there may be comparable difficulties involving trust in commercial transactions in the private sector, where the realisation of the promise of multimedia convergence may depend upon levels of trust that are needed to sustain electronic commerce, including payments systems. The European Union as well as national governments and businesses have therefore given attention to issues of the security and privacy of the Internet in the hope of gaining public trust for these potentially highly lucrative activities. They have also brought the question of public confidence more to the fore in regard to non-commercial, public-service transactions, as for example in recent policy-making for better, more direct and 'wired' government (e.g., Lips and Frissen 1997; Swinden et al. 1997).

ICTs provide communication networks, equipment and databases for more efficient government, for the production of the information required by transparency and public accountability, and for electronic commerce. Let us, however, focus upon the public sector. There is an interesting paradox here: putting it simply, government needs to increase public trust and confidence; to this end, it turns to information technology to improve the delivery of services and information. But in so doing, government may be relying increasingly on information systems that themselves require a high level of trust, just at a time when public confidence in scientific and technological expertise is far from certain.

Trust as a factor in politics and administration, and in government's relations with the public, poses variations on the primordial question of how to deal with and trust others, including strangers; it touches some fundamental issues of human society and individual psychology. Slovic (1997: 301-5) argues that trust is easier to destroy than to create; it takes a long time to establish and is vulnerable to collapse through mishaps. Once lost, it might never be regained. Distrust feeds on itself, colouring our view of events and inhibiting contacts and experiences that would show that those who seek our trust are in fact trustworthy, benevolent and competent.[2]

If the application of ICTs requires trust, where does it come from? Under what circumstances do members of the public trust information flows between themselves and public agencies, both in terms of services received and personal information that they either must, or choose to, give in return for them? Is 'open government' merely a token that is more in keeping with public relations than transparency? And is the exchange of personal data for benefits and services merely an invitation (or perhaps a legal requirement) to send one's details into an increasingly technologised void in which their movements, matching, and analysis cannot be traced or comprehended by the individual?

These questions require longer answers than can be attempted here, but the answers may reflect the status of public confidence in technology in general, and in the organisations that use it. We normally use technical systems without worry. Giddens (1991: 89-90) acknowledges lay persons' respect for science and technical specialism, but also notes their ambivalence, one which inheres in all trust relations. Trust, he argues, is only needed where there is ignorance, and ignorance provides grounds for doubt or caution, giving rise to pragmatic attitudes that combine deference and scepticism - a 'bargain with modernity'. Public confidence appears to fluctuate between favourable appreciation of 'space age' achievements and adverse evaluation of disasters - even in the exploration of outer space - some of which are attributable to computer failures. The overselling of previous technologies, as well as perceptions of their disadvantages, have shaped the context in which new ICTs bid for public acceptance. Thus the nuclear industry, the motor car, and space exploration, for example, have mixed reputations as benchmarks of progress in the twentieth century, despite their many benefits. In 1978, 43 per cent of a sample of the American public believed that technology had almost got out of control, a figure that had risen to 53 per cent sixteen years later (Equifax-Harris 1994: 4).

Computers also have a mixed reputation. Information technology is poorly understood by large numbers of people, even though ICTs are a ubiquitous part of daily life. How far the pervasiveness of ICTs is generally understood is not clear. In addition, a good deal of technophobia, a felt incapacity and unease in the face of computers, and some scepticism, exist amongst middle-aged and older age groups. More particularly, bad personal experiences with computer errors, and news of large-scale computerisation failures or inadequacies, may reinforce distrust or reduce a high level of trust in ICTs and in the agencies that use them. Moreover, the 'millennium bug' may well further damage the trustworthiness of ICTs.

The dawn of digital television provides new opportunities for ICTs to improve their image - an intended pun - but it could also tarnish it if the reality fails to live up to its promise. The hyperbole with which ICTs have been presented - with themes of 'cyberspace', the 'information superhighway' and the cornucopia of choice available through digital communications technologies - may indeed be prey to this reputational risk, and also raise expectations that cannot be fulfilled in terms of quality and equity. Moreover, these same technologies can be, and are, used for surveillance in the widest sense of gathering information about people for purposes of manipulation and control. Fears of 'Big Brother' - amplified by the media and by privacy pressure groups - run alongside promises of a better life and better government through ICTs, although public acceptance of video surveillance to combat crime indicates that such fears may be offset by the values of safety and security. Closed-circuit surveillance cameras have proliferated in public spaces and in private commercial premises with little public debate and with a utilitarian zeal that brushes objections aside. The relationship between surveillance and trust will be further considered below.

The variation of attitudes towards technology within and across societies and cultures make generalisations difficult. 'Worldviews' vary amongst people, colouring their attitude towards benefits and risks, and correlating with trust in risk-management. The literature on risk perception illustrates this well (e.g., The Royal Society 1992: ch. 5; Slovic 1997, 1987). Slovic (1997: 307) says: [D]anger is real, but risk is socially constructed. Risk assessment is inherently subjective and represents a blending of science and judgment with important psychological, social, cultural and political factors. Finally, our social and democratic institutions...breed distrust in the risk arena. The latter is because the institutions and practices of democratic society, including the media, challenge official, authoritative and 'scientific' assessments of risk and trust-building propaganda. 'Bad news' is highlighted and 'good news' is not news. This explanation of the difficulty of establishing and maintaining trust is based upon non-ICT fields of technology, and we do not yet know whether the same can be said for ICTs. However, it does not seem implausible to extend these observations about public attitudes towards expertise and abstract systems to ICTs. Expert systems depend upon trust, 'faith in the correctness of principles of which one is ignorant' (Giddens 1991: 33-4). They are 'disembedding mechanisms' in modernity, removing social relations from local contexts of interaction and restructuring them across 'indefinite spans of time-space' (Giddens 1991: 21).

Modernity is characterised by trust in such abstract systems, yet such trust is fragile for the following reason:
Widespread lay knowledge of modern risk environments leads to awareness of the limits of expertise....The faith that supports trust in expert systems involves a blocking off of the ignorance of the lay person when faced with the claims of expertise; but realisation of the areas of ignorance which confront the experts themselves...may weaken or undermine that faith....Experts often take risks "on behalf" of lay clients while concealing, or fudging over, the true nature of those risks or even the fact that there are risks at all. More damaging...is the circumstance where the full extent of a particular set of dangers and the risks associated with them is not realised by the experts. For in this case what is in question is...an inadequacy which compromises the very idea of expertise' (Giddens 1991: 130-1)

Survey research illuminates dimensions and dynamics of attitudes towards institutions, focusing upon the question of trust as it relates to privacy. It shows that people do not always trust institutions to handle their confidential personal data with due regard for privacy, and that this relative distrust relates to the level of trust in these institutions in general. American findings show strong correlations between respondents' level of distrust about institutions and concern about technology abuses, and their orientation on privacy issues. The higher the level of distrust, the more the individual supports controls over governmental or business use of personal information. Trust in the way risks are managed, it seems, may be an important element in arbitrating the fortunes of electronic governance, at least in terms of the protection of personal data. Victims of social-security number misuse are less supportive of a national computerised file than are others; this suggests that
business and government will have to adopt highly concrete and effective rules of fair information practice in order for programs using personal information to be seen by the public as acceptable. And, given the public majority that now sees technology as almost out of control, firm privacy policies will be especially needed when advanced information and communication technologies are being adopted to offer new consumer or citizen services (Equifax-Harris 1994: xiv). However, low and declining levels of trust that government will look after the public's interests highlights the adverse climate in which reassurance about information systems may be taking place. Privacy-protection policies and practices can be seen as risk-management devices; the level of trust in technology may therefore reflect the degree of trust placed in risk management. People may well feel that the risks of privacy invasion are less if the risk-management systems are working well. But reassurances that government adheres to good protection may lack credibility if a government that tried to calm the public over, for example, nuclear waste disposal or BSE now tries to reassure about its information management, including the way it handles personal data.

Some recent research has further advanced our understanding of the relationship between privacy and trust in the context of information systems (6, 1998). It summarises the findings of previous investigations in Britain that the public are concerned about their privacy and the handling of personal information but that these attitudes as well as confidence in one's ability to protect oneself was unevenly distributed. It argues that we need to know more about these attitudes. In particular, we need more evidence about why people trust organisations and what they trust organisations to do or not to do, how these attitudes relate to perceived risks, how the reasons for trust relate to the tasks that people entrust to organisations, and about why people rank the trustworthiness of different kinds of organisations the way they do.

The detailed survey and qualitiative findings go very far towards a fine-grained understanding of these attitudes, risk perceptions and issues, and of differences amongst segments of the general public in regard to them. The findings are are too complex to describe here, but among them is the apparently greater level of trust in the use of personal information accorded to banks as compared with central and local government, phone companies and supermarkets. There are also important sociodemographic variations amongst members of the public, in terms of age, income and geographic location. Precision in our knowledge of the way in which privacy invasions, risk and fears are distributed across society and in relation to particular institutions is important not only for a better understanding of the effects of ICTs on human values, but for policy-making purposes as well (Raab and Bennett 1998). As 6 (1998, vol.2: 101) remarks:

Understood carefully and sensitively, the public mood on privacy should give business and government agencies pause to reconsider their strategies and to question the widespread complacency that privacy is no longer of any real importance. Concerning both government and ICTs, legitimation repair-work may be required for sustaining administrative innovations in the public use of electronic means for connecting the citizen and the state. One way is to re-embed relations between people and technical systems through access points or junctions where systems' representatives meet the public face-to-face, simulating the trust found in friendship (Giddens 1991: 83-7).

However, different innovations may require different levels of effort to reinforce public trust in both the efficacy of ICTs for public service delivery and for their protectiveness of privacy. A public that lacks both self-confidence and trust in bureaucracy may see kiosks that disseminate standard kinds of information as posing fewer risks, and as simpler to use, than information-intensive exchanges. But governments may regard the latter as the more important for economy and efficiency in service delivery. However, we cannot answer the question 'how much trust is necessary for these innovations?', and social or cultural differences need to be taken into account.

It is also relevant to broach the question of surveillance and its relation to trust. 'Surveillance' can be construed in a wide sense of 'keeping watch over', embracing the more or less systematic monitoring, observation, collation and analysis of information in order to exert control. Some describe whole societies as 'surveillance societies' since technology, information systems and business processes facilitate intensive and comprehensive surveillance (Flaherty 1989; Lyon 1994; Lyon and Zureik 1996). Trust is at issue wherever surveillance operates; surveillance and distrust go together. Giddens (1991: 33) writes:
There would be no need to trust anyone whose activities were continually visible and whose thought processes were transparent, or to trust any system whose workings were wholly known and understood....the prime condition of requirements for trust is not lack of power but lack of full information. Security cameras and data-matching apply ICTs to situations in which people are not trusted to maintain public order or to make honest claims for social welfare benefits without the use of detection and analysis devices by public authorities. Authentication of identity or of entitlement through the use of smart cards is premised upon the same distrust. The question here is not whether these mechanisms are justified and necessary, or under what rules they may operate, but what they mean in terms of trust and what they tell us about social relations and governmental activity.

But surveillance can be looked at from the other end: from the standpoint of citizens' ability to keep public authorities and governments under surveillance, thus exercising democratic control. Transparency and accountability relate to this perspective. Transparency is also an important principle of data protection, in which 'subject access' - individuals' right to know what is held on them by data users - and informed consent to certain kinds of personal data processing play a crucial role in the reciprocity of such surveillance. Mellors (1978: 109) writes:

In simple terms, the best safeguard is not that they know less about us, but that we know more about them; and that we are aware of what they know about us and how they use such information.

Whereas secrecy laws and practices circumscribe the public's ability to keep government under surveillance, that kind of information contributes to it. Conflicts over the legitimacy of secrecy are, therefore, simultaneously conflicts over information and contests over the terms by which trust is appealed for or denied, as well as being power struggles. So, too, are conflicts over the legitimacy of personal privacy, as reflected, for example, in debates over the desirable strength or weakness of data protection.

Under the rubric of surveillance, does the affinity between government secrecy and personal privacy extend to the role that ICTs play in each? Privacy-invasive surveillance by authorities - often implemented for creditable reasons - is carried out through closed-circuit television, credit-card data trails, data matching, telephone monitoring, etc. These can be either covert or used transparently and with consent. Secrecy-invasive surveillance, on the other hand, is more typically thought of in terms of espionage and its armoury of electronic devices for clandestine spying. However, if we consider public access to information to be an open form of secrecy-invasive surveillance exercised by citizens, the development of technological means for doing this can be noted. Global information networks, including the Internet, provide information for, and dialogue with, citizens. A 1997 European Ministerial conference on information networks concluded that [m]ore effective use of access to information from the public sector and improved transparency of government activities should be emphasised. The increased potential of modern technology should be harnessed to allow users to determine not only what information they want to receive but also who can dispose of their personal data and for what purpose. More recently, the wide, on-line dissemination in September, 1998 of the Starr Report on President Clinton's relations with Monica Lewinsky, and the subsequent proliferation of Internet discussions about it, have pointed up one facet of this potential.

A partial but ironic shift in the debate over the 'information age', in which technology was seen as part of the problem and not as part of the solution, can be seen in the current search for technological solutions for the problem of trust in electronic transactions (Burkert 1997; Phillips 1997). Whereas technophobia sustained criticism of state surveillance, new developments not only see a role for ICTs in opening government up to scrutiny and accountability through the provision of information, but they also see them playing a large role in preventing invasions of privacy. The once-tattered deference to technological expertise seems to be reinstated in the case of ICTs seen as part of the trustworthy infrastructure for governmental transactions. If technology can preserve anonymity, it may have advantages in terms of sustaining a climate of trust for global information networks and electronic service delivery. Thus 'privacy-enhancing technologies' (PETs) aim to minimise or eliminate the collection of identifiable personal data and to replace 'tracking technologies' (see, e.g., Clarke 1997, Greenleaf and Clarke 1997).

PETs reduce the amount of identifiable data that must be collected for carrying out transactions and other functions. Pseudonymous devices protect identities: individuals can establish their authorisation or claim for a service without revealing their identity to the service provider. Putting this concept into practice may involve digital signatures, new forms of encryption, biometric mechanisms and pseudonyms. The aptly-named 'trusted third parties' (TTP) is related to these mechanisms, in which an independent third party is trusted by both the service provider and the individual to hold digital keys ('key escrow') or the means of translating and collating the user's different service-specific pseudonyms. A TTP can reveal identities, or keys, under specified conditions, although there has been considerable conflict over this amongst privacy experts and governmental interests in regard to access by state intelligence services.

TTPs or 'Certification Authorities' raise the question of their provenance and their claim to be trusted; the validity of this claim depends upon technical configurations and on the legal framework within which they operate. Law-enforcement imperatives may oblige TTPs to reveal identities or release encryption keys to the police and security services. While this need not derogate from trust if TTP users know and accept its possibility, critics have reason to see an ambiguous meaning of 'trust' in such circumstances. The prominence of PETs and cryptography in current privacy-protection thinking may constitute a seizure upon technology as a 'technological fix' for essentially social and political problems. However, rather than leaving the technological side of protecting privacy at the level of security procedures that only operate after data are collected, PETs might also be seen as part of systems design rather than technological innovation as such; or, as the United Kingdom Data Protection Registrar puts it, as part of the notion of the 'ethical engineer' (The Stationery Office 1997: 105).

In terms of our focus on the trust dimension in ICTs, PETs are promoted on the basis of the higher level of trust that customers can have in the handling of their transactions when PETs are used. In a commercial environment, and assuming that privacy is important to people, PET-using companies may gain competitive advantage over other firms by offering greater anonymity and less collection of identifiable data, although recent trends have been more in the direction of the lucrative profiling and tracking of persons through their data. Technological solutions may be based on heroic assumptions about public desires and business profit calculations, but in some industries and financial transactions they may provide the leverage that designers as well as data protectors seek.

For the public sector and trust in electronic government, PETs, including smart cards, may make transactions more secure and thus bolster public confidence. However, the elegance of PETs resolves some questions, but not all, and not for all businesses or government agencies. PETs do not obviate assessments of trust and trustworthiness, nor do they solve problems of reliability, efficiency or privacy protection. Technology regulation is a social and organisational process that goes beyond, but may include, ICTs themselves in novel combinations that are currently being devised (Raab, 1997).

Notes

This article draws on Raab (1998) and upon a presentation at the Centre for Technology, Philosophy and Society (University of Aberdeen). It relates to the author's project on 'Privacy Protection in the Virtual Society', conducted under the ESRC's programme of research on the Virtual Society? Comments on this article are welcome, to c.d.raab@ed.ac.uk.
Further 'unpacking'of the dimensions of the concept of trust is essential, but cannot be done here. See, however, 6 (1998); Raab (1998) and the literature cited therein.

Bibliography

Barber, B. (1983) The Logic and Limits of Trust, New Brunswick, NJ: Rutgers U.P. Burkert, H. (1997) 'Privacy-Enhancing Technologies: Typology, Critique, Vision', in J. Agre and M. Rotenberg (eds.), Technology and Privacy: The New Landscape, Cambridge, MA: MIT Press

Burkert, H. (1994) '"Electronic Trust" and the Role of Law: A European Perspective', in K. Brunnstein and E. Raubold (eds.), Applications and Impacts - Information Processing '94 (Proceedings of the IFIP 13th World Computer Congress, Hamburg, Germany, 28 August-2 September), Volume II, North Holland: Elsevier

Clarke, R. (1997) 'Chip-Based ID: Promise and Peril', paper presented at the International Conference on Privacy, Montreal, 23-26 September, at http://www.anu.edu.au/people/Roger.Clarke/DV/IDCards97.html

Clarke, R. and Greenleaf, G. (1997) 'Privacy Implications of Digital Signatures', paper presented at the IBC Conference on Digital Signatures, Sydney, 12 March, at http://www.anu.edu.au/people/Roger.Clarke/DV/DigSig.html

Equifax-Harris (1994) Equifax-Harris Consumer Privacy Survey 1994, Atlanta, GA: Equifax Inc.

Flaherty, D. (1989) Protecting Privacy in Surveillance Societies, Chapel Hill, NC: University of North Carolina Press

Fukuyama, F. (1995) Trust, London: Hamish Hamilton

Gambetta, D. (ed.) (1988) Trust: Making and Breaking Cooperative Relations, Oxford: Basil Blackwell

Giddens, A. (1991) The Consequences of Modernity, Cambridge: Polity Press

Lips, M. and Frissen, P. (1997) Wiring Government - Integrated Public Service Delivery Through ICT (ITeR 8), Alphen aan den Rijn/Diegen: Samsom BedrijfsInformatie Luhmann, N. (1979) Trust and Power, Chichester: Wiley

Lyon, D. (1994) The Electronic Eye, Cambridge: Polity Press

Lyon, D. and Zureik, E. (eds.) (1996) Computers, Surveillance, and Privacy, Minneapolis, MN: University of Minnesota Press

Mellors, C. (1978) 'Governments and the Individual - Their Secrecy and His Privacy', in J. Young (ed.) Privacy, New York: Wiley

Misztal, B. (1996) Trust in Modern Societies, Cambridge: Polity Press

Phillips, D. (1997) 'Cryptography, Secrets, and the Structuring of Trust', in J. Agre and M. Rotenberg (eds.), Technology and Privacy: The New Landscape, Cambridge, MA: MIT Press

Raab, C. (1998) 'Electronic Confidence: Trust, Information and Public Administration, in I. Snellen & W. van de Donk (eds.), Handbook of Public Administration in an Information Age, Amsterdam: IOS Press

Raab, C. (1997) 'Co-Producing Data Protection', International Review of Law, Computers & Technology, 11, 1, pp. 11-24

Raab, C. and Bennett, C. (1998), 'The Distribution of Privacy Risks: Who Needs Protection?', The Information Society, 14, 4

Slovic, P. (1997) 'Trust, Emotion, Sex, Politics, and Science: Surveying the Risk-Assessment Battlefield', in M. Bazerman, D. Messick, A. Tenbrunsel and K. Wade-Benzoni (eds.), Environment, Ethics and Behavior, San Francisco: The New Lexington Press

Slovic, P. (1987) 'Perception of Risk', Science, 236, pp. 280-285.

Swinden, K., Jackson, T. and Heath, W. (1997)Citizen Direct, London: Kable Limited

The Royal Society (1992) Risk: Analysis, Perception and Management, London: The Royal Society

The Stationery Office (1997) Thirteenth Annual Report of the Data Protection Registrar, June 1997, HC 122, London: The Stationery Office 6, P. (1998) The Future of Privacy (2 Vols.),Volume 1, Private Life and Public Policy; Volume 2 (with K. Lasky and A. Fletcher), Public Trust in the Use of Private Information, London: Demos

Charles D. Raab is Reader in Politics at the University of Edinburgh

View this page as text only

University Home · Prospective students · Prospectuses · A to Z Index · Search
Email & Telephone Directories · Contacts/Help · Maps · Privacy Policy & Disclaimer · Accessibility Policy