The DEVELOP project is building an adaptive learning environment that supports people in medium and large companies to explore and plan learning opportunities and careers, drawing upon multiple forms of assessment, including social capital analysis. As a partner in the DEVELOP consortium Trilateral is contributing to this design, and leading the project’s work on privacy, ethical and social impact analysis.
As part of this work, Trilateral recently hosted a consultation workshop on legal (privacy and data protection), ethical and social considerations for the DEVELOP system in London, September 2016. The aim of this consultation workshop was to validate the initial findings on the legal, social and ethical dimensions of the DEVELOP system; to identify additional issues; and to receive advice and potential solutions from a select panel of external experts. As such, the workshop forms a core part of the project’s privacy, ethics and social impact assessment (PIA+) work – ensuring that these oft-neglected issues feed into and amend user requirements, and inform the DEVELOP design process[1]. This will aid the task of privacy engineering[2][3].
Participants at the workshop were provided with an introduction to the DEVELOP project, an overview of the features, functions and characteristics of the DEVELOP system, and an overview of our legal, ethical and social methodology and its initial findings. Two breakout discussion groups were held. The first discussed the validation of the methodology, brainstormed additional legal, social and ethical considerations, and discussed impacts on different use-case scenarios. In the second breakout group, following the presentation on initial solutions to the privacy, ethical and legal issues raised, the participants then discussed potential solutions to mitigate negative legal, social and ethical impacts, including a brainstorm of other potential solutions.
Guidance from the experts revolved around the importance of providing the system’s eventual users with transparency. First about how information about them will be collected and processed and to which other users within their organisation that information will be available (privacy transparency), Second transparency about how this information be used to inform the learning interventions offered to them (algorithmic transparency). User awareness and informed consent should be considered central, and transparency is also part of accountability around how data is used.
The experts and the consortium also discussed how privacy information should best be presented to the user, reflecting upon language and concepts (e.g. how difficult it can be to understand potential impacts on privacy), and the potential use of alternative formats (e.g. context-dependent notifications, video explanations, etc). The project will have to consider how best to provide useful information to the various users, and at what points in the user experience this should be done, to assist users in understanding the information they may be asked to share with the system.
A third key topic is the extent to which users can make use of the system whist exercising control over the information they provide to it. The experts advised that the design should start from the perspective of user control over personal data and more broadly over their use of the system. This includes the use of privacy protecting default settings, and starting sign-up form an ethos of user control.
Trilateral and the DEVELOP consortium is taking these discussions onboard and producing a set of privacy, ethical and social requirements for the DEVELOP system. The team would like to thank the experts for their participation and their support.
[1] David Wright & Michael Friedewald (2013) “Integrating privacy and ethical impact assessments”, Science and Public Policy, 40.
[2] Ian Oliver (2014) Privacy Engineering.
[3] Notario, Nicolas, Alberto Crespo, Antonio Kung, Inga Kroener, Daniel Le Métayer, Carmela Troncoso, José María del Álamo and Samuel Yod Martín, (2014) PRIPARE: A New Vision on Engineering Privacy and Security by Design, Cybersecurity and Privacy (CSP) Forum 2014. Springer CCIS series.
