I’m a PhD/DPhil researcher at the Oxford Internet Institute and a Senior Fellow at the Open Technology Fund, working on privacy, ethics in Internet engineering and research, Internet governance, copyright, e-identity, virtual communities, network measurement, cyber security, etc. I aspire to be an Internet scientist for evidence-based law and policy making in the information society. I use this website as a central place for relevant research activities. A clearer overview can be found on my department profile.
I’ve compiled some main points in bullet points, but added the longer briefing below that I would encourage you to read before 1 January 2015. Continue reading
After winning an internal competition at the University of Oxford computer science department, I was able to present my ethical guidelines for mobile measurements at GCHQ’s annual academic conference in Solihull. I’m happy I was able to discuss the importance of data minimisation to maintain trust by research subjects, consumers, or citizens at the centre of mass-surveillance.
During a two-week academic visit at the Computer Science department of the Alma Mater Studiorum – Università di Bologna, I contributed Privacy-by-Design methodologies to a project on a public transport smartcard. The resulting paper will be published soon. The referencing details can be found here.
I contributed some Privacy-by-Design elements into this report by Joint Research Activity 5 on Internet Privacy and Identity, Trust and Reputation Mechanisms of the Network of Excellence in Internet Science.
Presented the ethical guidelines for mobile measurements at KDD2014 during a Data Ethics workshop in New York.
I was interviewed about European Court of Justice ruling in Case C-131/12 on the “right to be forgotten”. Find it here: http://www.imperica.com/en/in-conversation-with/bendert-zevenbergen-what-s-right-about-the-right-to-be-forgotten
This one-year Oxford Internet Institute research project set out to explore the lessons learnt by the online gambling industry with respect to the successful application of age verification processes. These experiences and lessons were compared with age verification techniques applied in other industries including parts of the online retail and social gaming sectors. Specifically we sought to:
- Understand the rationale for the use or non-use of age verification in three case studies, (online gambling, online sale of age-restricted goods and social gaming)
- Explore lessons learnt from the development and deployment of existing age verification practices in these sectors
- Identify examples of good practice to inform future practice across online industry sectors
Überwachungsskandale, Urheberrecht, physische Infrastruktur – wenige politische Baustellen sind so groß und komplex wie die des Internets. Viele EU-Parlamentarier sind in Sachen Netzpolitik ratlos, sagt Bendert Zevenbergen. Der 31-Jöhrige hat die sozialliberale Koalition im Europaparlament in netzpolitischen Fragen beraten. Heute forscht der Jurist am Internet-Institut der University of Oxford zu Datenschutz in Big-Data-Forschungsprojekten. Was die Europawahl mit dem World Wide Web zu tun hat, erklärt Zevenbergen im Gespräch mit Siri Warrlich.
Click here for the full interview in German.
Presented the ethical guidelines for mobile measurements at UC San Diego’s Center for Applied Internet Data Analysis.
In December 2013 I took part in an EU delegation to Beijing to discuss Internet and media law with the Chinese government officials, academics, judges, lawyers, companies and journalists. This trip was organised in conjunction with the Great Britain-China Centre, Oxford University, Peking University and the EU.
Hulde voor de hoognodige #Defember campagne om wat verstand te injecteren in de discussies rondom digitale massa afluisterpraktijken! Een aantal Nederlandse politieke leiders vindt namelijk dat geheime diensten die metadata over iedereen verzamelen zich prima aan de wet houden en vooral zo door moeten gaan. Anderen hebben als de ware Sherlocks die ze zijn juist eengigantische geconstateerd privacyinbreuk. Kom op, Einsteins! Deze discussie wordt wereldwijd al meer dan een half jaar gevoerd, en we zijn inmiddels al een behoorlijk eind verder met onze conclusies over digitale surveillance. Hoogste tijd om deze gedateerde copy/paste retoriek en stating the obvious in technologisch en internationaal perspectief te plaatsen, en aan te zetten tot een paar flinke stappen richting de behoeftes van de 21e eeuw. Voor GeenStijl-lezers behoeft het geen betoog dat we nu leven in wat we vroeger ‘de toekomst’ noemden. Vliegende robots leveren binnenkort je pakketjes binnen een half uur na bestelling, winkels weten je diepste geheimen (zoals dat je zwanger bent voordat je het op Facebook hebt aangekondigd), en wij kopen inmiddels auto’s met virtueel open-source internetgeld. Sterker nog, we downloaden die auto’s enprinten ze zelf wel. You wouldn’t download a car, weet je nog? Wel, dus.
Dit allemaal dankzij de complexe (pdf) en dynamische processen in het nieuwe informatie ecosysteem dat internet heet. De maatschappelijke adoptie en ontwikkeling van deze technologie gaat sneller dan elke andere technologie in onze geschiedenis. Zo is het internet binnen de kortste keren het zenuwstelsel van onze moderne economie, cultuur en maatschappij geworden.
Here’s an article I wrote that will be published in the forthcoming book called European View: Young Politics, which is published by the think tank Centre for European Studies (CES). The aim was to develop an ethical self-analysis for Members of the European Parliament, to prepare them for the coming global debate on digital mass surveillance. The book will be launched in January, but the final publication is already available at http://link.springer.com/article/10.1007/s12290-013- 0287-x.
This project is developing concrete guidance with regards to privacy and data protection for researchers using Internet measurement tools for mobile phones in a usable and understandable format.
See an interview about this research on the OII Policy and Internet blog.
A wide variety of online activities are increasingly conducted on mobile devices, ranging from talking to friends and family, to interacting with public or financial institutions to organising political dissent. To understand and make sense of the complex Internet architecture underpinning these activities, network researchers need to collect and share datasets regarding the measurements of the Internet network, from detailed traces on an individual basis to aggregated data on a regional level. This generates vast amounts of useful data for consumers, policy makers and researchers to enhance network research and overall transparency on the Internet.
With the increasing uptake and importance of mobile devices that connect to the Internet, network research is expanding its measurement capabilities to accurately gather mobile connectivity data. The increasingly personal and sensitive data generated by mobile Internet measurements warrant a review of privacy guidelines for researchers who conduct measurements, collect data or design new measurement tools and capabilities. These guidelines will help network researchers worldwide navigate the challenges of preserving the privacy of data subjects while ensuring datasets can be published and disseminated appropriately, to adhere to good scientific practice.
It has been proven that anonymising data, by removing obvious identifiers such as name or phone number, is inadequate to enjoy the legal exception from data protection laws, because sophisticated re-identification techniques exist. Further, the existence of many other datasets make it possible to link the new research data to infer new and possibly comprehensive information about individuals. These risks to privacy are at tension with the common requirement to publish research data in open data format, which would be freely available for anyone to reuse.
These guidelines do not force a zero-risk standard, but encourage researchers to actively prioritise their data subjects’ privacy in the design of their project, ahead of data collection. The document explains how a researcher should approach privacy by design in mobile network research by offering a step-by-step guide, supported by assistive questions and underlying background information on topics such as informed consent, data minimisation, assessing contexts and disclosure control techniques, amongst many others.
Suggested citation and link
Zevenbergen, B., Brown,I., Wright, J., and Erdos, D. (2013) Ethical Privacy Guidelines for Mobile Connectivity Measurements. Oxford Internet Institute, University of Oxford.
This project has been presented at the following conferences:
Internet and Public Communication: Internet User’s Rights, Digital Gap and Media Regulations, Beijing University (Organiser by Chinese Government), December 2013, Beijing.
This Saturday fans of The Pirate Bay file-sharing site are set to celebrate its 10th anniversary at a party in Stockholm sponsored by an energy drinks maker.
The event – and the service’s very survival – is an irritant to rights holders who have used the courts in the UK, Ireland, Malaysia and elsewhere to make internet service providers(ISPs) block access to TPB’s domain.
[… find original article here …]
Bendert Zevenbergen, Oxford Internet Institute
The Pirate Bay users are people who grew up with the internet and those who use it extensively as part of their life.The website filled a gigantic gap, which was left wide open by the established industry – access to cultural and creative works via the internet.
They understand the complexity and the dynamics of this new information environment, and also the huge potential it offers for the cultural and creative industries.
When their demand to access music and films on their digital devices was not met, they found their own way, often via The Pirate Bay.
Current policy makers and judges are often not frequent internet users themselves and therefore don’t understand that the complexity and dynamics of the net make services such as The Pirate Bay resilient to simple traditional legal enforcement measures.
The digital consumer is now rejoicing at the chance to access to global libraries of music and films through paid-for subscription services such as Spotify and Netflix.
We have The Pirate Bay to thank for waking up the cultural world to the opportunities for digital music and films distribution, not restrictive but futile copyright enforcement measures.
I’m starting my own PhD/DPhil research in October. The final DPhil thesis is likely to be very different from this proposal, but it gives an indication of what I’m working on.
An analysis of the shift in information diffusion of creative works from simple information distribution networks (SIDN) to converged complex information distribution networks (CCIDN) and the effect thereof on the ability of current copyright law to achieve its legislative intent.
If you would believe the UK government, there are two types of people. In the one category, you have law abiding citizens whose every movement, communication and social network activity must be monitored and digitally analyzed to keep them at bay, for their own good. In the other category, you have murderers, pedophiles and terrorists. If you object to belonging to the first category, you must therefore be part of the other, or at least a partner in crime of the scoundrels identified in category two. This would be so according to the unbelievably backward rhetoric of parts of the UK government not too long ago. To make sure society runs smoothly, the government devised the Communication Data Bill, aka. “Snooper’s Charter”, which would enable mass surveillance of digital communications.
As Glyn Moody noted, the Snooper’s Charter has been declared effectively dead after Liberal Democrat leader Nick Clegg announced his party would not support the Bill after some heavy scrutiny by two critical parliamentary committees. The debate on digital surveillance is far from over, however, as several sectors of law enforcement will continue to push for ubiquitous interception, because it is ‘useful’. Of course, conveniently forgetting about proportionality when dreaming up laws to use or control digital technology has become an all too common thread worldwide.
The UK Open Rights Group, an EFF sister organization, has released a report and a series of particularly funny videos to put an end to the Snooper’s Charter, and also to inform policy makers and the public at large about how the discussion about digital surveillance should be held (disclaimer: I helped compile this report).
In the report, twelve experts from different fields explain clearly how and why digital surveillance has come about, what its intent is, and why mass surveillance such as that proposed by the Snooper’s Charter is probably the worst possible next step to take, considering the ability of current technology to effectively monitor everyone and everything.
Journalist and surveillance expert Duncan Campbell puts the Snooper’s Charter in historical perspective and explains:
“The manner in which the new Bill has been introduced and managed, fall full square within long British historical precedents that position privacy rights as an irritant to be managed by a combination of concealment, secrecy, information management, and misinformation.”
One of the most notable features of the Snooper’s Charter is the de facto centralized search engine – or “Filter” – which scours several public and private datasets to analyze communications in-depth. Cambridge University computer scientist Richard Clayton explains:
“It is fundamentally inherent to this proposal that Filter data should be collected on everyone’s activity and that this data should be made available en masse from the private companies, the Internet Services Providers and telephone companies that provide services, to government systems for the correlation processing.”
Information privacy rights advocate Caspar Bowden does not mince any words:
“It ought to be obvious that continuously recording the pattern of interactions of every online social relationship, and analyzing them with the “Filter”, is simply tyrannical.”
Rachel Robinson from “Liberty”, the National Council for Civil Liberties, considers what this type of surveillance will likely lead to:
“If the present proposals for the collection of communications data become law, proposals for other types of blanket or random surveillance irrespective of suspicion “just in case” are a logical next step.”
Professor Peter Sommer explains one of the underlying problems:
“Legislators need knowledge of the technical capabilities of surveillance technologies” because: “The legal words need to reflect the reality of how the technology works.”
Joss Wright, computer scientist at the Oxford Internet Institute, notes a fundamental and frequently repeated mistake in thinking about regulating internet technology:
“Equating the Internet with historical technologies when making policy is not simply wrong, it is dangerously misleading.”
Together with Professor Emmenthal below, policy makers should finally start realizing that“technology’s interaction with the social ecology is such that technical developments frequently have environmental, social, and human consequences that go far beyond the immediate purposes of the technical devices and practices themselves […]” (Kranzberg, 1986). Fortunately, the Open Rights Group established 10 clear recommendations to continue the discussion on digital surveillance law, which will also be applicable in other countries.
I helped the UK Open Rights Group to produce the Digital Surveillance report as part of their campaign to stop the draft Communications Data Bill from entering into force.
I worked on the team creating this document for working group 4 of the EU Network of Excellence in Internet Science:
This cross-national research project focuses on the operation and efficacy of age verification techniques as employed by the European online gambling industry, comparing this to practice in other industry sectors.
I’m currently working on this project. See: http://www.oii.ox.ac.uk/research/projects/?id=102