Article Title

Coding Privacy


Lilian Edwards


Lawrence Lessig famously and usefully argues that cyberspace is regulated not just by law but also by norms, markets and architecture or "code." His insightful work might also lead the unwary to conclude, however, that code is inherently anti-privacy, and thus that an increasingly digital world must therefore also be increasingly devoid of privacy. This paper argues briefly that since technology is a neutral tool, code can be designed as much to fight for privacy as against it, and that what matters now is to look at what incentivizes the creation of pro- rather than anti-privacy code in the mainstream digital world. This paper also espouses the idea that privacy is better built in from scratch as a "feature" or default, rather than a "bug"—the idea of "privacy by design"—as is more common at present, bolted on via after-the-fact "privacy-enhancing technologies" or PETS. Existing examples of privacy-invasive and privacy-supportive code, drawn from the worlds of social networking, spam and copyright protection, are used to show how privacy may be pushed as a "brand" or feature rather than a cost or bug.