Aims and objectives

Identity and privacy have recently rarely been out of the headlines. Government has justified the need to identify

citizens and track behaviour or security reasons, and promoted data sharing with the promise of the benefits of

transformational government. Business argues that it needs to track customer behaviour both in the real world and the

Internet to deliver personalised services that offer more targeted information and identify new business opportunities.

The public is generally portrayed as unconcerned about privacy: based on opinion poll data, government argues that the

majority of citizens support identification and surveillance, and commercial companies argue that customers are happy

to volunteer detailed information about themselves in return for discounts or entry in a prize draw. In a recent report, the

UK Information Commissioner characterised the situation as Sleepwalking into a Surveillance Society.

Do citizens and customers really not care? Previous research has shown that in many situations, people opt for

immediate benefits (or promises thereof), and are less concerned about future possible risks (or not aware of them).

However, once people experience negative consequences, or discover risks they were unaware of, they tend to respond

strongly - often abandoning services and technologies involved altogether. For example, 11% of Icelandic citizens

opted out the country's DNA database after government attempts to sell access to commercial researchers (Anderson,

1998). Examples of data sharing and leakage have raised awareness how data can be used and abused. Increasingly,

people try to defend against the collection of sensitive or inappropriate data by refusing to register, or giving false

information (Dutton & Helsper, 2007). Such responses can cause significant economic damage, or - in case of large

numbers opting out or providing "fake" information - lead to a collection of data that has little or no value. Data

owners' approach has often to been collect "all the data we can get", because "you never know when it might be

useful." However, the resulting data quality is often low, and can lead businesses to make poor long-term decisions.

For instance, if a bank or phone company refuses a mortgage or phone contract to a solvent individual because of

incorrect or outdated information, this is business lost. If 50% of people interested in a service do not register because

they fear a telemarketing assault, this is a lost business opportunity. Increasing data quality and transparency on how it

is used would have significant business benefits, and an equitable, cooperative relationship between data owners and

data subjects creates the foundation for this. This is particularly important to the UK financial sector: about 10% of

adults are spending more than their monthly income, and as a result, individual insolvencies rose by 62% to 109,288 in

2006. The traditional approach of excluding anyone with a history of financial difficulty, or charging a hefty premium,

is not sustainable. Financial exclusion can lead to social exclusion because of impact in other areas of life - housing,

employment and personal relationships, so understandably, such individuals are particularly sensitive to privacy issues.

The cost and benefit of collecting and storing data about individuals has not been properly examined, and the value of

holding information about individuals for specific purposes is not understood. The project will help government and

business to understand the value of personal data, as well as the value and risks for other stakeholders. The Home

-4-

Office estimates that identity theft costs the UK £1.7bn each year, but without a proper cost-benefit analysis, it is

impossible for data-collectors to understand how, or indeed whether, to reduce the amount of data that they collect.

Research into privacy has both benefited and suffered from its multidisciplinary nature. The multitude of perspectives

and methods has led to many detailed findings, but there is still a lack of clarity of what privacy is and what it means to

different stakeholders in different contexts/scenarios of use. There has been no attempt to measure the cost and benefits

to the stakeholders involved in comparable units. Most studies are one-off surveys, 'feeling the temperature' to general

questions about privacy. There has been no study of how stakeholders' perception evolves over time, in response to

experiences of benefits and drawback of data held about them. There is a lack of quality, empirical data on these issues,

and how to collect it. The problem of collecting reliable data on people's perceptions surrounding sensitive data about

them is akin to Schrodinger's Cat - to discuss privacy, you have to reveal things you want to keep private. The goal of

the pvnets project is to develop new methodologies that enable us to break this paradox - and more specifically:

- To produce a strong empirical base for developing concepts of privacy across contexts and timeframes.

- To investigate ways in which to establish an equitable relationship between stakeholders in terms of the value

and costs inherent in the collection, processing and use of personal data.

- To develop and apply new, validated, ethical and privacy-sensitive methodologies for the study of privacy.

- To produce a toolkit to enable commerce and Government to understand the role of personal information in

business processes and enhance strategic decision-making and the value of that information to all parties.

- To support UK businesses to become world leaders in the area of trustworthy products, systems and services