2023 Privacy Everywhere Student Panel: Students Take on Privacy 

Professionals and students gathered in person and online at the end of January at the 2023 Privacy Everywhere conference. Many privacy professionals came to share current research and practices to improve privacy.

However, privacy professionals are not the only individuals on campus interested in increasing privacy awareness and shaping privacy conversations. A panel of students from a range of disciplines offered their perspectives on the state of privacy today, their own work in privacy, and their hopes for privacy in the future.  

The students approached privacy from different perspectives, demonstrating the broad reach that privacy has for our work, educational, and private lives. Among their areas of interest are privacy and health care, privacy and due process, and privacy and demonstrated harm.  

J.S.D. candidate Christopher Muhawe is a trained attorney with a research focus on privacy and the legal system, specifically relating to demonstrated harm in privacy cases. His research includes a review of data privacy cases handled by U.S. Federal Courts (3,000 cases from 2000-2020). “Article 3 of the Constitution provides in part that Federal Courts may only entertain cases and controversies. The Federal Courts have interpreted this to mean that courts can only hear a case if you have suffered a harm. Close to 60 percent of cases for the period under consideration have been dismissed because the courts say there is no harm demonstrated,” he said. Muhawe hopes his work can show the need for clearer definitions of privacy harm. And perhaps definitions that are broader than physical and financial harm, but that extend to issues of emotional and psychological harm among others. 

Bilal Karim is a sophomore studying neuroscience who recently advised the university’s Cybersecurity Training and Awareness Team as they developed content for student-focused cybersecurity training programs. University of Illinois students can take a self-paced online course in the Canvas platform. Modules include confidentiality, device safety, multi-factor authentication, and identity theft. Karim is enthusiastic about the addition of students to the overall cybersecurity program. “Because of the changing landscape, students may not come to the university with that knowledge. People need to understand where data is held and how it’s used. Looking ahead, we hope to add modules that include what privacy is,” he said.  

Jihan Dubose is a law student researching due process as it relates to privacy law. Her research also focuses on national incident response and security preparedness. Her case study involved a U.S. citizen who was a near victim of a targeted strike five times. The issue she hopes to bring forward is when people get to find out that they are being surveilled. 

The students agree that privacy and privacy law are works in progress, but that we have a way to go. And that the European Union has the current gold standard in its General Data Protection Regulation (GDPR). 

Muhawe explained that definitions of privacy depend on geography and social structure. The EU looks at privacy from a human rights perspective, while the U.S. views it from a commercial perspective. “There is no mention of privacy in the U.S. Constitution, and that is a fundamental issue,” he said, potentially leaving development of privacy policy and practice to those with financial interests. “Big tech companies have resources and money to invest, and individuals do not. There is a long way to go based on how U.S. culture looks at privacy,” he noted. 

 “When you think about lobbying, companies have an interest in using our data for their profit. We as individuals need to think about the tradeoffs we experience for giving up our privacy. What are you willing to forego for convenience? Do you know how the information is being used?” Dubose points out. She concluded that if people don’t care as a norm that data is used in a particular way, then lobbying for privacy protections will be less beneficial.  

There is a disturbing trend that technology natives may have lack of privacy as a social norm. All three concur that issues surrounding privacy should be taught to current and future students. Setting up strong privacy protections for our own and our children’s futures is an important motivation for their interest. 

Karim believes the sheer amount of data out in the world makes this a necessity. “The creepiest thing is how much data is really out there – how comprehensive. Consider the Internet of Things and connected home devices. In my field, there’s worry about “medjacking,” people hacking into medical devices. It’s quite concerning,” he said. 

Muhawe has small children and is “scared for them and what is known about those little people. Will they be numbers among numbers?” he wondered. 

“Children are so savvy with technology. We have an opportunity to educate them about privacy in age-appropriate settings. Thinking about privacy and cybersecurity can become a norm for them. So that we do not lose our sense of privacy.” Dubose explained. 

The fight to keep privacy in the coming decades will not go away. With researchers, professionals, students, and conferences like the Privacy Everywhere conference, many are continuing to raise awareness of privacy issues and educate about privacy from a variety of perspectives.