Course: CS 165: Data Systems
Course Level: Upper-level undergraduate
Course Description: "This course is a comprehensive introduction to modern data systems. The primary focus is on trends that are shaping the data management industry right now: column-store and hybrid storage systems, NoSQL key-value stores, shared nothing architectures, cache conscious algorithms, hardware/software co-design, main-memory systems, adaptive indexing, stream processing, and scientific data management. We also study the history of data systems, traditional and seminal concepts and ideas such as the relational model, row-store database systems, optimization, indexing, concurrency control, recovery and SQL. In this way, we discuss both how and why data systems evolved over the years, as well as how these concepts apply today and how data systems might evolve in the future. We focus on understanding concepts and trends rather than specific techniques that will soon be outdated - as such the class relies on recent research material and on a semi-flipped class model with a lot of hands-on interaction in each class." (Course description )
Module Topic: Privacy in the Design of Data Systems
Module Author: Kate Vredenburgh
Semesters Taught: Fall 2017, Fall 2018
Module Overview: Privacy is a central moral concern in the design and regulation of technology, but there is widespread disagreement about why privacy is morally valuable, and whether individuals have a moral right to privacy. Both companies (such as Apple and Google) and countries (such as the United States and Germany) take different stances on this issue. These differing stances are reflected in the different approaches these companies and countries take to the design and regulation of technology.
In this module, we discuss different philosophical accounts of why privacy is valuable, with a focus on whether these accounts consider privacy to be instrumentally or finally valuable. We then discuss whether privacy is a moral right, and what implications the existence of a moral right to privacy would have for how data systems ought to be designed. Finally, we assess Apple and Google’s privacy policies in order to trace out the implications of adopting competing understandings of why privacy matters for data system design.
Connection to Course Technical Material: In the module, we consider the relationship between ethical concerns about privacy and two central course topics: the increasing ability to gather and store machine-generated data, and the growing understanding that the methods used to store and access those data play a key role in determining how valuable they are to the individuals and organizations that use them.
We decided to focus on privacy in this course because it is one of the central ethical issues that students will need to address if they go on to work on data storage design.
© 2018 by Kate Vredenburgh, "Privacy in the Design of Data Systems" is made available under a Creative Commons Attribution 4.0 International license (CC BY 4.0).
Key Philosophical Questions:
Questions 2 and 3 are the key philosophical questions of the module. Clarity on these questions can help students to understand why companies such as Apple and Google treat privacy as they do, and give them tools to evaluate whether companies have made ethical design choices about privacy.
Key Philosophical Concepts:
These fundamental moral concepts are central for thinking through privacy issues raised by data storage and transfer. While these are basic concepts in ethics, students with less background in moral theory may not be familiar with them. We have found that teaching these concepts is crucial for helping students to understand the central ethical issues in this module.
This reading was excerpted from the Stanford Encyclopedia of Philosophy article “Privacy and Information Technology.” The Stanford Encyclopedia of philosophy is an excellent resource for clear and concise overviews of different philosophical topics. This reading provides the main philosophical content for the module. The reading introduces students to background on how information technology has impacted privacy. It then discusses accounts of the value of privacy, introducing the distinction between reductionist accounts of privacy, which take privacy to be important only insofar as it protects other values, and non-reductionist accounts of privacy, which take privacy to be valuable for its own sake. In the module, we discuss this distinction in terms of accounts of privacy that value it instrumentally (reductively) or finally (non-reductively).
This EU factsheet explains one type of privacy protection: the EU’s so-called “right to be forgotten.” It also encourages students to begin thinking about whether privacy rights are absolute, i.e., should never be violated. (The factsheet explicitly discusses the claim that the right to be forgotten is not absolute.)
This Planet Money episode on credit scores gives additional, more detailed background on privacy issues raised by data collection and storage. The episode discusses the history of data collection for credit scoring, and modern day data collection and storing practices for credit scoring.
There are a number of accounts of why privacy is valuable in the philosophical literature, so someone using this module in a particular course context may want to use accounts of privacy that are tailored to other material from the course. In this module, we discuss Nagel’s 1998 article “Concealment and Exposure” (the “getting along” account) and Scanlon’s 1975 article “Thompson on Privacy” (the “good in itself” account).
Sample Class Activity: Shortly you’ll be presented with part of Apple and Google’s statements on privacy. In response to those statements, please think about the following questions:
This class activity asks students to apply module material on moral rights and values and the value of privacy to the real-world case of Apple and Google’s official statements about the importance of privacy. Apple states that privacy is a human right, while Google explains that privacy is an important value, but that there are other, competing values that are promoted when individuals provide Google with their data. This activity helps students to appreciate that such privacy policies have (differing) philosophical foundations, and to think about the merits of different approaches to privacy.
In conducting the discussion, it is helpful for the Embedded EthiCS TA to emphasize one key point: viewing privacy as a right implies that it cannot be freely traded off against other values, such as national security. This point helps to explain nature of the recent dispute between the FBI and Apple over end-to-end encryption.
Module Assignment: In the follow-up assignment, students collaboratively analyze a detailed case study that asks them to think through the implications of the choice whether to treat privacy as a value or a right for data system design in healthcare. The case study describes a new start-up, Babyscripts, that has developed a mobile app aimed at increasing the quality of care in pregnancy by helping to identify potentially serious complications.
Students review the case study independently and make two posts to a graded discussion forum. In the first, students explain why they think that privacy is a right or a value in the domain of healthcare. In the second, they elaborate on at least one implication of their position on privacy as a right or value for how Babyscripts should design their app’s data storage and transfer system.
Lessons Learned: Student response to this module has been overwhelmingly positive both times it was taught (fall 2017 and fall 2018). A few lessons stand out.