In This Story
“In an ever-connected world, protecting privacy is becoming more and more important for all of us. I hope as a society we can recognize it’s particularly important for those at the margins.”
That’s from Nora McDonald, an assistant professor in the Department of Information Science and Technology at George Mason University. She studies marginalized communities and their unique challenges and risks. She recently received a 3-year grant from the National Science Foundation (NSF) for nearly $400k to study privacy in the context of healthcare.
Privacy for marginalized communities is particularly important in healthcare settings, where these populations face historical challenges with trust and privacy violations resulting from their dependence on social services. These populations are generally more at risk of privacy breaches and more harmed by their consequences.
McDonald said, “They are going to more likely interact with social welfare systems, which are themselves surveillance apparatuses, and are themselves invasive.” One result is that people who desperately need services may simply not seek support for fear of being pre-judged and feeling harassed.
McDonald’s grant aims to tackle wider privacy ecosystems, going beyond the risks of particular apps to encompass a system of dataveillance—digital personal data that encompasses everything from location history to communications metadata. Providers and care recipients need an understanding of appropriate privacy guardrails. McDonald’s work takes an expansive and flexible approach to threat modeling to promote solutions that extend beyond technical fixes.
McDonald said, “Privacy is not just about the information you give providers or how you hide your IP address, but it’s also about, for example, what you say to people in the hallways of a care facility.” The NSF grant will help the researchers understand how marginalized populations assess risk in a healthcare context, what they are and aren’t worried about, how medical providers encounter them, what guidance they offer, and how to improve those encounters by giving medical providers better guidance.
McDonald and collaborators aim to produce a freely available privacy toolkit designed for those who support and guide vulnerable individuals to protect their privacy. In addition, the research will contribute to understanding the broader landscape of privacy risk and management for vulnerable individuals. Ultimately, it will provide a new frame for privacy and security researchers in the study of privacy protection for vulnerable communities.
The privacy healthcare considerations connect to other research McDonald does on privacy and information-seeking/sharing among teens, public libraries serving vulnerable communities, and older adults facing memory challenges. In the context of public libraries, for example, she says that people who rely on public computers have numerous challenges that she aims to solve. “They are subject to more risk of privacy harms by virtue of their context. They may be reliant on public Wi-Fi or reliant on shared devices,” McDonald said. And because of their typically precarious financial status, privacy incursions can carry greater harm.