Final Project - Rohan

My final paper will build on my presentation in the Surveillance week about data subject access requests (DSAR) under data protection regulations such as the California Consumer Privacy Act (CCPA) and the General Data Protection Regulation (GDPR).

My approach to this topic builds on literature we have read in class about critical approaches to studying data, specifically by Andrejevic (2017), Cheney-Lippold (2017), Chun (2021), and Gaboury (2018). Their analyses focus on data collection, computation, and application, and thus center companies and other surveillant actors that collect and use digital data. However, I will also draw on critical data studies literature that points to different entry points in the genealogy of data, such as collection, storage, manipulation, abstraction, and sharing (e.g., Denton et al., 2021).

DSAR datasets represent a different moment in the genealogy of data: disclosure. Prior work has examined the politics of data disclosures. In particular, I have been reading work by Poirier (2022) in which she analyzes public data disclosures—either as regulatory requirements or transparency efforts by government agencies—as cultural texts that offer a unique epistemic vantage point through which we can learn not only about data but also about processes that accompany datafication.

In contrast, DSAR datasets are private, individualized disclosures. Most prior work I have read on individual disclosures are interested in individuals’ responses—for example, how their feelings or attitudes toward products or values change in response to awareness about data collection. But analyzing public stakes of individual disclosures is not without precedent. For example, Browne’s (2015) anecdote about filing FOIA requests to examine how Fanon had been surveilled reminds us that there is much to learn from traces of individualized surveillance.

Nevertheless, there is a novelty to DSAR datasets, primarily because GDPR and CCPA have begun taking effect in the past four years. Interest in and access to DSAR datasets is likely to increase as beneficiaries of each regulation take advantage of their new rights. In addition, new data protection regulations are being passed every year, many of which are modeled after GDPR and/or CCPA. Therefore, the politics of DSAR datasets are increasingly relevant.

My questions are: What are the cultural politics of DSAR disclosure datasets? What do they reveal about datafication and what are their potential implications for conceptualizing, imagining, and re-imagining data policy?

In terms of methods, I am interested in applying a framework offered by Poirier (2021) for studying datasets. She distinguishes between three approaches: a denotative approach examines technical definitions to clarify what data exists in a dataset, a connotative approach analyzes the implied cultural grammar, and a deconstructive approach scrutinizes absences in what is represented.

At the same time, I am also interested in thinking about DSAR disclosure datasets as technological products that prefigure their users and uses. To accommodate this, I’m interested in applying the walkthrough method (Light et al., 2018) on the DSAR disclosure datasets that I have received over the years from various apps and services. The walkthrough method is a way of reading a technical interface that combines STS with cultural studies. It begins with first selecting an object, like a mobile app, and evaluating its sociocultural and economic context by examining things like who created it, how it makes money, who can access it, why it was created. The second step is to step through the app, screen by screen, to systematically engage with it as an ideal user. The final step is to analyze these two sets of observations to explore the implications of the app’s structure, its origin, its expectations, and so forth. This approach complements Poirier’s modes of analysis by reading the expectations imposed by the app upon the user.

I will apply these methods to three DSAR disclosure datasets—likely from utility, media, and social apps. Ultimately, I’m excited to think through the public stakes of DSAR disclosure datasets as a way to think about the politics of data protection and privacy policy.


References

Andrejevic, M. (2017). To pre-empt a thief. International Journal of Communication, 11, 879–896.

Browne, S. (2015). Dark Matters: On the Surveillance of Blackness. Duke University Press.

Cheney-Lippold, J. (2017). We are Data: Algorithms and the Making of our Digital Selves. NYU Press.

Chun, W. H. K. (2021). Discriminating Data: Correlation, Neighborhoods, and the New Politics of Recognition. MIT Press.

Denton, E., Hanna, A., Amironesei, R., Smart, A., & Nicole, H. (2021). On the genealogy of machine learning datasets: A critical history of ImageNet. Big Data & Society, 8(2). https://doi.org/10.1177/20539517211035955

Gaboury, J. (2018). Becoming NULL: Queer relations in the excluded middle. Women & Performance: A Journal of Feminist Theory, 28(2), 143-158. https://doi.org/10.1080/0740770X.2018.1473986

Light, B., Burgess, J., & Duguay, S. (2018). The walkthrough method: An approach to the study of apps. New Media & Society, 20(3), 881–900. https://doi.org/10.1177/1461444816675438

Poirier, L. (2021). Reading datasets: Strategies for interpreting the politics of data signification. Big Data & Society, 8(2), 20539517211029320. https://doi.org/10.1177/20539517211029322

Poirier, L. (2022). Accountable data: The politics and pragmatics of disclosure datasets. ACM Conference on Fairness, Accountability, and Transparency, 1446–1456. https://doi.org/10.1145/3531146.3533201