To inform the holder of a lifelog about the kind of data stored and the parties that can access that data in the lifelog may prove difficult. As the access to lifelog data can negatively affect values such as one’s privacy and liberty, clarity about access is important.14 There are various reasons why this challenge is difficult to meet.
Firstly, it is impossible to assess what information can be obtained from data or technology over time. New information might be inferred from existing data by improving learning or retrieval techniques. Subsequently, data, previously considered harmless, could reveal undesirable information. For example, research has indicated that one’s sexuality or political convictions can be inferred from a rudimentary source of information, such as (a part of) one’s social network.15 For this reason a distinction between private, sensitive data and public data is insufficient, since it is precisely the feasibility of this distinction which is doubtful.16 Thus, one is unaware of just how much privacy one has forfeited. This can have real life effects as third party access to information can influence one’s opportunities in life, for example, one’s chances of employment or personal relationships with others.
Secondly, due to the complexity of lifelogging devices, clarity about data produced or shared is lacking. The smartphone, which seems set to become a pivotal lifelogging device, can serve as an example. It is difficult to both assess which parties can access particular data from a particular smartphone and to assess what data is gathered from that smartphone. This is partly explained by security glitches even experts are unaware of or a lack of openness from developers regarding which information is stored in which files. Apple, for example, has been accused of storing location data on the iPhone and iPad (Allan & Warden 2011).17 In addition, third parties can mediate the functioning of the device. The software and hardware compatible with the smartphone quite effortlessly manipulates the gathering and access of information.18 Establishing that other parties have or had access is also quite troublesome, because accessing and copying data can leave little or no trail to the common user. Transparency about access to data is an intricate, albeit important, challenge when designing lifelogs as it has an effect on privacy. This is all the more complex as third parties such as governmental institutions, corporations and others could benefit from obscurity. Finally, lifelogs might be integrated into the fabric of everyday life to the extent that its functioning goes unnoticed, as the paradigm of pervasive computing describes. This may leave bystanders but also the users themselves potentially unaware of being lifelogged.
4.2.2. Concerns about lifelogs kept by persons with reduced competence
Competence is the ability to comprehend information provided and deal appropriately with the consequences of decisions based on this information. Some vulnerable groups have a diminished capacity to do just this. Children, for example, are usually considered less able to foresee the consequences of their conduct. Besides, it is questionable how much information on vulnerable individuals should potentially be available to third parties, since this information could be used for malicious purposes, such as extortion. Additionally, from a didactically justified point of view, it might be important for their personal and intellectual growth to make mistakes without those mistakes being recorded and stored indefinitely or important to escape from the idea of being watched at all times.
Nevertheless, lifelogs should not necessarily be limited to technological competent adults, since lifelogs could be beneficial for people with diminished or not yet fully developed competence such as children or young adults or other groups, such as the elderly, with lower rates of technological competence. For example, access to children’s lifelogs could be very useful to their carers, who would have an additional instrument to oversee activities of daily living, such as eating habits or online activities, ultimately helping them lead a safe and healthy life. The benefits of lifelogs might be reaped while the harms are limited by carefully selecting the information necessary and by putting it in the appropriate form. For this reason, we call for an assessment of the ethical desirability of various functions of lifelogs for people with various levels of competence to use lifelogs. It is necessary to assess the kind of information and devices that are beneficial for a particular group and the appropriate form in which the information should be presented.
Because the consequences of holding a lifelog can be far-reaching, the voluntariness of keeping a lifelog is important. Societal pressure to keep lifelogs as a sign of innocence has already been mentioned (Allen 2008) and there may however be other forms of societal pressure to keep lifelogs and share information. Firstly, lifelogs could become necessary to guard reciprocity. If only one party in a conversion owns a lifelog even an innocuous chat could be harmful or made harmful by editing when shared by the lifelogger. The lifelogger gains a comparative benefit by having more information than the other. The same applies to institutions which may obtain more information about the individual than the individual itself has. After all, a third party could construct a lifelog of an individual without the individual holding a personal lifelog. This leaves the individual vulnerable to artificially imposed identities.
A second additional form of societal pressure is society commanding the use of lifelogs by embedding them in the social fabric. Lifelogs could raise evidence standards. In a society in which lifelogs are the norm rather than a rarity, one might be expected to be able to hand over more information. Similarly, detailed phone bills or photos with one’s partner could serve as proof of a relationship when applying for official documents, such as citizenship. A related issue is that lifelogs might become necessary to protect oneself against the authorities. For instance, Hasan Elahi currently uses a rudimentary form of a lifelog to protect himself against the authorities after the FBI required him to provide information about his activities following his identification as a potentially dangerous individual (O’Hara, Tuffield & Shadbolt 2009; TED 2011). This usage seems to disregard a fundamental right, namely the presumption of innocence by shifting the burden of proof towards the suspect. The existence of lifelogs could facilitate this erosion of rights by alleviating the burden of creating this information.