ElectronicjournalofcomparatiVeLa,vol.8.3(october2004),<http://www.ejcl.org/> concept called contextual integrity. This alternative concept would tie adequate protection for privacy to norms of specific contexts, demand ing that information gathering and dissemination be appropriate to that context and obey the governing norms of distribution within it15 Another way of considerent-day technologies, in particular the almost limitless ng the issue is by focusing not so much on the individual data, but on the effects of the prese surveillance capacities of new technologies, such as location-based systems, radio frequency identifiers(RFIDs) and on-line personalization instruments. In a sense, these surveillance techniques require that we shift our attention from individual sets of personal data to the statistical models, profiles and algorithms with which individuals are assigned to a particular group or identity. For these models and algorithms are privately owned, and thus unavailable for public contestation. But the interests of personal data protection seem to require that they are made known to the public and thus are part of the public domain. Let me discuss this point in some more detail Our behaviour in the public domain' is increasingly monitored, captured, stored ed and analysed to become privately owned knowledge about people, their habits and ocial identity. Indeed, the term commod ification of personal data may lose its significance once we acknowled ge this trend toward a commodification of identities and behaviour. It is this trend that is lacking in the present debate on privacy and property. Personal data are not ed and processed anew and in isolation each time a company acquires a set of personal data In contemporary society, useful information and knowledge goes beyond the individual exchange of a set of personal data. In his or her personal data to a certain organization, the individual does not provide these data for use in an objective'context Today, the use and thus 'value'of personal data cannot be seen apart from the specifics of the context within which these data are used. Personal data processing occurs within, and is often structured by, social, economic and institutional settings. 16 Thus, the question is not so much whether personal data are processed; they always are and will be, whether for legitimate or for unlawful purposes. It is an illusion to think that resting a property right in personal data will limit the use of personal data. The problem is rather how personal data are processed, in what context, and towards what end. Therefore, the focus of the discussion should move away from entitlements to single data What we need are instruments to enhance the visibility of and to increase our knowledge about how persol data are used and combined, on the basis of what data individuals are typified, by whom and for what purposes. In line with Nissenbaum's theory of contextual integrity, it is crucial to know the context- who is gathering the information, who is analyzing it, who is disseminating it and to whom, the nature of the information, the relationships among the various parties, and even larger institutional and social circumstances. /This is a much fundamental issue which cannot be tackled by vesting a property right in individual data illustrate this argument, I would like to point towards the development of ubiquitous Helen Nissenbaum, "Privacy as Contextuallntegrity,, 79 Washington Law Review(2004), 119. See on this argument in relation to ubiquitous computing in further detail David J. Phillips, From Privacy to Visibility: Context, Identity, and Power in Ubiquitous Computing Environments, 23 Social Text 2 orthcom ing Summer 2005) Nissenbaum(2004)Electronic Journal of Comparative Law, vol. 8.3 (October 2004), <http://www.ejcl.org/> 6 concept called ‘contextual integrity’. This alternative concept would tie adequate protection for privacy to norms of specific contexts, ‘demanding that information gathering and dissemination be appropriate to that context and obey the governing norms of distribution within it’.15 Another way of considering the issue is by focusing not so much on the individual data, but on the effects of the present-day technologies, in particular the almost limitless surveillance capacities of new technologies, such as location-based systems, radio frequency identifiers (RFIDs) and on-line personalization instruments. In a sense, these surveillance techniques require that we shift our attention from individual sets of personal data to the statistical models, profiles and algorithms with which individuals are assigned to a particular group or ‘identity’. For these models and algorithms are privately owned, and thus unavailable for public contestation. But the interests of personal data protection seem to require that they are made known to the public and thus are part of the public domain. Let me discuss this point in some more detail. Our behaviour in the ‘public domain’ is increasingly monitored, captured, stored, used and analysed to become privately owned knowledge about people, their habits and social identity. Indeed, the term commodification of personal data may lose its significance once we acknowledge this trend toward a commodification of identities and behaviour. It is this trend that is lacking in the present debate on privacy and property. Personal data are not used and processed anew and in isolation each time a company acquires a set of personal data. In contemporary society, ‘useful’ information and knowledge goes beyond the individual exchange of a set of personal data. In ‘giving’ his or her personal data to a certain organization, the individual does not provide these data for use in an ‘objective’ context. Today, the use and thus ‘value’ of personal data cannot be seen apart from the specifics of the context within which these data are used. Personal data processing occurs within, and is often structured by, social, economic and institutional settings.16 Thus, the question is not so much whether personal data are processed; they always are and will be, whether for legitimate or for unlawful purposes. It is an illusion to think that vesting a property right in personal data will limit the use of personal data. The problem is rather how personal data are processed, in what context, and towards what end. Therefore, the focus of the discussion should move away from entitlements to single data. What we need are instruments to enhance the visibility of and to increase our knowledge about how personal data are used and combined, on the basis of what data individuals are typified, by whom and for what purposes. In line with Nissenbaum’s theory of contextual integrity, ‘it is crucial to know the context - who is gathering the information, who is analyzing it, who is disseminating it and to whom, the nature of the information, the relationships among the various parties, and even larger institutional and social circumstances’.17 This is a much more fundamental issue which cannot be tackled by vesting a property right in individual data. To illustrate this argument, I would like to point towards the development of ubiquitous 15 Helen Nissenbaum, ‘Privacy as Contextual Integrity’, 79 Washington Law Review (2004), 119. 16 See on this argument in relation to ubiquitous computing in further detail David J. Phillips, ‘From Privacy to Visibility: Context, Identity, and Power in Ubiquitous Computing Environments’, 23 Social Text 2 (forthcoming Summer 2005). 17 Nissenbaum (2004)