Exploration of a fragmented discourse. Privacy and data security in Süddeutsche Zeitung : 2007–2017

: The goal of this exploratory case study is to identify different facets of news reporting on surveillance, privacy and data security, and more speciically, how risks in this context are portrayed. The theoretical foundation consists of two elements: 1) the concept of mediatized risk culture, and 2) the discursive arena model of risk communication, which provides the normative background for assessing news reporting. A text-mining approach (topic modeling) is applied to analyze relevant coverage of the German quality newspaper Süddeutsche Zeitung. The study yields a total of seven topics which belong to three categories: violation of privacy norms, power and law enforcement, and dataication. The results show that despite the de-mystiication of digital technology after the Snowden leaks, coverage has recently become more afirmative and less focused on risk. We conclude that this may indicate a normalization of mass surveillance and data harvesting even in Germany, a society which traditionally values privacy. In order to add more context to our indings, however, further qualitative analyses were needed. The paper serves as a starting point for further research on media reporting of surveillance, privacy and data security.


Introduction
With the recent revelations concerning the social network giant Facebook and the data analytics irm Cambridge Analytica, the debate on privacy and data security has gained new momentum.he improper exploitation of at least 87 million Facebook user accounts by Cambridge Analytica is just one prominent example that the concept of privacy is at stake in an increasingly data-driven world.While politicians are interested in big data for both campaigning and security policy, private organizations use and sell data for commercial purposes.What does this mean for our privacy and the security of our personal data?hese questions have been subject to public scrutiny not only since the Cambridge Analytica scandal. he revelations of former CIA contractor Edward Snowden in 2013 concerning the bulk surveillance by the US intelligence agency NSA in particular form another landmark event in this debate.
In this paper, we apply a text-mining approach (topic modeling) to obtain a comprehensive picture of the discursive position of surveillance and (counter-)discourses of digital privacy and data protection in the Süddeutsche Zeitung 1 , Germany's leading quality newspaper, between 2007 and 2017. he center-let daily is one of the most inluential agenda-setting media outlets in Germany.It is also known for its investigative stories, including reporting on surveillance and data scandals.here are several international studies that have used the Süddeutsche Zeitung as the exemplar of the German press (Nordheim, Boczek, Koppers 2018;Schäfer, Ivanova, Schmidt 2011). he paper therefore serves as an appropriate case study for one of the irst exploratory content analyses concerning the public debate about privacy and data security before and ater the Snowden revelations.Another reason is that as a center-let newspaper that oten stresses civil rights, one could expect to ind substantial awareness of risk to privacy and data security.
he study touches upon the oten ambiguous character of emerging, big-scale technologies (Beck 1992;2009), which is also true for digitization: While its enormous advantages are indisputable, there are also considerable risks inherent in this ongoing technological revolution, such as the increasing vulnerability of privacy and data security.hese risks have been debated since the early days of the World Wide Web.For instance, studies conducted in Germany by Beck and Vowe (1995) as well as Rössler (2001) showed that newspaper reporting of the technological advancements and their social and political consequences was dominated by euphoric assessments, but also included skeptical or even apocalyptical ones.Studies from the US and Canada yielded similar indings (Patnode 2003;Sklar 1997).As we know from later research, critical views on digitization gained more prominence in the early 2000s, including growing concerns about privacy and security issues (Oggolder 2015;Zeller, 1 Average daily circulation in the 4th quarter of 2017: 367,235.See http://www.ivw.eu/aw/print/qa/titel/1221, last accessed on April 10, 2018. Pobrane z czasopisma Mediatizations Studies http://mediatization.umcs.plData: 14/02/2020 17:52:44 U M C S Wolling, Porten-Cheé 2010).However, it was not until 2013 when the whistleblower Edward Snowden revealed the bulk surveillance programs of the US intelligence agency, NSA, that the internet was de-mystiied (Möller 2017).At that time, privacy and data security became a major societal and academic concern.Due to the strong focus on the communicative negotiation of privacy vs. security (see next chapter), however, previous research ofers an incomplete picture of this complex thematic area.Studies that connect the various facets of privacy and data retention are still missing.For instance, little is known about how they are discussed from an economic or user-oriented perspective, and through which lenses involved actors (administrations, intelligence agencies, private companies…) are viewed.
he research questions of this study are: 1) which facets do news reporting of surveillance, privacy and data security comprise in the Süddeutsche Zeitung? 2) Speciically, how are risks to privacy and data security portrayed?he results of this exploratory case study are expected to lay the groundwork for a bigger and international sample.
For the purpose of this analysis, we tentatively conceptualize privacy as a state where "people have control over the disclosure of their personal information" (Budak, Rajh, Recher, 2017, p. 37).Data security (or information security) is understood as the protection of data in terms of conidentiality, accessibility, and integrity (BSI 2018), while surveillance describes technological means to obtain personal and meta-data from the digital traces of people (̌as et al. 2017).

The privacy versus security "trade-off"
Governments and authorities across the globe ind themselves in an ambiguous role as the internet is both an object and tool of security policy (Deibert 2016).It is an object of security policy because it is a critical infrastructure that modern societies increasingly rely and depend on.It is a tool of security policy because surveillance is widely considered the key to ight organized crime and terrorism.he Snowden revelations sparked an international debate about the tension ield surrounding surveillance, privacy, and security (̌as et al. 2017). he trend towards data-driven security policy, however, seems to be unbroken.In this context, political and media actors have commonly framed security and privacy as a "trade-of " (ibid.).Scholars like ̌as et al. (2017, p. 4-5) criticize this as a narrowed view where digital surveillance is presented as the prime solution, whereas privacy is oten framed as an obstacle to security instead of conceptualizing it as an element of (individual) security.
Triggered by the Snowden leaks, the negotiation of security versus privacy has also become a concern for a variety of communication scholars.For instance, Johnson (2016) investigated the responses of leading US media organizations to the revelations and found that opinion pieces comprised diverse views about ethics, legitimacy and necessity of government surveillance.Wäscher (2016) Dencik und Cable (2017) argue that citizens widely show resignation, not consent, when it comes to the lack of knowledge and control over what happens to personal data in an increasingly digitized world. he authors have dubbed this phenomenon "surveillance realism".horsen (2016) investigated post-Snowden news coverage by he Guardian and he New York Times concerning encryption of private online communication.He found that the reports provided tech giants such as Google, Facebook, Apple, Microsot and others with a platform to exonerate themselves from privacy-related allegations rather than ofering helpful information for ordinary users.
Most research in this area, however, is closely linked to the debate in the United States. he next section will therefore look at the speciics of the German debate and relevant historical backgrounds.

The debate about privacy and data security in Germany
It has oten been noted that Germans can be notoriously sensitive when it comes to data privacy.Jarvis (2011) has called this sensitivity the "he German Privacy Paradox." Indeed, studies have shown that privacy awareness is higher in Germany as compared to other western countries.For instance, Löblich and Karppinen (2014) analyzed newspaper reporting of internet governance in Germany, Sweden, Finland, and the US.hey found that in Germany, the political debate about privacy was most pronounced, and there was also a stronger emphasis on regulation.On the contrary, US newspapers demonstrated a deregulatory attitude and a stronger emphasis on security.Longitudinal studies conducted by Oggolder (2012;2015) yield further support for the notion that German media pays special attention to privacy-related issues in the digital world.
For a better understanding, one has to look into the historical backgrounds of the debate in Germany.First and foremost, it has to be taken into account that Germany experienced two dictatorships, both of which used intelligence services to spy on their own citizens and violate people's most basic rights.hese experiences have shown lasting efects.For instance, a detailed census planned by the West German federal government in 1983 elicited large-scale protests.he Constitutional Court made a groundbreaking judgement which involved a "fundamental right to informational self-determination" (Albers 2017, translated).he census, which was actually conducted four years later, had to be adjusted to the new privacy rules.
Later debates in the reuniied Germany included surveillance activities by the domestic intelligence, the Constitutional Protection Agency, and the Data Retention Directive, which stipulates that telecommunication irms must store their customers' personal and communication-related data for a certain period of time to facilitate criminal prosecution (Lüber 2014).
Pobrane z czasopisma Mediatizations Studies http://mediatization.umcs.plData: 14/02/2020 17:52:44 U M C S More recently, the focus has shited to private companies collecting massive amounts of personal data for commercial purposes.he German government has been a driving force behind the current strict data protection policies of the European Union, which are now being implemented in the member states.Paradoxically, when it comes to state surveillance, even the Snowden leaks seem to have had little efect on policies.Dimmroth, Steiger und Schünemann (2017) have outlined that despite public outrage over the revelations, the intelligence cooperation between the US and Germany has been marked by continuity rather than critical reassessment.

Theoretical framework
he theoretical foundation of the study consists of two major elements that we consider relevant to the mediated debate about privacy and data security: 1) the concept of mediatized risk culture, and 2) the discursive model of risk communication.
he concept of mediatized risk culture (Roslyng, Eskjaer 2017) is an approach used to capture the way media logic permeates debates about risk. he authors show "how risk is presented as manageable and/or contested and how this, to a certain degree, is a result of a mediatized logic" (ibid, p. 116).As media tends to emphasize conlicts surrounding risk and a lack of controllability, it signiicantly difers from authorities and scientiic organizations.his also inluences "the way risk actors engage in the public debate on diferent media platforms and, possibly, how media institutions may contain a bias in favor of particular risk actors" (ibid, p. 115). he authors furthermore argue that risk representations in the media are inluenced by the degree risks resonate with "deep-seated cultural images and narratives" (ibid, p. 126).
he observation that risk perceptions are highly culture-dependent has been made by several scholars before.Beck (2009) argues that the dominant values and norms within a society inluence the way how we perceive and deal with risk.In the German context, we can expect that the mentioned historical experiences (see the prior section) have shaped the values and norms that determine how risks to privacy and data security are debated.It is furthermore important to note that risk perceptions are not static, but are subjected to (mediated) processes of negotiation (Keller 2003).his is why media reporting of risk is oten considered to have far-reaching political implications.
he discursive arena model of risk communication (Bonfadelli 2004) is a normative approach which attempts to place the negotiation of risk in a democratic context.It is based on the observation that public communication about the risks induced by science and technology oten focuses too much on the views of experts. he model thus postulates to include the broad public into the negotiation of risk, especially when large parts of society are (potentially) afected.hanks to the participatory approach of the discursive arena model, the public debate can be understood as a forum for Pobrane z czasopisma Mediatizations Studies http://mediatization.umcs.plData: 14/02/2020 17:52:44 U M C S diferent perspectives on risks related to privacy and data security, encourage public scrutiny, and serve as an instrument of early warning, e.g. when state actors or private organizations pursue questionable policies.By involving civil society in the risk communication process, the discursive arena model also aims at sensitizing citizens to risks and addresses their self-responsibility.his is a key prerequisite for privacy and data security in the cyber world.
he discursive arena model, however, is not a naïve approach.It acknowledges that journalistic news reporting of risk oten fails to live up to normative expectations.According to Bonfadelli (2004, pp. 296-298), signiicant shortcomings in this context are a high dependence on the political agenda, limited source plurality, lack of in-house expertise, as well as event-driven reporting (see also Henn, Vowe 2015; Pantti, Wahl-Jorgensen, Cottle 2012). he study presented in this paper allows us to assess whether or not these (or other) problems can be observed in the context of privacy and data security.

Method and sample
he irst step of any content analysis is inding a sample that helps to answer the research questions, in this case: Which facets of surveillance, privacy and data security are mirrored in the newspaper articles (RQ1) and, speciically, how are risks to privacy and data security portrayed (RQ2)?Since our study is exploratory and meant to comprise the entire discourse on data security and privacy in the Süddeutsche Zeitung, we chose a broad selection criterion.he trade-of of imprecision when using very open search terms is compensated by subsequent topic clustering processes (see below). he search term 2 was applied to a ten-year news period (beginning of 2007 until the end of 2017).As further pre-processing steps, we deleted numbers and punctuation, removed stop words using a list of 612 stop words (see supplement), and transformed all words to lowercase.For our text-mining approach, we used only words that appear more than ive times in the corpus.In a second step, we applied the topic clustering algorithm LDA to the subcorpus that was thus generated.
2 "ueberwachung" (surveillance) AND "NSA" -OR -"ueberwachung" (surveillance) AND "geheimdienste" (intelligence services) -OR -"ueberwachung" (surveillance) AND "Internet" -OR -"ueberwachung" (surveillance) AND "daten" (Data) -OR -"ueberwachung" (surveillance) AND "online" -OR -"privat" AND "daten" (Data) -OR -"privat" (private) AND "internet" (Data) -OR -"privat" (private) AND "online" (data) -OR -"personenbezogene" (private) AND "daten" (Data) -OR -"ausspaehen" (spy) AND "daten" (data) -OR -"persoenliche" (personal) AND "daten" (data) -OR -"datenschutz" (data protection) -OR -"datensicherheit" (data safety).Uppercase and lowercase letters were ignored, and the search terms are pattern-deined so that compounds containing the terms are also included.(Blei, Nag, Jordan 2003) is currently the most popular clustering algorithm for processing large text corpora.It reliably predicts the thematic structure of large (journalistic) text corpora (Jacobi, van Atteveldt, Welbers 2016;Puschmann, Scheler 2016).LDA ofers two main advantages: 1) it allows the researcher to discover patterns and structures across vast amounts of data that cannot be processed manually, for example the full coverage of all major online news outlets in a given country over a long period of time, and 2) it is an unsupervised method, i.e. the method works independently from the researcher's prior knowledge and thus also detects patterns that were unanticipated (DiMaggio, Nag, Blei 2013, p. 593).his means that theoretical assumptions and hypotheses no longer limit the scope of analysis.However, LDA models certainly have some limitations that must be acknowledged.he bag-of-words assumption is frequently mentioned as a weakness due to its elimination of word order, "speciic local context information on semantic relations between words is lost, which otherwise might help interpret deeper meanings and solve ambiguities" (Maier et al. 2018 p. 4).Another limitation inherent in the model is the ixed number of topics, which are not estimated by the model and instead must be determined by the researcher in advance.In addition, LDA is not able to model the evolution of topics.he assumption of a ixed number of topics may be detrimental, for example, for long-term analyses.Finally, one of the most discussed problems is the validation of the LDA model.Diferent approaches have been suggested, both quantitative and qualitative in nature, and which are beyond the scope of this paper (detailed descriptions can be found in Maier et al. 2018, p. 7-8).In this study, we use three approaches.We investigated: 1) intratopic semantic validity (with intruder tests, heuristic analysis of top words and top articles, and labeling of topics), 2) intertopic validity (analysis of the statistical proximity of the topics by means of clustering), and 3) external validation (analysis of temporal patterns and comparison with external events; see, for example, NSA peak in the results).

Pobrane z czasopisma
We applied LDA using the tosca R-package (Koppers et al. 2018). he LDA produces lists of words called topics.hese lists assign a probability value to each word (type) in the corpus (topics are distributions over words).Ordered by these probabilities, they yield lists that, in the best case, activate thematically consistent cognitive patterns to human readers.For instance, a human coder can easily thematically correlate the words nsa, snowden, usa, bnd 3 , obama, intelligence agencies -it is about the Snowden leaks surrounding the intelligence agency NSA, the role of the BND and of individual political actors such as the then US President, Barack Obama.hese word lists are generated based on the insight that there is a correlation between similar meanings of linguistic units (words, phrases) and the similarity of their distribution across certain linguistic contexts, gained from empirical corpora (distributional hypothesis, irst made by Zellig 1954).his characteristic of language relates to the cognition-psychological model of cognitive patterns that enable and organize human thought.he LDA topic clustering process harnesses this characteristic of language by putting words into a thematic context depending on how frequently they occur together in a document.his also connects LDA to concepts from communication science that use cognition-psychological concepts such as the framing approach.According to Entman (1993), a frame comprises up to four elements: problem deinition, cause diagnosis, moral judgments, and suggestion of remedies.Several studies have provided evidence that reporting shapes the audience's cognitive frames with regard to science and technology, at least to a certain degree (Cobb 2005; Nisbet, Hart, Myers, Ellithorpe 2013; Wolling, Arlt 2015).Even though frames describe speciic patterns that do not necessarily have to reoccur one-to-one in LDA topic patterns, there is a conceptual overlap that enables us to refer to the framing approach in our LDA analysis.Jacobi et al. (2016, p. 92) assert that "if framing devices correspond to speciic (latent) patterns of vocabulary use, LDA can capture these classes in speciic topics, and as such LDA results can also include the frames used in a corpus of texts" (see also DiMaggio et al. 2013).
In LDA, each word in each text is assigned to a topic (token) -depending on the context, the German word "Bank", in its meaning of 'bench' , can be assigned to another topic in an article on soccer than in a report on inances, where "Bank" would mean the same as the English term "bank" as a inancial institution.he example from the present analysis shows how topic clustering works: Topic 1: nsa snowden bnd obama washington edward american intelligence agencies american usa Topic 7: data protection spd european fdp verdict future green committee brussels data retention Washington Following outrage about mass spying of telephone data, the US Congress initiated a reform of intelligence agency NSA.On Wednesday, the House of Representative justice committee voted for a legal amendment that will prohibit US intelligence agencies from collecting millions of telephone connection data sets from US citizens (…) Two topics were identiied in this document which can be seen as a distribution over topics: the NSA/Snowden topic we mentioned, and a topic that apparently revolves around privacy legislation.he top words (words with the highest probability for this topic, here translated into English) include, for example, various German political parties as well as names of controversial laws ("mass data retention") and legal terminology ("verdict").According to these patterns, the words in the sample article were assigned to the topics.Words like "outrage", "mass spying" and "telephone data" were assigned to the irst topic, and terms like "reform" and "legal amendment" to the second one.hree parameters must be deined for the LDA model (K, α, and β).K must be selected for the number of topics, α, and β control whether documents (as distri-Pobrane z czasopisma Mediatizations Studies http://mediatization.umcs.plData: 14/02/2020 17:52:44 U M C S bution of topics) or topics (as distribution of words) are strongly dominated by individual topics or words, or whether the probability for each element is similar.In simple words, these variables can be used to determine whether the probability distribution tends to be sharp or even.
Since there is no satisfactory measure of the coherence of topics, most studies use qualitative approaches to calibrate the variables and validate the topics (Maier et al. 2018, p. 24).Manual labeling or a review of top words (most representative terms) and top articles (most representative articles, i.e. articles with the largest percentage of words from a certain topic).We supplement this qualitative investigation with the intruder words approach for systematic manual evaluation, suggested by Chang et al. (2009).For a tested topic, they used the list of the top N terms and inserted a random intruder term with high probability from another topic.If coders choose the correct answer (i.e.identify the intruder), it can be assumed that the topic is consistent (see results section).
Ater a manual review of various variable constellations, we used a LDA with a total number of 11 clusters (K=11), i.e. 11 topics (alpha and beta were each deined as 1/K).From this point on, clustering was automatic and thus with a lesser bias than other content-analytical methods.For the manual interpretation, we subsequently used the top words, top articles and topic evolution over time (assigned words on certain topics relative to the subcorpus).For this procedural dimension, the issue-attention cycles of news reporting as described by Waldherr (2012Waldherr ( , 2014) ) serve as an important point of reference because they highlight the dynamic and oten short-term oriented character of news reporting.he approach is also relevant with regard to priming and agenda-setting efects among the audience, which is another important precondition for sensitization.
As a third step, comparing probability distributions across word lists also enabled us to cluster topics at a higher level.Tosca ofers a function to 'clusterTopics', which enables grouping with the help of the Hellinger distance.Here, the probability values of individual words in diferent topics are compared with each other so that topics similar to one another can be grouped (see Fig. 2).

Findings Reporting frequency
Figure 1 shows the size of the subcorpus that was formed using the search words.A total of 4,998 texts were identiied in the period from the beginning of 2007 until the end of 2017.In the summer of 2013, Edward Snowden's revelations marked a clear peak.Post-Snowden, the frequency of articles on the subjects of data security, privacy etc. remained at a consistently high level compared to the time prior to the NSA leaks.

Topic Clustering
Of the 11 generated topics, 10 could be clearly labeled -activating consistent patterns in the coders.he intruder word validation yielded the following result: Table 1. he intruderTopics function of tosca displays a list of ive words for each topic.For each test, the user must evaluate eleven lists (with K=11).One or none of the terms in every list is an intruder that must be identiied by entering its number (or "0" for no intruder).he representative topic words (top words) and the intruder terms (which are top words from other topics of the same model) are selected randomly and change with each repetition of the test.he test was repeated ten times by two coders (ive times each).he table displays the numbers of correctly evaluated lists (i.e., a correctly identiied intruder or "0" for no intruder) for each topic.
Topic 1 2 3 4 5 6 7 8 9 10 11 Correct evaluation 9/10 10/10 10/10 9/10 9/10 9/10 7/10 8/10 8/10 10/10 9/10 he quality of LDA resides in its ability to form topics from iller words that are frequently used and thus quite vague, resulting in higher consistency of other topics.In the present LDA, we were able to identify a iller word topic (topic 2).Another characteristic of this method is that it identiies irrelevant texts in relation to the research question -i.e. one can accept low search word precision in favor of comprehensive recall.he imprecision (or, positively worded: openness) of the search word becomes evident, for instance, when a subcorpus features texts about the corporate his leaves us with a total of seven topics, which were clustered into three groups using the Hellinger distance (see Figure 2).We consider these three groups as categories of topics that are closely connected to each other.A content analysis of the most representative words and articles of each topic reveals distinct frames that will be discussed subsequently.  of power gained through data.In this sense, data are tools to punish those who have used unlawful violence (for example, in court cases).At the same time, data itself is increasingly a means to exert violence in disputes.In this frame, the framing of the associated top article is ambivalent as they refer to both problems and remedies.In the analyzed articles, we are observing a weaponization of data, which became a focus of media coverage mainly because of the Snowden leaks.But in other contexts, too, data is now being used for violent purposes (SZ, 23.3.2015): "IS publishes death list with US soldiers On a webpage, the jihadists published names, photos and personal data from 100 persons to whom they accused of being involved in the ight against IS in Iraq, Syria, Yemen and other countries.Although a hacker department of IS claimed to have stolen the data from "various servers and databases" of the government... " While reporting on legal enforcement is decreasing (similarly to corporate violations of norms, see above) and reporting on power enforcement is increasing only slightly in the context of data and surveillance, the curve that describes the NSA afair has a sharp peak.It follows the typical phases of an issue-attention cycle, from the key event to the post-problem phase.

Dataication
his is about the process of digitization -i.e. the dataication of various aspects of our lives, such as communication or mobility.Coverage is oten meant to educate the public.he readers, conceived of as clueless users of smart devices or naive internet surfers, are made aware of the risks and pitfalls of their increasingly digitized world.Since 2010, at the latest, there has been the perpetual frame of "data octopuses", all-powerful US corporations that are ater our data: SZ, 5 October 2010: "How to protect your data: Ten things you can do to protect your privacy on Facebook…", 12 May 2011: "Facebook leak: user data compromised".In addition to Facebook, Google's Streetview also came under ire in 2010, constituting a new frame, "he self as a commodity" (SZ, 5 June 2010).his discourse slackened over the past few years, while coverage of the technological promise of "intelligent" data technologies has increased, in particular towards the end of the research period: "Intelligent heating" (18 May 2017), "Welcome to Dataville" (22 March 2017), "Intelligent roommates" (13 January 2017).he texts are written in a euphoric tone, any concerns about the improper exploitation of personal data are of minor importance.hey are aids to adaptation in the sense that that they aim to assist the individual in facing the challenges and using the opportunities of the digital age.Hence, the analysis of the top articles published late in the study period suggests that technological discourse is becoming increasingly airmative.

Conclusion
he research questions presented in the introductory part were: 1) Which facets does news reporting of surveillance, privacy and data security comprise in the Süddeutsche Zeitung? 2) Speciically, how are risks to privacy and data security portrayed?he analysis of articles retrieved from the Süddeutsche Zeitung has indeed shown a diferentiated picture with regard to the reporting of issues related to surveillance, privacy and data security.Seven meaningful topics could be identiied across three diferent categories.While the irst category deals with the violation of privacy norms by the state or private companies, the second category emphasizes the potential of surveillance for power and law enforcement, be it legitimate or illegitimate by democratic standards.he third category, dataication, deals with the consequences of our ever-more data-driven world, ranging from privacy and data security-related risks to beneits like improved every-day applications or transport, to name but a few.his clearly shows that the much-debated privacy vs. security trade-of is just one, albeit important, aspect of the thematic area analyzed in this article.he Süddeutsche Zeitung has also reported from an economic as well as from a technological and a user-oriented perspective, with a variety of connotations ranging from critical to euphoric, from politically loaded to educational.
Based on these indings, how could the mediatized risk culture as portrayed in the Süddeutsche Zeitung between 2007 and 2017, be described?First and foremost, it is conspicuous that despite a visible impact of the Snowden leaks, the paper's attention to the violation of privacy norms has been declining signiicantly over the years.he technological discourse has meanwhile become more airmative.Given that the Snowden revelations have been conceived of as a game-changer in the debate about surveillance, privacy and data security, this is quite an astonishing inding.We assume this relects the increasing normalization of surveillance and data harvesting at the cost of individual privacy and data security (see Möller 2017).We consider this inding to be signiicant since it was obtained from the analysis of a center-let newspaper that oten emphasizes the importance of civil rights, and given that German society is traditionally sensitive to privacy and data security-related issues.
his inding is supported by a variety of studies concerning digital issues and the role of industry in shaping public debate.Gillespie (2010), for instance, argued that platforms such as YouTube strategically position themselves regarding how their role in the information landscape should be understood, namely as an opportunity for social and cultural development.he Reuters Institute (2018) found that news media heavily rely on industry sources when reporting artiicial intelligence, leaving the debate to self-interested commercial actors instead of making it an object of public concern.he same seems to be the case in the context of privacy and data security, as evident in the case of media coverage about encryption techniques (horsen 2016).In the reports we analyzed, the topics related to dataication seem to be less politicized compared to cases where state surveillance was involved, which are much more sensitive due to Germany's historical experiences with two dictatorships.In other words, the potential for scandalization seems to be smaller when risks to privacy and data security are caused by private actors.
Concerning the normative framework for risk communication, the discursive arena model, it is important to note that common users appear to be in a rather passive role, for instance as victims of (legally/morally questionable) surveillance or as naïve individuals who have to be educated about the dataication of our lives.We did not ind evidence that the viewpoints of civil society -e.g. in the shape of anti-surveil-

Figure 1 .
Figure 1.Count of articles in subcorpus over time

Figure 2 .
Figure 2. he seven labeled topics are grouped into three broad categories, which are described below under the following headings: Violation of privacy norms (consisting of the topics economy and state), Power and legal enforcement (power enforcement, intelligence and legal enforcement) and Dataication (internet and technology).

Figure 3 .
Figure 3.Comparison of topic clusters (sum of single topics, see below), relative to the generated subcorpus (moving average of 6 months).

Figure 6 .
Figure 6.Share of words that were assigned to the topics of internet and technology in the LDA process, relative to the generated subcorpus (moving average of 6 months).

looked at the communicative Pobrane z czasopisma Mediatizations Studies http://mediatization.umcs.pl
strategies of anti-surveillance movements based in the United States and how these strategies opened discursive spaces in public debate.Despite such activities, however,

Table 3 .
he 20 most representative words in each of the associated topics intelligence, legal enforcement and power enforcement (translated).Share of words that were assigned to the topics of intelligence, legal enforcement and power enforcement in the LDA process, relative to the generated subcorpus (moving average of 6 months).

Table 4 .
he 20 most representative words in each of the associated topics internet and technology (translated).