I’ve been pointed to an interesting article by Alexis Madrigal about the work of Helen Nissenbaum, an American philosopher who has been looking at what “privacy” actually means, and what sort of things cause us to feel that our privacy has been invaded. A lot of discussion (and most of EU data protection law) assumes that privacy is about keeping control of personal information, and that we get worried about privacy either when we feel we have lost control, either because we don’t know what is happening to our information or because too much of it has been collected. That might suggest that the less flow of information there is, the better.
According to the article, Professor Nissenbaum suggests instead that it’s not the flow of information that causes problems, but when the expectations about that flow are broken. Whenever information is passed from one place to another, the sender and receiver have specific expectations about what will happen to it. Privacy breaches occur when those expectations change (or, I presume, when they don’t match in the first place). And individuals tend to import into the on-line world their expectations from the off-line one.
That seems to me to make sense in terms of when large “privacy breach” stories break. Obviously there are concerns when an organisation fails to keep secure large quantities of personal data: that’s bad according to both off-line and on-line norms. But there also seem to be privacy storms when on-line businesses announce changes to their privacy policies – even though it may not be clear whether the change actually improves privacy or makes it worse. Perhaps those are the occasions when individuals are most likely to realise that businesses are, unlike them, not just transferring expectations from the real world to the on-line one, but seeing the technology as an opportunity to behave differently? So they become aware of changed or mis-matched expectations?
The article suggests that Professor Nissenbaum’s ideas inspired the recent American Privacy Bill of Rights, which talks a lot about “context” and is mostly concerned with what happens when there is a change to the context in which information was collected. Thinking about European law, perhaps this also gives a way to understand the six justifications for processing personal data: numbers two to six, which all start with “necessary”, are actions that generally abide by social norms – fulfilling a contract, complying with the law, protecting someone from death or serious injury, and other “legitimate interests”? That would leave the first justification on the list – consent – applying to actions that would breach social norms so need special permission in advance?
I see Professor Nissenbaum has written a book about this, which has just gone on my wishlist 🙂