in order to embarrass and humiliate the other).
In an ideal world, we are in control of deciding who knows what about us. Obviously, this control will have limits: your parents ask you to call in regularly to say where you are; your boss might require you to “punch in/out” when you arrive at work and leave, respectively; the tax office may request a full disclosure on your bank accounts in order to compute your taxes; and police can search your house should they have a warrant24 from a judge.
In the following two sections we look at both sides of the coin: Why do we want privacy, and why might one not want it (in certain circumstances)? Some of the motivations for privacy will be distilled from the privacy laws we have seen in the previous section: what do these laws and regulations attempt to provide citizens with? What are the aims of these laws? By spelling out possible reasons for legal protection, we can try to better frame both the values and the limits of privacy. However, many critics argue that too much privacy will make the world a more dangerous place. Privacy should (and does) have limits, and we will thus also look at the arguments of those that think we should have less rather than more privacy.
2.2.1 PRIVACY BENEFITS
The fact that so many countries around the world have privacy legislation in place (over 120 countries in 2017 [Greenleaf, 2017]) clearly marks privacy as an important “thing” to protect, it is far from clear to what extent society should support individuals with respect to keeping their privacy. Statements by Scott McNealy, president and CEO of Sun Microsystems,25 pointing out that “you have no privacy anyway, get over it” [Sprenger, 1999], as well as Peter Cochrane’s editorial in Sovereign Magazine (when he was head of BT26 Research) claiming that “all this secrecy is making life harder, more expensive, dangerous and less serendipitous” [Cochrane, 2000], are representative of a large part of society that questions the point of “too much” secrecy (see our discussion in Section 2.2.2 below).
In his book Code and other Laws of Cyberspace [Lessig, 1999], Harvard law professor Lawrence Lessig tries to discern possible motivations for having privacy27 in today’s laws and social norms. He lists four major driving factors for privacy.
• Privacy as empowerment: Seeing privacy mainly as informational privacy, its aim is to give people the power to control the dissemination and spread of information about themselves. A legal discussion surrounding this motivation revolves around the question whether personal information should be seen as a private property [Samuelson, 2000], which would entail the rights to sell all or parts of it as the owner sees fit, or as a “moral right,” which would entitle the owner to assert a certain level of control over their data even after they sold it.
• Privacy as utility: From the data subject’s point of view, privacy can be seen as a utility providing more or less effective protection from nuisances such as unsolicited calls or emails, as well as more serious harms, such as financial harm or even physical harm. This view probably best follows Warren and Brandeis’ “The right to be let alone” definition of privacy, where the focus is on reducing the amount of disturbance for the individual, but can also be found, e.g., in U.S. tort law (see Section 2.1.1) or anti-discrimination laws.
• Privacy as dignity: Dignity can be described as “the presence of poise and self-respect in one’s deportment to a degree that inspires respect” [Pickett, 2002]. This not only entails being free from unsubstantiated suspicions (for example when being the target of a wire tap, where the intrusion is usually not directly perceived as a disturbance), but rather focuses on the balance in information available between two people: analogous to having a conversation with a fully dressed person while being naked oneself, any relationship where there is a considerable information imbalance will make it much more difficult for those with less information about the other to keep their poise.
• Privacy as constraint of power: Privacy laws and moral norms to that extend can also be seen as a tool for keeping checks and balances on a ruling elite’s powers. By limiting information gathering of a certain type, crimes or moral norms pertaining to that type of information cannot be effectively enforced. As Stuntz [1995] puts it: “Just as a law banning the use of contraceptives would tend to encourage bedroom searches, so also would a ban on bedroom searches tend to discourage laws prohibiting contraceptives” (as cited in Lessig [1999]).
Depending upon the respective driving factor, an individual might be more or less willing to give up part of their privacy in exchange for a more secure life, a better job, or a cheaper product. The ability of privacy laws and regulations to influence this interplay between government and citizen, between employer and employee, and between manufacturer or service provider and customer, creates a social tension that requires a careful analysis of the underlying motivations in order to balance the protection of the individual and the public good. An example of how a particular motivation can drive public policy is anti-spam legislation enacted both in Europe [European Parliament and Council, 2002] and in the U.S. [Ulbrich, 2003], which provides privacy-as-an-utility by restricting the unsolicited sending of e-mail. In a similar manner, in March 2004 the Bundesverfassungsgericht (the German Supreme Court) ruled that an 1998 amendment to German’s basic law enlarging law enforcements access to wire-tapping (“Der Grosse Lauschangriff”) was unconstitutional, since it violated human dignity [Der Spiegel, 2004].
This realization that privacy is more than simply providing secrecy for criminals is fundamental to understanding its importance in society. Clarke [2006] lists five broad driving principles for privacy.
• Philosophical: A humanistic tradition that values fundamental human rights also recognizes the need to protect an individual’s dignity and autonomy. Protecting a person’s privacy is inherent in a view that values an individual for their own sake.
• Psychological: Westin [1967] points out the emotional release function of privacy—moments “off stage” where individuals can be themselves, finding relief from the various roles they play on any given day: “stern father, loving husband, car-pool comedian, skilled lathe operator, unions steward, water-cooler flirt, and American Legion committee chairman.”
• Sociological: Societies do not flourish when they are tightly controlled, as countries such as East Germany have shown. People need room for “minor non-compliance with social norms” and to “give vent to their anger at ‘the system,’ ‘city hall,’ ‘the boss’:”
The firm expectation of having privacy for permissible deviations is a distinguishing characteristic of life in a free society [Westin, 1967].
• Economical: Clark notes that “all innovators are, by definition, ‘deviant’ from the norms of the time,” hence having private space to experiment is essential for a competitive economy. Similarly, an individual’s fear of surveillance—from both private companies and the state—will dampen their enthusiasm in participating in the online economy.
• Political: The sociological need for privacy directly translates into political effects if people are not free to think and discuss outside current norms. Having people actively participate in political debate is a cornerstone of a democratic society—a lack of privacy would quickly produce a “chilling effect” that directly undermines this democratic process.
As Clarke [2006] points out, many of today’s data protection laws, in particular those drafted around the Fair Information Principles, are far from addressing all of those benefits, and instead rather focus on ensuring that the collected data is correct—not so much as to protect the individual but more so to ensure maximum economic benefits. The idea that privacy is more of an individual right, a right that people should be able to exercise without unnecessary burden, rather than simply an economic necessity (e.g.,
