HOME

TheInfoList



OR:

Privacy (, ) is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively. The domain of privacy partially overlaps with
security Security is protection from, or resilience against, potential harm (or other unwanted Coercion, coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons an ...

security
, which can include the concepts of appropriate use and protection of information. Privacy may also take the form of
bodily integrity Bodily integrity is the inviolability of the physical body and emphasizes the importance of personal autonomy, self-ownership, and self-determination of human beings over their own bodies. In the field of human rights, violation of the bodily ...
. The right not to be subjected to unsanctioned invasions of privacy by the
government A government is the system or group of people governing an organized community, generally a state. In the case of its broad associative definition, government normally consists of legislature, executive, and judiciary. Government ...

government
,
corporation A corporation is an organization—usually a group of people or a company—authorized by the State (polity), state to act as a single entity (a legal entity recognized by private and public law "born out of statute"; a legal person in legal ...

corporation
s, or
individual An individual is that which exists as a distinct entity An entity is something that exists as itself, as a subject or as an object, actually or potentially, concretely or abstractly, physically or not. It need not be of material existence. In ...
s is part of many countries'
privacy law Privacy law is the body of law that deals with the regulating, storing, and using of personally identifiable information, personal healthcare information, and financial information of individuals, which can be Personally identifiable information ...
s, and in some cases,
constitution A constitution is the aggregate of fundamental principles or established precedents that constitute the legal basis of a polity A polity is an identifiable Politics, political entity – a group of people with a collective identity, who ...

constitution
s. The concept of universal individual privacy is a modern concept primarily associated with
Western culture image:Da Vinci Vitruve Luc Viatour.jpg, Leonardo da Vinci's ''Vitruvian Man''. Based on the correlations of ideal Body proportions, human proportions with geometry described by the ancient Roman architect Vitruvius in Book III of his treatise '' ...
, particularly British and North American, and remained virtually unknown in some cultures until recent times. Now, most cultures recognize the ability of individuals to withhold certain parts of personal information from wider society. With the rise of technology, the debate regarding privacy has shifted from a bodily sense to a digital sense. As the world has become digital, there have been conflicts regarding the legal right to privacy and where it is applicable. In most countries, the right to a reasonable expectation to digital privacy has been extended from the original right to privacy, and many countries, notably the
US
US
, under its agency, the
Federal Trade Commission The Federal Trade Commission (FTC) is an independent agency of the United States government whose principal mission is the enforcement of civil (non-criminal) antitrust law and the promotion of consumer protection. The FTC shares jurisdiction ...

Federal Trade Commission
, and those within the
European Union The European Union (EU) is a supranational union, supranational political union, political and economic union of Member state of the European Union, member states that are located primarily in Europe, Europe. The union has a total area of ...

European Union
(EU), have passed acts that further protect digital privacy from public and private entities and grant additional rights to users of technology. With the rise of the Internet, there has been an increase in the prevalence of
social bot A social bot, or also described as a social AI or social algorithm, is a software agent that communicates autonomously on social media. The messages (e.g. Twitter, tweets) it distributes can be simple and operate in groups and various configurati ...
s, causing political polarization and harassment. Online harassment has also spiked, particularly with teenagers, which has consequently resulted in multiple privacy breaches. Selfie culture, the prominence of networks like
Facebook Facebook is an online social media and social networking service owned by American company Meta Platforms. Founded in 2004 by Mark Zuckerberg with fellow Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dusti ...

Facebook
and
Instagram Instagram is a photo and video sharing social networking service owned by American company Meta Platforms. The app allows users to upload media that can be edited with Social media camera filter, filters and organized by hashtags and Geotaggi ...

Instagram
, location technology, and the use of advertisements and their tracking methods also pose threats to digital privacy. Through the rise of technology and immensity of the debate regarding privacy, there have been various conceptions of privacy, which include the right to be let alone as defined in " The Right to Privacy", the first U.S. publication discussing privacy as a legal right, to the theory of the privacy paradox, which describes the notion that users' online may say they are concerned about their privacy, but in reality, are not. Along with various understandings of privacy, there are actions that reduce privacy, the most recent classification includes processing of information, sharing information, and invading personal space to get private information, as defined by Daniel J. Solove. Conversely, in order to protect a user's privacy, multiple steps can be taken, specifically through practicing
encryption In cryptography, encryption is the process of Code, encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can ...

encryption
,
anonymity Anonymity describes situations where the acting person's identity is unknown. Some writers have argued that namelessness, though technically correct, does not capture what is more centrally at stake in contexts of anonymity. The important idea he ...
, and taking further measures to bolster the security of their data.


History

Privacy has historical roots in ancient Greek philosophical discussions. The most well-known of these was Aristotle's distinction between two spheres of life: the public sphere of the ''
polis ''Polis'' (, ; grc-gre, :wikt:πόλις, πόλις, ), plural ''poleis'' (, , ), literally means "city" in Greek. In Ancient Greece, it originally referred to an administrative and religious city center, as distinct from the rest of the cit ...

polis
'', associated with political life, and the private sphere of the ''
oikos The ancient Greek word ''oikos'' (ancient Greek: , plural: ; English prefix: eco- for ecology and economics) refers to three related but distinct concepts: the family, the family's property, and the house. Its meaning shifts even within texts. The ...
'', associated with domestic life. In the United States, more systematic treatises of privacy did not appear until the 1890s, with the development of privacy law in America.


Technology

As technology has advanced, the way in which privacy is protected and violated has changed with it. In the case of some technologies, such as the
printing press A printing press is a mechanical device for applying pressure to an inked surface resting upon a printing, print medium (such as paper or cloth), thereby transferring the ink. It marked a dramatic improvement on earlier printing methods in wh ...
or the
Internet The Internet (or internet) is the global system of interconnected computer networks that uses the Internet protocol suite (TCP/IP) to communicate between networks and devices. It is a '' network of networks'' that consists of private, p ...

Internet
, the increased ability to share information can lead to new ways in which privacy can be breached. It is generally agreed that the first publication advocating privacy in the United States was the 1890 article by Samuel Warren and
Louis Brandeis Louis Dembitz Brandeis (; November 13, 1856 – October 5, 1941) was an American lawyer and Associate Justice of the Supreme Court of the United States, associate justice on the Supreme Court of the United States from 1916 to 1939. Starti ...
, "The Right to Privacy", and that it was written mainly in response to the increase in newspapers and photographs made possible by printing technologies. In 1948, ''
1984 Events January * January 1 – The Bornean Sultanate of Brunei gains full independence from the United Kingdom, having become a British protectorate in 1888. * January 7 – Brunei becomes the sixth member of the Association of Southeast As ...
,'' written by
George Orwell Eric Arthur Blair (25 June 1903 – 21 January 1950), better known by his pen name George Orwell, was an English novelist, essayist, journalist, and critic. His work is characterised by lucid prose, social criticism, opposition to totalit ...

George Orwell
, was published. A classic dystopian novel, ''1984'' describes the life of Winston Smith in 1984, located in Oceania, a totalitarian state. The all-controlling Party, the party in power led by Big Brother, is able to control power through mass
surveillance Surveillance is the monitoring of behavior, many activities, or information for the purpose of information gathering, influencing, managing or directing. This can include observation from a distance by means of electronic equipment, such as c ...

surveillance
and limited freedom of speech and thought. George Orwell provides commentary on the negative effects of
totalitarianism Totalitarianism is a form of government and a political system that prohibits all opposition parties, outlaws individual and group opposition to the state and its claims, and exercises an extremely high if not complete degree of control and reg ...
, particularly on privacy and
censorship Censorship is the suppression of speech, public communication, or other information. This may be done on the basis that such material is considered objectionable, harmful, sensitive, or "inconvenient". Censorship can be conducted by governments ...
. Parallels have been drawn between ''1984'' and modern censorship and privacy, a notable example being that large social media companies, rather than the government, are able to monitor a user's data and decide what is allowed to be said online through their censorship policies, ultimately for monetary purposes. In the 1960s, people began to consider how changes in technology were bringing changes in the concept of privacy. Vance Packard's '' The Naked Society'' was a popular book on privacy from that era and led US discourse on privacy at that time. In addition, Alan Westin's ''Privacy and Freedom'' shifted the debate regarding privacy from a physical sense, how the government controls a person's body (i.e. '' Roe v. Wade'') and other activities such as wiretapping and photography. As important records became digitized, Westin argued that personal data was becoming too accessible and that a person should have complete jurisdiction over their data, laying the foundation for the modern discussion of privacy. New technologies can also create new ways to gather private information. For example, in the United States, it was thought that heat sensors intended to be used to find marijuana-growing operations would be acceptable. Contrary to popular opinion, in 2001 in '' Kyllo v. United States'' (533 U.S. 27) it was decided that the use of
thermal imaging Infrared thermography (IRT), thermal video and/or thermal imaging, is a process where a Thermographic camera, thermal camera captures and creates an image of an object by using infrared radiation emitted from the object in a process, which are ...
devices that can reveal previously unknown information without a warrant does indeed constitute a violation of privacy. In 2019, after developing a corporate rivalry in competing voice-recognition software,
Apple An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
and
Amazon Amazon most often refers to: * Amazons, a tribe of female warriors in Greek mythology * Amazon rainforest, a rainforest covering most of the Amazon basin * Amazon River, in South America * Amazon (company), an American multinational technology co ...
required employees to listen to
intimate Intimate may refer to: * Intimate examination, a physical examination for medical purposes that includes examination of the breasts, genitalia, or rectum of a patient * Intimate ion pair, the interactions between a cation, anion and surrounding sol ...
moments and faithfully transcribe the contents.


Police and government

Police and citizens often conflict on what degree the police can intrude a citizen's digital privacy. For instance, in 2012, the Supreme Court ruled unanimously in '' United States v. Jones'' (565 U.S. 400), in the case of Antoine Jones who was arrested of drug possession using a
GPS The Global Positioning System (GPS), originally Navstar GPS, is a Radionavigation-satellite service, satellite-based radionavigation system owned by the United States government and operated by the United States Space Force. It is one of t ...
tracker on his car that was placed without a warrant, that warrantless tracking infringes the Fourth Amendment. The Supreme Court also justified that there is some "reasonable expectation of privacy" in transportation since the reasonable expectation of privacy had already been established under ''Griswold v. Connecticut'' (1965). The Supreme Court also further clarified that the Fourth Amendment did not only pertain to physical instances of intrusion but also digital instances, and thus ''United States v. Jones'' became a landmark case. In 2014, the Supreme Court ruled unanimously in '' Riley v. California'' (573 U.S. 373), where David Leon Riley was arrested after he was pulled over for driving on expired license tags when the police searched his phone and discovered that he was tied to a shooting, that searching a citizen's phone without a warrant was an unreasonable search, a violation of the Fourth Amendment. The Supreme Court concluded that the cell phones contained personal information different than trivial items, and went beyond to state that information stored on the cloud was not necessarily a form of evidence. ''Riley v. California'' evidently became a landmark case, protecting the digital protection of citizen's privacy when confronted with the police. A recent notable occurrence of the conflict between law enforcement and a citizen in terms of digital privacy has been in the 2018 case, '' Carpenter v. United States'' (585 U.S. ____). In this case, the FBI used cell phone records without a warrant to arrest Timothy Ivory Carpenter on multiple charges, and the Supreme Court ruled that the warrantless search of cell phone records violated the Fourth Amendment, citing that the Fourth Amendment protects "reasonable expectations of privacy" and that information sent to third parties still falls under data that can be included under "reasonable expectations of privacy". Beyond law enforcement, many interactions between the government and citizens have been revealed either lawfully or unlawfully, specifically through whistleblowers. One notable example is
Edward Snowden Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked Classified information in the United States, highly classified information from the National Security Agency ( ...
, who released multiple operations related to the mass surveillance operations of the
National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collectio ...
(NSA), where it was discovered that the NSA continues to breach the security of millions of people, mainly through mass surveillance programs whether it was collecting great amounts of data through third party private companies, hacking into other embassies or frameworks of international countries, and various breaches of data, which prompted a culture shock and stirred international debate related to digital privacy.


Internet

In the European Union (EU), personal data, in whatever form it is received, data protection rights must be respected by law. This also applies to companies based outside of the EU which conduct business inside the EU. Historically, the United States has disparate state and federal laws governing Internet privacy, with much left unregulated. While data privacy protection laws can grant individuals rights to control their data, enforcement is increasingly complex. A variety of data may be covered by specific laws, such as HIPAA, FCRA,
FERPA The Family Educational Rights and Privacy Act of 1974 (FERPA or the Buckley Amendment) is a United States federal law The law of the United States comprises many levels of Codification (law), codified and uncodified forms of law, of which th ...
, GLBA, ECPA, COPPA, and
VPPA The Video Privacy Protection Act (VPPA) is a bill that was passed by the United States Congress The United States Congress is the legislature of the federal government of the United States. It is Bicameralism, bicameral, composed of a ...
.


=Legal discussions of Internet privacy

= The Internet has brought new concerns about privacy in an age where computers can permanently store records of everything: "where every online photo, status update, Twitter post and blog entry by and about us can be stored forever", writes law professor and author Jeffrey Rosen.Jeffrey Rosen
"The Web Means the End of Forgetting"
''New York Times'', July 19, 2010
One of the first instances of privacy being discussed in a legal manner was in 1914, the Federal Trade Commission (FTC) was established, under the Federal Trade Commission Act, whose initial goal was to promote competition amongst businesses and prohibit unfair and misleading businesses. However, since the 1970s, the FTC has become involved in privacy law and enforcement, the first instance being the FTC's implementation and enforcement of the
Fair Credit Reporting Act The Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681 ''et seq'', is Federal government of the United States, U.S. Federal Government legislation enacted to promote the accuracy, fairness, and consumer privacy, privacy of Customer data, consume ...
(FCRA), which regulates how credit card bureaus can use a client's data and grants consumer's further credit card rights. In addition to the FCRA, the FTC has implemented various other important acts that protect consumer privacy. For example, the FTC passed the
Children's Online Privacy Protection Act The Children's Online Privacy Protection Act of 1998 (COPPA) is a United States federal law, located at (). The act, effective April 21, 2000, applies to the online collection of personal information by persons or entities under Federal ju ...
(COPPA) of 1998, which regulates services geared towards children under the age of thirteen, and the
Red Flags Rule The Red Flags Rule was created by the Federal Trade Commission The Federal Trade Commission (FTC) is an independent agency of the United States government whose principal mission is the enforcement of civil (non-criminal) antitrust law and th ...
, passed in 2010, which warrants that companies have measures to protect clients against
identity theft Identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term ''identity theft'' was c ...
, and if clients become victims of identity theft, that there are steps to alleviate the consequences of identity theft. In 2018, the European Union (EU)'s General Data Protection Regulation (GDPR) went into effect, a privacy legislation that replaced the Data Protection Directive of 1995. The GDPR requires how consumers within the EU must have complete and concise knowledge about how companies use their data and have the right to gain and correct data that a companies stores regarding them, enforcing stricter privacy legislations compared to the Data Protection Directive of 1995.


=Social networking

= Several online social network sites (OSNs) are among the top 10 most visited websites globally. Facebook for example, as of August 2015, was the largest social-networking site, with nearly 2.7 billion members, who upload over 4.75 billion pieces of content daily. While
Twitter Twitter is an online social media and social networking service owned and operated by American company Twitter, Inc., on which users post and interact with 280-character-long messages known as "tweets". Registered users can post, like, and ...
is significantly smaller with 316 million registered users, the US
Library of Congress The Library of Congress (LOC) is the research library A library is a collection of materials, books or media that are accessible for use and not just for display purposes. A library provides physical (hard copies) or digital access (so ...
recently announced that it will be acquiring and permanently storing the entire archive of public Twitter posts since 2006. A review and evaluation of scholarly work regarding the current state of the value of individuals' privacy of online social networking show the following results: "first, adults seem to be more concerned about potential privacy threats than younger users; second, policy makers should be alarmed by a large part of users who underestimate risks of their information privacy on OSNs; third, in the case of using OSNs and its services, traditional one-dimensional privacy approaches fall short". This is exacerbated by deanonymization research indicating that personal traits such as sexual orientation, race, religious and political views, personality, or intelligence can be inferred based on a wide variety of digital footprints, such as samples of text, browsing logs, or Facebook Likes. Intrusions of social media privacy are known to affect employment in the United States.
Microsoft Microsoft Corporation is an American multinational corporation, multinational technology company, technology corporation producing Software, computer software, consumer electronics, personal computers, and related services headquartered at th ...
reports that 75 percent of U.S. recruiters and human-resource professionals now do online research about candidates, often using information provided by search engines, social-networking sites, photo/video-sharing sites, personal web sites and blogs, and
Twitter Twitter is an online social media and social networking service owned and operated by American company Twitter, Inc., on which users post and interact with 280-character-long messages known as "tweets". Registered users can post, like, and ...
. They also report that 70 percent of U.S. recruiters have rejected candidates based on internet information. This has created a need by many candidates to control various online privacy settings in addition to controlling their online reputations, the conjunction of which has led to legal suits against both social media sites and US employers.


Selfie culture

Selfies A selfie () is a self-portrait photograph, typically taken with a digital camera or smartphone, which may be held in the hand or supported by a selfie stick. Selfies are often shared on social media, via social networking services such as Face ...
are popular today. A search for photos with the hashtag #selfie retrieves over 23 million results on Instagram and 51 million with the hashtag #me. However, due to modern corporate and governmental surveillance, this may pose a risk to privacy. In a research study which takes a sample size of 3763, researchers found that for users posting selfies on social media, women generally have greater concerns over privacy than men, and that users' privacy concerns inversely predict their selfie behavior and activity.


Online harassment

After the 1999 Columbine Shooting, where violent video games and music were thought to be one of the main influences on the killers, some states began to pass anti-bullying laws where some included cyber-bullying laws. The suicide of 13-year-old Megan Meier, where Meier was harassed on Myspace, prompted Missouri to pass anti-harassment laws though the perpetrators were later declared innocent. Through the rise of smartphones and the rise in popularity with social media such as Facebook and Instagram, messaging, online forums, gaming communities, and email, online harassment continued to grow. 18-year-old Jessica Logan committed suicide in 2009 after her boyfriend sent explicit photos of her to various teenagers in different high schools, where she was then harassed through Myspace, which led to her school passing anti-harassment laws. Further notable occurrences where digital privacy was invaded include the death of Tyler Clementi and Amanda Todd, whose death instigated Canadian funding towards studies on bullying and legislation regarding cyber-bullying to be passed, but problems regarding the lack of protection for users were risen, by Todd's mother herself, since this bill allowed for companies to completely access a user's data. All U.S. states have now passed laws regarding online harassment. 15% of adolescents aged 12–18 have been subject to cyberbullying, according to a 2017 report conducted by the National Center for Education Statistics and Bureau of Justice. In 2018 16% of high schoolers were subject to cyberbullying according to the CDC's 2019 Youth Risk Behavior Surveillance System.


=Bot accounts

= Bots originate from the 1980s, where they were known as an IRC (Internet Relayed Chat) which served essential purposes such as stating the date and time and over time now expand to other purposes, such as flagging copyright on articles. Forms of social media, such as Twitter, Facebook, and Instagram, have a prevalent activity of social bots, different than IRC bots, representing accounts that are not human and perform autonomous behavior to some degree. Bots, especially those with malicious intent, became most prevalent in the 2016 U.S. presidential election, where both the Trump and Clinton campaign had millions of bots essentially working on their account to influence the election. A subsection of these bots would target and assault certain journalists, causing journalists to stop reporting on matters since they dreaded further harassment. In the same election, Russian Twitter bots, presenting themselves as Midwestern swing-voter Republicans were used to amplify and spread misinformation. In October 2020, data scientist Emilio Ferrara found that 19% of tweets related to the 2016 election were generated by bots. Following the election, A 2017 study revealed that nearly 48 million Twitter accounts are bots. Furthermore, it was found that approximately 33% of tweets related to
Brexit Brexit (; a portmanteau of "British exit") was the Withdrawal from the European Union, withdrawal of the United Kingdom (UK) from the European Union (EU) at 23:00 Greenwich Mean Time, GMT on 31 January 2020 (00:00 1 February 2020 Central Eur ...
were produced by bots. Data indicates that the use of bots has increased since the 2016 election, and AI-driven bots are becoming hard to detect, and soon will be able to emulate human-like behavior, by being able to comment, submit comments regarding policy, etc. affecting political debate, outcomes of an election, and a user's perception of those online and the humans they interact with. Although bots have been used in a negative context when politics are described, many bots have been used to protect against online harassment. For example, since 2020, Facebook researchers have been developing Web-Enabled Simulation (WES) bots that emulate bad human behavior and then engineers use this data to determine the best correctives.


=Privacy and location-based services

= Increasingly, mobile devices facilitate location tracking. This creates user privacy problems. A user's location and preferences constitute personal information. Their improper use violates that user's privacy. A recent MIT study by de Montjoye et al. showed that 4 spatio-temporal points, approximate places and times, are enough to uniquely identify 95% of 1.5M people in a mobility database. The study further shows that these constraints hold even when the resolution of the dataset is low. Therefore, even coarse or blurred datasets provide little anonymity. Several methods to protect user privacy in
location-based service A location-based service (LBS) is a general term denoting software services which use geographic data and information to provide services or information to users. LBS can be used in a variety of contexts, such as health, indoor object detection, o ...
s have been proposed, including the use of anonymizing servers and blurring of information. Methods to quantify privacy have also been proposed, to calculate the equilibrium between the benefit of providing accurate location information and the drawbacks of risking personal privacy.


=Advertising on mobile devices

= When the internet was first introduced, the internet became the predominant medium of advertising, shifting from newspapers and magazines. With the growth of digital advertisements, people began to be tracked using
HTTP cookie HTTP cookies (also called web cookies, Internet cookies, browser cookies, or simply cookies) are small blocks of Data (computing), data created by a web server while a User (computing), user is browsing a website and placed on the user's compu ...
s, and this data was used to target relevant audiences. Since the introduction of iPhones and Androids, data brokers were also planted within apps, for further tracking. Since the growth of cookies, resulting in a $350 billion digital industry especially focused on mobile devices, digital privacy has become the main source of concern for many mobile users, especially with the rise of privacy scandals, such as the Cambridge Analytica Scandal. Recently,
Apple An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
has introduced features that prohibit advertisers from tracking a user's data without their consent, as seen with their implementation of pop-up notifications that let users decide the extent to which a company can track their behavior.
Google Google LLC () is an American Multinational corporation, multinational technology company focusing on Search Engine, search engine technology, online advertising, cloud computing, software, computer software, quantum computing, e-commerce, ar ...
has begun to roll out similar features, but concerns have risen about how a privacy-conscious internet will function without advertisers being able to use data from users as a form of capital. Apple has set a precedent implementing stricter crackdown on privacy, especially with their introduction of the pop-up feature, which has made it harder for businesses, especially small businesses, on other mediums, like Facebook to target relevant audiences, since these advertisers no longer have relevant data. Google, contrary to Apple, has remained relatively lax in its crackdown, supporting cookies until at least 2023, until a privacy-conscious internet solution is found.


=Ethical controversies over location privacy

= There have been scandals regarding location privacy. One instance was the scandal concerning
AccuWeather AccuWeather Inc. is an American media company that provides commercial weather forecasting services worldwide. AccuWeather was founded in 1962 by Joel N. Myers, then a Pennsylvania State University graduate student working on a master's degree i ...
, where it was revealed that AccuWeather was selling locational data. This consisted of a user's locational data, even if they opted out within Accuweather, which tracked users’ location. Accuweather sold this data to Reveal Mobile, a company that monetizes data related to a user's location. Other international cases are similar to the Accuweather case. In 2017, a leaky API inside the McDelivery App exposed private data, which consisted of home addresses, of 2.2 million users With the rise of such scandals, many large American technology companies such as Google, Apple, and Facebook have been subjected to hearings and pressure under the U.S. legislative system. In 2011, with the rise of locational technology, US Senator
Al Franken Alan Stuart Franken (born May 21, 1951) is an American comedian, politician, media personality, and author who served as a United States senator from Minnesota from 2009 to 2018. He gained fame as a writer and performer on the television comed ...
wrote an open letter to
Steve Jobs Steven Paul Jobs (February 24, 1955 – October 5, 2011) was an American Entrepreneurship, entrepreneur, industrial designer, media proprietor, and investor. He was the co-founder, chairman, and chief executive officer, CEO of Apple Inc., Appl ...
, noting the ability of iPhones and iPads to record and store users' locations in unencrypted files, although Apple denied doing so. This conflict has perpetuated further into 2021; a recent example being where the U.S. state of Arizona found in a court case that Google mislead its users and stored the location of users regardless of their location settings.


Metadata

The ability to do online inquiries about individuals has expanded dramatically over the last decade. Importantly, directly observed behavior, such as browsing logs, search queries, or contents of a public Facebook profile, can be automatically processed to infer secondary information about an individual, such as sexual orientation, political and religious views, race, substance use, intelligence, and personality. In Australia, the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 made a distinction between collecting the contents of messages sent between users and the metadata surrounding those messages.


Protection of privacy on the Internet

Covert collection of personally identifiable information has been identified as a primary concern by the U.S. Federal Trade Commission.Federal Trade Commission (2010), "Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers," Preliminary FTC Staff Report (December), available a

Although some privacy advocates recommend the deletion of original and third-party HTTP cookies, Anthony Miyazaki, marketing professor at
Florida International University Florida International University (FIU) is a public university, public research university with its main campus in Miami-Dade County. Founded in 1965, the school opened its doors to students in 1972. FIU has grown to become the third-largest uni ...
and privacy scholar, warns that the "elimination of third-party cookie use by Web sites can be circumvented by cooperative strategies with third parties in which information is transferred after the Web site's use of original domain cookies." As of December 2010, the Federal Trade Commission is reviewing policy regarding this issue as it relates to behavioral advertising.


Legal right to privacy

Most countries give citizens rights to privacy in their constitutions. Representative examples of this include the
Constitution of Brazil The Constitution of the Federative Republic of Brazil ( pt, Constituição da República Federativa do Brasil) is the supreme law of Brazil Brazil ( pt, Brasil; ), officially the Federative Republic of Brazil (Portuguese: ), is the large ...
, which says "the privacy, private life, honor and image of people are inviolable"; the
Constitution of South Africa The Constitution of South Africa is the supreme law Law is a set of rules that are created and are law enforcement, enforceable by social or governmental institutions to regulate behavior,Robertson, ''Crimes against humanity'', 90. wit ...
says that "everyone has a right to privacy"; and the
Constitution of the Republic of Korea The Constitution of the Republic of Korea () is the supreme law of South Korea. It was promulgated on July 17, 1948, and last revised on October 29, 1987. Background The Provisional Charter of Korea The preamble of the Constitution of South ...
says "the privacy of no citizen shall be infringed." The
Italian Constitution The Constitution of the Italian Republic ( it, Costituzione della Repubblica Italiana) was enacted by the Constituent Assembly of Italy, Constituent Assembly on 22 December 1947, with 453 votes in favour and 62 against. The text, which has sin ...
also defines the right to privacy. Among most countries whose constitutions do not explicitly describe privacy rights, court decisions have interpreted their constitutions to intend to give privacy rights. Many countries have broad privacy laws outside their constitutions, including Australia's
Privacy Act 1988 The Privacy Act 1988 is an Australian law The legal system of Australia Australia, officially the Commonwealth of Australia, is a sovereign country comprising the mainland of the Australian continent, the island of Tasmania, and ...
, Argentina's Law for the Protection of Personal Data of 2000, Canada's 2000
Personal Information Protection and Electronic Documents Act The ''Personal Information Protection and Electronic Documents Act'' (PIPEDA; french: Loi sur la protection des renseignements personnels et les documents électroniques) is a Canadian law relating to data privacy. It governs how private sector ...
, and Japan's 2003 Personal Information Protection Law. Beyond national privacy laws, there are international privacy agreements. The United Nations
Universal Declaration of Human Rights The Universal Declaration of Human Rights (UDHR) is an international document adopted by the United Nations General Assembly The United Nations General Assembly (UNGA or GA; french: link=no, Assemblée générale, AG) is one of the six pr ...
says "No one shall be subjected to arbitrary interference with
heir Inheritance is the practice of receiving private property, Title (property), titles, debts, entitlements, Privilege (law), privileges, rights, and Law of obligations, obligations upon the death of an individual. The rules of inheritance differ ...
privacy, family, home or correspondence, nor to attacks upon
heir Inheritance is the practice of receiving private property, Title (property), titles, debts, entitlements, Privilege (law), privileges, rights, and Law of obligations, obligations upon the death of an individual. The rules of inheritance differ ...
honor and reputation." The
Organisation for Economic Co-operation and Development The Organisation for Economic Co-operation and Development (OECD; french: Organisation de coopération et de développement économiques, ''OCDE'') is an intergovernmental organisation with 38 member countries, founded in 1961 to stimulate ...
published its Privacy Guidelines in 1980. The European Union's 1995 Data Protection Directive guides privacy protection in Europe. The 2004 Privacy Framework by the
Asia-Pacific Economic Cooperation The Asia-Pacific Economic Cooperation (APEC ) is an inter-governmental forum for 21 member economies in the Pacific Rim that promotes free trade throughout the Asia-Pacific region.
is a privacy protection agreement for the members of that organization.


Argument against legal protection of privacy

The argument against the legal protection of privacy is predominant in the US. The landmark US Supreme Court case, ''Griswold v. Connecticut,'' established a reasonable expectation to privacy. However, some conservative justices do not consider privacy to be a legal right, as when discussing the 2003 case, '' Lawrence v. Texas'' (539 U.S. 558), Supreme Court Justice
Antonin Scalia Antonin Gregory Scalia (; March 11, 1936 – February 13, 2016) was an American jurist who served as an associate justice of the Supreme Court of the United States from 1986 until his death in 2016. He was described as the intellectua ...
did not consider privacy to be a right, and Supreme Court Justice
Clarence Thomas Clarence Thomas (born June 23, 1948) is an American jurist who serves as an associate justice of the Supreme Court of the United States. He Clarence Thomas Supreme Court nomination, was nominated by President George H. W. Bush to succeed Th ...
argued that there is "no general right to privacy" in the U.S. Constitution in 2007. Many Republican interest groups and activists desire for appointed justices to be like Justice Thomas and Scalia since they uphold originalism, which indirectly helps strengthen the argument against the legal protection of privacy.


Free market vs consumer protection

Approaches to privacy can, broadly, be divided into two categories: free market or consumer protection. One example of the free market approach is to be found in the voluntary OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. The principles reflected in the guidelines, free of legislative interference, are analyzed in an article putting them into perspective with concepts of the
GDPR The General Data Protection Regulation (GDPR) is a European Union regulation on data protection and privacy in the EU and the European Economic Area (EEA). The GDPR is an important component of EU privacy law and of human rights law, in partic ...
put into law later in the European Union. In a consumer protection approach, in contrast, it is claimed that individuals may not have the time or knowledge to make informed choices, or may not have reasonable alternatives available. In support of this view, Jensen and Potts showed that most privacy policies are above the reading level of the average person.


By country


=Australia

= The ''Privacy Act 1988'' is administered by the Office of the Australian Information Commissioner. The initial introduction of privacy law in 1998 extended to the public sector, specifically to Federal government departments, under the Information Privacy Principles. State government agencies can also be subject to state based privacy legislation. This built upon the already existing privacy requirements that applied to telecommunications providers (under Part 13 of the ''Telecommunications Act 1997''), and confidentiality requirements that already applied to banking, legal and patient / doctor relationships. In 2008 the Australian Law Reform Commission (ALRC) conducted a review of Australian privacy law and produced a report titled "For Your Information". Recommendations were taken up and implemented by the Australian Government via the Privacy Amendment (Enhancing Privacy Protection) Bill 2012. In 2015, the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 was passed, to some controversy over its human rights implications and the role of media.


=European Union

= Although there are comprehensive regulations for data protection in the European Union, one study finds that despite the laws, there is a lack of enforcement in that no institution feels responsible to control the parties involved and enforce their laws. The European Union also champions the
Right to be Forgotten The right to be forgotten (RTBF) is the right to have private information about a person be removed from Internet searches and other directories under some circumstances. The concept has been discussed and put into practice in several jurisdiction ...
concept in support of its adoption by other countries.


=India

= Since the introduction of the
Aadhaar Aadhaar ( hi, आधार, ādhār, lit=base, foundation, bn, আধার) is a 12-digit unique identity number that can be obtained voluntarily by the citizens of India India, officially the Republic of India (Hindi: ), is a count ...
project in 2009, which resulted in all 1.2 billion Indians being associated with a 12-digit biometric-secured number. Aadhaar has uplifted the poor in India by providing them with a form of identity and preventing the fraud and waste of resources, as normally the government would not be able to allocate its resources to its intended assignees due to the ID issues . With the rise of Aadhaar, India has debated whether Aadhaar violates an individual's privacy and whether any organization should have access to an individual's digital profile, as the Aadhaar card became associated with other economic sectors, allowing for the tracking of individuals by both public and private bodies. Aadhaar databases have suffered from security attacks as well and the project was also met with mistrust regarding the safety of the social protection infrastructures. In 2017, where the Aadhar was challenged, the Indian Supreme Court declared privacy as a human right, but postponed the decision regarding the constitutionality of Aadhaar for another bench. In September 2018, the Indian Supreme Court determined that the Aadhaar project did not violate the legal right to privacy.


=United Kingdom

= In the United Kingdom, it is not possible to bring an action for invasion of privacy. An action may be brought under another
tort A tort is a civil wrong that causes a claimant to suffer loss or harm, resulting in legal liability for the person who commits the tortious act. Tort law can be contrasted with criminal law, which deals with criminal wrongs that are punishab ...
(usually breach of confidence) and privacy must then be considered under EC law. In the UK, it is sometimes a defence that disclosure of private information was in the public interest. There is, however, the Information Commissioner's Office (ICO), an independent public body set up to promote access to official information and protect personal information. They do this by promoting good practice, ruling on eligible complaints, giving information to individuals and organisations, and taking action when the law is broken. The relevant UK laws include:
Data Protection Act 1998 The Data Protection Act 1998 (DPA, c. 29) was an Act of Parliament Acts of Parliament, sometimes referred to as primary legislation, are texts of law passed by the legislative body of a jurisdiction (often a parliament or council). In most ...
;
Freedom of Information Act 2000 The Freedom of Information Act 2000 (c. 36) is an Acts of Parliament in the United Kingdom, Act of the Parliament of the United Kingdom that creates a public "right of access" to information held by public authorities. It is the implementation ...
; Environmental Information Regulations 2004; Privacy and Electronic Communications Regulations 2003. The ICO has also provided a "Personal Information Toolkit" online which explains in more detail the various ways of protecting privacy online.


=United States

= Although the
US Constitution The Constitution of the United States is the Supremacy Clause, supreme law of the United States, United States of America. It superseded the Articles of Confederation, the nation's first constitution, in 1789. Originally comprising seven ar ...
does not explicitly include the
right to privacy The right to privacy is an element of various legal traditions that intends to restrain governmental and private actions that threaten the privacy of individuals. Over 150 national constitutions mention the right to privacy. On 10 December 1948 ...
, individual as well as locational privacy may be implicitly granted by the Constitution under the 4th Amendment. The
Supreme Court of the United States The Supreme Court of the United States (SCOTUS) is the highest court in the federal judiciary of the United States. It has ultimate appellate jurisdiction over all U.S. federal court cases, and over state court cases that involve a point ...
has found that other guarantees have ''penumbras'' that implicitly grant a right to privacy against government intrusion, for example in '' Griswold v. Connecticut'' and '' Roe v. Wade.'' '' Dobbs v. Jackson Women's Health Organization'' later overruled ''Roe v. Wade'', with Supreme Court Justice
Clarence Thomas Clarence Thomas (born June 23, 1948) is an American jurist who serves as an associate justice of the Supreme Court of the United States. He Clarence Thomas Supreme Court nomination, was nominated by President George H. W. Bush to succeed Th ...
characterizing ''Griswold'''s penumbral argument as having a "facial absurdity", casting doubt on the validity of a constitutional right to privacy in the United States and of previous decisions relying on it. In the United States, the right of
freedom of speech Freedom of speech is a principle that supports the freedom of an individual or a community to articulate their opinions and ideas without fear of retaliation, censorship, or legal sanction. The rights, right to freedom of expression has been ...
granted in the First Amendment has limited the effects of lawsuits for breach of privacy. Privacy is regulated in the US by the Privacy Act of 1974, and various state laws. The Privacy Act of 1974 only applies to federal agencies in the executive branch of the federal government. Certain privacy rights have been established in the United States via legislation such as the
Children's Online Privacy Protection Act The Children's Online Privacy Protection Act of 1998 (COPPA) is a United States federal law, located at (). The act, effective April 21, 2000, applies to the online collection of personal information by persons or entities under Federal ju ...
(COPPA), the
Gramm–Leach–Bliley Act The Gramm–Leach–Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, () is an Act of Congress, act of the 106th United States Congress (1999–2001). It repealed part of the Glass–Steagall Legislation, Glass ...
(GLB), and the
Health Insurance Portability and Accountability Act The Health Insurance Portability and Accountability Act of 1996 (HIPAA or the Ted Kennedy, Kennedy–Nancy Kassebaum, Kassebaum Act) is a United States Act of Congress enacted by the 104th United States Congress and signed into law by President B ...
(HIPAA). Unlike the EU and most EU-member states, the US does not recognize the right to privacy of non-US citizens. The UN's Special Rapporteur on the right to privacy, Joseph A. Cannataci, criticized this distinction.


Conceptions of privacy


Privacy as contextual integrity

The theory of contextual integrity defines privacy as an appropriate information flow, where appropriateness, in turn, is defined as conformance with legitimate, informational norms specific to social contexts.


Right to be let alone

In 1890, the United States jurists Samuel D. Warren and Louis Brandeis wrote "The Right to Privacy", an article in which they argued for the "right to be let alone", using that phrase as a definition of privacy. This concept relies on the theory of
natural rights Some philosophers distinguish two types of rights, natural rights and legal rights. * Natural rights are those that are not dependent on the laws or customs of any particular culture or government, and so are ''universal'', ''fundamental right ...
and focuses on protecting individuals. The citation was a response to recent technological developments, such as photography, and sensationalist journalism, also known as
yellow journalism Yellow journalism and yellow press are American terms for journalism and associated newspapers that present little or no legitimate, well-researched news while instead using eye-catching headlines for increased sales. Techniques may include ...
.Warren and Brandeis
"The Right To Privacy"
1890) 4 Harvard Law Review 193
There is extensive commentary over the meaning of being "let alone", and among other ways, it has been interpreted to mean the right of a person to choose
seclusion Seclusion is the act of secluding (i.e. isolating from society), the state of being secluded, or a place that facilitates it (a secluded place). A person, couple, or larger group may go to a secluded place for privacy or Quiet Time, peace and qu ...
from the attention of others if they wish to do so, and the right to be immune from scrutiny or being observed in private settings, such as one's own home. Although this early vague legal concept did not describe privacy in a way that made it easy to design broad legal protections of privacy, it strengthened the notion of privacy rights for individuals and began a legacy of discussion on those rights in the US.


Limited access

Limited access refers to a person's ability to participate in society without having other individuals and organizations collect information about them. Various theorists have imagined privacy as a system for limiting access to one's personal information. Edwin Lawrence Godkin wrote in the late 19th century that "nothing is better worthy of legal protection than private life, or, in other words, the right of every man to keep his affairs to himself, and to decide for himself to what extent they shall be the subject of public observation and discussion." Adopting an approach similar to the one presented by Ruth Gavison Nine years earlier, Sissela Bok said that privacy is "the condition of being protected from unwanted access by others—either physical access, personal information, or attention."


Control over information

Control over one's personal information is the concept that "privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others." Generally, a person who has consensually formed an interpersonal relationship with another person is not considered "protected" by privacy rights with respect to the person they are in the relationship with. Charles Fried said that "Privacy is not simply an absence of information about us in the minds of others; rather it is the control we have over information about ourselves. Nevertheless, in the era of
big data Though used sometimes loosely partly because of a lack of formal definition, the interpretation that seems to best describe Big data is the one associated with large body of information that we could not comprehend when used only in smaller am ...
, control over information is under pressure.


States of privacy

Alan Westin defined four states—or experiences—of privacy: solitude, intimacy, anonymity, and reserve.
Solitude Solitude is a state of seclusion or isolation, meaning lack of socialisation. Effects can be either positive or negative, depending on the situation. Short-term solitude is often valued as a time when one may work, think, or rest without distur ...
is a physical separation from others; Intimacy is a "close, relaxed; and frank relationship between two or more individuals" that results from the seclusion of a pair or small group of individuals. Anonymity is the "desire of individuals for times of 'public privacy.'" Lastly, reserve is the "creation of a psychological barrier against unwanted intrusion"; this creation of a psychological barrier requires others to respect an individual's need or desire to restrict communication of information concerning themself. In addition to the psychological barrier of reserve, Kirsty Hughes identified three more kinds of privacy barriers: physical, behavioral, and normative. Physical barriers, such as walls and doors, prevent others from accessing and experiencing the individual. (In this sense, "accessing" an individual includes accessing personal information about them.) Behavioral barriers communicate to others—verbally, through language, or non-verbally, through personal space, body language, or clothing—that an individual does not want the other person to access or experience them. Lastly, normative barriers, such as laws and social norms, restrain others from attempting to access or experience an individual.


Secrecy

Privacy is sometimes defined as an option to have secrecy. Richard Posner said that privacy is the right of people to "conceal information about themselves that others might use to their disadvantage". In various legal contexts, when privacy is described as secrecy, a conclusion is reached: if privacy is secrecy, then rights to privacy do not apply for any information which is already publicly disclosed. When privacy-as-secrecy is discussed, it is usually imagined to be a selective kind of secrecy in which individuals keep some information secret and private while they choose to make other information public and not private.


Personhood and autonomy

Privacy may be understood as a necessary precondition for the development and preservation of personhood. Jeffrey Reiman defined privacy in terms of a recognition of one's ownership of their physical and mental reality and a moral right to self-determination. Through the "social ritual" of privacy, or the social practice of respecting an individual's privacy barriers, the social group communicates to developing children that they have exclusive moral rights to their bodies—in other words, moral ownership of their body. This entails control over both active (physical) and cognitive appropriation, the former being control over one's movements and actions and the latter being control over who can experience one's physical existence and when. Alternatively, Stanley Benn defined privacy in terms of a recognition of oneself as a subject with agency—as an individual with the capacity to choose. Privacy is required to exercise choice. Overt observation makes the individual aware of himself or herself as an object with a "determinate character" and "limited probabilities." Covert observation, on the other hand, changes the conditions in which the individual is exercising choice without his or her knowledge and consent. In addition, privacy may be viewed as a state that enables autonomy, a concept closely connected to that of personhood. According to Joseph Kufer, an autonomous self-concept entails a conception of oneself as a "purposeful, self-determining, responsible agent" and an awareness of one's capacity to control the boundary between self and other—that is, to control who can access and experience him or her and to what extent. Furthermore, others must acknowledge and respect the self's boundaries—in other words, they must respect the individual's privacy. The studies of psychologists such as Jean Piaget and Victor Tausk show that, as children learn that they can control who can access and experience them and to what extent, they develop an autonomous self-concept. In addition, studies of adults in particular institutions, such as Erving Goffman's study of "total institutions" such as prisons and mental institutions, suggest that systemic and routinized deprivations or violations of privacy deteriorate one's sense of autonomy over time.


Self-identity and personal growth

Privacy may be understood as a prerequisite for the development of a sense of self-identity. Privacy barriers, in particular, are instrumental in this process. According to Irwin Altman, such barriers "define and limit the boundaries of the self" and thus "serve to help define he self" This control primarily entails the ability to regulate contact with others. Control over the "permeability" of the self's boundaries enables one to control what constitutes the self and thus to define what is the self. In addition, privacy may be seen as a state that fosters personal growth, a process integral to the development of self-identity. Hyman Gross suggested that, without privacy—solitude, anonymity, and temporary releases from social roles—individuals would be unable to freely express themselves and to engage in self-discovery and self-criticism. Such self-discovery and self-criticism contributes to one's understanding of oneself and shapes one's sense of identity.


Intimacy

In a way analogous to how the personhood theory imagines privacy as some essential part of being an individual, the intimacy theory imagines privacy to be an essential part of the way that humans have strengthened or intimate relationships with other humans. Because part of human relationships includes individuals volunteering to self-disclose most if not all personal information, this is one area in which privacy does not apply.
James Rachels James Webster Rachels (May 30, 1941 – September 5, 2003) was an American philosopher who specialized in ethics Ethics or moral philosophy is a branch of philosophy that "involves systematizing, defending, and recommending concepts of morali ...
advanced this notion by writing that privacy matters because "there is a close connection between our ability to control who has access to us and to information about us, and our ability to create and maintain different sorts of social relationships with different people." Protecting intimacy is at the core of the concept of sexual privacy, which law professor Danielle Citron argues should be protected as a unique form of privacy.


Physical privacy

Physical privacy could be defined as preventing "intrusions into one's physical space or solitude." An example of the legal basis for the right to physical privacy is the U.S. Fourth Amendment, which guarantees "the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures". Physical privacy may be a matter of cultural sensitivity, personal dignity, and/or shyness. There may also be concerns about safety, if, for example one is wary of becoming the victim of crime or
stalking Stalking is unwanted and/or repeated surveillance by an individual or group toward another person. Stalking behaviors are interrelated to harassment and intimidation and may include following the victim in person or monitoring them. The term ...
. There are different things that can be prevented to protect one's physical privacy, including people watching (even through recorded images) one's intimate behaviours or body parts and unhautorized access to one's personal possessions or places. Examples of possible efforts used to avoid the former, especially for
modesty Modesty, sometimes known as demureness, is a mode of dress and deportment which intends to avoid the encouraging of sexual attraction in others. The word "modesty" comes from the Latin word ''wikt:modestus, modestus'' which means "keeping within ...
reasons, are
clothes Clothing (also known as clothes, apparel, and attire) are items worn on the body. Typically, clothing is made of fabrics or textiles, but over time it has included garments made from animal skin and other thin sheets of materials and natural ...
,
wall A wall is a structure and a surface that defines an area; carries a load; provides security Security is protection from, or resilience against, potential harm (or other unwanted Coercion, coercive change) caused by others, by restraining th ...
s,
fence A fence is a structure that encloses an area, typically outdoors, and is usually constructed from posts that are connected by boards, wire, rails or netting. A fence differs from a wall in not having a solid foundation along its whole length. ...
s, privacy screens,
cathedral glass Cathedral glass is the name given commercially to monochromatic sheet glass. It is thin by comparison with ''slab glass'', may be coloured, and is textured on one side. The name draws from the fact that windows of stained glass Stained glas ...
, window coverings, etc.


Organizational

Government agencies, corporations, groups/societies and other organizations may desire to keep their activities or secrets from being revealed to other organizations or individuals, adopting various
security Security is protection from, or resilience against, potential harm (or other unwanted Coercion, coercive change) caused by others, by restraining the freedom of others to act. Beneficiaries (technically referents) of security may be of persons an ...

security
practices and controls in order to keep private information confidential. Organizations may seek legal protection for their secrets. For example, a government administration may be able to invoke
executive privilege Executive privilege is the right of the president of the United States The president of the United States (POTUS) is the head of state and head of government of the United States of America. The president directs the executive branch ...
or declare certain information to be classified, or a corporation might attempt to protect valuable proprietary information as
trade secret Trade secrets are a type of intellectual property that includes formulas, best practice, practices, business process, processes, designs, legal instrument, instruments, patterns, or compilations of information that have inherent economic value be ...
s.


Privacy self-synchronization

Privacy self-synchronization is a hypothesized mode by which the stakeholders of an enterprise privacy program spontaneously contribute collaboratively to the program's maximum success. The stakeholders may be customers, employees, managers, executives, suppliers, partners or investors. When self-synchronization is reached, the model states that the personal interests of individuals toward their privacy is in balance with the business interests of enterprises who collect and use the personal information of those individuals.


An individual right

David Flaherty believes networked computer databases pose threats to privacy. He develops 'data protection' as an aspect of privacy, which involves "the collection, use, and dissemination of personal information". This concept forms the foundation for fair information practices used by governments globally. Flaherty forwards an idea of privacy as information control, " dividuals want to be left alone and to exercise some control over how information about them is used". Richard Posner and Lawrence Lessig focus on the economic aspects of personal information control. Posner criticizes privacy for concealing information, which reduces market efficiency. For Posner, employment is selling oneself in the labour market, which he believes is like selling a product. Any 'defect' in the 'product' that is not reported is fraud. For Lessig, privacy breaches online can be regulated through code and law. Lessig claims "the protection of privacy would be stronger if people conceived of the right as a property right", and that "individuals should be able to control information about themselves".


A collective value and a human right

There have been attempts to establish privacy as one of the fundamental
human rights Human rights are Morality, moral principles or Social norm, normsJames Nickel, with assistance from Thomas Pogge, M.B.E. Smith, and Leif Wenar, 13 December 2013, Stanford Encyclopedia of PhilosophyHuman Rights Retrieved 14 August 2014 for ce ...
, whose social value is an essential component in the functioning of democratic societies. Priscilla Regan believes that individual concepts of privacy have failed philosophically and in policy. She supports a social value of privacy with three dimensions: shared perceptions, public values, and
collective A collective is a group of entities that share or are motivated by at least one common issue or interest, or work together to achieve a common objective. Collectives can differ from cooperatives in that they are not necessarily focused upon an ...
components. Shared ideas about privacy allows freedom of conscience and diversity in thought. Public values guarantee democratic participation, including freedoms of speech and association, and limits government power. Collective elements describe privacy as collective good that cannot be divided. Regan's goal is to strengthen privacy claims in policy making: "if we did recognize the collective or public-good value of privacy, as well as the common and public value of privacy, those advocating privacy protections would have a stronger basis upon which to argue for its protection". Leslie Regan Shade argues that the human right to privacy is necessary for meaningful democratic participation, and ensures human dignity and autonomy. Privacy depends on norms for how information is distributed, and if this is appropriate. Violations of privacy depend on context. The human right to privacy has precedent in the United Nations Declaration of Human Rights: "Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers." Shade believes that privacy must be approached from a people-centered perspective, and not through the marketplace. Dr. Eliza Watt, Westminster Law School, University of Westminster in London, UK, proposes application of the International Human Right Law (IHRL) concept of “virtual control” as an approach to deal with extraterritorial mass surveillance by state intelligence agencies.Dr. Watt envisions the “virtual control” test, understood as a remote control over the individual's right to privacy of communications, where privacy is recognized under the ICCPR, Article 17. This, she contends, may help to close the normative gap that is being exploited by nation states.


Privacy paradox and economic valuation

The ''privacy paradox'' is a phenomenon in which online users state that they are concerned about their privacy but behave as if they were not.Swartz, J., "'Opting In': A Privacy Paradox", The Washington Post, 03 Sep 2000, H.1. While this term was coined as early as 1998, it wasn't used in its current popular sense until the year 2000. Susan B. Barnes similarly used the term ''privacy paradox'' to refer to the ambiguous boundary between private and public space on social media. When compared to adults, young people tend to disclose more information on
social media Social media are interactive media technologies that facilitate the Content creation, creation and information sharing, sharing of information, ideas, interests, and other forms of expression through virtual communities and Network virtualization, ...
. However, this does not mean that they are not concerned about their privacy. Susan B. Barnes gave a case in her article: in a television interview about Facebook, a student addressed her concerns about disclosing personal information online. However, when the reporter asked to see her Facebook page, she put her home address, phone numbers, and pictures of her young son on the page. The privacy paradox has been studied and scripted in different research settings. Several studies have shown this inconsistency between privacy attitudes and behavior among online users. However, by now an increasing number of studies have also shown that there are significant and at times large correlations between privacy concerns and information sharing behavior, which speaks against the privacy paradox. A meta-analysis of 166 studies published on the topic reported an overall small but significant relation between privacy concerns and informations sharing or use of privacy protection measures. So although there are several individual instances or anecdotes where behavior appear paradoxical, on average privacy concerns and privacy behaviors seem to be related, and several findings question the general existence of the privacy paradox. However, the relationship between concerns and behavior is likely only small, and there are several arguments that can explain why that is the case. According to the attitude-behavior gap, attitudes and behaviors are ''in general'' and in most cases not closely related. A main explanation for the partial mismatch in the context of privacy specifically is that users lack awareness of the risks and the degree of protection. Users may underestimate the harm of disclosing information online. On the other hand, some researchers argue that the mismatch comes from lack of technology literacy and from the design of sites. For example, users may not know how to change their default settings even though they care about their privacy. Psychologists Sonja Utz and Nicole C. Krämer particularly pointed out that the privacy paradox can occur when users must trade-off between their privacy concerns and impression management. Personal data have different personal and public value and are used for different purposes in citizen-state interactions, compared to customer-business interactions. Therefore, the privacy paradox in citizen state actions – for example in AI driven public services – urges a broader public debate on how governments can safeguard citizen privacy, beyond the economic valuation of personal data.


Research on irrational decision making

A study conducted by Susanne Barth and Menno D.T. de Jo demonstrates that decision making takes place on an irrational level, especially when it comes to mobile computing. Mobile applications in particular are often built up in such a way that spurs decision making that is fast and automatic without assessing risk factors. Protection measures against these unconscious mechanisms are often difficult to access while downloading and installing apps. Even with mechanisms in place to protect user privacy, users may not have the knowledge or experience to enable these mechanisms. Users of mobile applications generally have very little knowledge of how their personal data are used. When they decide which application to download, they typically do not rely on the information provided by application vendors regarding the collection and use of personal data. Other research finds that users are much more likely to be swayed by cost, functionality, design, ratings, reviews and number of downloads than requested permissions, regardless of how important users may claim permissions to be when asked. A study by Zafeiropoulou specifically examined location data, which is a form of personal information increasingly used by mobile applications. Their survey also found evidence that supports the existence of privacy paradox for location data. Privacy risk perception in relation to the use of privacy-enhancing technologies survey data indicates that a high perception of privacy risk is an insufficient motivator for people to adopt privacy protecting strategies, while knowing they exist. It also raises a question on what the value of data is, as there is no equivalent of a stock-market for personal information.


The economic valuation of privacy

The willingness to incur a privacy risk is suspected to be driven by a complex array of factors including risk attitudes, personal value for private information, and general attitudes to privacy (which may be derived from surveys). One experiment aiming to determine the monetary value of several types of personal information indicated relatively low evaluations of personal information.


=Information asymmetry

= Users are not always given the tools to live up to their professed privacy concerns, and they are sometimes willing to trade private information for convenience, functionality, or financial gain, even when the gains are very small. One study suggests that people think their browser history is worth the equivalent of a cheap meal. Another finds that attitudes to privacy risk do not appear to depend on whether it is already under threat or not.


Inherent necessity for privacy violation

It is suggested by Andréa Belliger and David J. Krieger that the privacy paradox should not be considered a paradox, but more of a ''privacy dilemma'', for services that cannot exist without the user sharing private data. However, the general public is typically not given the choice whether to share private data or not, making it difficult to verify any claim that a service truly cannot exist without sharing private data.


Privacy Calculus

The privacy calculus model posits that two factors determine privacy behavior, namely privacy concerns (or perceived risks) and expected benefits. By now, the privacy calculus was supported by several studies, and it stands in direct contrast to the privacy paradox. Both perspectives can be consoled if they are understood from a more moderate position: Behavior is neither completely paradoxical nor completely logical, and the consistency between concerns and behavior depends on users, situations, or contexts.


Actions which reduce privacy

As with other conceptions of privacy, there are various ways to discuss what kinds of processes or actions remove, challenge, lessen, or attack privacy. In 1960 legal scholar William Prosser created the following list of activities which can be remedied with privacy protection: # Intrusion into a person's private space, own affairs, or wish for solitude # Public disclosure of personal information about a person which could be embarrassing for them to have revealed # Promoting access to information about a person which could lead the public to have incorrect beliefs about them # Encroaching someone's personality rights, and using their likeness to advance interests which are not their own From 2004 to 2008, building from this and other historical precedents, Daniel J. Solove presented another classification of actions which are harmful to privacy, including collection of information which is already somewhat public, processing of information, sharing information, and invading personal space to get private information.


Collecting information

In the context of harming privacy, information collection means gathering whatever information can be obtained by doing something to obtain it. Examples include surveillance and
interrogation Interrogation (also called questioning) is interviewing as commonly employed by law enforcement officers, military personnel, intelligence agencies, organized crime syndicates, and terrorist organizations with the goal of eliciting useful informa ...
. Another example is how consumers and marketers also collect information in the business context through facial recognition which has recently caused a concern for things such as privacy. There is currently research being done related to this topic.


Aggregating information

It can happen that privacy is not harmed when information is available, but that the harm can come when that information is collected as a set, then processed together in such a way that the collective reporting of pieces of information encroaches on privacy. Actions in this category which can lessen privacy include the following: * data aggregation, which is connecting many related but unconnected pieces of information * identification, which can mean breaking the de-identification of items of data by putting it through a de-anonymization process, thus making facts which were intended to not name particular people to become associated with those people * insecurity, such as lack of
data security Data security means protecting digital data Digital data, in information theory and information systems, is information represented as a string of discrete symbols each of which can take on one of only a finite number of values from some alpha ...
, which includes when an organization is supposed to be responsible for protecting data instead suffers a
data breach A data breach is a security violation, in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so. Other terms are unintentional information disclosure, data leak, info ...
which harms the people whose data it held * secondary use, which is when people agree to share their data for a certain purpose, but then the data is used in ways without the data donors’
informed consent Informed consent is a principle in medical ethics and medical law, that a patient must have sufficient information and understanding before making decisions about their medical care. Pertinent information may include risks and benefits of treatme ...
* exclusion is the use of a person's data without any attempt to give the person an opportunity to manage the data or participate in its usage


Information dissemination

Information dissemination is an attack on privacy when information which was shared in confidence is shared or threatened to be shared in a way that harms the subject of the information. There are various examples of this. Breach of confidentiality is when one entity promises to keep a person's information private, then breaks that promise. Disclosure is making information about a person more accessible in a way that harms the subject of the information, regardless of how the information was collected or the intent of making it available. Exposure is a special type of disclosure in which the information disclosed is emotional to the subject or taboo to share, such as revealing their private life experiences, their nudity, or perhaps private body functions. Increased accessibility means advertising the availability of information without actually distributing it, as in the case of doxxing. Blackmail is making a threat to share information, perhaps as part of an effort to coerce someone. Appropriation is an attack on the
personhood Personhood or personality is the status of being a person. Defining personhood is a controversial topic in philosophy Philosophy (from , ) is the systematized study of general and fundamental questions, such as those about existence, r ...
of someone, and can include using the value of someone's reputation or likeness to advance interests which are not those of the person being appropriated. Distortion is the creation of misleading information or lies about a person.


Invasion

Invasion of privacy, a subset of
expectation of privacy Expectation of privacy is a legal test which is crucial in defining the scope of the applicability of the privacy protections of the Fourth Amendment to the United States Constitution. It is related to, but is not the same as, a ''right to privacy ...
, is a different concept from the collecting, aggregating, and disseminating information because those three are a misuse of available data, whereas invasion is an attack on the right of individuals to keep personal secrets. An invasion is an attack in which information, whether intended to be public or not, is captured in a way that insults the personal dignity and right to private space of the person whose data is taken.


Intrusion

An ''intrusion'' is any unwanted entry into a person's private personal space and solitude for any reason, regardless of whether data is taken during that breach of space. ''Decisional interference'' is when an entity somehow injects itself into the personal decision-making process of another person, perhaps to influence that person's private decisions but in any case doing so in a way that disrupts the private personal thoughts that a person has.


Examples of invasions of privacy

* In 2019, contract workers for
Apple An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
and
Amazon Amazon most often refers to: * Amazons, a tribe of female warriors in Greek mythology * Amazon rainforest, a rainforest covering most of the Amazon basin * Amazon River, in South America * Amazon (company), an American multinational technology co ...
reported being forced to continue listening to "
intimate Intimate may refer to: * Intimate examination, a physical examination for medical purposes that includes examination of the breasts, genitalia, or rectum of a patient * Intimate ion pair, the interactions between a cation, anion and surrounding sol ...
moments" captured on the companies' smart speakers in order to improve the quality of their automated speech recognition software.


Techniques to improve privacy

Similarly to actions which reduce privacy, there are multiple angles of privacy and multiple techniques to improve them to varying extents. When actions are done at an organizational level, they may be referred to as
cybersecurity Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and computer network, networks from attack by malicious actors that may result in unauthorized informati ...
.


Encryption

Individuals can encrypt e-mails via enabling either two encryption protocols,
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption In cryptography, encryption is the process of Code, encoding information. This process converts the original representation of the information, known a ...
, which is built into companies like Apple or
Outlook Outlook or The Outlook may refer to: Computing * Microsoft Outlook Microsoft Outlook is a personal information manager software system from Microsoft, available as a part of the Microsoft Office and Microsoft 365 software suites. Though pr ...
and thus most common, or PGP. The
Signal In signal processing, a signal is a function that conveys information about a phenomenon. Any quantity that can vary over space or time can be used as a signal to share messages between observers. The ''IEEE Transactions on Signal Processing'' ...
messaging app, which encrypts messages so that only the recipient can read the message, is notable for being available on many mobile devices and implementing a form of perfect forward secrecy.


Anonymity

Anonymizing proxies or anonymizing networks like
I2P The Invisible Internet Project (I2P) is an anonymous network layer (implemented as a mix network Mix networks are routing Routing is the process of selecting a path for traffic in a Network theory, network or between or across multiple ...
and Tor can be used to prevent Internet service providers (ISP) from knowing which sites one visits and with whom one communicates, by hiding IP addresses and location, but does not necessarily protect a user from third party data mining. Anonymizing proxies are built into a user's device, in comparison to a
Virtual Private Network A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. The be ...
(VPN), where users must download software. Using a VPN hides all data and connections that are exchanged between servers and a user's computer, resulting in the online data of the user being unshared and secure, providing a barrier between the user and their ISP, and is especially important to use when a user is connected to public Wi-Fi. However, users should understand that all their data does flow through the VPN's servers rather than the ISP. Users should decide for themselves if they wish to use either an anonymizing proxy or a VPN. In a more non-technical sense, using incognito mode or private browsing mode will prevent a user's computer from saving history, Internet files, and cookies, but the ISP will still have access to the users' search history. Using anonymous search engines will not share a user's history, clicks, and will obstruct ad blockers.


User empowerment

Concrete solutions on how to solve paradoxical behavior still do not exist. Many efforts are focused on processes of decision making, like restricting data access permissions during application installation, but this would not completely bridge the gap between user intention and behavior. Susanne Barth and Menno D.T. de Jong believe that for users to make more conscious decisions on privacy matters, the design needs to be more user-oriented.


Other security measures

In a social sense, simply limiting the amount of personal information that users posts on social media could increase their security, which in turn makes it harder for criminals to perform identity theft. Moreover, creating a set of complex passwords and using two-factor authentication can allow users to be less susceptible to their accounts being compromised when various data leaks occur. Furthermore, users should protect their digital privacy by using anti-virus software, which can block harmful viruses like a pop-up scanning for personal information on a users' computer.


Legal methods

Although there are laws that promote the protection of users, in some countries, like the U.S., there is no federal digital privacy law and privacy settings are essentially limited by the state of current enacted privacy laws. To further their privacy, users can start conversing with representatives, letting representatives know that privacy is a main concern, which in turn increases the likelihood of further privacy laws being enacted.


Privacy in non-human animals

David Attenborough Sir David Frederick Attenborough (; born 8 May 1926) is an English broadcasting, broadcaster, biologist, natural historian and author. He is best known for writing and presenting, in conjunction with the BBC Natural History Unit, the nine nat ...
, a
biologist A biologist is a scientist who conducts research in biology. Biologists are interested in studying life on Earth, whether it is an individual Cell (biology), cell, a multicellular organism, or a Community (ecology), community of Biological inter ...
and natural historian, affirmed that gorillas "value their privacy" while discussing a brief escape by a gorilla in
London Zoo London Zoo, also known as ZSL London Zoo or London Zoological Gardens is the world's oldest scientific zoo. It was opened in London on 27 April 1828, and was originally intended to be used as a collection for science, scientific study. In 1831 o ...
. Animals in zoos have been found to exhibit harmful or different behaviours due to the presence of visitors watching them: * Cotton-top tamarins in zoos engage in less social behaviours, including physical contact and sex, than ones in off-exhibit buildings. *Chimpanzees become more aggressive towards each other. *
Lion-tailed macaque The lion-tailed macaque (''Macaca silenus''), also known as the wanderoo, is an Old World monkey endemic to the Western Ghats of South India. Characteristics Lion-tailed macaques are covered in black fur, and have a striking gray or silver m ...
s pace and bite themselves more in direct proportions to human visitors. *In one zoo, orangutans have been shown to cover their heads less as the density of visitors decreased. Some studies have found in the contrary that being watched does not change non-human animals' behaviours, including covering faces.


See also

*
Civil liberties Civil liberties are guarantees and freedoms that governments commit not to abridge, either by constitution, legislation, or judicial interpretation, without due process. Though the scope of the term differs between countries, civil liberties may ...
*
Digital identity A digital identity is information used by computer systems to represent an external agent – a person, organization, application, or device. Digital identities allow access to services provided with computers to be automated and make it possib ...
* Global surveillance * Identity theft in the United States *
Open data Open data is data In the pursuit of knowledge, data (; ) is a collection of discrete values that convey information, describing quantity, quality, fact, statistics, other basic units of meaning, or simply sequences of symbols th ...
*
Open access Open access (OA) is a set of principles and a range of practices through which research Research is "creativity, creative and systematic work undertaken to increase the stock of knowledge". It involves the collection, organization an ...
* Transparency * Visual privacy * Wikipedia's privacy policy
Wikimedia Foundation The Wikimedia Foundation, Inc., or Wikimedia for short and abbreviated as WMF, is an American 501(c)(3) nonprofit organization headquartered in San Francisco, California and registered as foundation (United States law), a charitable foundati ...


References


Works cited

* *


Further reading

*


External links


Glenn Greenwald: Why privacy matters
Video on
YouTube YouTube is a global online video sharing and social media platform headquartered in San Bruno, California. It was launched on February 14, 2005, by Steve Chen, Chad Hurley, and Jawed Karim. It is owned by Google, and is the second mo ...
, provided by TED. Published 10 October 2014.
International Privacy Index world map
''The 2007 International Privacy Ranking'', Privacy International (London).
"Privacy"
entry in the
Stanford Encyclopedia of Philosophy The ''Stanford Encyclopedia of Philosophy'' (''SEP'') combines an online encyclopedia of philosophy with scholarly peer review, peer-reviewed publication of original papers in philosophy, freely accessible to Internet users. It is maintained by S ...
. {{Authority control Privacy law Human rights Identity management Digital rights Civil rights and liberties