This article originally appeared with the subtitle “From the American revolution to big data and the Internet of Things” in the magazine of the European Law Students' Association. Synergy Magazine 57 focused on the future of the right to privacy.
In 1776, John Adams wrote that it had been the British right to search houses without justification that sparked the fight for independence. In other words, John Adams thought that it had been an unjustified violation of privacy that had kindled one of history’s most noteworthy revolutions.
More than two centuries later, those unruly colonies – now the United States of America – see themselves once again at the centre of a debate on privacy. Many of the world’s most data-intensive companies hail from the US – and are criticised for what is perceived to be an excessive accumulation and use of their users' personal data. Piled on top of this, we know, as a result of Edward Snowden’s revelations, that the National Security Agency (NSA) of the United States has been at the forefront of a group of intelligence agencies that have been using that and other data to build massive databases containing information on millions of people living everywhere today’s information and computer technologies reach.
From searches without just cause, to big data and mass surveillance – throughout modern history, the notion of privacy has surfaced time and again. However, while the word has remained the same, its meaning never stopped evolving. We must be aware of that development if we are to effectively deal with the future’s challenges, in particular the pressing issue of the regulation of the collection, access, and use of personal information both by private as well as public actors.
What John Adams deemed unacceptable was the groundless intrusion into people’s private sphere. It was his fellow American citizens, Louis Brandeis – later a Supreme Court Judge – and Samuel Warren, who would put this conception of privacy most succinctly: privacy is the right to “being let alone”. On this understanding, privacy is something that you have as long as people, organisations or institutions are denied access to you. However, this notion – inspired mainly by the idea of physical boundaries – sees itself confronted with insuperable difficulties in an age where the debate’s focus lies squarely on informational privacy.
The internet is one of the areas in which informational privacy – the protection of personal information – has become crucial. Internet users do not want to be left alone – they want to partake in the offerings of the internet and participate in what has become one of their most important social spheres. Privacy concerns are nowadays focused to a large extent on the information we share or generate – often publicly – on the internet, rather than what we wish to conceal within the private confines of our homes.
The notion of privacy has adapted to those changing circumstances and today the focus lies mainly on users' control of their personal data. This concept forms the foundation of many political arguments; the right to be forgotten, “notice and consent” systems and transparency requirements all aspire to give users control. While control is important, the evolution of technology already strains the ability of users to meaningfully control their personal data by means of informed choices. In fact, this notion’s capacity to protect people’s fundamental interests is failing even before the relevant policies have seen widespread adoption.
A first problem is that people are so overloaded by requests to consent to the use of their data that informed choice becomes illusory. If people want to engage in the cultural and social life offered in the digital sphere, they will not be able to assess all the terms of services and privacy notices they see themselves confronted with. And opting-out of the internet can no longer be called a real option. Secondly, privacy is no longer a purely personal matter – the information we choose to share or allow to be gathered affects not only our own privacy but also the privacy of all those we interact with.
The complementary limitation theory of privacy could help bridge some of these difficulties. According to this notion, a person has privacy when access to personal information is limited in certain contexts. While we can only have limited control as to how some of our personal information is used, there should be limits as to who can use information gathered in a certain context. In the age of big data, and even more so in the future of the Internet of Things, this notion is poised to become all the more important. Many users feel very uneasy if the information collected by – for instance – their car or metro card is used to target them with advertisements the next time they visit an online retailer. This phenomenon is taken to another level with “profiling” – the use of your data to guess about aspects of your personality, generating insights into your personality and habits that you may not even know are possible. To the extent that more and more spheres of people’s lives will generate digital personal data, separation of those spheres will become more and more important.
While helpful in resolving some of the problems associated with the regulation of privacy, the limitation concept of privacy brings with it its own host of difficulties. There is for example the argument that privacy is essential for freedom and autonomy. Would Darwin or Copernicus have been able to make their ground-breaking and controversial discoveries if the prevailing powers at the time had been able to have more insight into their activities? Probably not. However, if consent cannot be the only principle governing privacy matters, then mandatory privacy standards seem unavoidable. It is then essential to ensure that the privacy standards serve to guarantee freedom and autonomy rather than unduly restricting it.
While today’s citizens' worries about privacy are very different from John Adams', their concerns are legitimate. These worries must be taken into account when designing the rules that should regulate the use of personal data in the digital world. And one thing is certain, an adequate concept of privacy is essential for a good regulation of personal data. The tasks before us are not simple – but they cannot be escaped and become more pressing with each passing day.
Warren, Samuel D., and Louis D. Brandeis. “The Right to Privacy.” Harvard Law Review 4, no. 5 (December 15, 1890): 193–220.
Adams, John, Charles Francis Adams, and John Adams. Letters of John Adams, Addressed to His Wife. Boston, C.C. Little and J. Brown, 1848. 338.
Cohen, Julie E. “What Privacy Is For.” Harvard Law Review 126 (2013): 1904–33.