Understanding Privacy; 2010 - Daniel J Solove - Harvard University Press

Prévia do material em texto

D a n i e l J . S o l o v e
HARVARD U N I V E R S I T Y PRESS 
Cambridge, Massachusetts 
London, England 2008
Copyright © 2008 by the President and Fellows of Harvard Collegi 
All rights reserved
Printed in the United States of America
Library o f Congress Cataloging-in-Publication Data
Solove, Daniel J., 1972- 
Understanding privacy / Daniel J. Solove. 
p. cm.
Includes bibliographical references (p. ) and index. 
ISBN-13: 978-0-674-02772-5 (alk. paper) 
ISBN-10: 0-674-02772-8 (alk. paper)
1. Privacy. I. Tide.
BF637.P74S65 2008
155.9'2—dc22 2007032776
T o m y grandfather, C urtis
Contents
Preface
Privacy: A C o ncep t in D isarray 
Privacy: A n Issue o f Global Concern 2 
Technology and the Rising Concern over Privacy 
V The Concept o f Privacy 6 
^ /A New Theory o f Privacy 8
2 T h e o rie s o f Privacy and T h e ir Shortcom ings
'/M e th o d s o f C onceptualizing 13 - / 7i 
/ Conceptions o f Privacy 14 
/ I Can Privacy Be Conceptualized? 37
\ y R econstructing Privacy 2 J { y f
M ethod 41 - t,
G enerality 46 X *>
Variability 50 f *
Focus 67
4 •- T h e Value o f Privacy fa 'X {
The V irtues and Vices o f Privacy 79 
Theories o f the Valuation o f Privacy 84 l rc 
The Social Value o f Privacy 89 / X\
Privacy's P luralistic Value 98
ix
1
12
39
78
Contents
\J
\p A Taxonom y o f Privacy
Inform ation Collection 106 ' jt 
Inform ation Processing 111 
Injbrm ation Dissemination 136 * T,r 
Invasion 161
\ 6 /Privacy: A N ew U nderstanding
\ / The N ature o f Privacy Problems 174
Privacy and C ultural Difference 183 
The Benefits o f a Pluralistic Conception ofPrivacy 187 
The Future o f Privacy 196
N otes
Index
Mil/
101
171
199
247
Preface
For over a decade, the topic o f privacy has had a hold on me. I was at­
tracted to privacy issues because o f their im m ense complexity, philo­
sophical richness, and con tem porary relevance. W hen I first began 
exploring privacy issues, I sought to reach a definitive conclusion 
about w hat “privacy” is, bu t after delving in to the question, I was 
hum bled by it. I could n o t reach a satisfactory answer. T h is struggle 
ultim ately m ade m e recognize th a t privacy is a plurality o f different 
things and th a t the quest for a singular essence o f privacy leads to a 
dead end. T h e re is no overarching conception o f privacy— it m ust be 
m apped like terrain , by painstakingly studying the landscape. In my 
initial years o f studying privacy, I was no t yet ready to do the m ap­
ping. T h e only way to do so would be to becom e fully im m ersed in 
the issues.
Over the years, my understanding o f privacy grew, and I now believe 
that I am ready to set forth my theo ry o f privacy. Although I feel that 
my theory is m ature enough to take form in this book, it is but a snap­
shot o f one point in an ongoing evolutionary process. T heories are not 
lifeless pristine abstractions but organic and dynamic beings. T hey are 
m eant to live, breathe, and grow. T hroughou t their lifetimes, they will, 
it is hoped, be tested, doubted, criticized, amended, supported, and 
reinterpreted. Theories, in short, are no t m eant to be the final word, 
but a new chapter in an ongoing conversation.
This book is the product o f many years of conversations. Countless 
people have helped me shape my ideas, and this book would not have 
been possible without them. A project such as this—one that attempts 
to make sense of the sprawling and complex concept of privacy—cannot 
be created by one individual alone. M any people helped by providing 
insightful comments on the manuscript or portions thereof. Deserving 
special mention is Michael Sullivan, who has been a great friend and 
teacher. H is comments on this book have truly been indispensable. 
M any others contributed greatly to all or part o f this project: Michelle 
Adams, Anita Allen, Francesca Bignami, Julie Cohen, Deven Desai, 
Howard Erichson, Jim Freeman, Robert Gellman, Tim othy Glynn, 
Rachel Godsil, Stan Karas, Orin Kerr, Raymond Ku, Erik Lillquist, 
Chip Lupu, Jon Michaels, Larry Mitchell, M arc Poirier, Robert Post, 
Neil Richards, Alichael Risinger, Peter Sand, Heidi Schooner, Paul 
Schwartz, Richard St. John, Lior Strahilevitz, Charles Sullivan, Peter 
Swire, Robert Tsai, Robert Tuttle, Sarah Waldeck, Richard Weisberg, 
and James W hitman. I would also like to thank my research assistants, 
Jessica Kahn, Romana Kaleem, Poomima Ravishankar, Erica Ruddy, 
Sheerin Shahinpoor, John Spaccarotella, and Tiffany Stedman, for 
their excellent work. M atthew Braun deftly assisted me in the library, 
quickly tracking down any books and articles I needed. Additionally, I 
benefited from helpful comments on parts o f this book at workshops at 
Washington University Law School, the International Association of 
Privacy Professionals, and the American Philosophical Association Pa­
cific Division Annual Meeting. And lastly, Dean Fred Lawrence of the 
George W ashington University Law School graciously provided me 
with all the resources I asked for.
Portions of this book were adapted from the following articles: 
“Conceptualizing Privacy,” 90 California Law Review 1087 (2002); 
“T he Virtues o f Knowing Less: Justifying Privacy Protections against 
Disclosure,” 53 Duke Law Journal 967 (2003); and “A Taxonomy of 
Privacy,” 154 University o f Pennsylvania Law Review 477 (2006). In some 
cases, I have used only selected passages from the articles; in many 
cases, the text and argument o f the articles have been significantly 
reworked.
Understanding Privacy
Privacy: A Concept in Disarray
Privacy. U .S . Suprem e C o u rt Justice Louis Brandeis pronounced it 
“the m ost comprehensive o f righ ts and the righ t m ost valued by civi­
lized m en.”1 C om m entators have declared it “essential to dem ocratic 
governm ent,” critical to “our ability to create and m aintain different 
sorts o f social relationships w ith different people,” necessary for “per­
m itting and protecting an autonom ous life,” and im portan t for “em o­
tional and psychological tranquility.”2 I t has been hailed as “an integral 
part o f ou r hum anity,” the “heart o f ou r liberty,” and “the beginning o f 
all freedom .”3
Privacy, however, is a concept in disarray. N obody can articulate what 
it means. Currently, privacy is a sweeping concept, encompassing 
(among o ther things) freedom o f thought, control over one’s body, soli­
tude in one’s hom e, control over personal inform ation, freedom from 
surveillance, protection o f one’s reputation, and protection from 
searches and interrogations. Philosophers, legal theorists, and jurists 
have frequently lam ented the great difficulty in reaching a satisfying 
conception o f privacy.4 Legal scholar A rthur M iller has declared that 
privacy is “difficult to define because it is exasperatingly vague and 
evanescent.”5 “O n closer exam ination,” author Jonathan Franzen ob­
serves, “privacy proves to be the Cheshire cat o f values: n o t m uch sub­
stance, bu t a very w inning smile.”6 According to philosopher Julie In- 
ness, the legal and philosophical discourse o f privacy is in a state of
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
7 P rivacy: A C o n c e p t i n D isarray
“chaos.”7 Professor Hyman Gross asserts that “the concept of privacy is 
infected with pernicious ambiguities.”8 Political scientist Colin Bennett 
declares that “[ajttempts to define the concept o f ‘privacy’ have gener­
ally not met with any success.”9 According to legal theorist Robert Post, 
“Privacy is a value so complex, so entangled in competing and contra­
dictory dimensions, so engorged with various and distinct meanings, 
that I sometimes despair whether it can be usefully addressed at all.”10
Widespread discontent over conceptualizing privacy persists even 
though privacy is an essential issue for freedom and democracy. To 
beginto solve some of the problems of privacy, we must develop an ap­
proach to conceptualizing privacy to guide policymaking and legal in­
terpretation. Although a large body of law' pertains to privacy, it thus 
far has suffered numerous failures and difficulties in resolving privacy 
problems. Judges, politicians, businesspeople, government officials, 
and scholars have often failed to adequately conceptualize the prob­
lems that privacy law is asked to redress. Privacy problems are often 
not well articulated, and as a result, we frequently lack a compelling ac­
count of what is at stake when privacy is threatened and what precisely 
the law must do to solve these problems. The difficulty in articulating 
what privacy is and why it is important has often made privacy law in­
effective and blind to the larger purposes it must serve. Thus the need 
to conceptualize privacy is significant, but the discourse about concep­
tualizing privacy remains deeply dissatisfying.
In this book, I aim to bring clarity to privacy’s current conceptual 
muddle. I develop a new understanding of privacy that strives to ac­
count for privacy’s breadth and complexities without dissipating into 
vagueness. I endeavor to set forth a theory of privacy that will guide 
our understanding of privacy7 issues and the crafting of effective laws 
and policies to address them.
Privacy: An Issue of Global Concern
Privacy is an issue of profound importance around the world. In nearly 
ever}7 nation, numerous statutes, constitutional rights, and judicial de­
cisions seek to protect privacy. In the constitutional law of countries 
around the globe, privacy is enshrined as a fundamental right. Al­
though the U.S. Constitution does not explicitly mention the word 
“privacy,” it safeguards the sanctity of the home and the confidentiality
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
Privacy: A Concept in Disarray 3
o f com m unications from governm ent intrusion. T h e Supreme C ourt 
has concluded that the Fourth Amendment protects against government 
searches whenever a person has a “reasonable expectation o f privacy.”11 
Additionally, the Supreme C ourt has held that the Constitution pre­
serves a “zone o f privacy” encompassing decisions people make about 
their sexual conduct, birth control, and health, as well as protects their 
personal information against unwarranted disclosures by the govern­
m ent.12 M any states explicitly protect privacy in their constitutions.13
Beyond the U nited States, the vast majority o f nations pro tect p ri­
vacy in their constitutions. F o r example, Brazil proclaim s tha t “the pri­
vacy, private life, honor and image o f people are inviolable”; South 
Africa declares that “ [e]veryone has the righ t to privacy”; and South 
Korea announces tha t “the privacy o f no citizen shall be infringed.”14 
W hen privacy is no t directly m entioned in constitutions, the courts o f 
m any countries have recognized im plicit constitutional rights to pri­
vacy, such as Canada, France, Germany, Japan, and India.13
In addition, thousands o f laws protect privacy around the world. 
M ultinational privacy guidelines, directives, and frameworks have in­
fluenced the passage o f privacy laws in a vast num ber o f nations. In 
1980, the O rganization for Econom ic C ooperation and Developm ent 
(O E C D ) issued its Privacy Guidelines.16 In 1995, the European 
U n ion’s Directive on D ata Protection specified fundam ental principles 
for privacy protection in E urope.17 T h e Asia-Pacific Econom ic C oop­
eration (APEC), with over tw enty m em ber nations, set forth a Privacy 
Fram ew ork in 2004.18 N um erous countries have enacted extensive pri­
vacy protections, such as Canada’s Personal Inform ation Protection 
and E lectronic D ocum ents Act o f 2000, Japan’s Personal Inform ation 
Protection Law o f 2003, Australia’s Privacy Act o f 1988, and Ar­
gentina’s Law for the P ro tection o f Personal Data o f 2000, to nam e just 
a few. In the U nited States, hundreds o f laws at state and federal levels 
protect privacy. C ourts in m ost states recognize four torts to remedy 
privacy wrongs.19 Since 1970, the U.S. Congress has passed several 
dozen statutes to pro tect the privacy o f governm ent records, student 
records, financial inform ation, electronic com m unications, video 
rental data, and drivers’ records, am ong o ther things.20
Furtherm ore, privacy is recognized as a fundam ental hum an right. 
According to the U nited N ations Universal D eclaration o f H um an 
Rights o f 1948, “N o one shall be subjected to arb itrary interference
juutu
Realce
4 P r i v a c y : A C o n c e p t i n D i sa rr ay
with his privacy, family, home o r correspondence, nor to attacks upon 
his honor and reputation.”21 T h e European Convention o f Hum an 
Rights o f 1950 provides that “[ejveryone has the right to respect for his 
private and family life, his home and his correspondence.”22 T hus there 
appears to be worldwide consensus about the importance o f privacy 
and the need for its protection.
Beyond this outer layer o f consensus, however, lurks an underworld 
of confusion. W hat exactly is privacy? W hy is it w orth protecting? 
H ow valuable is it? Legal protections o f privacy depend upon a con­
ception o f privacy tha t informs w hat m atters are protected and the 
nature and scope o f the particular protections employed, b u t this un­
derlying conception o f privacy is often poorly theorized and rarely 
examined.
Technology and the Rising Concern over Privacy
Since antiquity, people in nearly all societies have debated issues o f pri­
vacy, ranging from gossip to eavesdropping to surveillance. T h e devel­
opm ent o f new technologies kept concern about privacy smoldering 
for centuries, but the profound proliferation o f new information tech­
nologies during the twentieth century—especially the rise o f the 
computer—made privacy erupt into a frondine issue around the world. 
Starting in the 1960s, the topic of privacy received steadily increasing 
attention.23 T h e discourse has ranged from popular writers to journal­
ists to experts in law, philosophy, psychology, sociology, literature, eco­
nomics, and coundess other fields. In 1964, journalist Vance Packard 
declared in his best-selling book The Naked Society that privacy was rap­
idly “evaporating.”24 T h a t same year, in another best seller, The Privacy 
Invade?‘s, author M yron Brenton declared that “we stand on the 
threshold o f what m ight be called the Age o f the Goldfish Bow l.^H e 
asked, “A couple o f generations hence, will some automated society 
look upon privacy with the same air o f amused nostalgia we now re­
serve for, say, elaborate eighteenth-century drawing room manners?”25 
In his 1967 book Privacy and Freedom, Professor Alan W estin noted “a 
deep concern over the preservation o f privacy under the new pressures 
from surveillance technology.”26 Psychologist Bruno Bettelheim ob­
served in 1968, “Everywhere one turns these days it seems that the 
right to privacy is constandy under assault.”27
juutu
Realce
juutu
Realce
Privacy: A Concept in Disarray 5
Today, the concern remains largely the same. Philosopher Thom as 
Nagel notes that there has been “a disastrous erosion o f the precious but 
fragile conventions o f personal privacy in the U nited States over the past 
ten o r twenty years.”28 Coundess comm entators have declared that pri­
vacy is “under siege” and “attack”; that it is in “peril,” “distress,” or 
“danger”; that it is “eroding,” “evaporating,” “dying,” “shrinking,” “slip­
ping away,” “diminishing,” o r “vanishing”; and that it is “lost” or 
“dead.”29 Legions o f books and articles have warned o f the “destruction,” 
“death,” o r “end” o f privacy.30 As Professor D eborah N elson has put it, 
“Privacy, it seems, is no t simply dead. I t is dying over and over again.”31
B ut n o t everyone is concerned.Some argue that despite what people 
say, their actions dem onstrate tha t they really do n o t w ant privacy at all. 
Jonathan Franzen notes, “T h e panic about privacy has all the finger- 
pointing and paranoia o f a good old American scare, bu t it’s missing one 
vital ingredient: a genuinely alarmed public. Americans care about pri­
vacy mainly in the abstract.”32 Although polls indicate that people care 
deeply about privacy, people routinely give out their personal informa­
tion and willingly reveal intim ate details about their lives on the In­
ternet. Law professor Eric G oldm an points out that people’s “stated 
privacy concerns diverge from w hat [they] do.”33 Canadian scholar 
Calvin G otlieb declares that “m ost people, when o ther interests are at 
stake, do n o t care enough about privacy to value it.”34
O thers contend tha t privacy can be socially detrim ental. According 
to law professor R ichard Epstein, privacy is “a plea for the righ t to mis­
represent one’s self to the rest o f the world.”35 Judge Richard Posner 
views privacy as giving individuals “power to conceal inform ation 
about themselves that others m ight use to [the individuals’] disadvan­
tage.”36 Legal scholar Fred C ate declares that privacy is “an antisocial 
c o n s tru c t. . . [that] conflicts w ith o ther im portant values within the so­
ciety, such as society’s in terest in facilitating free expression, preventing 
and punishing crim e, protecting private property, and conducting gov­
ernm ent operations efficiently.”37
T hus privacy is a fundam ental right, essential for freedom, democracy, 
psychological well-being, individuality, and creativity. I t is proclaimed 
inviolable but decried as detrim ental, antisocial, and even pathological. 
Some claim that privacy is nearing extinction; others argue that the 
threat to privacy is illusory.38 I t seems as though everybody is talking 
about “privacy,” but it is no t clear exactly what they are talking about.
juutu
Realce
juutu
Realce
6 P ri vacy : A C o n c e p t i n D isarray
The Concept of Privacy
Privacy violations involve a variety of types of harmful or problematic 
activities. Consider the following examples of activities typically re­
ferred to as privacy violations:
^ ■ A newspaper reports the name of a rape victim.39
• Reporters deceitfully gain entry to a person’s home and secretly 
photograph and record him.40
• New X-ray devices can see through people’s clothing, amounting to 
what some call a “virtual strip-search.”41
V • The government uses a thermal sensor device to detect heat 
patterns in a person’s home.42
• A company markets a list of five million elderly incontinent 
women.43
y • Despite promising not to sell its members’ personal information to 
others, a company does so anyway.44
Although these violations are clearly not the same, courts and policy­
makers frequently have a singular view of privacy in mind when they 
assess whether an activity violates privacy. As a result, they either con­
flate distinct privacy problems despite significant differences or fail to 
recognize a problem entirely. In short, privacy problems are frequently 
misconstrued or inconsistently recognized in the law.
Merely being more contextual about privacy, however, will not be 
sufficient to develop a fruitful understanding of privacy. In author 
Jorge Luis Borges’s illuminating parable “Everything and Nothing,” a 
gifted playwright creates breathtaking works of literature, populated 
with an unforgettable legion of characters, one after the other imbued 
with a unique, unforgettable personality. Despite his spectacular feats 
of imagination, the playwright lives a life of despair. He can dream up a 
multitude of characters—become them, think like them, understand 
the depths of their souls—yet he himself has no core, no way to under­
stand himself, no way to define who he is. His gift of assuming so many 
different personalities has left him with no identity of his own. At the 
end of the parable, before he dies, the playwright communicates his de­
spair to God:
juutu
Realce
Privacy: A Concept in Disarray 7
“I w ho have been so m any m en in vain w ant to be one and my­
self.” T h e voice o f the L ord answered from a whirlwind: “N either 
am I anyone; I have dream t the world as you dream t your work, 
m y Shakespeare, and am ong the forms in my dream are you, who 
like m yself are m any and no one.”45
Privacy seems to encompass everything, and therefore it appears to be 
noth ing in itself. O ne com m entator observed:
I t is apparent that the word “privacy” has proven to be a powerful 
rhetorical battle c ry in a plethora o f unrelated con tex ts .. . . Like 
the emotive word “freedom ,” “privacy” means so m any different 
things to so m any different people that it has lost any precise legal 
connotation that i t m ight once have had.46
Legal scholar Lillian BeVier writes, “Privacy is a cham eleon-like word, 
used denotatively to designate a wide range o f wildly disparate 
interests— from confidentiality o f personal inform ation to reproduc­
tive autonom y—and connotatively to generate goodwill on behalf o f 
whatever in terest is being asserted in its nam e.”4/ O th e r com m entators 
have lam ented tha t privacy is “protean” and suffers from “an em bar­
rassm ent o f m eanings.”48 “Perhaps the m ost striking th ing about the 
righ t to privacy,” philosopher Jud ith Jarvis T hom son has observed, “is 
that nobody seems to have any clear idea w hat it is.”49 
O ften, privacy problem s are m erely stated in knee-jerk form: “T h a t 
violates m y privacy!” W h en we contem plate an invasion o f privacy— 
such as having our personal inform ation gathered by companies in 
databases—we instinctively recoil. M any discussions o f privacy appeal 
to people’s fears and anxieties. Com m entators, however, often fail to 
translate those instincts in to a reasoned, w ell-articulated account o f 
why privacy problem s are harm ful. W hen people claim that privacy 
should be protected, it is unclear precisely w hat they mean. T h is lack 
o f clarity creates difficulty w hen m aking policy o r resolving a case be­
cause lawmakers and judges cannot easily articulate the privacy harm. 
T h e interests on the o ther side— free speech, efficient consum er trans­
actions, and security— are often m uch m ore readily articulated. C ourts 
and policymakers frequently struggle in recognizing privacy interests, 
and w hen this occurs, cases are dismissed o r laws are n o t passed. T h e
juutu
Realce
juutu
Realce
8 P r i v a c y : A C o n c e p t i n D i sa rr ay
result is that privacy is not balanced against countervailing interests. 
For example, in England, discontent over defining privacy led the 
Younger Com m ittee on Privacy to recommend in 1972 against recog­
nizing a right to privacy, as was proposed in legislation at the time. T he 
major difficulty in enacting a statutory protection o f privacy, the com­
m ittee’s report declared, is the “lack o f any clear and generally agreed 
definition o f what privacy itself is.” Courts would struggle in dealing 
with “so ill-defined and unstable a concept.”50 As a result, the legisla­
tion failed to pass.
Despite the wide-ranging body o f law that addresses privacy issues 
today, commentators often lam ent the law’s inability to adequately pro­
tect privacy.51 Moreover, abstract incantations o f “privacy” are no t nu- 
anced enough to capture the problems involved. In the U nited States, 
for example, the 9/11 Commission Report recommended that as govern­
m ent agencies engage in greater information sharing with each other 
and with businesses, they should “safeguard the privacy o f individuals 
about whom information is shared.”52 But what does safeguarding “pri­
vacy” mean? W ithout an understanding o f what the privacy problems 
are, privacy cannot be addressed in a meaningful way.
A New Theory of Privacy
T hereis a great need to understand privacy in a clear and comprehen­
sive manner. In this book, I set forth a new theory o f privacy. I begin in 
Chapter 2 by critiquing the existing attempts to conceptualize privacy 
by a wide array o f jurists, legal scholars, philosophers, psychologists, 
and sociologists. In examining these theories o f privacy, I survey the 
criticisms o f various scholars regarding each other’s conceptions o f pri­
vacy and suggest a num ber o f m y own criticisms. Almost all the criti­
cisms boil down to claims that the theories are too narrow, too broad, 
or too vague. M ore generally, many existing theories o f privacy view it 
as a unitary concept with a uniform value that is unvarying across 
different situations. I contend that with a few exceptions, traditional 
accounts o f privacy seek to conceptualize it in terms o f necessary and 
sufficient conditions. In other words, m ost theorists attem pt to define 
privacy by isolating a common denominator in all instances o f privacy. 
I argue that the attem pt to locate the “essential” o r “core” characteris­
tics o f privacy has led to failure.
Privacy: A Concept in Disarray 9
In C hap ter 3, I develop an alternative approach to conceptualizing 
privacy. T h e re are four dim ensions to my approach: (1) m ethod, (2) 
generality, (3) variability, and (4) focus. Regarding m ethod, I suggest 
abandoning the traditional way o f conceptualizing privacy and instead 
understanding it w ith Ludw ig W ittgenstein’s notion o f “family resem ­
blances.” W ittgenstein suggests tha t certain concepts m ight n o t have a 
single com m on characteristic; rather, they draw from a com m on pool 
o f sim ilar elem ents.53 Privacy, therefore, consists o f m any different yet 
related things.
In term s o f generality, I argue tha t privacy should be conceptualized 
from the bottom up ra ther than the top down, from particular contexts 
ra ther than in the abstract. All conceptions m ust exist a t some level o f 
generality, however, so m y theo ry generalizes beyond the myriad o f 
specific contexts.
Regarding variability, a workable theory o f privacy should account 
for the differing attitudes toward privacy across m any cultures. It 
should recognize that no tions about what inform ation o r m atters are 
private have evolved th roughou t history. A theory o f privacy, however, 
should avoid being too variable and contingent, o r else it will n o t have 
lasting o r widespread usefulness.
Finally, an approach to conceptualizing privacy m ust have a focus. I t 
needs to unravel the complexities o f privacy in a consistent manner; 
otherwise i t m erely picks a t privacy from m any angles, becom ing a dif­
fuse and discordant mess. Follow ing philosopher Jo h n Dewey’s view 
that philosophical inquiry should begin,as a response to dealing with 
life’s problem s and difficulties, I argue that the focal po in t should be on 
privacy problems.*4 W hen we p ro tect privacy, we p ro tec t against disrup­
tions to certain activities. A privacy invasion interferes w ith the in­
tegrity o f certain activities and even destroys o r inhibits some activities. 
Instead o f attem pting to locate the com m on denom inator o f these ac­
tivities, we should conceptualize privacy by focusing on the specific 
types o f disruption.
T herefore, m y approach to conceptualizing privacy understands it 
pluralistically ra ther than as having a unitary com m on denom inator. In 
focusing on privacy problem s, m y approach seeks to be contextual 
w ithout being overly tied to specific contexts, flexible enough to ac­
com m odate changing attitudes toward privacy, yet firm enough to re­
main stable and useful.
10 P r i v a c y : A C o n c e p t i n D i sarray
In Chapter 4, I contend that the value o f privacy must be deter­
mined on the basis o f its importance to society, not in terms o f indi­
vidual rights. M oreover, privacy does no t have a universal value that 
is the same across all contexts. T he value of privacy in a particular 
context depends upon the social importance o f the activities that it 
facilitates.
In Chapter 5, having laid out the general groundwork for what needs 
to be done to develop a theory o f privacy, I propose a taxonomy of 
privacy—a framework for understanding privacy in a pluralistic and 
contextual manner. T he taxonomy is grounded in the different kinds of 
activities that impinge upon privacy. I endeavor to shift the focus away 
from the vague term “privacy” and toward the specific activities that 
pose privacy problems. Additionally, the taxonomy is an attem pt to 
identify and understand the different kinds of socially recognized pri­
vacy violations, one that I hope will enable courts and policymakers to 
better balance privacy against countervailing interests. Ultimately, the 
purpose of this taxonomy is to aid the development o f the body of law 
that addresses privacy.
T he taxonomy consists of four principal groups of activities: (1) 
information collection, (2) information processing, (3) information dis­
semination, and (4) invasion. Each group encompasses a variety o f ac­
tivities that can create privacy problems. T he taxonomy is as follows:
1. Information collection
Surveillance
Interrogation
2. Information processing
Aggregation 
Identification 
Insecurity 
Secondary use 
Exclusion
3. Information dissemination
Breach o f confidentiality
Disclosure
Exposure
Increased accessibility 
Blackmail
Privacy: A Concept in Disarray 11
Appropriation 
Distortion
4. Invasion 
Intrusion
Decisional interference
In the chapter, I explain in depth each o f these types o f problems and 
why they can be problematic.
In C hapter 6 ,1 conclude by explaining the benefits o f understanding 
privacy with the taxonomic framework I have developed. I t is my hope 
that the theory o f privacy set forth in this book will clear the fog of 
confusion that often envelops the concept of privacy. A lucid, compre­
hensive, and concrete understanding of privacy will aid the creation of 
law and policy to address privacy issues. Far too often, the effective res­
olution o f privacy issues gets lost in navigating the conceptual 
labyrinth o f privacy. This book endeavors to guide us in understanding 
this bewildering terrain.
2
Theories o f Privacy 
and Their Shortcomings
W hat is “privacy”? This question is essential for making legal and 
policy decisions. Many recognize the importance of privacy for freedom, 
democracy, social welfare, individual well-being, and other ends. Many 
also assert that i t is worth protecting at significant cost. Society’s com­
m itm ent to privacy often entails restraining or even sacrificing inter­
ests of substantial importance, such as freedom o f speech and press, ef­
ficient law enforcement, and access to information. Balancing privacy 
against countervailing interests requires having some notion of what 
privacy is. W hen we protect “privacy,” what are we protecting?
T here is a vast literature attempting to address this question. Many 
philosophers, jurists, sociologists, and scholars in other fields have 
tried valiantly to develop a theory o f privacy, but m ost o f their en­
deavors have major shortcomings. Traditionally, theorists o f privacy 
have attempted to locate the essential elements common to the aspects 
o f life we deem “private” and then formulate a conception based on 
these elements. A robust discourse has developed about conceptual­
izing privacy, and a multitude o f different conceptions o f privacy have 
been proposed and critiqued.
Although the extensive scholarly and judicial writing on privacy has 
produced many different conceptions o f privacy, they can be classified 
into six general types: (1) the right to be let alone—Samuel W arren and 
Louis Brandeis’s famous formulation o f the right to privacy; (2) limited
13
access to the self—the ability to shield oneself from unwanted accessby 
others; (3) secrecy—the concealm ent o f certain m atters from others; 
(4) control over personal inform ation— the ability to exercise control 
over inform ation about oneself; (5) personhood— the protection o f 
one’s personality, individuality, and dignity; and (6) intimacy—control 
over, o r lim ited access to, one’s intim ate relationships o r aspects o f life.1 
T h e conceptions often overlap, bu t each has a distinctive perspective 
on privacy. In this chapter, I delve into the extensive literature on the 
subject, analyzing and critiquing the privacy conceptions set forth in 
judicial opinions and legal scholarship, as well as in works by philoso­
phers, psychologists, sociologists, and others. I dem onstrate that the 
different conceptions suffer from similar problems.
T h e m ost prevalent problem w ith the conceptions is that they are ei­
ther too narrow because they fail to include the aspects o f life we typi­
cally view as private o r too broad because they fail to exclude m atters 
tha t we do n o t deem private. Some conceptions even suffer from being 
both too narrow and too broad. T hese problems stem from the m ethod 
m ost theorists use to conceptualize privacy.
Theories o f Privacy and Their Shortcomings
Methods of Conceptualizing
A conception o f privacy is different from the usage o f the word “pri­
vacy.” T h e usage o f the word “privacy” constitutes the ways in which we 
employ the word in everyday life and the things we are referring to 
when we speak o f “privacy.” A conception o f privacy is an abstract 
mental picture o f what privacy is and what makes it unique and distinct.
U nder w hat I will refer to as the “traditional m ethod,” conceptual­
izing privacy is understood as an attem pt to articulate w hat separates 
privacy from other things and w hat identifies it in its various manifes­
tations. T h e purpose o f conceptualizing is to define the unique charac­
teristics o f privacy. Usage o f the word “privacy” m ust then be cleaned 
up to m atch the conceptual category o f privacy, because people can use 
the word “privacy” im properly by referring to things outside the con­
ceptual boundaries. G iven the great difficulties o f capturing everything 
referred to by “privacy,” the often-disparate ways tha t the word “pri­
vacy” is used, and the lack o f agreem ent over the precise m eaning of 
the word, m any scholars seek to establish criteria to distinguish “pri­
vacy” from other things. A few things m ight be left out, but the aim is
juutu
Realce
juutu
Realce
14 T h e o r i e s of P rivacy a nd T h e i r S h o r t c o m i n g s
to establish a conception that encompasses most things that are com­
monly viewed under the rubric of privacy.
Most attempts to conceptualize privacy thus far have followed the 
traditional method of conceptualizing. The majority of theorists con­
ceptualize privacy by defining it per genus et differentiam. In other 
words, theorists look for a common set of necessary and sufficient ele­
ments that single out privacy as unique from other conceptions.2 Al­
though the terminologies theorists employ differ, most theorists strive 
to locate the “essence” of privacy—the core common denominator that 
makes things private. The traditional method endeavors to conceptu­
alize privacy by constructing a category that is separate from other 
conceptual categories (such as autonomy or freedom) and that has 
fixed, clear boundaries so we can know when things fall within or out­
side the category.
Under the traditional method, conceptions of privacy are evaluated 
by determining their accuracy in capturing what privacy is and by their 
coherence—whether they are logical and consistent. Theorists often 
examine whether a conception of privacy includes the things we view as 
private and excludes the things we do not. For example, if a conception 
of privacy were to omit things we commonly view as private—such as 
medical information, intimate marital secrets, and freedom from 
surveillance—theorists would likely reject the conception. A successful 
conception thus aims to get close to the modem usage of the word 
“privacy,” yet maintain coherence by identifying a combination of 
common elements that are unique to privacy. This is certainly not the 
only way to evaluate conceptions of privacy, but it is the way most often 
used by theorists.
In the remainder of this chapter, I will examine the various attempts 
to conceptualize privacy and will demonstrate the shortcomings of 
these conceptions. Ultimately, the problem emerges from the fact that 
theorists are attempting to conceptualize privacy with the traditional 
method. They are seeking to isolate its core characteristics. Privacy, 
however, does not lend itself very well to this form of conceptualization.
Conceptions of Privacy
The philosophical and legal discourse about privacy has proposed nu­
merous conceptions in an attempt to capture the common denominator
Theories o f Privacy and Their Shortcomings 15
o f privacy. In this section, I will explore and analyze these conceptions. 
A lthough I am critical o f m ost conceptions o f privacy, I do n o t intend 
to imply tha t they are devoid o f m erit. In fact, m any o f the conceptions 
capture useful insights about privacy. Each o f them , however, has sig­
nificant lim itations if it is to serve as a conceptual account o f privacy.
The Right to Be Let Alone
In 1890, Samuel W arren and Louis Brandeis penned their famous ar­
ticle “T h e R ight to Privacy,” arguing for the legal recognition o f a 
righ t to privacy, which they defined as a “righ t to be let alone.”3 M any 
scholars have proclaim ed W arren and Brandeis’s article the foundation 
o f privacy law in the U nited States.4 O ne has called it the “m ost influ­
ential law review article o f all,” and another has observed that it “has 
attained w hat some m ight call legendary status.”5 I t has also been de­
scribed as “one o f the m ost brilliant excursions in the field o f theoret­
ical jurisprudence.”6 T h e influence o f W arren and Brandeis’s article 
cannot be questioned— the article brought significant attention to pri­
vacy, spawned a t least four com m on-law to rt actions to protect privacy, 
and fram ed the discussion o f privacy in the U nited States throughout 
the tw entieth century.7
W arren and Brandeis began by describing new technological devel­
opm ents tha t were posing a potential threat to privacy. T h ey observed 
tha t “ [ijnstantaneous photographs and newspaper enterprise have in­
vaded the sacred precincts o f private and dom estic life; and num erous 
mechanical devices th reaten to make good the prediction that ‘w hat is 
whispered in the closet shall be proclaimed from the house-tops.’ ”8 By 
“instantaneous photographs,” they were referring to the new snap 
cameras invented by Eastm an K odak Com pany in 1884. Before this in­
vention, photography was largely practiced by professionals, since 
cameras were large, expensive, and tim e consum ing to set up. Kodak’s 
new cameras were small and cheap, allowing anybody to become a 
photographer. In 1889, a year before W arren and Brandeis published 
their article, photography was so popular tha t it was referred to in 
newspapers as a “craze.”9
W arren and Brandeis were concerned n o t only w ith new technology 
but w ith how it would in tersect w ith the media. T h e press was highly 
sensationalistic a t the time. “T h e press is overstepping in every direction
juutu
Realce
juutu
Realce
16 T h e o r i e s o f P rivacy a n d T h e i r S h o r t c o m i n g s
the obvious bounds o f propriety and o f decency,” W arren and Brandeis 
wrote. “Gossip is no longer the resource o f the idle and o f the vicious, 
but has become a trade.”10 Indeed, the press was quite piquant. T he ad­
vent o f “yellow journalism” and cheap papers brim ming with lurid 
hum an-interest stories fueleda dramatic increase in newspaper circula­
tion. In 1850, only about 100 papers were read by 800,000 readers; by 
1890, the numbers had swelled to 900 papers being read by 8 million 
readers.11
“It is our purpose,” W arren and Brandeis declared, “to consider 
whether the existing law affords a principle which can properly be in­
voked to protect the privacy o f the individual; and, if it does, what the 
nature and extent o f such protection is.” T he authors argued that a 
right to privacy could be derived from the common law. W arren and 
Brandeis defined privacy as the “right to be let alone,” a phrase adopted 
from Judge Thom as Cooley’s famous treatise on torts in 1880.12 
Cooley’s right to be let alone was, in fact, a way o f explaining that at­
tempted physical touching was a to rt injury; he was not defining a right 
to privacy. W arren and Brandeis used the phrase to demonstrate that 
many o f the elements o f a right to privacy existed implicitly within the 
common law.
T he authors declared that the underlying principle o f privacy was 
“that o f inviolate personality.” T hey noted that the value o f privacy “is 
found not in the right to take the profits arising from publication, but 
in the peace o f mind or the relief afforded by the ability to prevent any 
publication at all.” W hile the law o f defamation protected injuries to 
reputations, privacy involved “injury to the feelings.” W arren and 
Brandeis argued that the “common law secures to each individual the 
right o f determining, ordinarily, to what extent his thoughts, senti­
ments, and emotions shall be communicated to others.” T his right— 
the “right to be let alone”—-was a “general right to the immunity o f the 
person, the right to one’s personality.”13
W arren and Brandeis’s article, and their conception o f privacy as the 
right to be let alone, profoundly influenced privacy law in the United 
States. Soon after the article’s publication, courts and legislatures 
began to recognize the right to privacy. Today, nearly all states in 
America recognize a num ber o f privacy torts that trace their inspira­
tion back to W arren and Brandeis.14 T h e authors’ conception o f pri­
vacy influenced not only to rt actions but constitutional and statutory
juutu
Realce
juutu
Realce
juutu
Realce
Theories o f Privacy and Their Shortcomings 17
law as well. Indeed, W arren and Brandeis spoke o f privacy as a “right,” 
no t m erely a ground for a to rt lawsuit.15 In 1891, just a year after the 
article was published, the Suprem e C ourt referred to the righ t to be let 
alone in holding tha t a court could no t force a plaintiff in a civil case to 
subm it to a surgical examination: “As well said by Judge Cooley: ‘T he 
righ t to one’s person m ay be said to be a righ t o f com plete immunity; 
to be let alone.’ ”16
N early forty years later, w hen he was a justice on the U .S. Supreme 
C ourt, Brandeis w rote his famous dissent in Olmstead v. United States. 
In Olmstead, the C ourt held th a t w iretapping was no t a violation under 
the F ourth A m endm ent o f the U.S. C onstitution because it was no t a 
physical trespass into the hom e.17 Brandeis fired off a prescient dissent, 
declaring tha t the framers o f the C onstitution “conferred, as against 
the governm ent, the rig h t to be let alone— the m ost comprehensive o f 
rights and the righ t m ost valued by civilized m en.”18 
W arren and Brandeis’s article and Brandeis’s dissent in Olmstead 
shaped constitutional law significantly in the decades to come. In 1967, 
the Suprem e C ourt adopted Brandeis’s view o f the Fourth Am end­
m ent, overruling Olmstead in K atz v. United States.'9 In its Fourth 
A m endm ent jurisprudence, as well as its protection o f the righ t to pri­
vacy, the Suprem e C ourt frequendy has invoked Brandeis’s form ula­
tion o f privacy as “the rig h t to be let alone.”20 “[The righ t to privacy] 
is, simply stated, the righ t to be let alone,” Justice Abe Fortas observed, 
“to live one’s life as one chooses, free from assault, intrusion o r inva­
sion except as they can be justified by the clear needs o f com m unity 
living under a governm ent o f law.”21 According to Justice W illiam O. 
Douglas:
[The] righ t o f privacy was called by M r. Justice Brandeis the right 
“to be le t alone.” T h a t righ t includes the privilege o f an individual 
to plan his own affairs, for “outside areas o f plainly harm ful con­
duct, every American is left to shape his own life as he thinks best, 
do w hat he pleases, go w here he pleases.”22
T h e conception o f privacy as the righ t to be let alone, however, fails 
to provide m uch guidance about what privacy entails. Understanding 
privacy as being let alone does n o t inform us about the m atters in which 
we should be let alone. W arren and Brandeis did speak o f “inviolate
18 T h e o r i e s of P rivacy a n d T h e i r S h o r t c o m i n g s
personality,” which could be viewed as describing the content of the 
private sphere, but this phrase is vague, and the authors failed to elabo­
rate. To the extent that being let alone refers to “noninterference by the 
state,” legal scholar Ruth Gavison argues, it often neglects to under­
stand that “the typical privacy claim is not a claim for noninterference 
by the state at all. It is a claim f i r state interference in the form of legal 
protection against other individuals.”23
The right to be let alone views privacy as a type of immunity or 
seclusion. As many commentators lament, defining privacy as the 
right to be let alone is too broad.24 For example, legal scholar Anita 
Allen explains, “If privacy simply meant ‘being let alone,’ any form of 
offensive or harmful conduct directed toward another person could be 
characterized as a violation o f personal privacy. A punch in the nose 
would be a privacy invasion as much as a peep in the bedroom.”25 Ac­
cording to philosopher Ferdinand Schoeman, W arren and Brandeis 
“never define what privacy is.”26 Edward Bloustein, a legal theorist of 
privacy, observed that instead of developing a conception o f privacy, 
W arren and Brandeis’s article focused mostly on the gaps in existing 
common-law torts.27
To its credit, the article was far ahead of its time, and it contained 
flashes of insight into a more robust theory of privacy. And to be fair, 
W arren and Brandeis’s aim was not to provide a comprehensive con­
ception of privacy but instead to explore the roots of the right to pri­
vacy in the common law and explain how it could develop. T he article 
was certainly a profound beginning toward developing a conception of 
privacy. However, although the right to be let alone has often been in­
voked by judges and commentators, it still remains a rather broad and 
vague conception of privacy.
Lim ited Access to the S e lf
A number of theorists conceptualize privacy as “limited access” to the 
self. This conception recognizes the individual’s desire for conceal­
ment and for being apart from others. In this way, it is closely related to 
the right-to-be-let-alone conception and is perhaps even a more so­
phisticated formulation of it.
The limited-access conception is not equivalent to solitude. Solitude 
is a form of seclusion, of withdrawal from other individuals, of being
juutu
Realce
19
alone. Solitude is a com ponent o f limited-access conceptions, as well as 
o f the right-to-be-let-alone conception, bu t these theories extend far 
m ore broadly than solitude, em bracing freedom from governm ent in­
terference, as well as from intrusions by the press and others. Lim ited- 
access conceptions recognize tha t privacy extends beyond m erely being 
apart from others.
E. L. G odkin, a well-known w riter o f the late n ineteen th century, 
advanced an early version o f the limited-access th eo ry when he ob­
served th a t “noth ing is b e tte r w orthy o f legal pro tection than private 
life, or,in o ther words, the righ t o f every m an to keep his affairs to 
himself, and to decide for h im self to w hat extent they shall be the sub­
ject o f public observation and discussion.”28 A round the same tim e 
as the publication o f W arren and Brandeis’s article in 1890, Godkin 
published an article in which he noted tha t privacy constituted the 
“righ t to decide how m uch knowledge o f [a person’s] personal thought 
and feeling . . . private doings and affairs . . . the public at large shall 
have.”29
Several contem porary theorists also have advanced limited-access 
conceptions. F o r philosopher Sissela Bok, privacy is “the condition of 
being protected from unw anted access by others— either physical ac­
cess, personal inform ation, o r attention.”30 H ym an G ross, a legal theo­
rist o f privacy, conceives o f privacy as “the condition o f hum an life in 
which acquaintance with a person o r with affairs o f his life which are 
personal to him is lim ited.”31 According to E rnest Van D en Haag, 
“Privacy is the exclusive access o f a person (or o ther legal entity) to a 
realm o f his own. T h e righ t to privacy entides one to exclude others 
from (a) watching, (b) utilizing, (c) invading (intruding upon, or in 
o ther ways affecting) his private realm .”32 Legal theorist Anita Allen 
asserts tha t “a degree o f inaccessibility is an im portant necessary condi­
tion for the apt application o f privacy.”33
Legal scholar David O ’Brien argues that there is an im portant dis­
tinction am ong theorists who propound privacy as limited-access for­
mulations. Some view lim ited access as a choice, a form o f individual 
control over who has access to the self. O thers view lim ited access as a 
state o f existence. Arguing for the latter view, O ’Brien claims that pri­
vacy “may be understood as fundamentally denoting an existential con­
dition o f lim ited access to an individual’s life experiences and engage­
m ents.” “Privacy is n o t identical with control over access to oneself,
Theories o f Privacy and Their Shortcomings
20 T h e o r i e s o f P r i v a c y a n d T h e i r S h o r t c o m i n g s
because n o t all privacy is chosen. Some privacy is accidental, compul­
sory, o r even involuntary.”34 For O ’Brien, privacy boils down to the 
condition o f being alone. O ’Brien’s conception, however, om its any 
notion o f the individual’s power to make certain choices about re­
vealing aspects o f herself to others. For example, O ’Brien would claim 
that a person stranded on a deserted island has complete privacy, but 
this is probably better described as a state o f isolation. Privacy involves 
one’s relationship to society; in a world w ithout others, claiming that 
one has privacy does no t make m uch sense.
W ithou t a notion o f what m atters are private, limited-access concep­
tions do no t tell us the substantive m atters for which access would im­
plicate privacy. Certainly not all access to the self infringes upon pri­
vacy, only access relating to specific dimensions o f the self or to 
particular m atters and inform ation. T h e theory provides no under­
standing as to the degree o f access necessary to constitute a privacy vi­
olation. In the continuum between absolutely no access to the self and 
total access, the im portant question is where the lines should be 
drawn— that is, w hat degree o f access should we recognize as reason­
able? Like the right-to-be-let-alone conception, the limited-access 
conception suffers from being too broad and too vague.
In an attem pt to address these shortcomings, legal theorist Ruth 
Gavison develops the m ost compelling limited-access conception. H er 
aim is to define “a neutral concept o f privacy” that is “distinct and co­
herent” because “the reasons for which we claim privacy in different 
situations are similar.” F or Gavison, limited access is the com m on d e - . 
nom inator o f privacy: “O ur interest in privacy. . . is related to our con­
cern over ou r accessibility to others: the extent to which we are known 
to others, the extent to which others have physical access to us, and the 
extent to which we are the subject o f others’ attention.” According to 
Gavison, privacy cannot be understood “as a claim, a psychological 
state, o r an area tha t should not be invaded . . . [or] as a form o f con­
tro l.” Unlike m any limited-access theorists who neglect to elaborate on 
the value o f privacy, Gavison argues tha t privacy as lim ited access to 
the self is valuable in furthering liberty, autonomy, and freedom .35
Further, Gavison explains what constitutes limited access, which con­
sists o f “three independent and irreducible elements: secrecy, anonymity, 
and solitude.”36 T h e way that Gavison defines access, however, restricts 
privacy to m atters o f withdrawal (solitude) and concealm ent (secrecy,
Theories o f Privacy and Their Shortcomings 21
anonymity). Excluded from this definition are invasions into one’s pri­
vate life by harassment and nuisance and the government’s involvement 
in decisions regarding one’s body, health, sexual conduct, and family 
life.37 Although Gavison contends that “the collection, storage, and 
computerization o f information” falls within her conception, these ac­
tivities often do no t reveal secrets, destroy anonymity, or thwart soli­
tude.38 Therefore, although Gavison avoids the broadness and vague­
ness o f m ost limited-access conceptions, her attem pt to define what 
“access” entails winds up being too narrow.
Secrecy
One o f the m ost common understandings o f privacy is that it consti­
tutes the secrecy o f certain matters. Under this view, privacy is violated 
by the public disclosure o f previously concealed information^ Ac­
cording to Judge Richard Posner:
[T]he word “privacy” seems to embrace at least two distinct inter­
ests. O ne is the interest in being left alone—the interest that is in­
vaded by the unwanted telephone solicitation, the noisy sound 
truck, the music in elevators, being jostled in the street, or even an 
obscene theater billboard o r shouted obscenity.. . . T he other pri­
vacy interest, concealment o f information, is invaded whenever 
private information is obtained against the wishes o f the person to 
whom the information pertains.39
T he latter privacy interest, “concealment o f information,” involves se­
crecy, and Posner defines it as an individual’s “right to conceal discred­
itable facts about himself.”40 Posner sees privacy as a form o f self- 
interested economic behavior, concealing true but harmful facts about 
oneself for one’s own gain. People “want to manipulate the world 
around them by selective disclosure of facts about themselves.”41 
“[W]hen people today decry lack o f privacy,” Posner argues, “what 
they want, I think, is mainly something quite different from seclusion; 
they want m ore power to conceal information about themselves that 
others m ight use to their disadvantage.”42 In a less normatively charged 
manner, psychologist Sidney Jourard emphasizes secrecy in his defini­
tion o f privacy: “Privacy is an outcome of a person’s wish to withhold
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
22 T h e o r i e s of P rivacy a n d T h e i r S h o r t c o m i n g s
from others certain knowledge as to his past and present experience 
and action and his intentions for the future.”43
The privacy-as-secrecy conception can be understood as a subset of 
limited access to the self. Secrecy of personal information is a way to 
limit access to the self. This conception is narrower than limited-access 
conceptions because secrecy involves only one dimension of access to 
the self—the concealment of personal facts.
The conception of privacy as concealing information about the self 
underpins the constitutional right to information privacy, an offshoot 
of the U.S. Supreme Court’s“right-to-privacy” cases such as Qriswold 
v. Connecticut and Roe v. Wade.44 In Whalen v. Roe, the Court held that 
The constitutionally protected “zone of privacy” not only protects an 
individual’s “independence in making certain kinds of important deci­
sions” but also encompasses the “individual interest in avoiding disclo­
sure of personal matters.”45 Consonant with the notion of privacy as 
secrecy, this formulation views privacy as limiting disclosure of con­
cealed information.
In a variety of legal contexts, the view of privacy as secrecy often 
leads to the conclusion that once a fact is publicly divulged—no matter 
how limited or narrow the disclosure—it can no longer remain private. 
Privacy is thus viewed as coextensive with the total secrecy of informa­
tion. For example, the Supreme Court’s Fourth Amendment jurispru­
dence holds that matters that lack complete secrecy are not private. 
William Stuntz observes that according to the Supreme Court, Fourth 
Amendment privacy “flows out of the interest in keeping secrets, not 
out of the interest in being free from unreasonable police coercion or 
from other kinds of dignitary harms that search targets may suffer.”46 
In a series of cases, the Supreme Court has held that there can be no 
“reasonable expectation of privacy” in things exposed to the public, 
even if it is highly unlikely that anybody will see or discover them. The 
Supreme C ourt observed in Katz: “W hat a person knowingly exposes 
to the public, even in his own home or office, is not a subject of 
Fourth Amendment protection.”4' Later, in California v. Greenwood, the 
Supreme Court held that there is no reasonable expectation of privacy 
in garbage because it is knowingly exposed to the public: “It is common 
knowledge that plastic garbage bags left on or at the side of a public 
street are readily accessible to animals, children, scavengers, snoops, 
and other members o f the public.”48 Similarly, in Florida v. Riley, the
juutu
Realce
juutu
Realce
Theories o f Privacy and Their Shortcomings 23
Suprem e C ourt held that the Fourth A m endm ent did no t apply to sur­
veillance o f a person’s property from an aircraft flying in navigable air­
space because the surveillance was conducted from a public vantage 
point.49
Several theorists have claimed that understanding privacy as secrecy 
conceptualizes privacy too narrowly. Legal theorist Edward Bloustein 
has criticized the theory o f privacy as secrecy as failing to recognize 
group privacy.50 Likewise, sociologist Arnold Simmel observes:
W e become what we are no t only by establishing boundaries 
around ourselves but also by a periodic opening o f these boundaries 
to nourishm ent, to learning, and to intimacy. B ut the opening of 
a boundary o f the self m ay require a boundary farther ou t, a 
boundary around the group to which we are opening ourselves.51
T h e privacy-as-secrecy conception fails to recognize tha t individuals 
w ant to keep things private from some people bu t n o t others. C riti­
cizing a boss to a coworker does no t mean tha t the employee desires 
tha t her boss know her comm ents. Being a m em ber o f an organization, 
especially an unpopular one, is also regarded by m any as a private 
m atter. Further, the conception o f privacy as secrecy m aintained by 
m any courts views secrecy as tantam ount to total secrecy rather than 
selective secrecy. As sociologist Edward Shils notes, contrary to privacy 
as secrecy, the individual does n o t intend an act o f disclosure to be lim­
itless.52 “M eaningful discussion o f privacy,” legal scholar Kenneth 
K arst states, “requires the recognition that ordinarily we deal no t with 
an in terest in total nondisclosure but with an in terest in selective dis­
closure.”53 In o ther words, sometim es people do n o t w ant com plete se­
crecy; rather, they desire confidentiality, which consists o f sharing the 
inform ation w ith a select g roup o f trusted people.
Some theorists attem pt to avoid these problem s by focusing on se­
lective secrecy. For example, sociologist Amitai E tzioni defines privacy 
as “the realm in which an actor (either a person o r a group, such as a 
couple) can legitimately act w ithout disclosure and accountability to 
others.”54 N evertheless, even under the selective-secrecy conception, 
the harm caused by an invasion o f privacy is understood as the disclo­
sure o f previously concealed inform ation. Privacy, however, involves 
m ore than avoiding disclosure; it also involves the individual’s ability to
juutu
Realce
juutu
Realce
juutu
Realce
24 T h e o r i e s of P ri vacy a n d T h e i r S h o r t c o m i n g s
ensure that personal information is used for the purposes she desires. 
According to philosopher Judith W agner DeCew, secrecy is certainly 
not coextensive with privacy; secret information is often not private 
(for example, secret military plans), and private m atters are not always 
secret (for example, one’s debts).55
W e often expect privacy even in public. N o t all activities we deem 
private occur behind the curtain. T he books we read, the products we 
buy, and the people we associate with are often no t secrets, but we 
nonetheless view them as private matters. Philosopher Julie Inness ob­
serves that privacy as secrecy omits the elem ent o f control: “[Pjrivacy 
m ight not necessarily be opposed to publicity; its function m ight be to 
provide the individual with control over certain aspects o f her life.”56 
Likewise, Stanley Benn argues that m atters are private not because 
they “are kept out of sight or from the knowledge o f others” but be­
cause they “are matters that it would be inappropriate for others to try 
to find out about, much less report on, without one’s consent.”5"
Therefore, although m ost theorists would recognize the disclosure 
o f certain secrets to be a violation o f privacy, many commonly recog­
nized privacy invasions do not involve the loss o f secrecy. Secrecy as 
the common denom inator o f privacy makes the conception o f privacy 
too narrow.
Control over Personal Information
O ne o f the m ost predom inant theories o f privacy is that o f control over 
personal information. According to Alan W estin, “Privacy is the claim 
o f individuals, groups, or institutions to determine for themselves 
when, how, and to what extent information about them is communi­
cated to others.”58 Num erous o ther scholars have articulated similar 
theories.59 A rthur M iller declares that “the basic attribute o f an effec­
tive right o f privacy is the individual’s ability to control the circulation 
o f information relating to him.”60 According to Charles Fried, “Privacy 
is not simply an absence o f information about us in the minds o f others; 
rather it is the control we have over information about ourselves.”61 
President Bill C linton’s Information Infrastructure Task Force defined 
privacy as “an individual’s claim to control the terms under which per­
sonal inform ation— inform ation identifiable to the individual— is 
acquired, disclosed, and used.”62 T h e Supreme C ourt has even stated
Theories o f Privacy and Their Shortcomings 25
that privacy constitutes the individual’s “control over inform ation con­
cerning his or her person.”63
T h e control-over-inform ation conception can be viewed as a subset 
o f the limited-access conception. T h e theory’s focus on information, 
however, makes it too narrow, for it excludes those aspects o f privacy 
tha t are no t inform ational, such as the righ t to make certain funda­
m ental decisions about one’s body, reproduction, o r rearing o f one’s 
children. Additionally, the theory is too vague because it fails to define 
the types o f inform ation over which individuals should have control. 
Philosopher Ferdinand Schoeman, for example, observes that “re­
garding privacy as a claim o r entitlem ent to determ ine w hat informa­
tion about oneselfis to be available to others . . . [wrongly] presumes 
privacy is som ething to be protected at the discretion o f the individual 
to whom the inform ation relates.”64 In o ther words, the control-over- 
inform ation conception focuses on all inform ation over which individ­
uals w ant to retain control, bu t privacy is no t simply a subjective m atter 
o f individual prerogative; it is also an issue o f w hat society deems ap­
propriate to protect.
Some theorists attem pt to define the scope o f w hat constitutes per­
sonal inform ation over which individuals should exercise control, but 
their attem pts run in to significant difficulties. F o r example, legal 
scholar Richard Parker’s theory defines the scope o f personal informa­
tion extremely broadly: “C ontrol over who can see us, hear us, touch us, 
smell us, and taste us, in sum, control over who can sense us, is the core 
o f privacy.”65 Parker’s definition would make m ost interpersonal contact 
in society a privacy invasion. W e are frequently seen and heard by 
others w ithout perceiving this as even the slightest invasion o f privacy.
O ther scholars lim it the scope o f personal inform ation to that which 
relates to the individual. R ichard M urphy, a law and economics scholar, 
defines the scope o f personal inform ation as consisting o f “any data 
about an individual tha t is identifiable to that individual.”66 M urphy’s 
definition is too broad because there is a significant am ount o f infor­
m ation identifiable to us tha t we do n o t deem as private. For example, 
the fact tha t a person is a well-known politician is identifiable to her, 
bu t is not private. M urphy’s definition thus provides no reasonable lim ­
itation in scope.
In addition to failing to adequately define the scope o f information, 
control-over-inform ation conceptions fail to define w hat is m eant by
26 T h e o r i e s of P rivacy a n d T h e i r S h o r t c o m i n g s
“control.” Theorists provide little elaboration on what control really 
entails, and it is often defined too narrowly or too broadly. Frequently, 
control is understood as a form of ownership of information. For ex­
ample, Westin concludes that “personal information, thought of as the 
right of decision over one’s private personality, should be defined as a 
property right.”6' This notion is partially embodied in the tort of ap­
propriation, which protects people against others’ using their image or 
likeness for commercial gain.68
The notion that individuals have a property right in information 
about themselves can be traced to John Locke, who asserted that indi­
viduals have property rights in their person and the fruits of their labor. 
According to Locke, property flows naturally from selfhood: “[EJvery 
man has a property in his own person.” From this principle, Locke de­
duced that property extends to the products of one’s labor: “W hatso­
ever then he removes out of the state that nature hath provided, and 
left it in, he hath mixed his labor with, and joined it to something that is 
his own, and thereby makes it his property.”69
Locke’s conception of property as the fruit o f labor and as an exten­
sion of the self has formed the backbone of intellectual-property law, 
which, as legal theorist James Boyle has observed, has developed around 
the notion of the “romantic author,” the individual who mixes her 
unique personality with ideas, who most displays originality and nov­
elty in her creations.70 Unlike physical property, intellectual property 
protects the expression of ideas. Copyright law, for example, protects 
“original works o f authorship fixed in any tangible medium of expres­
sion.”71 Copyright law provides control not over the underlying ideas 
and facts but over the particular manner in which they are expressed. 
The “romantic-author” notion of intellectual property embodies Locke’s 
idea that one gains a property right in something when it emanates 
from one’s self.
Conceiving of personal information as property is justified by 
viewing it as an extension of personality. As the authors o f our own 
lives, we generate information as we develop our personalities. The 
growth of individualism spawned the “belief that one’s actions and 
their history ‘belonged’ to the self which generated them and were to 
be shared only with those with whom one wished to share them.”'2 
“One’s self—for other people—is one’s expression of one’s self,” ob­
serves Madame Merle in H enry James’s The Portrait o f a Lady, “and
27
one’s house, one’s furniture, one’s garm ents, the books one reads, the 
com pany one keeps— these things are all expressive.”73
Extending property concepts to personal inform ation, however, has 
difficulties. Inform ation can be easily transm itted and, once known by 
others, cannot be eradicated from their minds. U nlike physical objects, 
inform ation can be possessed simultaneously w ithin the minds o f mil­
lions. T h is is why intellectual-property law protects particular tangible 
expressions o f ideas ra ther than the underlying ideas themselves. T he 
complexity o f personal inform ation is that it is bo th an expression of 
the self and a set o f facts— a historical record o f one’s behavior.
Further, there are problem s with viewing personal inform ation as 
equivalent to any o ther commodity. Personal inform ation is often 
form ed in relationships with others. All parties to tha t relationship 
have some claim to the inform ation. For example, individuals are not 
the lone creators o f their web-browsing inform ation, for m ost o f that 
inform ation is created from the interaction betw een the user and web­
sites.74 O ften, the m arket value o f inform ation is n o t created exclu­
sively by the labor o f the individual to whom it relates b u t in part by 
the th ird party that compiles the inform ation.0 F or instance, the value 
o f personal inform ation for advertisers and m arketers emerges in part 
from their consolidation and categorization o f tha t inform ation.
An example o f the difficulty in assigning ownership to inform ation is 
illustrated by Haynes v. A lfred A . Knopf Inc.'6 T h is case involved 
N icholas Lem ann’s highly praised book about the social and political 
history o f African Americans who migrated from the South to northern 
cities. T h e book chronicled the life o f Ruby Lee Daniels, who suffered 
greatly from her form er husband L uther Haynes’s alcoholism, selfish­
ness, and irresponsible conduct. Haynes sued the au thor and the pub­
lisher under the public-disclosure-of-private-facts to rt, claiming that 
he had long since turned his life around and tha t the disclosure o f his 
past destroyed the new life he had worked so hard to construct. Judge 
Posner, w riting for the panel, concluded that there could be no liability 
for invasion o f privacy because “ [a] person does n o t have a legally pro­
tected righ t to a reputation based on the concealm ent o f the tru th ”77 
and because the book narrated “a story no t only o f legitim ate but of 
transcendent public in terest.”78
Although this case did n o t hinge on the shared nature o f the infor­
m ation, it illustrates tha t personal inform ation rarely belongs to just
Theories o f Privacy and Their Shortcomings
28 T h e o r i e s of P ri vacy a n d T h e i r S h o r t c o m i n g s
one individual; it is often formed in relationships with others. Ruby 
Daniels’s story was deeply interwoven with Haynes’s story. Daniels had 
a right to speak about her own past, to have her story told. T his was 
her life story, n o t just Luther Haynes’s. In sum, understanding control 
as ownership presents difficulties in grappling with the unique shared 
nature o f much private information. A claim o f privacy is not the same 
as a claim o f ownership.
N o t only does defining control prove difficult, but also control over 
information is too broad a conception. Professor TomGerety claims 
that control-over-information conceptions include “all control over all 
information about oneself, one’s group, one’s institutions. Surely pri­
vacy should come, in law as in life, to much less than this.”79 According 
to Inness, not all personal information is private; she contends that “it 
is the intimacy o f this information that identifies a loss o f privacy.”80 
T hus one possibility is that the control-over-information conception 
could be limited in scope by including only intimate information. 
Charles Fried seeks to lim it his control-over-inform ation conception 
in this manner, defining privacy as “control over knowledge about one­
self” that is necessary to protect “fundamental relations” o f “respect, 
love, friendship and trust.”81 His theory speaks about the value o f pri­
vacy (prom oting respect, love, friendship, and trust) and presumably 
would define the scope o f information as “intim ate” information (in­
formation necessary to form and foster relationships involving respect, 
love, friendship, and trust).
Even if the conception is narrowed to include only intimate infor­
mation, however, it is still too broad. According to DeCew, we often 
lose control over information in ways that do not involve an invasion o f 
our privacy.82 To illustrate this point, Daniel Farber invokes the ex­
ample o f the flasher. A flasher is controlling visual access to his body by 
allowing it, but preventing flashing is no t a violation o f the flasher’s pri­
vacy; rather, flashing is seen as a violation o f the privacy-of o thers.83
David O ’Brien also criticizes the conception o f privacy as the control 
o f information for being too narrow.84 M any privacy interests involve 
an individual’s “freedom to engage in private activities” rather than the 
disclosure or nondisclosure o f inform ation.83 O ’Brien correctly recog­
nizes that privacy is invaded no t just by the loss o f control over infor­
mation but also by nuisances such as noises, smells, and other noxious 
disruptions o f one’s peace o f m ind.86 DeCew points out that the
Theories o f Privacy and Their Shortcomings 29
control-over-inform ation conception is too narrow because privacy 
does no t involve only personal information. Privacy, contends DeCew, 
can be invaded even if nobody else knows som ething new about a 
person. Examples include being forced to hear propaganda, being ma­
nipulated by subliminal advertisements, o r being disrupted in a m anner 
that thwarts one’s ability to th ink o r read.8' Anita Allen critiques the 
control-over-inform ation conception for om itting issues such as abor­
tion and sexual freedom .88 T h e theory o f privacy as control over infor­
m ation thus excludes m any aspects o f life that we com m only assume to 
be private.
Additionally, some theorists critique the control-over-inform ation 
conception as being too narrow because it focuses too heavily on indi­
vidual choice. Paul Schwartz argues that it wrongly assumes tha t indi­
viduals have autonom y to exercise control over their personal data in 
all situations. T h is assum ption fails to recognize “that individual self- 
determ ination is itself shaped by the processing o f personal data.”89 
Schwartz also questions the assumption that individuals are able to ex­
ercise meaningful choices w ith regard to their inform ation, given dis­
parities in knowledge and pow er in bargaining over the transfer of 
their inform ation.90 T h e implication is that privacy involves not only 
individual control, bu t also the social regulation o f inform ation.91 In 
o ther words, privacy is an aspect o f social structure, an architecture o f 
inform ation regulation, n o t just a m atter for the exercise o f individual 
control.
T o summarize, conceptualizing privacy as control over personal in­
form ation can be too vague, too broad, o r too narrow. Conceptions o f 
inform ation control are too vague o r too broad when theorists fail to 
define w hat “control” entails. Attempts to define control often delin­
eate it as a form o f ownership, m aking the conception falter in a 
num ber o f respects. Finally, conceptions o f inform ation control are too 
narrow because they reduce privacy to informational concerns, om it 
decisional freedom from the realm o f privacy, and focus too exclusively 
on individual choice.
Personhood
A nother theory o f privacy views it as a form o f protecting personhood. 
Building upon W arren and Brandeis’s notion o f “inviolate personality,”
juutu
Realce
30 T h e o r i e s of P rivacy a n d T h e i r S h o r t c o m i n g s
Paul Freund coined the term “personhood” to refer to “those attri­
butes of an individual which are irreducible in his selfhood.”92
The theory o f privacy as personhood differs from the theories dis­
cussed earlier because it is constructed around a normative end of pri­
vacy, namely, the protection of the integrity of personality. This theory 
is not independent of the other theories, and it often is used in conjunc­
tion with them to explain why privacy is important, what aspects of the 
self should be limited, or what information we should have control over.
W hat is personhood? W hat aspects of the self does privacy protect? 
According to Edward Bloustein, privacy protects individuality.93 Pri­
vacy is a unified and coherent concept protecting against conduct that 
is “demeaning to individuality,” “an affront to personal dignity,” or an 
“assault on human personality.”94 Philosopher Jeffrey Reiman also rec­
ognizes a personhood component to privacy: “T he right to privacy. . . 
protects the individual’s interest in becoming, being, and remaining a 
person.”95
Philosopher Stanley Benn also develops a personhood conception of 
privacy, noting that privacy amounts to respect for individuals as 
choosers: “[Rjespect for someone as a person, as a chooser, implie[s] 
respect for him as one engaged in a kind of self-creative enterprise, 
which could be disrupted, distorted, or frustrated even by so limited an 
intrusion as watching.” Drawing from Jean-Paul Sartre’s Being and 
Nothingness, Benn explains that being “an object of scrutiny, as the 
focus o f another’s attention, brings one to a new consciousness of one­
self, as something seen through another’s eyes.” T he observed “be­
comes aware of himself as an object, knowable, having a determinate 
character.” According to Benn, the result is that the observed person 
“is fixed as something—with limited probabilities rather than infinite, 
indeterminate possibilities.”96 In other words, Benn contends that sur­
veillance restricts an individual’s range of choices and thus limits her 
freedom. Accordingly, privacy is about respect for personhood, with 
personhood defined in terms of the individual’s capacity to choose.
The U.S. Supreme C ourt has espoused a personhood theory of pri­
vacy in its right to privacy decisions, such as Griswold v. Connecticut, 
Eisenstadt v. Baird, and Roe v. Wade.91 The Court characterized privacy 
as an “interest in independence in making certain kinds o f important 
decisions.”98 Specifically, these cases involved decisions relating to 
marriage, procreation, contraception, family relationships, and child
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
juutu
Realce
Theories o f Privacy and Their Shortcomings 31
rea rin g ." In Planned Parenthood v. Casey, the Supreme C ourt provided 
its m ost elaborate explanation o f what the constitutional right to pri­
vacy encompasses:
T hese m atters, involving the m ost intim ate and personal choices a 
person may make in a lifetime, choices central to personal dignity 
and autonomy, are central to the liberty protected by the Four­
teenth Am endm ent. At the heart o f liberty is the right to define 
one’s own concept o f existence, o f meaning, o f the universe, and of 
the m ystery o f hum an life. Beliefs about these m atters could not 
define