Tuesday, April 12, 2005

Privacy as Contextual Integrity (Part 1): Problem of Privacy in Public

Over recent weeks, I have commented on numerous articles about privacy threats involving vehicles and highway travel. I am completing a major research project on this topic, arguing that the introduction of new technologies into the context of highway travel disrupts the "contextual integrity" of the flow of personal information. It seems appropriate, then, to provide more details on what is meant by "contextual integrity" and how it can be a useful new way to conceptualize privacy.

I'll break this discussion up into 4 posts: Part 1 (this post) will discuss the problem of "privacy in public," something the theory of contextual integrity hopes to resolve. Part 2 will discuss the general theory of "privacy as contextual integrity," and Parts 3 & 4 will apply contextual integrity to these new vehicle technologies. More detailed papers on contextual integrity can be found at the PORTIA @ NYU website, and at the website for Prof. Helen Nissenbaum, the original author of the theory of contextual integrity.


The Problem of Privacy in Public

Public surveillance has become a part of a modern citizen’s everyday life. Along with the ubiquitous presence of surveillance cameras along our streets, in front of our buildings and inside our public parks, interactions with health care providers, online retailers, highway tollbooths, local grocery stores and libraries result in the collection, analysis, storage and sharing of information about one’s address, purchasing habits, age, education, health status, travel activity, employment history, phone numbers and much more. Information technology plays a vital and unmistakable role in the massive amount of personal information being collected: frequent shopping cards connect purchasing patterns to customer databases, radio frequency identification (RFID) tags on dashboards enable the recording and billing of vehicles passing through highway tollbooths, Internet cookies surreptitiously track website traffic and usage, and encoded employee ID cards manage access to locations while creating a record of one’s movements. Recent advances in digital networking, data storage capacity and processing power have enabled previously unimaginable levels of interconnectivity, aggregation, and real-time analysis of a wide array of personal information. Without information technology, the gatherers and users of information would not be able to collect, analyze, store or share information with such ease.

The growing ease of collecting personal information has not gone unnoticed. Privacy scholars have attempted to contextualize these practices of public surveillance and information aggregation within existing legal and philosophical conceptualizations of privacy, struggling with how to build a theory of “privacy in public.” Yet, many theories of privacy fall short of properly addressing the problem of privacy in public, either dismissing it or ignoring it altogether. There are three factors that contribute to the general disregard of privacy in public:

Conceptually, the idea that privacy might somehow be violated in public space is often considered paradoxical. For the majority of theorists, the value of privacy applies to an individual’s private sphere alone. Such thinking follows the lines of a private/public dichotomy, marking distinct realms of sensitive (private) information, on the one hand, and the non-sensitive (public) information, on the other. In this sense, one’s right to privacy is situated as a method of keeping government out of the private lives of individuals; the right to privacy is an argument for protection of intimate and sensitive information against government intrusion. In such a conceptualization, the government has no right to the sensitive (private) information of what goes in one’s bedroom, but has the right to the non-sensitive (public) information of what tollbooth one’s car passes through. In short, driving one’s car is considered a public act, and collecting one’s license plate number (which is displayed in full public view) would not consist of an intrusion into sensitive information.

A second factor contributing to the dismissal of privacy in public is normative in nature. Normative arguments for the preservation of privacy recognize that privacy, as an important value and interest, must be balanced against other, competing interests. A simple example of such normative judgment is our willingness to relinquish personal privacy and allow our luggage to be searched in airports – safety and security are judged more important in such situations when balanced against personal privacy. Similar balancing often threatens any concern for privacy in public. Since much of the personal information collected in situations of public surveillance are considered innocuous, it is easy for other, competing interests to outweigh the need to keep such information private. For example, the items purchased by a shopper at the grocery store are, at least in isolation, not considered sensitive or private, so the interests of the grocer to ensure the shelves are properly stocked to maximize both customer satisfaction and his profits prevail.

The third explanation why privacy in public is overlooked recognizes that the empirical status of privacy in public has failed to garner proper attention by privacy theorists. Simply put, prior to recent advances in information technology, the problem of privacy in public was not experienced in one’s everyday life to the extent it is today. In the past, most people reasonably assumed that their day-to-day movements and activities were neither being surveilled nor cataloged; people have come to count on virtual anonymity as they engage in their daily, public activities, including driving on the roads.

However, developments in information technology challenge the conceptual, normative and empirical explanations for the lack of attention given to the problem of privacy in public. These developments include the ability to transmit and share large amounts of information across global digital networks, the ability to aggregate disparate sets of information into large databases, reductions in the cost of data storage to facilitate such databases, and the increase in processing power to ease the processing and analysis of data. These developments in information technology mean that there is virtually no limit to the amount of information that can be recorded, virtually no limit to the level of data analysis that can be performed, that the information can be shared with ease, and virtually stored forever. The consequence of the emergence of such powerful information technology is a rise in the magnitude, detail, thoroughness and scope of the ability to surveil everyday people engaging in their everyday, public activities.

The problem of “privacy in public,” then, emerges as a very important concern for the protection of personal information. Privacy laws and theories have not kept up with issues that have developed in the wake of advanced uses of information technology, and the problem of privacy in public is a key casualty of this oversight. Following the conceptual, normative and empirical reasons noted above, existing theories lack, in Nissenbaum’s words, “the mechanisms to deal with conflicts involving privacy in public and have generally not taken up hard questions about surveillance in non-intimate realms to determine when such surveillance is morally acceptable and when not.” In response to the general ambivalence to the problem of privacy in public by existing privacy laws and theories, Nissenbaum developed the theory of “privacy as contextual integrity.”

Technorati tag: