36 Pages Posted: 28 Apr 2011 Last revised: 17 Apr 2017
Date Written: April 27, 2011
This article reviews Helen Nissenbaum's recent and highly important book, Privacy in Context: Technology, Policy and the Integrity of Social Life (Stanford University Press, 2010). Nissenbaum proposes a detailed framework to better understand privacy issues and assist in prescribing privacy policies that meet the needs of the 21st century. Her proposed framework, is Contextual Integrity (CI), which seeks to identify the impact of a new socio-technological system on existing, entrenched norms (social and/or legal norms) relating to transmission of personal information within a specific context. The focus is on the flow of information. According to CI, once we observe a change in informational transmission norms there is a presumption that privacy has been violated, but the presumption can be rebutted. Thus, we should evaluate the change against general moral principles and against the values and goals of the particular context.
The review locates the book within the current heated debate about privacy and identifies a growing yearning for an up-to-date privacy theory that can answer current and forthcoming challenges. After summarizing the main arguments of the book, the review makes three critical arguments. First, it points to the limits of relying on contexts as an organizing unit of a privacy analysis. Many contexts are dynamic, unsettled and lack any clear set of reliable informational norms. This is especially so in the digital environment. Second, the review argues that CI allocates an insufficient place to a meta-justificatory principle (or principles) of privacy. Privacy theory, I argue, cannot avoid identifying its fundamental meta-principle(s), difficult as it may be. Thus, as far as a theoretical inquiry is sought, CI can be extremely helpful, but only as part of a broader normative analysis. It can supplement a justificatory theory of privacy, but not supplant it. Third, the review argues that we already have a meta-principle that can best explain and justify privacy as a social and philosophical concept as well as a legal right: Privacy as Control. According to this approach, a right to privacy is the control an autonomous human being should have over his or her personal information, regarding its collection, processing and further uses, including onward transfers. Nissenbaum's discussion of this theory renders it a secondary place at best. However, the review argues that Privacy as Control remains the strongest conception of privacy. It surely has its problems and it faces pressing challenges that CI can assist in clearing, but it should not be reduced to a mere transmission norm.
Keywords: informational privacy, data protection, Helen Nissenbaum, Contextual Integrity, digital technology, privacy as control
Suggested Citation: Suggested Citation
Birnhack, Michael, A Quest for a Theory of Privacy: Context and Control (April 27, 2011). 51(4) Jurimetrics 447-479 (2011). Available at SSRN: https://ssrn.com/abstract=1824533
By Ryan Calo
By Peter Swire