Why Are Norms Ignored? Collective Action and the Privacy Commons
30 Pages Posted: 5 Mar 2018 Last revised: 19 Mar 2018
Date Written: February 18, 2018
Informational privacy is the ability to govern when others may collect your information and how they may use it. Norms can, and do, provide such governance, as Helen Nissenbaum’s seminal work shows. The relevant norms are informational norms, social norms that govern the collection, use, and distribution of information. With noteworthy exceptions (Woodrow Hartzog and Neil Richards, for example), contemporary discussions of privacy rarely mention informational norms, or at best assign them a peripheral role. We claim they should play a central role. Our argument is that ensuring adequate informational privacy is (at least in part) a collective action problem. Norms can, and often do, solve collective action problems. Further, informational norms currently do solve a wide range of important collective action problems centered around privacy. Shouldn’t informational norms take center stage in proposals about informational privacy?
We argue they should by answering three objections to giving them that role. (1) Lack of norms: Rapid advances in technology have created a wide variety of situations for which are not governed by relevant norms. (2) Disagreement about norms: Even if relevant norms exist, lack of agreement about their content makes them a poor foundation on which to build public policy. (3) Lack of an adequate theory: Even if norms exist and their content is uncontroversial, norms are a poor tool for public policy because there is no adequate theory that allows one to make accurate predictions about the causes and effects of norms. The first two objections have relatively easy answers. The third is fundamental. We outline a theory that treats norm-created informational privacy as a commons—a special kind of commons, a common pool resource. We thereby link norm-created privacy to a rich body of empirical and theoretical work. We hope the resulting theory of norm-created governance of information flows contributes to the understanding of privacy that Neil Richards and Jonathan King call for in Big Data Ethics: “privacy in the age of big data should be . . . understood as the need to expand the rules we use to govern the flows of personal information.”
Keywords: Privacy, Collective Action, Coordination Norms, Informational Norms, Norms, Nissenbaum, Commons, Common Pool Resources, Ostrom, Elinor Ostrom
JEL Classification: K20, D01, D04, H40
Suggested Citation: Suggested Citation