The Myth of the Privacy Paradox

51 Pages Posted: 24 Feb 2020 Last revised: 29 Jan 2021

See all articles by Daniel J. Solove

Daniel J. Solove

George Washington University Law School

Date Written: January 29, 2021

Abstract

In this Article, Professor Daniel Solove deconstructs and critiques the privacy paradox and the arguments made about it. The “privacy paradox” is the phenomenon where people say that they value privacy highly, yet in their behavior relinquish their personal data for very little in exchange or fail to use measures to protect their privacy.

Commentators typically make one of two types of arguments about the privacy paradox. On one side, the “behavior valuation argument” contends behavior is the best metric to evaluate how people actually value privacy. Behavior reveals that people ascribe a low value to privacy or readily trade it away for goods or services. The argument often goes on to contend that privacy regulation should be reduced.

On the other side, the “behavior distortion argument” suggests that people’s behavior is not an accurate metric of preferences because behavior is distorted by biases and heuristics, manipulation and skewing, and other factors.

Professor Solove argues instead that the privacy paradox is a myth created by faulty logic. The behavior involved in privacy paradox studies involves people making decisions about risk in very specific contexts. In contrast, people’s attitudes about their privacy concerns or how much they value privacy are much more general in nature. It is a leap in logic to generalize from people’s risk decisions involving specific personal data in specific contexts to reach broader conclusions about how people value privacy.

The behavior in the privacy paradox studies does not lead to a conclusion for less regulation. On the other hand, minimizing behavioral distortion will not cure people’s failure to protect their own privacy. Managing one’s privacy is a vast, complex, and never-ending project that does not scale. Privacy regulation often seeks to give people more privacy self-management, but doing so will not protect privacy effectively. Professor Solove argues instead that privacy law should focus on regulating the architecture that structures the way information is used, maintained, and transferred.

Keywords: privacy paradox, CCPA, California Consumer Privacy Act, privacy self-management

JEL Classification: D12, D18

Suggested Citation

Solove, Daniel J., The Myth of the Privacy Paradox (January 29, 2021). 89 George Washington Law Review 1 (2021), GWU Legal Studies Research Paper No. 2020-10, GWU Law School Public Law Research Paper No. 2020-10, Available at SSRN: https://ssrn.com/abstract=3536265 or http://dx.doi.org/10.2139/ssrn.3536265

Daniel J. Solove (Contact Author)

George Washington University Law School ( email )

2000 H Street, N.W.
Washington, DC 20052
United States
202-994-9514 (Phone)

HOME PAGE: http://danielsolove.com

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
6,984
Abstract Views
26,360
Rank
2,051
PlumX Metrics