Respecting Context to Protect Privacy: Why Meaning Matters

Original Paper

Abstract

In February 2012, the Obama White House endorsed a Privacy Bill of Rights, comprising seven principles. The third, “Respect for Context,” is explained as the expectation that “companies will collect, use, and disclose personal data in ways that are consistent with the context in which consumers provide the data.” One can anticipate the contested interpretations of this principle as parties representing diverse interests vie to make theirs the authoritative one. In the paper I will discuss three possibilities and explain why each does not take us far beyond the status quo, which, regulators in the United States, Europe, and beyond have found problematic. I will argue that contextual integrity offers the best way forward for protecting privacy in a world where information increasingly mediates our significant activities and relationships. Although an important goal is to influence policy, this paper aims less to stipulate explicit rules than to present an underlying justificatory, or normative rationale. Along the way, it will review key ideas in the theory of contextual integrity, its differences from existing approaches, and its harmony with basic intuition about information sharing practices and norms.

Keywords

Privacy Contextual integrity Privacy law Public policy Protecting privacy Networks 

References

  1. Angwin, J., & Valentino-Devries, J. (2012). New tracking frontier: Your license plates. The Wall Street Journal. http://online.wsj.com/article/SB10000872396390443995604578004723603576296.html. Accessed June 12, 2014.
  2. Brooks, H. (1980). Technology, evolution, and purpose. Daedalus109, 65–81.Google Scholar
  3. Cate, F. (2006). The failure of fair information practice principles. In Consumer protection in the age of the information economy, July 8. http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1156972. Accessed July 1, 2013.
  4. Center for Democracy and Technology. (2012). White House Unveils ‘Consumer Privacy Bill of Rights’; Industry Embraces Do Not Track. February 23. https://cdt.org/press/white-house-unveils-consumer-privacy-bill-of-rights-industry-embraces-do-not-track/.
  5. Chavez, P. L. (2011). Comments of Google Inc. to US Department of Commerce. Electronic filing, January 28. http://www.ntia.doc.gov/files/ntia/comments/101214614-0614-01/attachments/FINALCommentsonDepartmentofCommercePrivacyGreenPaper%20%283%29.pdf. Accessed June 11, 2013.
  6. Civil, C. (2012). President Obama’s Privacy Bill of Rights: encouraging a collaborative process for digital privacy reform. Berkeley Technology Law Journal. http://btlj.org/2012/03/12/president-obamas-privacy-bill-of-rights-encouraging-a-collaborative-process-for-digital-privacy-reform. Accessed June 11, 2013.
  7. Cohen, J. (2012). Configuring the networked self: Law, code and the play of everyday practice. New Haven: Yale University Press.Google Scholar
  8. Department of Commerce and National Telecommunications & Information Administration. (2012). Consumer data privacy in a networked world: A framework for protecting privacy and promoting innovation in the global digital economy. White House Privacy Report, February 23. http://www.whitehouse.gov/sites/default/files/privacy-final.pdf. Accessed June 11, 2013.
  9. Department of Homeland Security. (2013). Web site privacy policy. http://www.dhs.gov/privacy-policy. Accessed June 12, 2013.
  10. Dwork, C., & Mulligan, D. K. (2013). It’s not privacy, and it’s not fair. Stanford Law Review Online, 66, 35.Google Scholar
  11. Electronic Privacy Information Center (2012) White house sets out consumer privacy bill of rights. https://epic.org/2012/02/white-house-sets-out-consumer-.html. Accessed July 9, 2015.
  12. Ellul, J., & Merton, R. K. (1964). The technological society. New York: Vintage Books.Google Scholar
  13. European Union. (2013). Committee on Civil Liberties, Justice and Home Affairs. In On the Proposal for a Regulation of the European Parliament and of the Council on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation). By Jan Phillipp Albrecht. Vol. (COM(2012)0011—C7-0025/2012—2012/0011(COD)).Google Scholar
  14. Federal Trade Commission. (2012). Protecting consumer privacy in an era of rapid change: Recommendations for businesses and policymakers. FTC Report. http://www.ftc.gov/os/2012/03/120326privacyreport.pdf. Accessed June 11, 2013.
  15. Federal Trade Commission, Plaintiff, v. Wyndham Worldwide Corporation, Et Al., Defendants. 2:13-cv-01887-ES-JAD. US District Court, District of New Jersey. 7 Apr. 2014.Google Scholar
  16. Friedman, M. (1970). The social responsibility of business is to increase its profits. The New York Times Magazine. http://www.colorado.edu/studentgroups/libertarians/issues/friedman-soc-resp-business.html. Accessed June 11, 2013.
  17. Gavison, R. (1980). Privacy and the limits of the law. Yale Law Journal, 89, 421–471.CrossRefGoogle Scholar
  18. Google Inc v. Joffe Et Al. 13 1181. US Supreme Court. 30 June 2014.Google Scholar
  19. Hoffman, D. (2012). White House releases framework for protecting privacy in a networked world. Post on Policy@Intel blog. http://blogs.intel.com/policy/2012/02/23/white-house-privacy. Accessed June 12, 2013.
  20. Horan, P. Re: Information and Privacy in the Internet Economy. Online Publishers Association, January 28. http://www.ntia.doc.gov/files/ntia/comments/101214614-0614-01/attachments/OPA%20Comments%20in%20DOC%20Privacy%20Proceeding%20(Docket%20No.%20101214614-0614-01).pdf. Accessed July 9, 2015.
  21. Intel. (2011). RE: FTC Staff Preliminary Report on Protecting Consumer Privacy. Intel Comments to FTC, January 26. http://www.ftc.gov/os/comments/privacyreportframework/00246-57451.pdf. Accessed June 11, 2013.
  22. Katz, v. United States, (1967), 389 U.S. 347.Google Scholar
  23. Kiseleva, J., Thanh Lam, H., Pechenizkiy, M., & Calders, T. (2013a). Discovering temporal hidden contexts in web sessions for user trail prediction. In Proceedings of the 22nd international conference on World Wide Web companion (pp. 1067–1074). International World Wide Web Conferences Steering Committee.Google Scholar
  24. Kiseleva, J., Lam, H. T., Pechenizkiy, M., & Calders, T. (2013b). Predicting Current User Intent with Contextual Markov Models. In Data mining workshops (ICDMW), 2013 IEEE 13th international conference on (pp. 391–398). IEEE.Google Scholar
  25. Lawler, B. (2011). Request for comments: Information privacy and innovation in the internet economy. Intuit Comments before the Department of Commerce, Office of the Secretary National Telecommunications and Information Administration, January 28. http://www.ntia.doc.gov/files/ntia/comments/101214614-0614-01/attachments/Intuit.pdf. Accessed June 11, 2013.
  26. Maier, F. (2010). Comments in Response to the Department of Commerce’s Green Paper—Commercial Data Privacy & Innovation in the Internet Economy: A Dynamic Policy Framework. Electronic filing, January 28.  http://www.ntia.doc.gov/files/ntia/comments/101214614-0614-01/attachments/DoC%20Green%20Paper%20Comments%20(20110128)-Signed.pdf. Accessed 9 July, 2015.
  27. National Telecommunications and Information Administration. (2012). Multistakeholder process to develop consumer data privacy code of conduct concerning mobile application transparency. Notice of meeting published by Federal Register, June 28. https://www.federalregister.gov/articles/2012/06/28/2012-15767/multistakeholder-process-to-develop-consumer-data-privacy-code-of-conduct-concerning-mobile. Accessed June 11, 2013.
  28. Nissenbaum, H. (2010). Privacy in context: Technology, policy and the integrity of social life. Stanford, CA: Stanford Law.Google Scholar
  29. Nissenbaum, H. (2011). A contextual approach to privacy online. Daedalus, 140(4), 32–48.CrossRefGoogle Scholar
  30. Nissenbaum, H. (2012). From preemption to circumvention: If technology regulates why do we need regulation (and Vice Versa)? Berkeley Technology Law Journal, 26, 3.Google Scholar
  31. OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. (September 23 1980). http://www.oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm. Accessed on June 11, 2013.
  32. Olmstead, v. United States, (1928), 277 U.S. 438.Google Scholar
  33. Rauhofer, J. (2013). One step forward, two steps back: Critical observations on the proposed reform of the EU data protection framework. Journal of Law and Economic Regulation, 6(1).Google Scholar
  34. Raul, A. C., McNicholas, E. R., Brown, C. T., & Adams, J. P. (2011). Comments of AT&T Inc. Before the Department of Commerce Internet Policy Task Force. Federal Trade Commission, January 28. https://www.ftc.gov/sites/default/files/documents/public_comments/preliminary-ftc-staff-report-protecting-consumer-privacy-era-rapid-change-proposed-framework/00420-58060.pdf. Accessed 9 July, 2015.
  35. Re: Netflix Privacy Litigation. No. 11-00379. US District Court, Northern District of California. 6 July 2012. Print.Google Scholar
  36. Regan, P. M. (1995). Legislating privacy: Technology, social values, and public policy. Chapel Hill: University of North Carolina Press.Google Scholar
  37. Rubinstein, I. (2010). Privacy and regulatory innovation: Moving beyond voluntary codes. I/S a Journal of Law and Policy for the Information Society, 6(3), 356–423.Google Scholar
  38. Rubinstein, I. S., & Good, N. (2013). Privacy by design: A counterfactual analysis of Google and Facebook privacy incidents. Berkeley Technology Law Journal, 28, 1333–1583.Google Scholar
  39. Schoeman, F. D. (1984). Philosophical dimensions of privacy: An anthology. Cambridge: Cambridge University Press.CrossRefGoogle Scholar
  40. Selbst, A. D. (2013). Contextual expectations of privacy. Cardozo Law Review, 35, 643–897.Google Scholar
  41. Solove, D. (2006). A taxonomy of privacy. University of Pennsylvania Law Review, 154, 477–560.CrossRefGoogle Scholar
  42. US Const. amend. VI.Google Scholar
  43. US National Telecommunications and Information Administration. (July, 2013b). Short form notice. http://www.ntia.doc.gov/files/ntia/publications/july_25_code_draft.pdf. Accessed June 11, 2013.
  44. US National Telecommunications and Information Administration. Nov. (2013a). Privacy multistakeholder process: Mobile application transparencyBackground. http://www.ntia.doc.gov/other-publication/2013/privacy-multistakeholder-process-mobile-application-transparency. Accessed June 11, 2013.
  45. USC § 2511(2)(a)(i)—Interception and disclosure of wire, oral, or electronic communications prohibited (2)(a)(i). http://www.gpo.gov/fdsys/granule/USCODE-2011-title18/USCODE-2011-title18-partI-chap119-sec2511/content-detail.html.
  46. Valentino-Devries, J., & Singer-Vine, J. (2012, December 7). They know what you're shopping for. The Wall Street Journal. http://www.wsj.com/articles/SB10001424127887324784404578143144132736214.
  47. Van den Hoven, J. M. (1998). Privacy and the varieties of informational wrongdoing. Austria Journal of Professional and Applied Ethics, 1(1), 30–43.Google Scholar
  48. Ware, W. H. (1967). The computer in your future. Defense Technical Information Center.Google Scholar
  49. World Economic Forum. (2012). Rethinking personal data: Strengthening trust. Report, May. http://www.weforum.org/docs/WEF_IT_RethinkingPersonalData_Report_2012.pdf. Accessed June 11, 2013.

Copyright information

© Springer Science+Business Media Dordrecht 2015

Authors and Affiliations

  1. 1.Culture and CommunicationNYU MediaNew YorkUSA

Personalised recommendations