Skip to main content

Privacy Rights, and Why Negative Control is Not a Dead End: A Reply to Munch and Lundgren


Lauritz Munch and Björn Lundgren have recently replied to a paper published by us in this journal. In our original paper, we defended a novel version of the so-called ‘control theory’ of the moral right to privacy. We argued that control theorists should define ‘control’ as what we coined ‘Negative Control’. Munch and Lundgren have recently provided a range of interesting and challenging objections to our view. Independently of each other, they give almost identical counterexamples to our definition of Negative Control. In this comment, we show that while the counterexamples are genuine counterexamples, they do not force us to abandon the idea of Negative Control. Furthermore, we reply to two additional objections raised by Lundgren. One of these replies involves giving a new account of what the relation is between the concept of privacy and the right to privacy.

This is a preview of subscription content, access via your institution.


  1. 1.

    We defined Positive Control like this: Agent A enjoys Positive Control over the access to relevant information P, if, and only if, A tries (or could try) to give agent B actual access to P, and succeeds. And, we defined Republican Control like this: Agent A enjoys Republican Control if, and only if, agent B does not have the ability to get access to relevant information P about A (Mainz and Uhrenfeldt 2020, p. 7).

  2. 2.

    The paper is only available online and lacks pagination, so the page numbers refer to the pages pages in the online version, starting from 1.

  3. 3.

    Mainz (forthcoming) was accepted for publication before Munch and Lundgren’s replies were published. The version of Negative Control put forward in that paper was therefore not supposed to handle the objections from Munch and Lundgren.

  4. 4.

    As Munch says in footnote 8 in his reply, we might interpret Wiretapping such that Smith actually accesses at least some information about Jones—for instance the fact that Jones is not using the phone. But as we say in the paper, the verdict would be the same even if the wiretap randomly malfunctions so that Jones does not even get access to the information that Smith is not using the phone (Mainz and Uhrenfeldt 2020, p. 13).

  5. 5.

    We do think, however, that the counterexamples are underspecified in an important sense. They say nothing about why Jones might choose not to push the button. Suppose that Jones decides not to push the button, because doing so would be extremely costly for him, or because he simply ‘freezes’ in the situation. Now compare a situation in which Jones chooses not to push the button because he would actually like Smith to listen in on his conversations. We think that any plausible theory of rights should be able to say that there is a rights-violation in both cases. But it seems that the wrongnesses involved in the two cases are not identical. The wrongness that occurs in the former case seems much worse than the one that occurs in the latter. Nevertheless, we grant that a rights-violation occurs in both cases. As Munch points out, denying this would be akin to denying that an assaulter violates the rights of the assaultee, even if the assaultee is capable of fending off the assaulter (Munch 2021, p. 6).

  6. 6.

    Note that the information is called f in this definition, while it was called P in the original definition from Mainz and Uhrenfeldt (2020). Note also that while the original definition concerns agents in general, this definition is concerned with individuals.

  7. 7.

    One difference to note between Wiretapping #2 and Lundgren’s counterexample is that the latter does not explicitly state whether Jones deploys the device, while the former says explicitly that Jones does not deploy the device. But given that Lundgren stipulates that Smith is prevented from accessing Jones’s phone, it seems that Jones deploys the device. However, regardless of whether Jones deploys the device or not, ii) can elegantly handle the example. Jones either deploys the device or he does not. If he does, then Smith does not violate Jones’s right to privacy because Smith’s attempt to access fails because of Jones’s intentional actions directed at preventing Smith from accessing. In that case, Jones still enjoys Negative Control, and Smith does plausibly not violate Jones’s right to privacy. If Jones does not deploy the device, then Smith does not fail his attempt to access Jones’s personal information—let alone fail because of any of the reasons described in (ii). Because Smith does not fail his attempt, Jones loses Negative Control, and thus Smith violates Jones’s right to privacy.

  8. 8.

    For discussion of similar cases, see the Too Much Info cases in Mainz and Uhrenfeldt (2020).

  9. 9.

    Keep in mind that we are not arguing that there is no relation between the concept of privacy and the right to privacy. A loss of the former is indeed a necessary condition for a violation of the latter. All we are saying is that accepting the view that the right to privacy is a control right does not force us to accept the view that the concept of privacy should be defined in terms of control.

  10. 10.

    And, as we say, if the access theorist feels that we are stacking the deck of cards in favor of the control theory here, then we invite the access theorist to provide an example that stacks the deck of cards in favor of the access theory (Mainz and Uhrenfeldt 2020, p. 13). The counterexamples from Munch and Lundgren may in fact be just such an example.

  11. 11.

    It is not completely true that no one has defended this view in print before. Munch has defended something very similar in Munch (2020).

  12. 12.

    See e.g. Thomson (1975). Thomson is probably the most prominent access theorist, and she explicitly defends the view that actual access is a necessary condition for a violation of the right to privacy (Thomson 1975, p. 304).

  13. 13.

    When we wrote the original paper, we were not fully convinced that actual access is a necessary condition for a violation of the right to privacy. For this reason, we could consistently hold at the time that Smith violates Jones’s right to privacy in Wiretapping, even when Smith does not get access to any personal information about Jones. Since then, we have come around to the view that a loss of privacy is a necessary condition for a violation of the right to privacy, and therefore we no longer believe that Smith violates Jones’s right to privacy. Luckily, this does not force us to abandon the strong intuition that Smith is wronging Jones. We can simply say—as Lundgren suggests (Lundgren 2021a, p. 5)—that Smith merely attempts but fails to violate Jones’s right to privacy, and that this attempt is wrongful.

  14. 14.

    Actual access as a sufficient condition is a non-starter. This view implies that if you voluntarily give out personal information, then your right to privacy is violated.


  1. Lundgren, B. 2020. A dilemma for privacy as control. Journal of Ethics 24: 165–175.

    Article  Google Scholar 

  2. Lundgren, B. 2021a. Confusion and the role of intuitions in the debate on the conception of the right to privacy. Res Publica.

    Article  Google Scholar 

  3. Lundgren, B. 2021b How we can make sense of control-based intuitions for limited access-conceptions of the right to privacy. Journal of Ethics and Social Philosophy. Forthcoming.

  4. Mainz, J. 2021. An indirect argument for the access theory of the right to privacy. Res Publica.

    Article  Google Scholar 

  5. Mainz, J., and R. Uhrenfeldt. 2020. Too much info: Data surveillance and reasons to favor the control account of the right to privacy. Res Publica.

    Article  Google Scholar 

  6. Munch, L. 2020. The right to privacy, control over self-presentation, and subsequent harm. Journal of Applied Philosophy 37 (1): 141–154.

    Article  Google Scholar 

  7. Munch, L. 2021. Why ‘Negative Control’ is a dead end: a reply to Mainz & Uhrenfeldt. Res Publica.

    Article  Google Scholar 

  8. Thomson, J. 1975. The right to privacy. Philosophy & Public Affairs 4 (4): 295–314.

    Google Scholar 

Download references


The authors would like to thank Lauritz Munch, Frej Klem Thomsen, Jørn Sønderholm, and Jens Damgaard Thaysen for useful comments on an earlier version of this paper.

Author information



Corresponding author

Correspondence to Jakob Thrane Mainz.

Ethics declarations

Ethical approval

There are no ethical statements to be declared.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Mainz, J.T., Uhrenfeldt, R. Privacy Rights, and Why Negative Control is Not a Dead End: A Reply to Munch and Lundgren. Res Publica (2021).

Download citation


  • Privacy
  • Privacy rights
  • Control theory
  • Access theory
  • Negative Control