Putting Privacy in Context -- An overview of the Concept of Privacy and of Current Technologies

Dr. Ian Graham

Centre for Academic Technology

Information Commons

University of Toronto

Tel: (416) 978-4548

Table of Contents

Introduction......

A Definition of Privacy......

A Short History of Privacy......

The Modern Age: Freedom of Information and Privacy Laws......

The Modern Age: Going Digital......

User-Centric Privacy......

Personal Privacy and Relationships on the Web......

Next-Generation: Negotiated Relationships......

Summary......

Important Technologies and Technical Issues......

Future Technologies......

Conclusions......

References......

Introduction

The worlds of information and communication are changing, in ways that some people do not yet appreciate, and that none of us truly understand. The latter is so because, over the next 20 years, digital technologies will replace or radically transform essentially every technology of information storage, retrieval and dissemination currently in use. Indeed, it is likely that, transported 20 years into the future, we would barely recognize the everyday tools of communications and data processing.

This social revolution is taking place in part because the new technologies offer unprecedented cost reductions for all three of these just-mentioned factors. But a more important driving force is the new, and largely unexplored opportunity to combine, re-use, and repurpose digital data in ways that were simple not possible with the previous technologies. This will allow us to better understand the underlying processes giving rise to this information, and will (hopefully) give us a better understanding of the natural, physical, and social worlds.

Indeed, the academic community is embracing these technologies as research tools, to improve their ability to understand the world we live in. Similar opportunities exist--and are being embraced--in the commercial and political realms. Increased amounts of digital information, combined with new tools for combining, processing and analyzing these data promise improved efficiencies in business and government process, and a better understanding of these processes as well.

But at what cost? All technologies have unanticipated side effects, and can be used for good purposes or bad: information technologies are no exception. One possible cost is privacy--the concern being that these new technologies will infringe on the ability or right, on the part of an individual, to control their own exposure to the rest of the world or to hide knowledge about themselves. There are many social and technical issues that make this a growing concern, and many possible technical and legal mechanisms that have/are being/will be proposed to provide information protection and define acceptable uses of accumulated information, and protection over the flow and reuse of this information. And, indeed, this is the topic of today's conference.

This paper does not pretend to cover all these issues--subsequent papers in these proceedings will discuss legal and technical mechanisms that can and are being constructed to understand and manage privacy issues, and the administrative processes by which these can be designed and put in place. Furthermore, as I have suggested earlier, I believe that this whole question is still fluid, and that there is as-yet no definitive understanding of how privacy issues will be managed in the next century.

Rather, it is my intention here to provide a cultural and technical framework for thinking about privacy, so that you can appreciate the reasons why privacy is such a compelling issue, and understand the cultural and technical forces that drive the dramatic changes we are seeing. I will attempt to do so by:

  • reviewing the social history of privacy
  • describing how this view changes over time, and across cultures
  • outlining the competing issues that must be dealt with when discussing privacy issues
  • reviewing the technical changes that have led to so much interest in this topic,
  • discussing some of the tools required to control privacy and information access, and how they are related to each other

Thus, the first part of my paper is a brief review of the 'history' of privacy, based on existing work in this area (the References section at the end of the paper give some suggested readings). As I shall argue, privacy--as far as this conference is concerned--is a relatively new concept and concern. It is also a complex concept, rife with overlapping meaningsthatvary from society to society and from individual to individual. This has an important impact on policies regarding privacy protection and control in "internationalized" Web applications, and on the construction of appropriate tools for supporting privacy in personalized electronic transactions.

In the next section I attempt to put privacy in context--privacy competes with other social requirements, and can never be dealt with on its own. I will outline some of these competing forces, and explain how they are related.

Finally, I look at the main technical and administrative issues associated with creating "privacy-aware" Web applications.

Last, I wish to point out that there is an extensive literature on privacy issues, most of which is quite recent--indeed this paper is only a rough outline of thought on this issue. To demonstrate this I performed a small experiment, by accessing the University of Toronto Library online database and requesting a list of all physical items (mostly books) containing the word "privacy" in the title or item description. Figure 1 shows the number of items published in each year since 1900. Note how almost all text date from the 1970s or later--almost nothing was written on this topic prior to 1960.

Figure 1. Books and other items published in each year since 1900 that are available at the University of Toronto Library and that contain the word "privacy" in either the title or keyword description.

A Definition of Privacy

What, exactly, is privacy? To answer this question, I began by taking a dictionary and looking up the definition. This seemingly innocuous task is very useful, because it helps highlight how complex the word "privacy" is, andhow difficult it is to discuss "privacy" without an explicit definition of the explicit concept under discussion, and of other concepts related to it.

For example, the Oxford English Dictionary, Second Edition (electronic database version) contains the following definitions for the word privacy (the information listed is somewhat simplified from the actual dictionary entry) [1]:

privacy (15c) (from private) The state or quality of being private.

1.a. The state or condition of being withdrawn from the society of others, or from public interest; seclusion.

b. The state or condition of being alone, undisturbed, or free from public attention, as a matter of choice or right; freedom from interference or intrusion. Also attrib., designating that which affords a privacy of this kind.

2. a. pl. Private or retired places; private apartments; places of retreat. Now rare.

b. A secret place, a place of concealment. (Obsolete)

3.a. Absence or avoidance of publicity or display; a condition approaching to secrecy or concealment. a synonym for secrecy

b. Keeping of a secret, reticence. (Obsolete)

4.a. A private matter, a secret; pl. private or personal matters or relations. Now rare.

b. pl. The private parts. (Obsolete)

5.Intimacy, confidential relations. (Obsolete)

6.The state of being privy to some act; = privity. rare.

It is interesting to note the several meanings: This is the beauty--and horror--of human language! Most of these meanings are rarely used, or obsolete. The meanings of particular interest to use are marked in boldface.

Words generally take on multiple meanings, and privacy is no exception. Even if we ignore the obsolete or rarely used meanings (generally of historical interest only), there are two relevant meanings. It is interesting to look at these, and find examples of "first use" -- that is, examples of the first instance at which the word was used with the associated meaning. This context helps provide a better sense of meaning, and also indicates when that meaning was introduced into the language.

Conveniently, this information is available in the OED, with the following result [1]:

1 b. The state or condition of being alone, undisturbed, or free from public attention, as a matter of choice or right; freedom from interference or intrusion. Also attrib., designating that which affords a privacy of this kind. <one's right to privacy

1814 J. Campbell Rep. Cases King's Bench III. 81 Though the defendant might not object to a small window looking into his yard, a larger one might be very inconvenient to him, by disturbing his privacy, and enabling people to come through to trespass upon his property.

1890 Warren & Brandeis in Harvard Law Rev. IV. 193 (title) The right to privacy.

3 a. Absence or avoidance of publicity or display; a condition approaching to secrecy or concealment. a synonym for secrecy

1598 Shaks. Merry W. iv. v. 24 Let her descend: my Chambers are honourable: Fie, priuacy? Fie.

1641 Wilkins (title) Mercury: or the Secret and Swift Messenger. Shewing how a Man may with Privacy and Speed communicate his Thoughts to a Friend at any Distance.

Thus, although the word came into existence in the 15th century, the meaning that is of interest to us (1 b) did not arrive for another four hundred years. This tells us something quite interesting --that privacy, as we understand it, is a relatively new concept. We also note that the definitions depend on an appreciation of the concepts of "public", "secret", and "freedom." As we shall see, it is impossible to separate these linked concepts--and, indeed, no privacy policy can ignore issues of public versus private rights and obligations, secrecy, and freedom of information. Figure 2 summarizes these four issues:

Figure 2. Illustration of the relationship between "privacy" and the four related concepts of private, public, freedom (of information), and secret. Privacy has no meaning unless information can be kept "secret," while concerns for privacy are not relevant unless there are well-defined private and public realms.

These issues will be discussed in a later section. The questions for now are: how did this new meaning evolve in a broad, social context; and how does this affect our current appreciation of the issues surrounding privacy? These questions are tackled below.

A Short History of Privacy

Given a time frame and an acting definition, we can now examine history y. By looking at the cultural and social history of privacy (see, for example, [2,3]), one finds that "privacy" is simply not relevant in most pre-technical, non-democratic societies. For example, in nonliterate societies there is no privacy in the modern sense: privacy is only relevant in the sense of meaning 2 a defined above, as a physical retreat to a location private from the community.

This is the case because the modern view of "privacy" requires a well-defined separation between public and private realms. Pre-literate societies do not provide such a distinction: such societies are essentially communal and largely unstructured--everybody knows everybody else, and everything is everybody's business. As a result, there is no clear social boundary between the "private" and "public". Indeed, it is clear that "privacy" has no meaning except with reference to a formally structured organization (such as a society, or company) that has a "public" component with power that can infringe upon an individual's "private" realm.

Indeed, the concepts of "public" and "private" are well-developed in societies such as ancient Greece or China, and there is a reasonable record of writings on thetopic of "public" and "private" behavior. However, "privacy" is never discussed as an important issue of social policy, other than in terms of minimalist property rights.

As societies continued to become more structured, one might have expect privacy to soon become an important social issue. However, this did not happen until very recently (19th century). Instead, history shows most societies evolving more and more powerful centralized "public" realms (the Catholic church, imperial authority in China, European royalty)with broad powers of "public authority." These authorities served to provide stability, and order to the society, with also to preserve the state itself.

But there was no equivalent push for social rights such as privacy. In part this was because power was concentrated in the ruling classes, so that there was little opportunity for "general" issues to evolve. At the same time, thegenerally-accepted socialfoundation of most societies (e.g., the Church and royalty in the West) specifically denied rights to the individual. Society had two strata: the state on top, and the peasants below, with accepteddogma implying that truth and justice flowed, by divine nature, down from the state. Thus there was no assumption of individual rights, and hence no reasons to even think of a right to privacy.

The impetus for strong "private" realmslikely arose from 18th century changes in the power structure within Western society. In this context, there were two particularly important changes that affected the relationship between individuals and the state: the concept of individual freedom that arose out of the work of the philosophers of the "Enlightenment" (late 17th century), and the growth of a wealthy mercantilist class (18th century) with economic power independent of the state.

The "enlightenment" introduced an enormous change in the perception of an individual's place within society. Although many ideas that came out of this era, perhaps the most important from our perspective was the idea that human experience was itself the foundation of human understanding of truth, with external authority being less important than personal experience.

Note how this "breaks" the rationale of top-down "public authority" as thecontrolling force in a society. Up until the enlightenment, the individual was morally subsumed, by the underlying social assumptions of the day,beneath the society in which they lived--public authority had both the obligation and right to dictate any detail of the lives of individuals. The philosophers of the enlightenment, however, say that each individual had the unique ability and right to determine truth, and that authority should be questioned. This then eliminates the underpinnings of the top-down social order of the existing society, and hence the legitimacy of the existing social order.

The second blow was the appearance and growth of a wealthy mercantilist class, and of the bourgeoisie. These groups, distinct from the church and the ruling royalty, grew over time to control larger and larger portions of the economic power of society. However, with economic power came political power, and with political power came privilege and rights. Thus, to preserve their economic well being, these groups pushed societies to incorporate legal and political protection against unbridled actions by the "public" state that would affect their economic power base. Political protection came via their inclusion of the bourgeoisie within the political system, while legal protection came via laws for arbitrating commercial disputes, and laws enforcing legal protection of property and other private assets. In a sense, these property laws were the first manifestation of privacy protection, providing freedom from arbitrary seizure of private assets, and the ability to control activity on private property free of arbitrary state interference.

Of course, these issues were dealt with differently in different countries (and in somecountries, much later than others). In particular, each country's history led it to a different interpretation of the appropriate boundary between personal and state rights. One can even argue that some countries (such as the United States) were formed due to a dispute over this boundary. Thus, it is not a surprise that laws and attitudes varied (and still vary) widely between countries.

The Modern Age: Freedom of Information and Privacy Laws

With the majority of government and corporate assets consisting of things (property, machinery, etc.) property and asset protection rules were largely sufficient. However, during the 1960s, information started to become a important asset, as computer databases began to archive large amounts of personal and general governmental data (for example, for tax calculations, census analysis). Such databases led to unprecedented concentration of information in easy-to-access and easy-to-use forms.

At the same time, there was growing awareness of the amount of information held by governments, and a growing sentiment that most of this information should be publicly accessible--in most cases this information was considered state property, not open to public scrutiny. This concern led, in many countries, to freedom of information legislation, which provided mechanisms for public access to government (and, in some cases, corporate) information. Such legislation makes allowances for the natural restriction of access to sensitive information, such as "state" secrets, or private deliberations. In particular, access is typically refused to information that would result in an invasion of personal privacy.