Privacy is a social good. Whilst privacy is important for the individual in terms of self-development, autonomy, personal dignity, and the exercise of fundamental human rights, this is not the extent of the concept. We are increasingly becoming aware that a lack of privacy, increasing surveillance and a vulnerability to a wide set of social harms arising from poor handling of personal information handling have negative social impacts. This can include chilling effects in political debate and social life, a loss of a presumption of innocence, and a reduction in trust towards government and institutions, including the private sector.
As Charles Raab argued, understanding privacy as a social good means that we can then look to evaluate one set of social goods against another, rather than weighing individual rights against social good and inevitably finding the individual interest lacking in weight.
However, mechanisms for mitigating harms focus upon the individual. As James Backhouse showed, responsibility for protecting their personal information is increasingly being placed upon the individual, exhorted to conduct themselves appropriately so as to mitigate the worst of a wide set of information harms.
Ongoing academic research suggests that many ordinary people are not well placed to secure or manage their own personal information. They are positioned in an information architecture determined by more powerful actors, over which they have little control. The actions they are encouraged to take, such as shredding personal information, or protecting their PIN, are of little impact when information about them is lost from large databases or traded around the world.
Engaging the public is important, but is must be done in terms that make sense to the public. Anna Fielder correctly suggested that language is of fundamental importance here, as is identifying how people think about their privacy and their personal information in the real world, outside of policy and technological circles.
Understanding personal information as a property of the individual, as seemed to be at the heart of Conservative party proposals to roll back the surveillance state, is also problematic. This continues the individualisation of privacy and ignores the social harms. It also misses the increasingly relational nature of privacy, as is made most visible in online social networks. We are more and more digitally interconnected, and this leaves traces. What I may choose to reveal about myself can expose those to whom I am connected to information harms.
Furthermore, the proposals do little to address surveillance and information insecurities arising from the private sector, a significant actor in contemporary surveillance. Privacy harms are currently often an externality that can be ignored by business.
It is possible to design information systems that are privacy and personal information protecting by design, or that allow individuals the ability to choose the degree of personal information they reveal. However, there is currently relatively little incentive for the private sector to invest in research and development of these technologies. There is a role here for government and legislation to encourage the development and implementation of privacy protecting information systems and practices.
Update - this was published, and part of the above was quoted by the LeftCentral blog