[This transcript was generated by AI, so while I’ve checked over it, it may contain small errors.]
REBECCA
Hi, I’m Rebecca Lowe, and welcome to Working Definition, the new philosophy podcast in which I talk with different philosophical guests about different philosophical concepts, with the aim of reaching a rough, accessible, but rigorous working definition.
Today, I’m joined by Ignacio Cofone. Ignacio is Professor of Law and Regulation of AI at the University of Oxford. He’s also part of Oxford’s Institute for Ethics in AI. He’s a fellow of Reuben College at Oxford, and he’s affiliated with the Yale Information Society Project and the Quebec AI Institute. His great book, The Privacy Fallacy: Harm and Power in the Information Economy, was published by CUP in 2023.
And today, as you might have guessed from the title of his recent book, he’s going to be talking with me about privacy. What it is, but also why it matters, when it matters, how we should protect it. Thanks so much for joining me, Ignacio.
IGNACIO
Thanks so much for having me here. I’m very excited. It’s the first time that I’ve ever been called a philosophical guest and it feels like a great honour. [laughter]
REBECCA
Well, from our few conversations, I think you’re very philosophical. So let’s see how we go!
Quite a few things that I read in preparation for our conversation, including some of your papers, begin — like, the very first line of a load of papers begin — by emphasising that people struggle to pin down what privacy is.
So, for instance, you make this point in relation to law courts struggling to identify and assess privacy harms and privacy injuries. Richard Posner begins his famous paper on the right to privacy by saying, and I wrote this down, “The concept of privacy is elusive and ill defined” and “much ink has been spilled in trying to clarify its meaning”. Though he then dodges the issue by talking about just one aspect of privacy. [laughter]
But to what extent do you find this uncertainty thing a problem? I mean, have you come to some super clear understanding of what privacy is through your work? Or have you come to accept that maybe it’s just kind of blurry?
IGNACIO
I have not come to one final definition of what privacy is. I’ve done in my work a lawyer move, and conveniently dodged the problem of what privacy is exactly to focus on privacy harms.
And I’ve tried to pin down the concept of privacy harm, and I’ve tried to formulate it in a way that would remain relatively agnostic about the question of what privacy is. I think there are reasonable and unreasonable definitions. I think reasonable people have disagreed about what the core, if there is any, of privacy is.
But to your question, I don’t think that’s an enormous problem. And the reason is that that is not a problem that is unique to privacy. People disagree constantly about what speech really is, about what democracy really is, about what dignity really is. And those are concepts that are essential to the law.
So, to some extent, I think it is normal to have disagreements about major social values, and the extent to which those different disagreements affect how we protect them.
REBECCA
Yeah, great. So I want to come back in a moment to your reference there to major social values, and whether privacy is well described as a value.
But yes, actually, you do draw this nice distinction in one of your papers. You talk about philosophers thinking about privacy in terms of its value for the other values of identity or autonomy. You talk about economists thinking about it in terms of its dis-value, in that it conceals things, which can lead to inefficiencies. And then, yeah, you say that lawyers kind of go downstream: they accept, on some level, that privacy is valuable, and focus on how we should protect it.
So I was just wondering, does the law — in terms of any positive law you can think of — take a firm stance on the upstream stuff, in terms of what privacy is? I mean, is there anywhere where it’s kind of baldly stated?
IGNACIO
Umm, no. Yes and no. So I don’t know of any piece of legislation that will tell you, this is what privacy is exactly. But different pieces of legislation will tell you indirectly about the assumptions that they have about what privacy is.
So, for example, in the EU and the UK, we have a body of law called data protection law that is all about individual control over personal information. The US and Canada have very similar bodies of law, but they’re called privacy law. They protect the same thing. They use the same mechanisms or similar mechanisms. They’re also about control of personal information, but they call it privacy.
So in that sense, the implicit view of that legislation is that privacy might be somehow about control over personal information, or at the very least about autonomy.
REBECCA
Good. So actually I quite like, if possible, to bank a kind of starting working definition at the beginning of these episodes, so that we can come back to it. And I think something like “individual control over personal information” sounds to me like — I mean, I think we could certainly push at that, and test it at the edges — but that sounds like a reasonable kind of potential definition, I think.
Do you agree?
IGNACIO
I think it’s a mistaken, reasonable definition, yes.
REBECCA
It’s very Rawlsian, this! [laughter] We reasonable people can have some kind of scope and spheres for reasonable disagreement!
But coming back to your reference to… I think I would take as implication that you said that law is a major social value. It did strike me, when I was thinking about this, that part of the problem with privacy — and I think this is a little different from some of those other kind of value type words — is it’s just used quite weirdly.
I mean, my initial instinct was to think of it as a value, like some kind of normative notion…
IGNACIO
Right.
REBECCA
…like equality. Or some downstream stuff, like, consent is downstream of freedom, or something like that.
But we also, in ordinary language, we just say things like, “I’ll let you have your privacy”, or “their privacy was undermined”. As if it’s a personal quality or property. Maybe even something that’s owned. Obviously, a lot of people have talked about privacy in relation to property rights. Although, again, I would have thought that that was a downstream thing of privacy: that privacy is the concept, the value, and then the privacy right protects it, or something.
I mean, do you have any kind of idea of what kind of category of thing it is? Would you say it’s a value, or a property, or a quality, or a... I don’t know, an object! [laughter]
IGNACIO
Well, I mean, I can tell you my view. I think reasonable people have disagreed on this. [laughter] My view is that privacy is both a social value and privacy is an individual right. And it is really important not to confuse them.
Sometimes we focus too much on the individual right of privacy, and we forget that there is a social value that’s not captured by that individual right. Sometimes we focus too much on the social value, and that means that we don’t have a hard stop anywhere, and we forget about the individual right.
So separating them neatly, I think, better captures not only the way we talk about privacy, but also the way that we should talk about privacy.
REBECCA
I think that’s good. And actually if I go back to some of those slightly weird locutions, like, “I’ll let you have your privacy”, on some level I think I’m saying something like, “I’ll respect your right to privacy”, or, “I’ll let you have your right to privacy respected”. There’s something like that missing in the sentence, isn’t there?
IGNACIO
I think sometimes it’s that. And sometimes it’s privacy is a social norm about how we communicate, and I will respect our social norm of privacy, regardless of your individual right. Because I want to be polite, or because I want to follow the speech norms of our particular society, which are different for every society. And sometimes people indirectly refer to that as well.
REBECCA
Yeah, good. I do want to get on, at some point, to this kind of idea about privacy as an individual good, or privacy as a social good, in relation to some of the work you’ve written. Particularly in your recent book.
But before we do that, you referred to the right to privacy. Now, the first question for the philosopher is always: are we talking about the legal right, or the moral right? But oftentimes the right conferred in positive law will be protecting a moral right underlying. And there is this big debate, certainly in the philosophical literature, about whether there is such a thing as the right to privacy — the right — in terms of one single thing.
So Judy Jarvis Thomson wrote this paper where she argued that there’s a cluster of rights to privacy, and that each of those rights also belongs to some other rights cluster, so it doesn’t reduce down to one thing. Tim Scanlon wrote a great paper in response, where he agreed that they don’t reduce down to a single right to privacy, but he thinks that they’re all grounded in, and I wrote this down, “the special interests that we have in being able to be free from certain kinds of intrusions”.
So I was wondering, in terms of this sort of grounding question, where you stand? I mean, you may not hold an interest based theory of rights, already. But if you do, or if you don’t, I mean, is there value in saying something like, there’s a cluster of privacy rights grounded by some particular kind of interest?
Or maybe you just think more simply that, hey, there is actually just a right to privacy. And it’s much more simple than we silly philosophers…
IGNACIO
So, I think, possibly. I mean, part of the quotes that you read just now are about what I would call decisional privacy. What we sometimes call the right to be let alone… well, the right to be let alone is kind of in the middle of decisional / informational.
But decisional privacy, in the sense of I should be able to do whatever I want, as long as I don’t harm others. And the state has no business telling me that. That’s the basis on which things like Lawrence v. Texas was passed, Roe v. Wade. Versus informational privacy, which is maybe what we’re trying to define when we said “control over personal information”.
Personally, I think that informational privacy and decisional privacy have very little in common, in terms of the interest and in terms of the entitlement, other than their name. And it could just have been a historical anomaly that they use the same word, even though they mean different things.
So if we try to cover informational privacy and decisional privacy, then certainly it would be a family of rights, because it would be at least two, and two from a family. But if we were trying to define only informational privacy, then maybe we can try to get at one single right that unifies a number of things.
REBECCA
Okay, good. I think if I was struggling and trying to think of something which ties together this kind of decisional privacy and informational privacy... I think maybe the Scanlon word about intrusions, or something. I mean, there’s a lot of these kinds of words: intrusion, infringement, interference. I think Charles Fried says something about invasions of the right of privacy.
It’s something like people getting into your sphere, or something…
IGNACIO
That could work. I think that would leave out some things. And the reason is that historically the way that informational privacy started out was about protection of the family and protection of the home. And maybe that was like a good enough proxy, back then.
I mean, there are lots of problems with that. There’s good writing about how thinking about privacy in terms of the home ironically breached the privacy of women very often, because then they had no autonomy over their information or a number of other things.
REBECCA
Yeah, great point.
IGNACIO
But when we evolved past that, and we stopped thinking about privacy as much in terms of family, home, property, I think the intrusion element of it, while still somewhat predictive, doesn’t capture it that much. Because we often think about privacy on public spaces, for example, where something might be weird, but not necessarily an intrusion.
Sometimes privacy is about not acquiring information, but disclosing information. or processing it a certain way. And that can be an intrusion, but it’s further on the edges of what the word intrusion can explain. And I think, importantly, privacy now is less about what we disclose, and is more about what people guess. And guessing is further away from being characterized as an intrusion.
REBECCA
Yes, that’s more like — I forget if it was in one of your papers, or one of the other papers that I read — it was a law paper, though, talking about different kinds of ways in which, I suppose, privacy can be invaded, to use the Fried term. And one of them was something like misrepresentation. And that, I think, links with your guessing point.
IGNACIO
Yeah, exactly. I think the guessing point was marginal a couple of decades ago. And it wasn’t that important because we were really bad at guessing. But big data and AI made it so that we’re really good at guessing things about people. Some people making videos called deep fakes are so good at guessing what someone’s body looks like that it almost looks like the real thing.
So leaving out guessing from the realm of privacy causes lots of problems, because many of the harms and many of the risks are from these AI inferences that we can characterize as guessing.
REBECCA
Wow, sorry, I could go down a massive rabbit hole, and talk about like Gettier cases, there. The idea that, you know, somebody has actually correctly represented somebody by guessing, and what that means in terms of the representation of their identity. I mean, there’s amazing philosophical questions there!
But I think in terms of your point around, I suppose, maybe private stuff being pushed into the public domain, and this changing our conception of it… I suppose, for me, if I had been taking a stab at a starting point, largely because I’ve thought quite a lot about private property rights — I wrote my PhD thesis on moral property rights — so I suppose a natural starting point for me to think about privacy would to be think about the private, as in the private domain.
And then I would think about things like exclusion and exclusivity. It does strike me that if you think of both exclusion and exclusivity, exclusion allows us that kind of invading the home. And exclusivity maybe, on some level, allows us something like we get to protect what the things are that people know about us, or something like that?
IGNACIO
I think that’s a natural place to go when one starts thinking about this.
That’s the first place that I went to when I started working on privacy. And then I figured out that lots of people thought about that before me, but also most importantly that I was deeply wrong. And the paper that I was going to write, trying to see if property law could be helpful for delineating privacy, ended up being a paper about why property law is not helpful at all about delineating privacy.
And I think that it’s part of these maybe false friends that we have between private spaces and privacy. And it depends on what view of privacy you take. I mean, we could take the preliminary view that we named at the beginning, that privacy is about control over one’s personal information, and then the private spaces don’t matter much.
Other people take a different view. Other people think that privacy is about access to one’s personal information, and then exclusion and exclusivity is really important. Other people think that privacy is about respecting information of social norms in one’s society. And then privacy, again, has very little to do with exclusion and exclusivity.
I tend to think that access explains only a small subset of the things that we colloquially talk about as privacy, and the norms that we usually refer to when we think about privacy.
If I, for example, finish this podcast, and then I tell a friend, I had a great conversation with Rebecca in the podcast about different concepts of privacy, I did remove some of your ability to exclude others, and have access. [laughter] Because until you publish the podcast, no one would know that. But I think no reasonable person would have said that I invaded your privacy that way.
So there are over-inclusion and under-inclusion problems with the access and exclusion, I think, way to triage it.
REBECCA
Just on this norms point...
I think this may bring us into something like the societal value of privacy, as well. Like, beyond the individual value, which we might again go back to something more like those points around being protected from intrusion, or something like that.
So there’s this great paper by Thomas Nagel, and he says in it something like, privacy enables us to keep us out of each other’s faces. He says something like, we learn when we’re kids not to say everything that’s going on in our mind. And he has this view — which actually I think is quite conservative in the paper — but he says something like, look, the liberal societal order requires us to keep some stuff in our heads. Even if we kind of know that the person over there holds these awful views, we kind of don’t acknowledge it, and that enables us to keep the peace.
He also has this point, though, where he says something like, look, as we’ve got more tolerant as a society, the kinds of taboos which enabled us to do that stuff — to have those kind of “conventions of reticence”, I think he calls them — have died away, and this is part of why society’s collapsing. I mean, he wrote this in 1998 before society maybe really did collapse [laughter].
But is this something like the social norms that you’re thinking of?
IGNACIO
Possibly. First of all, I love that. It’s the most British defense of privacy that I’ve ever heard. [laughter] I think that’s a legitimate way to defend the value of privacy, but you notice that that defense is instrumental.
So Nagel says privacy is really important because it’s very important for social order. And there are lots of other things for which privacy is important. Privacy is very important for avoiding discrimination. It is very important for allowing people to develop independent thought. It is very important for allowing people to relate to each other intimately. There are lots of things for which privacy is important. And lots of people think that privacy is valuable only because it is instrumental to all of those very important things.
I think they’re wrong. I think that there is something that is intrinsically valuable about privacy. And this is nothing about sizes. It could be that something that is intrinsically valuable is much less important than the huge instrumental value…
REBECCA
It’s more like, what’s at the bottom. Like, what are the things reduced down to.
IGNACIO
Exactly. But I do think that privacy, when we take out all the instrumental values, is not an empty set.
And the way to think about that is imagining a situation where no one has any privacy, but all the other instrumental values are taken care of through some other mechanism. I think most people would say that we still lost something valuable in that world with absolutely no privacy, where all those other things are taken care of.
REBECCA
Yeah. So I think you wrote something in a nice blog piece, I think you said something around, privacy isn’t merely instrumental, it underpins dignity. Whereas there are some other people… I think someone like Luciano Floridi would say something like, it’s the other way around: look, it’s dignity that grounds privacy.
So am I right in thinking that you think that privacy is the thing that underpins dignity? Or are you saying more like it’s a condition for dignity? What is the relation there?
IGNACIO
Let me think about that. I’m trying to resist the temptation of just saying that everything that we cannot define is a different concept that we also cannot define. [laughter] But maybe that’s what we’re doing in the end.
But at least my intuitive sense is that it is not that privacy is important just because it instrumentally helps protect dignity. And it’s not that privacy is a precondition of having dignity. But that the social value of privacy in some way relates to our view of dignity, like other social values may relate to our view of dignity.
REBECCA
Yes. I like also your point around just because something may not reduce down to something else, it doesn’t necessarily mean it’s big. Even though it’s kind of the most important thing, it might just be the way it fits within the value ontology, or something.
I also really liked your point around the personal value. What was it you said? You implied something, I think, which fits in actually with some of the stuff in the Nagel paper, around… He says something like you can’t have intimacy if you don’t have privacy.
IGNACIO
Right. And yeah, that’s what’s right to me. A lot of forming intimacy is sharing information with each other.
REBECCA
Right. It’s breaking down that barrier which you don’t allow the public into, but you have this kind of special zone. And he makes this nice point that you still might have some barriers, right? So you might not tell your best friend, I don’t know, who you’re sleeping with. Or you might not tell the person you’re sleeping with who you previously slept with. You might still have these kind of barriers.
But the point is that having the distinction between the public domain in which you have all of your privacy, and then these kind of layers of different interpersonal relationships, you couldn’t — the idea is anyway, I think — that you couldn’t have those if you didn’t have the barriers to the bigger world. It gives you some zone of specialness, or something like that.
IGNACIO
I think that’s right.
And it’s not even concentric circles, because you could have someone that’s very close to you intimately that you tell many things to. And then you have another person that you tell other things to, that partially overlaps. Like, people tell their parents a number of things that maybe they don’t tell their close friends, And they tell their close friends things that they don’t tell their parents. And that’s just how we relate to each other.
And having the ability to… having not only the autonomy to choose what to disclose, but the social norms of speech around what implies telling someone something are important to protect that.
REBECCA
Yeah. And I think this actually, on the instrumentalization point, you wrote somewhere also this nice point, I think, about not — or I took from it, you were saying — something like not being reduced to a means to an end. And I think this relates to your idea about choosing, here.
IGNACIO
Yes.
REBECCA
It’s a power. It’s something where you have control over it. And if other people try to infringe on that too much, or if the conventions are such that you don’t have space for that, it feels like you’re losing something. As a creature that has, and should have… Like, it’s not just a true fact about us as humans, it’s a morally important fact, that we can make choices. Including choices around at least some of the kinds of things that we… the ways that we enable other people to see us, and the ways that we present ourselves in the world.
IGNACIO
I think so. I tend to see privacy harm in that sense. Privacy harm in the sense of one inflicts privacy harm, when one instrumentalizes someone. When one exploits them, through their personal information, by deriving a private benefit while putting them at risk or at harm.
And I think that that view of privacy harm can get to what we’re talking about, the intrinsic value of privacy. It is different than discriminating someone through their personal information. Than reducing someone’s intimacy through their personal information. Than harming someone’s finances through their personal information. And I think that might be linked to different views that people might have about privacy.
I think people that think about privacy in terms of social norms, for example, are concerned about that instrumentalization. People that think about privacy in terms of information autonomy most certainly care about that instrumentalization. And even people that think about privacy in terms of access care about that instrumentalization.
REBECCA
So now you’ve just given a nice little list of different ways to think about privacy, let’s just hop back to where we were at the beginning, where this opening idea — the wrong idea, I think we both agreed — was something like, privacy is individual control over personal information. So that was our kind of starting thing.
We also have something around a value protecting individuals or groups from over intrusion. That’s maybe this more kind of philosophical, autonomy focused, approach. That comes in with the human dignity point, I guess.
Then, something around accessing information about people — social norms, maybe structural conditions, something like that.
Those seem like three separate kinds of approaches into thinking about privacy. Is that right?
IGNACIO
Oh, that’s interesting. I usually think about it in terms of two separate approaches. At least two. I don’t exclude the existence of a third. But I tend to think that much of the confusion about what privacy is, is that people are having two parallel conversations.
Some people are, when they ask what privacy is, are asking: why is privacy valuable? And some people, when they ask what privacy is, are asking: when do we descriptively consider that we lost some privacy that might or might not be valuable? And then we can decide whether that’s good or not.
So in a conversation between two close friends where they disclose information, someone might say, oh, they didn’t lose any privacy because they chose to disclose that information and they gained in intimacy, talking about privacy normatively. And someone else might say, no, they chose to give away some privacy to each other, to build that intimacy because they’re talking about privacy descriptively.
And teasing those out and trying to be tidier about when we’re talking about privacy normatively, and when we’re talking about privacy descriptively, I think it’d be helpful to avoid those misunderstandings.
I like your third one about the structural conditions, too, though.
REBECCA
Well, I got that, I think, from reading some of your stuff.
So, for instance, in your privacy fallacy book, you start with this quite horrible example, actually, about this guy, this student. I think, was he at Rutgers? This very powerful story, real-life story. This Rutgers student, who committed suicide after his roommate distributed videos of him kissing another guy.
IGNACIO
Yeah, he put in a webcam, and then they could watch it on Twitter somehow. I don’t know if Twitter changed. I’ve never watched something live on Twitter.
REBECCA
Yeah, me neither.
IGNACIO
But yeah, at least that’s what the reporting said, if I remember correctly.
REBECCA
Yeah, and I think you used this example to emphasize that the harms done to the student were collective. So not just committed by the roommate. But enabled by these digital commercial platforms. Which comes back into what I think you were saying earlier: you said something about deriving private benefits from privacy harms…
IGNACIO
Oh, I see. Yes, exactly. Yeah, you’re right. That’s a good way to put it.
REBECCA
Yeah, so I think that also maybe comes into this structural conditions point.
IGNACIO
Yeah, that makes sense.
REBECCA
And I was wondering, when I read that, whether you think therefore that that kind of conception of privacy harm — this sort of structural conditions approach, or if we want to think of it maybe something like that, where it’s a kind of collectively enabled harm — is that special to the modern age?
Or is that how we should view privacy harm irrelevant of cultural and technological conditions?
IGNACIO
I think it is not special to the modern age, in terms of it being entirely new. It is special to the modern age, in terms of it is more frequent than it was before.
I mean, we could very much have, a long time ago, this type of structural privacy violation. If I think, for example of, I mean, I don’t know when would you start the modern age, when you ask…? [laughter]
REBECCA
I don’t know, the time of John…
IGNACIO
Like twenty years ago, thirty...
REBECCA
…the time of John Locke… the early modern period… [laughter]
IGNACIO
I guess in the time of John Locke, someone could publish something scandalous in some sort of gossip magazine. And then profit from someone that wasn’t a public figure, and then everyone making fun of it. I could think about people being outed, for example, queer people being outed, and exploited for either fun or for profit. And that could happen, but that wasn’t the main way to invade, to use a word that we were using before, someone’s privacy.
While now, that is a much more common way to interfere with people’s privacy. Because the main way to profit from people’s personal information is by aggregating it and making inferences about it. So the structural condition turns much more important than it was.
REBECCA
Is there a risk that if we add in this extra level of requiring personal, or presumably collective, benefit, that we might not be able to capture some instances of privacy harm?
I’m just wondering, by having that added level… So, we’re not just talking about this being some kind of, I don’t know, collective conditions, or set of structural… Like, that kind of enabling point. If we’re also saying, look, it’s a privacy harm, as long as — I mean, there can be some other conditions, too — as long as private benefit is derived.
I’m guessing if I thought hard enough, I could probably think of an instance in which I wanted to say that somebody’s privacy had been violated in some way, that some harm had taken place, but that maybe no actual private benefit had been accrued.
IGNACIO
Oh, interesting. I’d like to think through some of those examples. Not even if you consider entertainment a private benefit?
REBECCA
Yeah, probably. I mean, so for instance, let’s say the video just didn’t... I don’t know, the video didn’t upload. Do we want to say... Maybe that isn’t an infringement of their privacy. I mean, the filming still took place. The film was in the room. Maybe that’s not a good example, but I wonder if...
Or if it’s just the case that the people who watch it have no interest in it. So, there you go! Say there’s a set of people who have no interest in that kind of thing. Maybe because they have some problem… I mean, we can just bracket that out. It just so happens to be the case that the people who watch it don’t really understand what they’re seeing, or have no interest in watching the thing. It still seems to me like maybe the privacy is violated.
IGNACIO
Okay, so let’s do a hypo.
Person one is hooking up with someone in their dorm room. Roommate leaves, leaves a hidden webcam in. Gets a bunch of their friends in the room next door, does not tell them what they’re going to watch. Shows them the video. Everyone is horrified at what they did, does not enjoy it, leaves immediately. Was there a privacy violation?
I would say yes. But from the roommate, not from all the other people. The other people, in that case, were not complicit and did not contribute. The privacy violation was from the roommate. That for entertainment, or to get some sort of social recognition that he or she did not end up getting…
REBECCA
What if — I’m sorry, this is gonna be a really annoying philosopher’s example — what if it’s just something like, I’m just testing out the webcam. So it’s kind of accidental…
IGNACIO
Oh that’s great. Okay, let’s think about that…
REBECCA
But there was still intention there. I wanted to test it out, but I just didn’t… I was stupid, and I didn’t think sufficiently about what the implications would be. Or I didn’t know that my roommate was going to be there, hooking up with the guy, or whatever.
IGNACIO
Okay, so let me think about that. So roommate is hooking up with someone. Other roommate sets up a camera, does not know that roommate was going to hook up with someone….
REBECCA
Testing it out for their podcast the next day...
IGNACIO
Testing it out for the podcast the next day. Puts it on when he’s with his friends in the other room. The roommate ends up hooking up, and they all see it. And they’re horrified.
REBECCA
Yeah, exactly. So, nobody… There’s neither the intention to cause the privacy violation, which maybe then, in that case, we just want to say it’s not an instance of it. But also there’s the secondary, peripheral, point, around is anybody benefiting?
Again, we should probably talk about what benefiting is. I’m very aware that you have actually written cool stuff about how to calculate the monetary value of these kinds of… you know, to compensate and things. But maybe that’s more complicated…
IGNACIO
We can talk about that, too… But I think in that case, the person descriptively made the person that was hooking up lose privacy. But did not normatively breach their privacy.
REBECCA
So, you mean by that that there’s no blameworthiness to be assigned, or…
IGNACIO
I mean, they could have been negligent…
REBECCA
Right, right.
IGNACIO
They could have been negligent. And the fact that they didn’t normatively interfere with the intrinsic value of privacy doesn’t mean that they’re not on the hook for any consequential value.
One could say that they did not intend to breach the privacy, so they did not interfere with the intrinsic value of privacy. But because of their negligence, they’re responsible for all the material harm that the person suffers, like humiliation.
REBECCA
Yes, so the intention has to be — the goal of the action has to be — to violate the privacy, at least on some level. If the goal is something else, and the privacy violation is a consequence of that, then potentially they’re not blameworthy for the privacy violation. Unless, like you say, through some kind of negligence consideration…
IGNACIO
Well, my goal could be making money. And if my goal is making money…
REBECCA
Then that’s okay…
IGNACIO
…and I know that I’m invading your privacy… No, no, that would be a privacy violation.
REBECCA
No, no, I mean okay in the sense of counting as privacy violation!
IGNACIO
Oh, yes! [laughter]
REBECCA
Yeah, I don’t mean it’s okay in the sense of, I’m not saying it’s okay to do it! [laughter]
Right, okay. So then that, yes, that does mean that your personal benefit condition is operating in order to determine whether something is privacy violation or not, I think.
IGNACIO
I think that’s one way to be able to identify an intrinsic value without it being over-expansive. Because I think a lot of the concern that, at least in the legal world, people have with recognizing an intrinsic value of privacy, is that they think that they would open the floodgates and everything would be about privacy.
And that’s because they tend to think about privacy as the control of personal information. That’s over-expansive. So if one were to say there’s an intrinsic privacy violation every time anyone loses control over their personal information, then we wouldn’t be able to live. Because we lose control over personal information all the time, every day.
REBECCA
But maybe we just live in a really non-private world…
IGNACIO
Maybe we just live in a pretty non-private world. But it would be hard…
REBECCA
I mean, for sure, there’ll be costs for that thing. But it could just descriptively be the case that in the modern world, we’ve sacrificed, intentionally or not, privacy in the...
IGNACIO
Yes, but even in the Middle Ages, it’s hard for me to imagine a world where everyone has perfect control of their personal information, because much of that information overlaps.
If I’m having coffee with my friend Stephanie, can I tell others that I had coffee with my friend Stephanie? If I can, then she doesn’t have control over that information. If I cannot, then I don’t have control over that personal information. They just conflict.
REBECCA
Yeah. And it also does strike me that earlier societies, which are just smaller, it may well be the case that people know more about each other anyway. So if…
IGNACIO
A small group did, yeah…
REBECCA
Yeah, that seems to me right.
I just want to touch briefly on the legal point. So you’ve written some stuff about privacy law. And you’ve argued that, I think you say that, it should be grounded on concepts from tort law, instead of being grounded on concepts from contract law. So I take this to mean something like, tort law in the sense of setting rules for harms caused to others, as opposed to contract law, which is more around voluntary agreements.
Could you just give a very quick explainer to non-lawyer listeners about how each of these approaches would look. And also why you favor the tort approach?
IGNACIO
Yeah, exactly. So I wouldn’t take the tort and the contract thing too literally. I don’t mean that privacy should go literally through tort law…
REBECCA
No, sure. But more like just the concepts within that body of law are more useful, or something like that, right?
IGNACIO
Exactly. So it’s exactly what you said. That there’s this body of law that in the common law we call tort law, and in the civil law world is called extra-contractual obligations. And this other body of law called contract law, in both legal systems.
And contract law usually sets up the rules for voluntary agreements. And tort law usually sets up the rules for what comes from the French word, tort, which is ‘wrong’. So it’s the law of wrongs, in quite a literal way. So the law of wrongs, what it does is it sets up the situations in which one person needs to compensate another for what they do outside of a voluntary agreement.
And because of how much of privacy and data protection law grew — which is that they grew out of consumer law; they grew out of trying to protect the relationship between doctors and patients; and they grew out of those very specific situations — we sometimes tend to think about them in terms of voluntary agreements. And we tend to think about it in terms of how do we make privacy policies fair? How do we make companies that collect our personal information behave in a way that is appropriate?
But in the modern world, as you said earlier, much of what is legally relevant about our personal information is completely outside of those voluntary exchanges. And even within those exchanges, it is outside of the voluntary part of the relationship. So it is more appropriate to treat, and to think about, privacy in the same way that we think about other ways in which we can harm others through our speech, like defamation.
REBECCA
Right. So I take, on some level, this is partly to do with the relevance of consent.
So you can be wronged for things that aren’t really to do with whether you’ve given consent or not. And that’s partly also to do with this whole interconnected world, where maybe we don’t have enough information to fully consent. Or maybe consent just isn’t relevant because we didn’t even know the thing was going on, or something like that.
You still want to be able to capture these things. But those old kind of bilateral arrangements, or whatever, just that’s not going to work. Is that right?
IGNACIO
Exactly. And the reason for which privacy was thought in terms of agreements is because back in the 90s, and in the 80s, the way to have information about someone is if they tell you that information. So you want to give them things, so they tell you that information. And the law wanted to see that those agreements are fair.
But now the way is guessing. And the way it’s guessing, in a sophisticated AI-driven way, through information that they maybe didn’t tell you. A data broker buys information from lots of companies, assembles a profile, makes probabilistic inferences about people, and that person doesn’t know that the data broker exists. Someone else could observe online behavior, and draw inferences that seemed completely unrelated to that online behavior. And the person doesn’t know that that entity is making those inferences. And certainly doesn’t know what the entity is doing with those inferences.
So, thinking about privacy in terms of exchanges was kind of inadequate back then, but you could kind of get away with it. And we just can’t anymore.
REBECCA
So another thing I took from your book — and I think this brings together those points around compensating harm with your earlier points around the kind of collective blameworthiness within the structural conditions — I took it as if you’re saying something like, we should think about compensating for privacy harm in terms of, like, dealing with negative externalities? Something like that? Rather than the breaking of individual contracts. I think you maybe use an example comparing it with pollution, or something like this…
IGNACIO
Yeah exactly. Yeah.
REBECCA
Okay, okay. Good. I’m just going to pause for one second, and think about what we haven’t covered.
Oh, one thing I was going to ask you about is… So, one reason I was keen to have this conversation with you early on in my podcast series is that the very first episode that I did was with Tom Hoenig on transparency. And I think we came to this conclusion that this is about being required to be open about things. And in some sense, privacy is the kind of flip side of that. So it’s not about being required to be open. It’s more about when people are required not to be looking into you, or something like that.
I’m kind of anxious when people want to say things are opposites. It sounds overly mathematical and formalistic. But is there some useful formal relation between privacy and transparency?
IGNACIO
I don’t know if the relationship is formal. I think the relationship depends on the situation. It obviously also depends on what we mean by privacy. [laughter] Transparency seems to have a more specific view.
But at least in the way that most people colloquially seem to use the term privacy, I think it depends. For example, say that a company processes my personal information in a certain way. A lot of people think that it has something to do with my privacy that I have the ability for them to be transparent, and tell me what they’re doing with my personal information. So in that sense, there will be one relationship.
On the other hand, if an AI company is training an algorithm a certain way, and we want them to be transparent by releasing their training data, and their training data has personal information about a bunch of people… In that sense, the relationship between privacy and transparency goes in the other direction. So I think it would depend on the situation.
It is the case that transparency is most often about revealing information. And privacy is about the flow of information in different directions. So I can see how, in some cases, a transparency interest and a privacy interest might be aligned. And a transparency interest and a privacy interest, in other situations, might go on the opposite direction. Which doesn’t say anything about which one should win, right?
REBECCA
No. And again, as you say, it’s all contingent on what we take these concepts to be anyway! [laughter]
So I just want to finish by… I recently reread Virginia Woolf’s A Room of One’s Own. And at the end, she sort of ties together having a room of one’s own with having, I wrote it down, “the habit of freedom and the courage to write exactly what we think”…
IGNACIO
Can you say that again?
REBECCA
Having “the habit of freedom and the courage to write exactly what we think.”
So I think you can take from that she’s saying something like privacy is essential to developing as a fully autonomous member of society. This comes back, I think, to some of the stuff you were saying earlier around privacy being necessary for intimacy. Being necessary in terms of determining different relations with other people.
But she’s saying something deeper, I think. I think she’s also saying in terms of us developing as individuals. So, for her to be able to be in her room reading the Shakespeare, thinking through the thoughts… That maybe if we didn’t have private spaces, and the protection of our own privacy, we would in some sense be limited in our personal development. Is that fair?
IGNACIO
I think that’s very fair.
There’s really interesting work being done about children’s privacy, with regards to their parents. And how difficult to trace the line is. Because a reasonable person would say that a five-year-old has a certain sphere of privacy towards a parent that’s very small. Maybe an 18-year-old has a complete sphere of privacy with regards to their parents, as they would have during the rest of their adulthood. And a 15-year-old has something in between, and it’s hard to trace the line as to what reasonably should the 15-year-old have.
If we treat the 15-year-old like a five-year-old, then that would stunt their self-development, because that’s important to develop their own ideas, important to develop their own identity. And a lot of adolescence is forming bonds of intimacy with friends through information sharing, from which we exclude parents.
And the same goes for adulthood. Having that sphere of privacy is important, I think, for forming one’s identity, for testing ideas, for thinking things through.
REBECCA
I think your nice point about children also comes back to this idea about protecting someone’s interests, on some level. You know, we talked about the idea of maybe a legal right to privacy could protect someone’s personal interests, something like that.
If a parent’s job, on some level, is to protect the interests of their kid, sometimes allowing or believing that they have full privacy, particularly as a young child, would not be to protect their interests.
IGNACIO
Right, yeah.
REBECCA
Yeah. I think this may help lead us into a final summary of some of the kinds of different ways we’ve gone about thinking about what privacy is, or the kind of way in which it operates in our society.
So we’ve got something like… You had your nice distinction between a kind of individual right, and a social value. On the individual right side, I think that links in with some of these philosophical ideas about privacy as a value protecting individuals or groups from over-intrusion. That also leads into the autonomy stuff. Further down the line, that brings us into the Virginia Woolf expression point, I think.
On the social side, we have points around the set of structural conditions for accessing information about people. Maybe we also have privacy as a concern for law, relating to particular kinds of harms or contract breaches. Maybe we also have something around it being a core condition of the personal domain. That might also lead into Virginia Woolf.
And then, finally, we have the opening gambit, which was this kind of data protection — outdated, limited, kind of overly reductive — idea, of individual control over personal information.
So within that kind of set of bundle of things — and I mean, one answer to this could be just, it’s all of them! — do you have a takeaway? You know, the kid comes over and says, Ignacio, what is privacy? Are you willing to bid for one of those, or come up with a little final maxim or something?
IGNACIO
I think it really depends on what they mean by privacy... I would ask them to define a specific situation.
REBECCA
Okay, good, good.
IGNACIO
Because maybe they asked me, Ignacio, what’s privacy? I was just reading this case about same-sex marriage, and the court solved it through privacy, and I don’t understand.
And then I would tell them, well, the word privacy there is used somewhat confusingly. Because colloquially we talk about privacy as informational privacy. But the law and philosophers sometimes refer to privacy as a sphere of non-invasion from the state, and that’s what the case is really about.
REBECCA
Nice.
IGNACIO
And if they tell me, oh well, I’m asking you what’s privacy because I accidentally read my partner’s texts, and I don’t know whether I invaded their privacy, because their phone was unlocked, and I saw them, and I didn’t mean to.
Then, I would say something like, well, it also depends a little bit. We sometimes talk about privacy in a descriptive way. And in a descriptive way, your partner had a bit less privacy after you read those texts. But we sometimes also think of privacy in a normative way, as to our rights, and as to what we are allowed and not allowed to do. And seemingly you didn’t breach privacy in that normative way.
I would think of privacy in that way as when we use someone’s information for our personal benefit, when we treat them as instruments. And that’s what you would have done, if you did it on purpose. But not necessarily if you did it accidentally.
So, I don’t know if that was less convoluted than the list of things…
REBECCA
No. I think definitely one way into going about doing definitions is to think about examples. And that helps us to, you know, carve the stuff up, as the metaphysicians say.
Ignacio, thank you so much. I feel like we’ve covered a lot in a short time. I feel we could continue talking forever, but I’m really grateful to you for this great conversation. And yeah, everybody should go and read your book!
IGNACIO
Thank you. Thank you for the fun chat. It was great to talk about these ideas with you.
REBECCA
All right, thank you so much.
