Privacy Rights

This book will be published in the second half of 2025. It has eight chapters: 1. privacy; 2. the attention economy; 3. nudging; 4. echo chambers and polarization; 5. misinformation; 6. cancel culture: online shaming and caring; 7. friendship; and 8. the duty to quit. Each chapter has several cases to prompt discussion and reflection, as well as a glossary of key terms and an annotated bibliography.

Higher education institutions are mining and analyzing student data to effect educational, political, and managerial outcomes. Done under the banner of “learning analytics,” this work can—and often does—surface sensitive data and information about, inter alia, a student’s demographics, academic performance, offline and online movements, physical fitness, mental wellbeing, and social network. With these data, institutions and third parties are able to describe student life, predict future behaviors, and intervene to address academic or other barriers to student success (however defined). Learning (...) analytics, consequently, raise serious issues concerning student privacy, autonomy, and the appropriate flow of student data. We argue that issues around privacy lead to valid questions about the degree to which students should trust their institution to use learning analytics data and other artifacts (algorithms, predictive scores) with their interests in mind. We argue that higher education institutions are paradigms of information fiduciaries. As such, colleges and universities have a special responsibility to their students. In this article, we use the information fiduciary concept to analyze cases when learning analytics violate an institution’s responsibility to its students. (shrink)

Knowledge and respect exhibit a puzzling self-other asymmetry: Self-respect generates an imperative to know oneself, but as the objectionability of paternalism and privacy violations illustrate, respect for others can require that we avoid acquiring, or making use of, knowledge we have about them. This article elaborates this asymmetry and offers a solution to it, rooted in the distinctive importance that self-knowledge has for self-respecting rational agents: Self-respecting agents have reasons to have others defer to their ‘surfaces’ or self-presentations in order (...) to inhibit making themselves vulnerable to others in ways that undermine their self-respect by subordinating their wills to the wills of others, as well as to ensure that self-knowledge can play its desired role in the lives of self-respecting agents. (shrink)

Climate change is one of the most important issues we are currently facing. There are many ways in which states can fight climate change. Some of them involve interfering with citizens’ personal lives. The question of whether such interference is justified is under-explored in philosophy. This paper focuses on a specific aspect of people’s personal lives, namely their informational privacy. It discusses the question of whether, given certain empirical assumptions, it is proportional of the state to risk its citizens’ privacy (...) or to risk infringing its citizens’ right to privacy to fight climate change. The main claim this paper argues for is that if fighting climate change and protecting our privacy conflict, we have good reason to fight climate change rather than protect our privacy. (shrink)

This research explores how a person with whom information has been shared and, importantly, an artificial intelligence (AI) system used to deduce information from the shared data contribute to making the disclosure context private. The study posits that private contexts are constituted by the interactions of individuals in the social context of intersubjectivity based on trust. Hence, to make the context private, the person who is the trustee (i.e., with whom information has been shared) must fulfil trust norms. According to (...) the commitment account of trustworthiness, a person is trustworthy only if they satisfy the norm of competence. It is argued that a person using an AI system to answer a question is competent only if they are ex post justified in believing what has been delivered by the AI system. A person’s belief is justified in the doxastic sense only if the AI system is accurate. This feature of AI’s performance affects a person’s competence and, as a result, trustworthiness. The effect of AI on trust as an essential component of making the context private, and thus on privacy, means an AI system also impacts privacy. Therefore, a private context is constituted when the individual with whom the information is shared fulfils the competence norm and the AI system used for analysing the information is sufficiently accurate to adhere to this norm. The result of this research emphasises the significance of the relationship between individuals involved in information-sharing and how an AI system used for analysing that information impacts the relationship regarding making the context private, as well as how it impacts privacy. The findings of this research have significant implications for improving or ameliorating privacy regulations in light of trust. (shrink)

An issue about the privacy of the clustered groups designed by algorithms arises when attempts are made to access certain pieces of information about those groups that would likely be used to harm them. Therefore, limitations must be imposed regarding accessing such information about clustered groups. In the discourse on group privacy, it is argued that the right to privacy of such groups should be recognised to respect group privacy, protecting clustered groups against discrimination. According to this viewpoint, this right (...) places a duty on others, for example, private companies, institutions, and governments, to refrain from accessing such information. To defend the idea that the right to privacy should be recognised for clustered groups, at least two requirements must be satisfied. First, clustered group privacy must be conceived of as either a collective good or a participatory good. Since these forms of good are of the type from which no member of a group can be excluded from benefiting, the right to them is defined as a group right. Second, there must be group interests on which to base a group right. Group interests can be either the interests of those members that are a result of their being in the group or the interests of the group as a whole that transcend the interests of its members. However, this paper argues that clustered group privacy cannot be conceived of as either a collective or a participatory good because it is possible for some individuals to be excluded from benefiting from it. Furthermore, due to the lack of awareness among individuals that they are members of a clustered group and the nature of a clustered group itself, such groups cannot have the group interests necessary to establish a group right. Hence, the group right to privacy cannot be recognised for these groups, implying that the group right cannot be considered a means to protect clustered groups against discrimination. Instead, this paper suggests that moral principles need to be articulated within an ethics of vulnerability to identify the moral obligations of protecting vulnerable clustered groups. The duty owed to the vulnerable should involve refraining from accessing certain information about clustered groups in specific contexts. This duty is not engendered by the right to privacy of such groups; it is the duty owed to the vulnerable. The findings highlight the need to articulate moral principles regarding privacy and data protection to protect clustered groups in contexts in which accessing information about them could constitute a reason for discriminatory targeting. (shrink)

We expand and transform our habitual agency with countless technologies most moments of the day. Our environments, bodies, thoughts and social interactions are thoroughly shaped and mediated by tapestries of interweaving layers of old and new technologies. Perhaps this intimate relation with technology is at the core of our humanity. But our relation to technology has also repeatedly been feared as a Faustian deal that will be the dystopian end of us, or—in more utopian viewpoints— will bring us beyond our (...) earthbound finitudes toward virtual existences. What many agree on is that dramatic changes to our basic ecological and existential conditions are nearing. I suggest we should look for such critical tipping points and phase shifts not just in our biological bodies and environments but also in the informational and behavioral environments we rely on in our intentional and habitual agency. When thinking particularly about technologically mediated habitual agency an obvious place to start is with Don Ihde’s 4 classic human–technology relations. Interestingly, fellow post-phenomenologist Peter- Paul Verbeek has proposed new additional kinds of relations to e.g. “smart”and virtually “augmenting” technologies. While I find each of these analyses insightful, I worry that a focus on individual relations to particular spatio-temporally circumscribed artifacts falls short—or even obscures—some of the particular new challenges to our agency that networked, and data-driven smart technologies give rise to. I will therefore attempt to broaden the focus to how our agency is scaffolded by not just particular technological artifacts, but by our understanding of the broader informational and behavioral environment. To do this, I start by introducing some core theoretical background ideas that will support a more contextual approach and then proceed to consider both the classic and newer post-phenomenological relations from this more contextual perspective. The goal is not only to affirm the value of analyzing concrete technology relations but also to expand and contextualize the analyses. The latter is key if we want a post-phenomenological analysis that can help us understand how our habitual agency might be transformed as we come to live in increasingly “smart worlds”. These new data and algorithmically driven technologies not only transform our relation to a given context, but due to networked dataflows and “smart” decision-making (1) recursively act on us and (2) collapse and transcend the present context. This chapter will also highlight the uncertainties that informationally leaky and “smart” technologies introduce to our understanding of the kind of affordance space we are in and even what the expected outcomes of our actions will be. I suggest that technology relations with such effects might challenge some of the core contextual stabilities and informational segregations that our habitual agency have hitherto relied on. A further issue is if these new technological configurations challenge our habitual processes in ways we cannot easily adapt to. We certainly seem able to create new habits and adapt to these new technologies locally, but the new information flows, hidden audiences, and context collapses appear to challenge some conditions of agency that are typically out of sight, and the effects of which untraceably shows up well outside the present context. Overall, I shall argue that “smart” technologies can both expand and shrink our habitual agency—but that in terms of our ability to guide our action through various contexts in a perceived world something more fundamental appears to be breaking. (shrink)

The right to be forgotten enables individuals to remove certain links from search results that appear when their names are entered as search terms. Formulated as a distinct application of the general right to privacy, the right to be forgotten has proven highly controversial, for two reasons. First, it is difficult to see how the specific right to be forgotten can apply to the withdrawal of public information, since the general right to privacy typically covers the disclosure of private information. (...) Second, as a putative right to withdraw information from public reach, the right to be forgotten poses a threat to freedom of speech, which depends on the accessibility of information. By responding to these two objections, this paper develops a novel account of the right to be forgotten, understood as a claim of withdrawal grounded in both privacy and free speech interests. -/- . (shrink)

Digital privacy scholars tend to bemoan ordinary people’s limited knowledge of and lukewarm interest in what happens to their digital data. This general lack of interest and knowledge is often taken as a consideration in favor of legislation aiming to force internet companies into adopting more responsible data practices. While we remain silent on whether any new laws are called for, in this paper we wish to underline a neglected consequence of people’s ignorance of and apathy for digital privacy: their (...) potential to encourage capture by industry interests. In particular, we argue that such laws may be at increased risk of capture because they are unlikely to be democratically responsive. We make this claim on a twofold basis: first, well-known theoretical mechanisms explaining how the absence of responsiveness leads to capture, identified in prior political science and political philosophy literature, yield the prediction that digital privacy legislation is likely to be unresponsive and thus captured; second, empirical data concerning the European Union’s digital privacy laws, with a special focus on the General Data Protection Regulation, appears to confirm these predictions: the bloc’s (world’s?) flagship privacy protection law seems more responsive to corporate than citizen interests. (shrink)

In this chapter, Macnish and Asgarinia introduce current thinking and debate around issues of privacy as these relate to the media. Starting with controversies over the definition of privacy, they consider what the content of privacy should be and why it is we consider privacy to be valuable. This latter includes the social implications of privacy and the only recently-recognised concept of group privacy, contrasting it with individual privacy, as well as legal implications arising through laws such as the European (...) Union’s General Data Protection Regulation, concerning the collection of personal data and data subjects’ rights. Finally they turn to specific instances of privacy consideration in the media. These include: -/- The use of telephoto lenses to take pictures of celebrities at a distance without those celebrities’ permission (and the related question as to what is a reasonable expectation of privacy when in a public place); -/- Sharing information on social media (and the related question of whether those who share their data on social networking sites care about their privacy), as well as the availability of data online to research, even though that data has not always been posted for the purposes of research; -/- The challenges posed by anonymity online, including the trade-off between free expression and offensive expression; -/- Hacking and the meaning of fishing expeditions as a practice by the media and exploring what, if anything, is wrong with these; -/- The implications of invading the privacy of politicians, both as a defence of democracy and as a threat to democracy. (shrink)

This paper presents an account of the right to privacy that is inspired by classic control views on this right and recent developments in moral psychology. The core idea is that the right to privacy is the right that others not make personal information about us flow unless this flow is an expression of and does not conflict with our deep self. The nature of the deep self will be spelled out in terms of stable intrinsic desires. The paper argues (...) that this view has advantages over alternative accounts of the right to privacy, that it is extensionally adequate in interesting test cases, that there is a good reason to think that the right to privacy, thus understood, can be justified, and that this view helps identify what kind of information is protected by the right to privacy. (shrink)

If I decide to disclose information about myself, this act may undermine other people’s ability to conceal information about them. Such dependencies are called privacy dependencies in the literature. Some say that privacy dependencies generate moral duties to avoid sharing information about oneself. If true, we argue, then it is sometimes justified for others to impose harm on the person sharing information to prevent them from doing so. In this paper, we first show how such conclusions arise. Next, we show (...) that the existence of such a dependency between the moral significance you are inclined to attribute to privacy dependencies and judgments about permissible self-defense puts pressure on at least some ways of spelling out the idea that privacy dependencies ought to constrain our data-sharing conduct. (shrink)

The complexity and emergent autonomy of Generative AI systems introduce challenges in predictability and legal compliance. This paper analyses some of the legal and regulatory implications of such challenges in the European Union context, focusing on four areas: liability, privacy, intellectual property, and cybersecurity. It examines the adequacy of the existing and proposed EU legislation, including the Artificial Intelligence Act (AIA), in addressing the challenges posed by Generative AI in general and LLMs in particular. The paper identifies potential gaps and (...) shortcomings in the EU legislative framework and proposes recommendations to ensure the safe and compliant deployment of generative models. (shrink)

Privacy matters because it shields us from possible abuses of power. Human beings need privacy just as much as they need community. Our need for socialization brings with it risks and burdens which in turn give rise to the need for spaces and time away from others. To impose surveillance upon someone is an act of domination. The foundations of democracy quiver under surveillance. -/- This book is intended to contribute to a better understanding of privacy from a philosophical point (...) of view-what it is, what is at stake in its loss, and how it relates to other rights and values. The five parts that compose this book respond to five basic questions about privacy: Where does privacy come from? What is privacy? Why does privacy matter? What should we do about privacy? Where are we now? (shrink)

Digital data help data scientists and epidemiologists track and predict outbreaks of disease. Mobile phone GPS data, social media data, or other forms of information updates such as the progress of epidemics are used by epidemiologists to recognize disease spread among specific groups of people. Targeting groups as potential carriers of a disease, rather than addressing individuals as patients, risks causing harm to groups. While there are rules and obligations at the level of the individual, we have to reach a (...) stage in the development of data analytics where groups are protected as entities. This chapter offers a deeper examination of harms to the groups. (shrink)

Philosophy &Public Affairs, Volume 51, Issue 4, Page 413-449, Fall 2023.

This article examines how facial recognition technology reshapes the philosophical debate over the ethics of video surveillance. When video surveillance is augmented with facial recognition, the data collected is no longer anonymous, and the data can be aggregated to produce detailed psychological profiles. I argue that – as this non-anonymous data of people’s mundane activities is collected – unjust risks of harm are imposed upon individuals. In addition, this technology can be used to catalogue all who publicly participate in political, (...) religious, and socially stigmatised activities, and I argue that this would undermine central interests of liberal democracies. I examine the degree to which the interests of individuals and the societal interests of liberal democracies to maintain people’s obscurity while in public coincide with privacy interests, as popularly understood, and conclude that there is a practical need to articulate a novel right to obscurity to protect the interests of liberal democratic societies. (shrink)

In this paper, we defend what we call the ‘Hybrid View’ of privacy. According to this view, an individual has privacy if, and only if, no one else forms an epistemically warranted belief about the individual’s personal matters, nor perceives them. We contrast the Hybrid View with what seems to be the most common view of what it means to access someone’s personal matters, namely the Belief-Based View. We offer a range of examples that demonstrate why the Hybrid View is (...) more plausible than the Belief-Based View. Finally, we show how the Hybrid View generates a more plausible fit between the concept of privacy, and the concept of a (morally objectionable) violation of privacy. (shrink)

Cameras, microphones, and other sensors continue to proliferate in the world around us. I offer a new metaphor for conceptualizing these technologies: they are _digital wormholes_, transmitting representations of human persons between disparate points in space–time. We frequently cannot tell when they are operational, what kinds of data they are collecting, where the data may reappear in the future, and how the data can be used against us. The wormhole metaphor makes the mysteriousness of digital sensors salient: digital sensors have (...) brought us to a strange place. If humans are to be capable of making sensible decisions while under observation by digital sensors, we must improve the epistemic position of potential sensor subjects. (shrink)

This essay is part of a special issue celebrating 50 years of Political Theory. The ambition of the editors was to mark this half century not with a retrospective but with a confabulation of futures. Contributors were asked: What will political theory look and sound like in the next century and beyond? What claims might political theorists or their descendants be making in ten, twenty-five, fifty, a hundred years’ time? How might they vindicate those claims in their future contexts? How (...) will the consistent concerns of political theorists evolve into the questions critical for people decades or centuries from now? What new problems will engage the political theorists (or their rough equivalents) of the future? What forms might those take? What follows is one of the many confabulations published in response to these queries. (shrink)

We investigate the question of whether (and if so why) creating or distributing deepfake pornography of someone without their consent is inherently objectionable. We argue that nonconsensually distributing deepfake pornography of a living person on the internet is inherently pro tanto wrong in virtue of the fact that nonconsensually distributing intentionally non-veridical representations about someone violates their right that their social identity not be tampered with, a right which is grounded in their interest in being able to exercise autonomy over (...) their social relations with others. We go on to suggest that nonconsensual deepfakes are especially worrisome in connection with this right because they have a high degree of phenomenal immediacy, a property which corresponds inversely to the ease with which a representation can be doubted. We then suggest that nonconsensually creating and privately consuming deepfake pornography is worrisome but may not be inherently pro tanto wrong. Finally, we discuss the special issue of whether nonconsensually distributing deepfake pornography of a deceased person is inherently objectionable. We argue that the answer depends on how long it has been since the person died. (shrink)

The 2010s were a golden age of information privacy research, but its policy accomplishments tell a mixed story. Despite significant progress on the development of privacy theory and compelling demonstrations of the need for privacy in practice, real achievements in privacy law and policy have been, at best, uneven. In this chapter, I outline three broad shifts in the way scholars (and, to some degree, advocates and policy makers) are approaching privacy and social media. First, a change in emphasis from (...) individual to structural approaches. Second, increasing attention to the political economy of privacy—especially the business models of information companies, such as social media platforms. And third, a deeper understanding of privacy’s role in a healthy digital public sphere. (shrink)

The potential to collect brain data more directly, with higher resolution, and in greater amounts has heightened worries about mental and brain privacy. In order to manage the risks to individuals posed by these privacy challenges, some have suggested codifying new privacy rights, including a right to “mental privacy.” In this paper, we consider these arguments and conclude that while neurotechnologies do raise significant privacy concerns, such concerns are—at least for now—no different from those raised by other well-understood data collection (...) technologies, such as gene sequencing tools and online surveillance. To better understand the privacy stakes of brain data, we suggest the use of a conceptual framework from information ethics, Helen Nissenbaum’s “contextual integrity” theory. To illustrate the importance of context, we examine neurotechnologies and the information flows they produce in three familiar contexts—healthcare and medical research, criminal justice, and consumer marketing. We argue that by emphasizing what is distinct about brain privacy issues, rather than what they share with other data privacy concerns, risks weakening broader efforts to enact more robust privacy law and policy. (shrink)

Mass surveillance involves the collection and storage of vast amounts of information, such as DNA samples from the general population, or location data from cell phones towers, aerial surveillance, and other sources, to then be used when a future crime occurs. For example, DNA from a crime scene could be checked against the database to identify a suspect; location data could identify suspects who were at the scene of a crime. Mass surveillance implicates important privacy interests, but it would surely (...) reduce crime and therefore has been defended by those who reject “privacy at all costs.” I also reject “privacy at all costs.” However, while agreeing that privacy is a value that must be balanced against competing values, I argue that requiring everyone to provide a sample of their DNA or keeping track of everyone’s movements would limit the autonomy of vast numbers of people who there is no reason to suspect will pose a threat, and though such policies would make society safer, that is not worth the cost to individual autonomy. After explaining why individuals can have a substantial interest in privacy even if they are not guilty of a crime, by linking that interest to the value of individual autonomy, and drawing on a political theory of liberal pluralism to restrict what counts as a legitimate public interest that might justify mass surveillance, I articulate a method of balancing these competing interests that is more feasible than a utilitarian approach. (shrink)

Throughout the 20th century, market capitalism was defended on parallel grounds. First, it promotes freedom by enabling individuals to exploit their own property and labor-power; second, it facilitates an efficient allocation and use of resources. Recently, however, both defenses have begun to unravel—as capitalism has moved into its “platform” phase. Today, the pursuit of allocative efficiency, bolstered by pervasive data surveillance, often undermines individual freedom rather than promoting it. And more fundamentally, the very idea that markets are necessary to achieve (...) allocative efficiency has come under strain. Even supposing, for argument’s sake, that the claim was true in the early 20th century when von Mises and Hayek pioneered it, advances in computing have rekindled the old “socialist calculation” debate. And this time around, markets—as information technology—are unlikely to have the upper hand. -/- All of this, we argue, raises an important set of governance questions regarding the political economy of the future. We focus on two: How much should our economic system prioritize freedom, and to what extent should it rely on markets? The arc of platform capitalism bends, increasingly, toward a system that neither prioritizes freedom nor relies on markets. And the dominant critical response, exemplified by Shoshana Zuboff’s work, has been to call for a restoration of market capitalism. Longer term, however, we believe it would be more productive to think about how “postmarket” economic arrangements might promote freedom—or better yet, autonomy—even more effectively than markets, and to determine the practical steps necessary to realize that possibility. (shrink)

Employers seeking to control employee behavior outside of working hours is nothing new. However, recent developments have extended efforts to control employee behavior into new areas, with new significance. Employers seek to control legal behavior by employees outside of working hours, to have significant influence over employee’s health-related behavior, and to monitor and control employee’s social media, even when this behavior has nothing to do with the workplace. In this article, I draw on the work of political theorists Jon Elster, (...) Gerald Gaus and Michael Walzer, and privacy scholars Daniel Solove and Anita Allen, to show what is wrong with this extension of employer control of employee’s outside of work behavior. I argue that there are ethical limits on the controls that employers may put on their employees’ out of work behavior, and that many of these limits should be enshrined into legal protections which would prevent employers from conditioning employment on the regulations criticized. -/- (Please note that the version of this paper on SSRN is a pre-publication version. Please cite and refer to the published version when possible.). (shrink)

Pyrrho and colleagues (2022) argue that the loss of health privacy can damage democratic values by increasing social polarization, removing individual choice, and limiting self-determination. As a remedy, the authors propose a data-regulation regime that prohibits companies from using such data for discriminatory purposes. Our commentary addresses three issues. First, we point out an additional problematic dimension of excessive health privacy loss, namely, the potential racialization of groups and individuals that it may likely contribute to. Second, we note that, in (...) our view, the authors’ argument for more regulation rests on an invidious comparison between the realistically described status quo and the idealized picture of the imagined regulatory regime that the authors briefly propose. Third, we argue that, despite existing regulations, both private and government actors frequently use private data in ways that lead to ethically problematic outcomes, especially when it comes to racialized communities. (shrink)

This paper discusses the idea that the concept of privacy should be understood in terms of control. Three different attempts to spell out this idea will be critically discussed. The conclusion will be that the Source Control View on privacy is the most promising version of the idea that privacy is to be understood in terms of control.

There is currently intense debate about the significance of user consent to data practices. Consent is often taken to legitimate virtually any data practice, no matter how invasive. Many scholars argue, however, that user consent is typically so defective as to be ‘meaningless’ and that user privacy should thus be protected by substantive legislation that does not rely (or does not rely heavily) on consent. I argue that both views rest on serious mistakes about the validity conditions for consent. User (...) consent is sufficiently impoverished that it does not guarantee legitimacy but is not so impoverished as to be ‘meaningless’; it can legitimate data practices that are independently reasonable but not those that are exploitative. Since many valuable data practices must be consented to if they are to be legitimate (or so I argue), our privacy legislation should continue emphasizing the importance of user consent, even if auxiliary protections are also desirable. (shrink)

Most studies on the ethics of privacy focus on what others ought to do to accommodate our interest in privacy. I focus on a related but distinct question that has attracted less attention in the literature: When, if ever, does morality require us to safeguard our own privacy? While we often have prudential reasons for safeguarding our privacy, we are also, at least sometimes, morally required to do so. I argue that we, sometimes, ought to safeguard our privacy for the (...) sake of the possible wrongdoer, in order to prevent the possible wrongdoer from committing a morally defiling act that renders them worse off. I illustrate the variety of cases in which this duty binds us and contrast my view to some other claims in the literature which also purport to show that we sometimes have a duty to safeguard our own privacy. (shrink)

The fast pace of technological change necessitates new evaluative and deliberative tools. This article develops a general, functional approach to evaluating technological change, inspired by Nissenbaum’s theory of contextual integrity. Nissenbaum introduced the concept of contextual integrity to help analyze how technological changes can produce privacy problems. Reinterpreted, the concept of contextual integrity can aid our thinking about how technological changes affect the full range of human concerns and values—not only privacy. I propose a generalized concept of contextual integrity that (...) is applicable to a broader variety of circumstances, and I outline a new, general procedure for technological evaluation. Among the attractive features of the proposed approach to evaluating technological change are its context-sensitivity, adaptability, and principled presumptive conservatism, enabled by the mechanism the approach supplies for reevaluating existing practices, norms, and values. (shrink)

All societies have to balance privacy claims with other moral concerns. However, while some concern for privacy appears to be a common feature of social life, the definition, extent and moral justifications for privacy differ widely. Are there better and worse ways of conceptualising, justifying, and managing privacy? These are the questions that lie in the background of this thesis. -/- My particular concern is with the ethical issues around privacy that are tied to the rise of new information and (...) communication technologies (henceforth “ICT”). The focus here is on technologies involved in processing personal data in its broadest sense, including “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.” The issue of moral concern is commonly designated as that of 'data privacy'. -/- The first step is to consider why privacy matters, or ought to matter, in the first place. And here we run into our first difficulty, since both the conceptualisation of privacy and the justification for the right to privacy are matters for contention. On the one hand, we are animated by a moral concern for privacy in some sense; on the other, we lack the conceptual and moral resources for making sense of this concern or for promoting particular social policies and criticising others. This often-cited dichotomy and its ensuing confusion have been the central motivation for most of the philosophical literature on privacy – including this thesis. -/- In what follows, I will suggest a way out of the confusion that pervades the current debate on data privacy. I will essentially argue two claims: one, that the concept of (data) privacy is uniquely characterised by a particular context within which we exchange information; two, that because (data) privacy constitutes an intrinsic value, its moral concerns and justifications ought to be deliberated as such. -/- The first chapter sketches the current data privacy landscape by introducing a number of concepts and arguing the unique nature of the landscape. I argue that the traditional distinction between four kinds of privacy (physical, mental, decisional and informational) is no longer accurate, given the technological context that reduces, unifies and processes all aspects of people’s lives by means of digital data. In fact, to hold on to the distinction leads to a fundamental misconception of data privacy. I further argue that today’s distinction between data protection and data privacy runs the risk of ignoring the fact that the former is an inherent aspect of the latter. These arguments allow me to settle on a (provisional) definition of data privacy: controlling how data about identifiable people is processed by ICT. -/- Next, I draw a line between descriptive and normative accounts of data privacy, and explain why this book belongs to the latter category. After a brief discussion of the coherence and distinctiveness theses, and of the difference between instrumental and intrinsic theories of privacy, I introduce the problem of data privacy as a distinct, coherent, and intrinsic moral concern. Three arguments support this position: one, data privacy is a coherent moral concern because it is motivated by a singular moral concept; two, data privacy is a distinct moral concern because the privacy challenges we face today are of a fundamentally new nature – distinct from any moral concerns we’ve faced in the past; and three, data privacy is an intrinsic moral concern that is predominantly justified, not by what it instrumentally protects us from, but by what it intrinsically constitutes. -/- Chapter Two makes the case against a harm-based, consequentialist approach to data privacy. After a brief introduction to the basic tenets of consequentialism I discuss harm-based arguments in favour as well as against privacy. I explain how privacy may protect us against psychological distress, but at the same time constitute the source of that distress; how privacy may be necessary for the proper functioning of democratic societies, but at the same time provide a cloak for anti-social and immoral behaviour; and how privacy protects us against the improper use of our personal data by others, but at the same enables us to conceal information or spread false information about ourselves in ways that are harmful to others. Next, I argue that consequentialism essentially relies on two flawed presumptions – that we know what harm is, and that we know how to predict it – and discuss the controversies surrounding definitions and predictions of harm. This argument becomes especially pertinent in today’s rapidly changing technological context: we may guess, and make assumptions, perhaps even find correlations, but don’t really know or understand (yet) with any degree of certainty the harmful consequences today’s data privacy violations are causing or will eventually cause – if any. -/- I illustrate this with examples of recent data privacy violations, and with a brief overview of consequentialist arguments for and against data privacy. Those who invoke consequentialist arguments against data privacy claim that personal data is nothing more than a raw material that can be turned into something useful and valuable without harming anyone. Choosing to move fast and break things – a popular mantra that promotes the benefits of technological “permissionless innovation” over and above its risks and costs – they draw our attention to the many benefits free data flows generate. Those who rely on consequentialist arguments in favour of data privacy, on the other hand, insist on actual and potential misuse of personal data. Rather careful than sorry, they draw our attention to the urgent need to take back control and protect ourselves against data privacy violations – precisely because we don’t know which harm they may cause in the future. Others go one step further and argue that these violations are part of a broader ideology of power. -/- What Chapter Two demonstrates is that vague definitions, unreliable predictions and inconclusive allegations of harm from both sides of the debate perpetuate a stalemate that fails to produce morally defensible answers to our growing data privacy concerns. Deliberating about data privacy from a consequentialist perspective is a dead end. -/- Chapter Three proposes an alternative to the harm-based approach, namely that privacy is an intrinsic value that deserves moral protection for its own sake. After a brief account of what I take values to be, and why we have a need to protect them, I introduce the foundational value of respect for persons, and lay out my main argument in two steps. The conceptual component of my argument returns to the definition of data privacy I had temporarily settled on in Chapter One, but now with the added consideration of the particular context, and particular circumstances and attitudes, within which information is exchanged. This addition is crucial, as it reveals the fundamental value that is at stake in our data privacy concerns, namely the inherent value of each and every person, which we protect by upholding an ethical principle commonly known as the principle of respect for persons. It is for this reason that the violation of privacy cannot (only) be expressed in terms of harm. I further argue that the principle of respect for persons is consistent with, and in fact unthinkable without, some degree of privacy. -/- I reply to potential challenges to a value-based approach to data privacy by showing that (i) values and value trade-offs are fundamentally different from consequential benefits and cost-benefit analyses; (ii) the suspension of one value in favour of another is not inherently contradictory; what matters is morally defensible deliberation about values and valid individual consent; (iii) data privacy concerns cannot be reduced to other moral concerns and therefore deserve a specific, distinct protection. -/- Finally, because this is a thesis in applied ethics, I attempt an answer to the question as to how we ought to apply a value-based approach to practical data privacy concerns. I argue that a revised, three-pronged version of John Rawls’ reflective equilibrium, founded on the non-negotiable principle of respect for persons, is the best possible procedure to deliberate data privacy concerns in relation to other moral values. (shrink)

Trustworthiness is typically regarded as a desirable feature of national identification systems (NISs); but the variegated nature of the trustor communities associated with such systems makes it difficult to see how a single system could be equally trustworthy to all actual and potential trustors. This worry is accentuated by common theoretical accounts of trustworthiness. According to such accounts, trustworthiness is relativized to particular individuals and particular areas of activity, such that one can be trustworthy with regard to some individuals in (...) respect of certain matters, but not trustworthy with regard to all trustors in respect of every matter. The present article challenges this relativistic approach to trustworthiness by outlining a new account of trustworthiness, dubbed the expectation-oriented account. This account allows for the possibility of an absolutist (or one-place) approach to trustworthiness. Such an account, we suggest, is the approach that best supports the effort to develop NISs. To be trustworthy, we suggest, is to minimize the error associated with trustor expectations in situations of social dependency (commonly referred to as trust situations), and to be trustworthy in an absolute sense is to assign equal value to all expectation-related errors in all trust situations. In addition to outlining the features of the expectation-oriented account, we describe some of the implications of this account for the design, development, and management of trustworthy NISs. (shrink)

This chapter provides a high-level overview of key ethical issues raised by the use of surveillance technologies, such as digital contact tracing, disease surveillance, and vaccine passports, to combat the COVID-19 pandemic. To some extent, these issues are entirely familiar. I argue that they raise old questions in new form and with new urgency, at the intersection of information ethics, research ethics, and public health. Whenever we deal with data-driven technologies, we have to ask how they fare in relation to (...) important values like privacy, fairness, transparency, and accountability—values emphasized by information ethics scholars. Likewise, when such technologies put individuals at risk in order to drive scientific research and knowledge construction, we have to ask how they implicate values such as autonomy, beneficence and non-maleficence, and justice—values central to research ethics. And as researchers focusing on health information have long argued, when the data collected by these technologies pertain to individuals and public health, these ethical issues take on a special cast. -/- It is also true, however, that the pandemic has placed these questions in a new and revealing light. I highlight three insights from information ethics and research ethics that can help us navigate this difficult terrain. First, the value of privacy is instrumental, not absolute—there is nothing wrong with asking how to balance privacy against other important values. Second, privacy has both individual and social importance. Weighing privacy, on one hand, and public health, on the other, is not, therefore, a contest between individual and collective interests. Rather, it is an attempt to balance disparate public goods. Third, we ought to put these kinds of ethical decisions in the hands of third parties, rather than leaving them up to those who directly stand to benefit from them. In the case of pandemic surveillance technologies, this should mean more public, democratic oversight. (shrink)

Surveillance studies scholars and privacy scholars have each developed sophisticated, important critiques of the existing data-driven order. But too few scholars in either tradition have put forward alternative substantive conceptions of a good digital society. This, I argue, is a crucial omission. Unless we construct new “sociotechnical imaginaries,” new understandings of the goals and aspirations digital technologies should aim to achieve, the most surveillance studies and privacy scholars can hope to accomplish is a less unjust version of the technology industry’s (...) own vision for the future. (shrink)

Writing a college-application essay has become a rite of passage for high-school seniors in the U.S., one whose importance has expanded over time due to an increasingly competitive admissions process. Various commentators have noted the disturbing evolution of these essays over the years, with an ever-greater emphasis placed on obstacles overcome and traumas survived. How have we gotten to the point where college-application essays are all too frequently competitive-victimhood displays? Colleges have an understandable interest in the disadvantages their applicants may (...) have suffered, but this interest—and the awareness of it among both applicants and their advisors—has led to a “race to the bottom”: in order to thrive (or even survive) in a particular competitive context, participants are forced to continuously lower relevant standards in a game of one-upmanship. With college essays, the competition is among high-school seniors for admission, the one-upmanship is an ever-escalating effort to persuade admission committees of one’s greater disadvantage, and the relevant standards being lowered are honesty, privacy, and dignity—or so I shall argue. As we shall see, this particular race to the bottom imposes unequal costs on certain groups and has implications stretching well beyond collegiate admissions. (shrink)

In Vayena’s article, ‘direct-to-consumer (DTC) genomics on the scales of autonomy’, she claims that there may be a strong autonomy-based argument for permitting DTC genomic services. In this response, I point out how the diminishment of one’s genetic privacy can cause a relevant autonomy-related harm which must be balanced against the autonomy-related gains DTC services provide. By drawing on conceptual connections between privacy and the Razian conception of autonomy, I show that DTC genetic testing may decrease the range of valuable (...) options individuals possess, which impacts the extent to which would-be consumers can exercise their autonomy. (shrink)

In this paper, I argue against views that equate privacy with control over self-presentation and explore some of the implications of my criticism for the online world. In section 1, I analyze the relationship between control over self-presentation and privacy and argue that, while they are both tightly connected, they are not one and the same thing. Distinguishing between control over self-presentation and privacy has important practical implications for the online world. In section 2, I investigate self-presentation online and argue (...) that, while there might be an illusion that one can self-present on one’s own terms online, that mirage often reveals itself as unrealistic because of external and internal constraints. I further argue that what is most noteworthy about self-presentation online, in contrast to self-presentation offline, is the pressure to be on display at all times. In section 3, I argue that to combat some of the negative trends we are witnessing online we need, on the one hand, to cultivate a culture of privacy, in contrast to a culture of exposure. On the other hand, we need to readjust how we understand self-presentation online. I argue that in some cases we should understand it in similar terms to how we understand advertisement or fiction. By changing our conventions online, we would be taking away some of people’s control over self-presentation by not taking their online personae at face value. (shrink)

This chapter identifies and analyzes ethical issues in video surveillance, with a focus on applications that involve video analytics and facial recognition technology. The first part of the analysis focuses on ethical issues in video analytics, which are techniques that automatically analyze preexisting or gathered video data. Ethical issues are discussed in relation to processes of identification, classification, detection, and tracking of persons. Next, facial recognition technology is discussed, particularly its use in surveillance, and its ethical challenges are investigated. Finally, (...) we focus on three advanced video analytics techniques: facial analysis, behavior analysis, and emotional analysis, which raise additional serious ethical issues. (shrink)

Ambient assisted living technologies are increasingly presented and sold as essential smart additions to daily life and home environments that will radically transform the healthcare and wellness markets of the future. An ethical approach and a thorough understanding of all ethics in surveillance/monitoring architectures are therefore pressing. AAL poses many ethical challenges raising questions that will affect immediate acceptance and long-term usage. Furthermore, ethical issues emerge from social inequalities and their potential exacerbation by AAL, accentuating the existing access gap between (...) high-income countries and low and middle-income countries. Legal aspects mainly refer to the adherence to existing legal frameworks and cover issues related to product safety, data protection, cybersecurity, intellectual property, and access to data by public, private, and government bodies. Successful privacy-friendly AAL applications are needed, as the pressure to bring Internet of Things devices and ones equipped with artificial intelligence quickly to market cannot overlook the fact that the environments in which AAL will operate are mostly private. The social issues focus on the impact of AAL technologies before and after their adoption. Future AAL technologies need to consider all aspects of equality such as gender, race, age and social disadvantages and avoid increasing loneliness and isolation among, e.g. older and frail people. Finally, the current power asymmetries between the target and general populations should not be underestimated nor should the discrepant needs and motivations of the target group and those developing and deploying AAL systems. Whilst AAL technologies provide promising solutions for the health and social care challenges, they are not exempt from ethical, legal and social issues. A set of ELSI guidelines is needed to integrate these factors at the research and development stage. (shrink)

In this article, we identify three key design dimensions along which cryptocurrencies differ -- privacy, censorship-resistance, and consensus procedure. Each raises important normative issues. Our discussion uncovers new ways to approach the question of whether Bitcoin or other cryptocurrencies should be used as money, and new avenues for developing a positive answer to that question. A guiding theme is that progress here requires a mixed approach that integrates philosophical tools with the purely technical results of disciplines like computer science and (...) economics. Note: this article is the second entry within a two-part sequence on the Philosophy, Politics, and Economics of Cryptocurrency. (shrink)

Most online platforms are becoming increasingly algorithmically personalized. The question is if these practices are simply satisfying users preferences or if something is lost in this process. This article focuses on how to reconcile the personalization with the importance of being able to share cultural objects - including fiction – with others. In analyzing two concrete personalization examples from the streaming giant Netflix, several tendencies are observed. One is to isolate users and sometimes entirely eliminate shared world aspects. Another tendency (...) is to blur the boundary between shared cultural objects and personalized content, which can be misleading and disorienting. A further tendency is for personalization algorithms to be optimized to deceptively prey on desires for content that mirrors one’s own lived experience. Some specific - often minority targeting -“clickbait” practices received public blowback. These practices show disregard both for honest labeling and for our desires to have access and representation in a shared world. The article concludes that personalization tendencies are moving towards increasingly isolating and disorienting interfaces, but that platforms could be redesigned to support better social world orientation. (shrink)

Recently, Ingmar Persson and Julian Savulescu argued that an action that does not violate a moral right to privacy cannot violate that right if it is extended over time. Specifically, they argue that a moral right to privacy does not protect against gawking or stalking. In this reply the reverse position is defended. Specifically, it is argued that their arguments fails on according to their own definition of the right to privacy. Furthermore, it is argued and illustrated by examples that (...) this conceptual conclusion holds for many other conceptions of the right to privacy. Moreover, it is argued that Persson and Savluescu fail to recognize the privacy-related harm extended to individuals through gawking or stalking. Lastly, the article ends by sketching how the role of privacy in public and consent relates to the given examples. (shrink)

Over the years, several counterexamples arguably establish the limits of control-based conceptions of privacy and the right to privacy. Some of these counterexamples focus only on privacy, while the control-based conception of the right to privacy is rejected because of conceptual consistency between privacy and the right to privacy. Yet, these counterexamples do not deny the intuitions of control-based conceptions of the right to privacy. This raises the question whether conceptual consistency is more important than intuitions in determining the right (...) way to conceptualize the right to privacy. This article aims to show how the major alternative to control-based conceptions of the right privacy—that is, limited access—can be modified to make sense of, and provide alternative explanations for, these control-based intuitions. (shrink)

Our world is under going an enormous digital transformation. Nearly no area of our social, informational, political, economic, cultural, and biological spheres are left unchanged. What can philosophy contribute as we try to under- stand and think through these changes? How does digitization challenge past ideas of who we are and where we are headed? Where does it leave our ethical aspirations and cherished ideals of democracy, equality, privacy, trust, freedom, and social embeddedness? Who gets to decide, control, and harness (...) the powers of digitization and for which purposes? Epistemologically, do most of us understand these new mediations – and thus fabrics – of our new world? Lastly – how is the new technological landscape shaping not only our living conditions but also our collective imaginary and our self-identities? (shrink)

In the age of Big Data Analytics and Covid-19 Apps, the conventional conception of privacy that focuses excessively on the identification of the individual is inadequate to safeguard the individual’s identity and autonomy. An individual’s autonomy can be impaired and their control over their social identity diminished, even without infringing the anonymity surrounding their personal identity. A century-old individualistic conception of privacy that aimed at safeguarding a person from unwarranted social interference is incapable of protecting their autonomy and identity when (...) they are targeted on the basis of their interdependent social and algorithmic group affiliations. In order to overcome these limitations, in this article, I develop a theoretical framework in the form of a triumvirate model of the group right to privacy (GRP), which is based on privacy as a social value (Pv). An individual has an interest in protecting their social identity arising out of their participation in social groups. The panoptic sorting of individuals by Big Data Analytics for behavioral targeting purposes gives rise to epistemic bubbles and echo chambers that impede the formation of an individual’s social identity. I construct the formulation of GRP1 to protect an individual’s interest in their social identity and their socially embedded autonomous self. Thereafter, I emphasize an individual’s right to informational self-determination and against algorithmic grouping in GRP2. Lastly, I highlight instances where GRP3 entitles an organized group to privacy in its own right. I develop a Razian formulation to state that Big Data Analytics’ constant surveillance and monetization of human existence is an infringement of individual autonomy. The violation of GRP subjects an individual to behavioral targeting (including hyper-targeted political advertising) and distorts their weltanschauung, or worldview. As regards Covid-19 Apps, I assert that the extraordinary circumstances surrounding the pandemic do not provide an everlasting justification for reducing an individual’s identity to a potential disease carrier. I argue that the ambivalence regarding existence of surveillance surrounding an individual’s social identity can leave them in a perpetual state of simulated surveillance (simveillance). I further assert that it is in the long-term best interests of the Big Tech corporations to respect privacy. In conclusion, I highlight that our privacy is not only interdependent in nature, but it is also existentially cumulatively interlinked. It increases in force with each successive protection. The privacy challenge posed by Covid-19 Apps has helped us realize that while limited exceptions to privacy may be carved out in grave emergencies, there is no moral justification for round-the-clock surveillance of an individual’s existence by Big Data Analytics. Similarly, the threat to privacy posed by Big Data Analytics has helped us realize that privacy has been wrongly focusing on the distinguishing aspects of the individual. It is our similarities that are truly worth protecting. In order to protect these similarities, I formulate the concept of mutual or companion privacy, which counterintuitively states that in the age of Big Data Analytics, we have more privacy together rather than individually. (shrink)

In a world that is awash in ubiquitous technology, even the least tech-savvy know that we must take care how that technology affects individuals and society. That governments and organizations around the world now focus on these issues, that universities and research institutes in many different languages dedicate significant resources to study the issues, and that international professional organizations have adopted standards and directed resources toward ethical issues in technology is in no small part the result of the work of (...) Simon Rogerson. -/- – Chuck Huff, Professor of Social Psychology at Saint Olaf College, Northfield, Minnesota -/- In 1995, Apple launched its first WWW server, Quick Time On-line. It was the year Microsoft released Internet Explorer and sold 7 million copies of Windows 95 in just 2 months. In March 1995, the author Simon Rogerson opened the first ETHICOMP conference with these words: -/- We live in a turbulent society where there is social, political, economic and technological turbulence … it is causing a vast amount of restructuring within all these organisations which impacts on individuals, which impacts on the way departments are set up, organisational hierarchies, job content, span of control, social interaction and so on and so forth. … Information is very much the fuel of modern technological change. Almost anything now can be represented by the technology and transported to somewhere else. It's a situation where the more information a computer can process, the more of the world it can actually turn into information. That may well be very exciting, but it is also very concerning. -/- That could be describing today. More than 25 years later, these issues are still at the forefront of how ethical digital technology can be developed and utilised. -/- This book is an anthology of the author’s work over the past 25 years of pioneering research in digital ethics. It is structured into five themes: Journey, Process, Product, Future and Education. Each theme commences with an introductory explanation of the papers, their relevance and their interrelationship. The anthology finishes with a concluding chapter which summarises the key messages and suggests what might happen in the future. Included in this chapter are insights from some younger leading academics who are part of the community charged with ensuring that ethical digital technology is realised. (shrink)

Algorithmic governmentality is a new form of political governance interconnected with technology and computation. By coining the term “algorithmic governmentality,” Antoinette Rouvroy argues that this mode of governance reduces everything to data, and people are no longer individuals but dividuals (able to be divided) or readable data profiles. Implementing the concept of algorithmic governmentality, the current study analyses Project Itoh’s award-winning novel Harmony in terms of such relevant concepts as “subjectivity,” “infra-individuality” and “control,” as suggested by Rouvroy and colleagues. The (...) analysis further draws on Foucault’s ideas of “governmentality” and “neoliberalism” and Deleuze’s concepts of “dividuality” and “society of control.” In Itoh’s fictional world, the entire society is subject to the new medical government, which replaced the chaotic world with a perfect but harrowing benevolent society, eradicating disease, suicide and crime. As elucidated in this paper, despite the dominant controlling government, there is a hope for humans to regain and reestablish their subjectivity and give meaning to their own personality by defying the nihilistic computational system. (shrink)

The increasingly prominent role of digital technologies during the coronavirus pandemic has been accompanied by concerning trends in privacy and digital ethics. But more robust protection of our rights in the digital realm is possible in the future. -/- After surveying some of the challenges we face, I argue for the importance of diplomacy. Democratic countries must try to come together and reach agreements on minimum standards and rules regarding cybersecurity, privacy and the governance of AI.