Privacy Series: Privacy as Limits | Washington D.C. & Maryland Area

By Jason M. Pittman, Sc. D.

So far we have explored two constructs that help us understand what privacy is: non-intrusion and seclusion. That is, we want information to be free from intrusion and thus have privacy. Further, we seclude information to keep such information private. Privacy is not always a binary mechanism, however, and neither seclusion nor non-intrusion seem to operate within a continuum or range of privacy. Perhaps the concept of limits, as a form of privacy, is better suited to aiding us in developing such understanding.

To some, privacy is a limit or set of limits. Such limits are characteristics of information insofar as the limits exist as qualities or properties. Limitation does not exist independently of information, although information can be free from limitation (e.g., open and equal access). Yes, in this manner limitation is binary -- there is a limit or there is not a limit. Yet, in the affirmative case there appears to be an infinite scale across which limitations can exist.

Moreover, as far as I can reason, privacy does not have a minimal limit. In other words, there is no minimum limit that must be reached to have privacy. Whereas the maximal limit feels like the very definition of limitation as a construct of privacy because it defines the boundary past which privacy is intruded upon, and thus rendered non-private.

A circle of friends serves well as an example for this explanation of what privacy is. For any given group of friends, some of these friends will be best, some will be close, and some will be acquaintances. While these may not be the most appropriate labels, or even the appropriate number of labels, they are sufficient to illustrate the analogy I am making. I think that we universally recognize that best friends can access information that acquaintances should not. Close friends enjoy a level of access that is somewhere between the other two groups. Facebook, as a practical implementation of privacy as limitations, is entirely built upon such a model.

There is a flaw with privacy as limitation, though. As individuals move between these friend groups, the limitations themselves do not change relative to our information. There is a tight coupling between maximal limit, the information holding this limit, and the external entity associated with the limit and information. That being so, the flaw is apparent when we attempt to downgrade the external entity or upgrade the limit characteristic of specific information.

Thus, if we have a limit whereby only an individual in the best friend group can access our home address, and after accessing such we downgrade the individual to close, we have no mechanism to remove the information from the individual. Likewise, if we once permitted acquiaintances to access our phone number but now wish to upgrade the information to a close limitation, we cannot cause acquaintances to suddenly not know our phone number.

This flaw points to what I feel is important facet of limitation to note: the construct is not self-enforcing. In other words, a limit does not itself prevent an external entity from exceeding the limit. Limitation requires an overarching governor to detect, prevent, or otherwise act if a limit is exceeded. Could privacy as a control serve such as purpose?