All posts by privacymaverick

What does “expectation of privacy” mean?

Alan Westin’s definition of privacy, as outlined in my last post, is that “Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.”


That claim can come from multiple sources: a legal regime, a contract, a written privacy statement, a standard industry practice, a custom or a social norm.  It is the last of the sources, unwritten customs or social norms, that lay the foundation for the “expectation” of privacy.  While a written law, contract or statement will clarify the roles and responsibilities of the subject and possessor of the information, the expectation lies in the subject’s belief that a certain social norm governs the actions of the possessor. 


[NOTE: I often use the term subject to refer to the individual or group about whom the information relates and possessor refers to the holder of the information who is contemplating transferring information to a third party.  Possessor can loosely be used, also, to a potential possessor who is contemplating coming into possession of the information in question.]


“Expectation of privacy” is synonymous, in the US, with the 4th Amendment, where one is guaranteed a right to be free from unwarranted invasion of ones “person, houses, papers and effects.”  The purposefully vague language had lead courts to adopt the “reasonable expectation of privacy” standard deferring essentially to ones’ expectation that the government adhere to custom or social norm.   Clearly, tensions arise when there are no customs or social norms or those social norms are in flux or when courts have to analogize to established norms.  See Warshak v. US 6th Circuit 12-14-2010 (stating that there is a reasonable expectation of privacy in email because of its similarity to postal mail and telephonic conversations).  

What is privacy?

I’d like to start this blog with a little primer on the term privacy.  Most people conflate privacy with the notion of hiding something or secrecy.  However, Alan Westin is his seminal work  Privacy and Freedom (1967) said it succinctly “Privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.” In other words, privacy is about autonomous decision making.  Respecting privacy is about respecting and complying with the decisions individuals make about the information about them without regard to the nature of the information.


Understanding this distinction is paramount to understanding privacy.  No matter how insignificant, no matter how negligible the consequences, the fact that one ignores or acts contrary to the wishes of the subject of the information is the violation.  It is the defiant act itself, not the consequences of shame, embarrassment, identity theft, etc. that define a violation of privacy.

Perhaps an example is in order.  Consider a lady at a dinner party who whispers, in confidence, her birthday.  The recipient then announces to the party that Ms. X was born in 1950. Clearly most are aghast at the revelation of such personal information. What if the recipient had merely announced that Ms. X was born in August?  No longer is there social stigmatization attached to the information, as there is with revealing a lady’s age.  The lady, the subject of the information, may not be as ashamed of the revelation but just as great a violation has occurred.  The recipient of the information violated her trust as well as the unwritten agreement they had.  Now, there may be other social norms or agreements at play between the giver and the receiver of the information but in the simple scenario, no matter what information is released, the further release of information by the recipient failed to adhere to the complete understanding of the parties.