It is no secret that theories of informational privacy based on defining privacy as restricting access to information or maintaining control over information are losing credibility. This is because they think of information as a kind of thing that can be locked up in a safe place, whose ownership can be clearly ascertained, and whose control is possible. These are assumptions typical of an industrial society based on personal property rights and markets of exchange. The digital revolution has made many of these assumptions obsolete. Information is not a thing, there is no “place” where information can be locked up, and ownership as well as control is vague and contestable. Among those thinkers searching for new interpretations of privacy Helen Nissenbaum (Privacy in Context – Technology, Policy, and the Integrity of Social Life, Stanford University Press, 2010) has elaborated a theory basing privacy on what she calls “contextual integrity.” “What people care most about is not simply restricting the flow of information but ensuring that it flows appropriately…” (2). Consequently, when we talk about a right to privacy, we are talking about a right to “appropriate flow” of information and not as is often assumed about a right to secrecy or to absolute control of personal data.
Legal practice has in fact relied more on what people expect than on abstract definitions of privacy. Being left alone, as Warren and Brandeis described privacy, is a matter of reasonable expectations within a certain social situation. Such a situation Nissenbaum calls a “context.” Society is made up of many different contexts, such as education, health care, politics, business, family, etc. In every context there are norms and rules that govern the flow of information. When functioning properly, these “informational norms” “define and sustain essential activities and key relationships and interests, protect people and groups against harm, and balance the distribution of power” (3). When people feel that their privacy has been violated, it is always with reference not to abstract concepts of access and control, but to the informational norms governing the particular context in which they are acting. What privacy means varies from context to context.
Since reasonable expectation to privacy and thus the right to privacy is derived from the context everything depends on how contexts are understood and analyzed. For Nissenbaum “Contexts are structured social settings characterized by canonical activities, roles, relationships, power structures, norms (or rules), and internal values (goals, ends, purposes)” (132). Contexts can be more or less formalized and institutionalized, they can overlap or be nested within one another. Within any given context, those rules governing the flow of information may be termed “informational norms.” These norms condition expectations about who can gather, transmit, and use information about what in which ways. Whenever claims to protecting privacy are made then the validity of these claims can be ascertained by determining whether or not changes with regard to actors, types of information, modes of transmission etc. have occurred within the context. If this is the case, as it often is with the introduction of new information and communication technologies, then the “integrity” of the context has been violated. Contextual integrity therefore explains why and how privacy rights have been violated and also allows for a differentiated analysis of exactly where the problem has arisen and what can be done to protect informational privacy.
Despite the promising move away from privacy theories based on outmoded rights of access and control, Nissenbaum’s contextual integrity theory raises questions of its own. Any change in informational norms, that is, in actors, information, technologies of transmission, etc. will disappoint some people who can then claim that these innovations violate the integrity of the social context. But technological innovation will also be enthusiastically embraced by others. So which understanding of the integrity of a context is the right one? Whose interpretation of any context is valid? Contexts are never fixed, but are always contestable and constantly changing. Appealing to the integrity of a context as a means to determine whether or not privacy has been violated turns out to be begging the question, because no one can definitively say, what the context is and which informational norms are the right ones. Perhaps a more fruitful approach would be to take a step back from context and focus on those norms governing how contexts and informational norms are negotiated, established, maintained, and transformed. A theory of privacy for the digital age might need to go beyond any given social context to find its foundation in the norms of building networks in a global network society.