My work is full of discussions of policy and details around privacy, but rarely a real definition of privacy. dana boyd gives one of the best privacy definitions that I've heard:
Privacy is not about control over data nor is it a property of data. It's about a collective understanding of a social situation's boundaries and knowing how to operate within them. In other words, it’s about having control over a situation. It's about understanding the audience and knowing how far information will flow. It’s about trusting the people, the situating, and the context. People seek privacy so that they can make themselves vulnerable in order to gain something: personal support, knowledge, friendship, etc.
People feel as though their privacy has been violated when their expectations are shattered. This classicly happens when a person shares something that wasn’t meant to be shared. This is what makes trust an essential part of privacy. People trust each other to maintain the collectively understood sense of privacy and they feel violated when their friends share things that weren't meant to be shared.
Understanding the context is not just about understanding the audience. It’s also about understanding the environment. Just as people trust each other, they also trust the physical setting. And they blame the architecture when they feel as though they were duped. Consider the phrase "these walls have ears" which dates back to at least Chaucer. The phrase highlights how people blame the architecture when it obscures their ability to properly interpret a context.
The definition holds true and explains the very difficult problems around medical privacy. The old architecture of doctor and patient in a closed room is disappearing. The new architecture and new behaviors do not match the expectations of the old doctor patient relationship. For example, we are now in a world where every word we say and every scrap of medical record will be used to evaluate whether we are complying with government regulations. This is now part of policy and regulation, intended for the benefit of society. It is a change that violates expectations.
The technology is the architecture that will be blamed for this change, and dealing with this violated expectation is being treated as a technology problem.
Citation: boyd, danah. 2010. "Privacy and Publicity in the Context of Big Data." WWW. Raleigh, North Carolina, April 29.
