Skip to main content
Photo of a Law Library

Unity in Privacy Diversity: A Kaleidoscopic View of Privacy Definitions

Bert-Jaap Koops & Maša Galič[1]*[2]Ψ

Contrary to the common claim that privacy is a concept in disarray, this Article argues that there is considerable coherence in the way privacy has been conceptualized over many decades of privacy scholarship. Seemingly disparate approaches and widely differing definitions actually share close family resemblances that, viewed together from a bird’s-eye perspective, suggest that the concept of privacy is more akin to a kaleidoscope than to a swamp. As a heuristic device to look at this kaleidoscope, we use a working definition of privacy as having spaces in which you can be yourselves, building on two major strands in privacy theory: identity-building and boundary-management. With this heuristic, we analyze how six authoritative privacy accounts can be under­stood in the terms and rationale of other definitions. We show how the notions of Cohen (room for boundary management), Johnson (freedom from others’ judgement), Nissenbaum (contextual integrity), Reiman (personhood), Warren and Brandeis (being let alone), and Westin (control over information) have significant overlap with—or may even be equivalent to—an understanding of privacy in terms of identity-fostering spaces. Our kaleidoscopic perspective high­lights not only that there is coherence in privacy, but also helps to understand the function and value of having many different privacy definitions around: each time and context bring their own privacy-related challenges, which might best be addressed through a certain conceptualization of privacy that works in that particular context. As the world turns its kaleidoscope of emerging privacy issues, privacy scholarship turns its kaleidoscope of privacy definitions along. The result of this kaleidoscopic perspective on privacy is an illuminating picture of unity in diversity.

Introduction

Privacy is an umbrella term encompassing notoriously varied aspects and has consequently been the subject of widely differing definitions. Unsurprisingly, then, scholarly literature is full of claims that the concept of privacy lacks coherence.[3] Privacy is often depicted with the use of illustrative similes showing this incoherence. For instance, it has been described as a “haystack in a hurricane,”[4]and researching it has been likened to “exploring an unknown swamp.”[5]Privacy seems “a chameleon-like word” denoting “a range of wildly disparate interests.”[6] We posit, however, that there is more coherence to how privacy is conceptualized than is commonly admitted.

There are generally two types of theoretical conceptions of privacy: unitary (or essentialist) and typological (or pluralist).[7] The first tries to develop a conception of privacy with a unified conceptual core, offering a definition and a normative value of privacy.[8] The second makes meaningful distinctions between different types of privacy and is largely descriptive.[9]

In previous work with our colleagues, we have shown that the latter approach, while seemingly emphasizing the diversity of privacy in its inclusion of different types, shows that the concept of privacy is actually much more coherent than is often claimed.[10] The typology we developed identifies eight primary types of privacy (each overlapping with informational privacy as an overlay), aligned along two primary dimensions: the zones of life (from public to private) and aspects of freedom (from negative to positive).[11] We claimed that this model presents the smallest common multiple of privacy, that is, the smallest possible set that encompasses any privacy type encountered in different legal systems.[12] It demonstrated the coherence of privacy in typological or pluralist accounts by showing how the different types of privacy meaningfully relate to each other—for instance, how bodily and mental privacy typically represent negative and positive freedom in the personal zone of life, or how spatial privacy (home protection) and decisional privacy constitute negative and positive sides of the coin in the intimate sphere.[13]

In this Article, we aim to show that there is coherence also in the former approach: unitary accounts of privacy. These accounts highlight privacy from a particular angle, usually in the form of a definition that tries to capture the essence of what privacy entails.[14] Definitions of privacy offered in the literature go all over the place: they are so wide-ranging and diverse that they have significantly contributed to the above-mentioned common claim that the concept of privacy is incoherent.[15] We do not intend to argue that all privacy definitions mean the same; on the contrary, each definition offers its own contribution to the literature, highlighting a particularly salient aspect of privacy. What we do argue is that privacy definitions have more in common than meets the eye when taken at face value: while using widely varying formulations, and emphasizing different aspects, many definitions share family resemblances that, viewed together from a bird’s-eye perspective, suggest that the concept of privacy is more akin to a kaleidoscope than to a swamp.

We demonstrate this argument by analyzing the family resemblances, and thus coherence, between six authoritative privacy definitions that seem very diverse—ranging, for instance, from “being let alone” and “freedom from judgement of others” to “contextual integrity.”[16] Our method for this is to try and map the definitions onto each other, in the sense of showing how these definitions interrelate and are, in a sense, interderivable. That is, we try to show that each definition can—at least to a significant extent—be understood in the terms and rationale of another definition. Because we do not want to privilege one existing definition over the others, we use as a heuristic tool a working definition of privacy[17] of our own, which we think is capable of showing that privacy is in fact a rather coherent concept despite the wide-ranging conceptualizations within privacy theory.

For this purpose, we define privacy as having spaces in which you can be yourselves.[18] In other words, having spaces in which you can be yourselves gives you privacy, and privacy requires having some spaces in which you can be yourselves. Conceiving of privacy in relation to the spaces in which identity construction is fostered allows us to bring together wide-ranging strands within privacy theory.[19] Through the identified connections between seemingly disparate approaches, privacy proves to be a more coherent concept than is often claimed. With this working definition, we do not claim to present a more complete picture or to capture the essence of privacy better than others have done; many existing privacy accounts can and will stand on their own, and continue to inform privacy theory. Quite the contrary, we find value in retaining existing (and additional) definitions of privacy and do not wish to replace them with our own definition. Our definition serves primarily as a heuristic device for finding coherence in existing unitary accounts of privacy.

The result of this exercise is a kaleidoscopic perspective on privacy theory: it contains many different, small pieces of glass that can be ordered and highlighted in many ways to show different patterns. These patterns constitute different pictures, but they build on the same elements and look rather similar in the attractiveness of their color scheme, while each pattern has its own distinct beauty. Connecting the notion of privacy with a kaleidoscope is not completely new. Picard, for example, described the right to privacy as a kaleidoscopic right: “Modify the angle of observation, and its physiognomy is altered as if it were not exactly the same right in each position.”[20] Also, Marx has compared privacy (and surveillance) to a kaleidoscope: “What we see and conclude depends on how we turn the conceptual kaleidoscope. In broadening and turning the kaleidoscope this chapter considers some connections between surveillance, privacy[,] and publicity.”[21] However, no author has elaborated the metaphor of a kaleidoscope to explain the unity in diversity of the concept of privacy. This Article argues for seeing privacy as a kaleidoscope: it may show different pictures all the time, but there are structural similarities between the pictures because they are all variations of the same set of basic elements.

In this Article, we give the kaleidoscope of privacy a few twists and turns, seeing six important privacy definitions through the lens of our device, resulting in an illuminating picture of unity in diversity. Thus, this Article presents our kaleidoscopic perspective on privacy definitions.

The Article is structured as follows. In Part II, we start with presenting the common claim in the literature that privacy is an incoherent concept, complemented with a minority view that perceives privacy as fairly coherent. Next, in Part III, we offer a working definition of privacy, which builds on existing conceptualizations of privacy in terms of (boundary management of) spaces and identity-building. Then, in Part IV, we discuss how this definition relates to major conceptualizations of privacy, aiming to show how the notions of Cohen (room for boundary management), Johnson (freedom from others’ judgement), Nissenbaum (contextual integrity), Reiman (personhood), Warren and Brandeis (being let alone), and Westin (control over information) have significant overlap with (or may even be equivalent to) the notion of identity-fostering spaces. Part V follows with a discussion of the added value and limitations of our kaleidoscopic perspective on privacy definitions. We end with a brief conclusion.

From Muddle to Model: the Claimed (In)Coherence of Privacy

We should clarify that we understand “coherence in privacy” as encompassing not only coherence of the concept of privacy, but also—or rather—coherence among the various privacy accounts and definitions offered. While numerous scholars have already argued that privacy is a coherent concept in the sense of having an inherent and distinct value of its own,[22] far fewer have argued that there is more agreement amongst privacy definitions than is usually admitted.

Mainstream: Incoherence

As already mentioned, attempts to conceptualize and define privacy “have been almost as varied as they have been numerous.”[23] In fact, the concept of privacy is said to be one of the concepts most subject to dispute in recent Western philosophical, political, and legal discourse.[24] Particularly since the end of the 1960s, a daunting amount of privacy scholarship has emerged, which appears to have approached privacy from every possible theoretical and political position.[25] As David Lindsay put it, “the most notable feature of this literature has been an almost complete absence of agreement concerning both the definition of privacy and the values said to be promoted by the legal protection of privacy.”[26] The wide variety of accounts has led the concept of privacy to be commonly described as muddled, messy, contested, complicated, tangled, ambiguous, obscure, or incoherent.[27]

Discontent concerning the definition of privacy can be traced back to the late 19th century, when Mill’s critic James Fitzjames Stephen stated that “[t]o define the province of privacy distinctly is impossible.”[28] Such criticism became increasingly pronounced after 1970, particularly—although not exclusively—in the United States.[29] In the 1970s, scholars primarily lamented that the concept of privacy is “exasperatingly vague and evanescent”[30] or “elusive and ill defined.”[31] In the early 1980s, following a time of prolific discussions of privacy in philosophical and legal scholarship, Parent noted that a clearer, more perspicuous understanding of the concept as a result of this work is “very disputable”; in fact, he concluded that “[t]he current state of privacy research is in hopeless disarray.”[32] Or, as another commentator put it at the time, the concept of privacy suffers from “an embarrassment of meanings.”[33]

The situation seems not to have improved since. Quite the contrary, as “authors [continue to] parade their ingenuity with increasingly obscure, and obscuring, definitions”[34] of privacy, the situation seems to be worsening. This is because the seemingly continuous elaboration of the concept imbues privacy with increasing layers of complexity. As Robert Post notes: “Privacy [has become] a value so complex, so entangled in competing and contradictory dimensions, so engorged with various and distinct meanings,” that one wonders whether it can be usefully addressed at all.[35] In short, privacy seems to be in a state of “conceptual confusion.”[36] Inness’s comparison of exploring the concept of privacy with exploring an unknown swamp thus still seems fitting:

We start on firm ground, noting the common usage of “privacy” in everyday conversation and legal argument; it seems it will be a simple task to locate the conceptual and moral core of such an often-used term. But then the ground softens as we discover the confusion underlying our privacy intuitions. We find intense disagreement about both trivial and crucial issues.[37]

This expansion is claimed to have another consequence: according to Solove, it has severely diluted the concept.[38] “[P]rivacy [nowadays] is a sweeping concept, encompassing (among other things) freedom of thought, control over one’s body, solitude in one’s home, control over personal information, freedom from surveillance, protection of one’s reputation, and protection from searches and interrogations.”[39] In this sense, privacy is “about everything, and therefore it appears to be nothing.”[40] More than twenty years after Parent, Solove thus declared that privacy is (still) in a state of “disarray.”[41] In fact, following this brief overview of privacy incoherence claims, one is tempted to conclude that privacy “has been in ‘disarray’ since earliest attempts at definition.”[42]

Against the Stream: Coherence

As far as we can tell, only a few scholars have argued, or could be interpreted as having argued, that privacy is actually more coherent than it would seem.[43]

One way of finding coherence in numerous and potentially conflicting definitions of privacy is to argue that the concept of privacy is an “essentially contested concept,” just like justice, liberty, or equality.[44] According to this theory, more than one interpretation of a contested concept—in this case, privacy—may reasonably be held.[45] In fact, disputes about its core are both paramount and central to the core of the concept itself.[46] To put it simply, “[p]rivacy has always been a messy, complicated, and rather vague concept . . . [b]ut that’s OK”;[47] or, rather, that is how it is supposed to be. While Bennett and Grant seem to have been the first to connect this theory of essentially contested concepts to privacy,[48] Mulligan, Koopman, and Doty have argued more recently that “privacy’s disputes are neither an accidental feature of the concept nor a lamentable condition of its applicability.”[49] While this approach does not directly argue that the concept of privacy is coherent, it does so indirectly by seeing contests over privacy as generative and productive, “rather than as an excuse to dismiss privacy as a muddle or a myth, or even worse as an excuse to exert power.”[50] Peter Blok, a Dutch legal scholar, seems to suggest something similar by stating: “Although the exact delineation of the concept [of privacy] will always be contestable, there is as much clarity about the meaning of the concept in the context of Dutch and American law as we may expect from such a general concept.”[51]

Finally, Ari E. Waldman has recently argued that privacy is more coherent than it would seem.[52] According to Waldman, “[p]rivacy scholarship may be teeming with different conceptions of privacy, but the differences among them mask widespread agreement about their rights-based assumptions.”[53] He argues that “the traditional definitions of privacy,” which are based on liberal individualism, “are just different expressions of the same theme: privacy and society are in tension . . . because privacy is about privileging the individual and individual rights over society.”[54] Waldman thus perceives coherence very broadly, based on the assumed stark opposition between individuals and society.[55] Considering that contemporary conceptions of privacy are indeed founded upon and heavily draw from the Western liberal tradition,[56] finding this common ground is perhaps somewhat obvious; in itself, this says little about how exactly the diverse accounts of privacy would cohere.

In this Article, we go further and claim that there is coherence in privacy in a much more specific manner than a common ground in the Western liberal tradition. Using a working definition of privacy of our own, we will show that strong family resemblances exist between several different accounts of privacy, and we will demonstrate how these resemblances become visible through the lens of identity and space.

Defining Privacy in Terms of Identity and Space

Working Definition and Its Roots

As a heuristic device to test the mutual resemblance of privacy definitions, we use the following working definition: privacy is “having spaces in which you can be yourselves.”[57] This is based on two strands in privacy theory.

First, several scholars have conceptualized privacy as relating to identity and identity-building.[58] Agre, for example, has defined the right to privacy as “the freedom from unreasonable constraints on the construction of one’s own identity.”[59] Gerety defines privacy as “an autonomy or control over the intimacies of personal identity.”[60] Several privacy scholars refer to Goffman’s work on identity and self-representation[61] as a major source of inspiration in their conceptualizations of privacy.[62] In Dutch scholarship and case law, privacy is often defined as “being able to be yourself without inhibition.”[63] These accounts emphasize the importance of privacy as foundational for identity-building: privacy is not about being yourselves, but about the ability to be yourselves when and where you want, without unreasonable constraints. Depending on the context, “being yourself” can mean the particular role that is relevant at the material time and place, different partial identities, or a more comprehensive sense of self. Moreover, the reasonableness of constraints on being yourself—or yourselves—without inhibition will also depend on the environment: you are freer to do whatever you want in your bedroom than on the street.

This implies that a second component is equally important: space. We use “space” here in the sense of the physical container of objects and people, or “a backdrop against which human behaviour is played out.”[64] This is not to deny that space is socially produced: it is not a preexisting neutral entity.[65] Spaces are indeed “an active constitutive element in the production of social relations.”[66] They are also in a continuous state of becoming— being made—through emergent patterns of use.[67] However, our aim here is to emphasize the more literal or physical aspect of space in order to distinguish it from the more abstract concepts of “context” or “sphere.” Space as we use it thus consists of a location (coordinates on the Earth’s surface) and a locale, that is, “the material setting for social relations.”[68] When a space is made meaningful, by and for people, it becomes a place. A place can hence be defined as “meaningful location”; it is a space we come to know and value.[69] Thus, places are said to form the “basic condition of life” and are particularly relevant for “identity-building.”[70]

In this Article, we will generally use the term “space,” because it is a slightly more abstract notion than “place,” which allows us to consider also somewhat more abstract spaces that have a locale delimited by fluid, immaterial (rather than fixed and physical) boundaries.[71] After all, there are many different types of spaces in which one can be oneself, and some are more abstract than others.[72] “For instance, personal space is delimited by an invisible bubble surrounding a person, which fluctuates depending on the circumstances.”[73] Nevertheless, spaces discussed in this Article generally have a “real-world” location and environmental setting. This even applies to virtual spaces: the rise of digitized, networked interactions and the increasing emphasis that is being placed within the privacy debate on personal data seems to suggest that only bits and bytes matter, but cyberspace cannot exist without physical spaces. We have quickly outlived the period in which the “real” and the “virtual” could be seen as separate realms. “Bits don’t just sit out there in cyberspace, to be visited occasionally like pictures in a gallery . . . . It makes more sense to recognize that invisible, intangible, electromagnetically encoded information establishes new types of relationships among physical events occurring in physical places.”[74]

Spatial conceptions of privacy form a key strand in privacy theory.[75] Cohen observed that, although spatial metaphors for privacy are often rejected as ill-suited for the networked information age, “spatial metaphors continually recur in privacy discourse,”[76] and this “insistent recurrence . . . suggests that something about the experience of privacy, and that of privacy invasion, is fundamentally and irreducibly spatial.”[77] Altman’s account of privacy as boundary management,[78] partly building on Hall’s theory of four distances that people maintain from each other,[79] is an important source in privacy scholarship; similarly, the prevalent conceptualization of privacy as restricted accessibility[80] is essentially spatial in character, presuming some boundary that precludes access. Modulating the social interactions taking place within spaces gives people room to be themselves within these spaces. The spaces can be literal (some part of geographic territory) but also more abstract, “as a sort of metaphorical shelter of the self.”[81]

The link between privacy, space, and identity is no coincidence. Although the combination of identity and space has been underdeveloped in privacy theory,[82] we are not the first to conceptualize privacy in these terms. Already in 1966, Dutch sociologist Van Braam associated privacy “in the first place with possibilities to be ourselves, with space to be alone with our deepest thoughts and our most intimate feelings, with possibilities to be or live together undisturbed in self-chosen forms of humanity.”[83] Moore has argued that privacy, as controlling access to ourselves, “affords individuals the space to develop as they see fit.”[84] Sofsky succinctly stated that “[p]rivacy is the citadel of personal freedom. . . . It keeps unauthorized persons out. The fortress ensures independence and self-determination.”[85]. Cohen’s conceptualization of privacy also combines notions of identity and space.[86] Further, cyberpsychologists McMahon and Aiken proposed an account of privacy “as a secondary psychological drive, the combination of two more profound drives—territoriality and identity.”[87] While these accounts associate privacy more or less explicitly with spatial settings and identity-building, it turns out that also other, seemingly very different, accounts of privacy can be connected to space and identity.

In this Article, we elaborate on the connection between privacy, identity, and spaces by reviewing six privacy definitions through the lens of our working definition. We argue that a kaleidoscopic view of privacy in terms of identity and spaces shows that conceptions of privacy are much more coherent than the “messy and complex subject”[88] that privacy is often said to be.

Rationale of the Working Definition

Our working definition of privacy as having spaces in which you can be yourselves, is based on several considerations. Most importantly, it combines aspects of negative freedom (“freedom from”) and positive freedom (“freedom to”). As our privacy typology shows, privacy includes types on both sides of the spectrum of freedom,[89] and it is therefore important that a conceptualization of privacy account for both. In our working definition, privacy is partly a positive freedom: the freedom to be yourself—or, more precisely, the freedom to be able to be yourself or yourselves—and thus to build, maintain, and change your identity. Yet privacy is not equivalent to self-development or autonomy, which are broader notions. Privacy is a narrower concept because it connects the positive freedom of self-development with the negative freedom of spatial boundary management. Thus, privacy is simultaneously a negative freedom: the freedom from unwanted access to one’s personal sphere. The conception of privacy as boundary management of one’s personal sphere for the purpose of being able to enjoy the freedom of self-development demonstrates that privacy has aspects of both negative and positive freedom, and that these aspects are interdependent. This helps to explain why we find accounts in privacy theory that conceptualize privacy in terms of negative freedom (e.g., being “let alone)[90] as well as in terms of positive freedom (e.g., self-determination of information flows).[91]

Moreover, the working definition conceptualizes privacy as a condition or a state rather than a desire, value, claim, or process. Privacy is something that a person has, or does not have, at a certain time and place, to a greater or lesser degree (privacy is, of course, not an all-or-nothing concept). Although there is no consensus on the conceptual status of privacy, a considerable part of privacy theory has seen privacy as a state in which persons are or can be.[92] This enables discussing it in both descriptive and normative terms: does someone, in a certain situation, have privacy, and should she have it?

The working definition furthermore entails “that privacy is a condition of human beings” and reminds us “that humans are embodied beings, living in four-dimensional space/time.”[93] And this also illuminates the infrastructural character of privacy: the condition of having an environment in which you can be yourselves is an important presupposition for autonomy, self-development, and the other values that privacy contributes to.[94]

Rather than give more considerations, we will now turn to the proof of the pudding: showing that the working definition offers an illuminating crosscut of privacy theory that can demonstrate the concept’s coherence instead of its oft-claimed messiness.

Connecting Existing Definitions and Accounts Of Privacy

In this section, we discuss, in alphabetical order of authors, six accounts of privacy in privacy theory. The main reasons for selecting these accounts are because they are generally seen as authoritative, they have something important to say about what privacy means, and they emphasize different aspects of privacy. The selection from the larger body of authoritative accounts is relatively random, in the sense that many other accounts could also have been chosen for discussion here. The combination of these six serves as well as any other for the purposes of showing that the notion of privacy has more coherence than is often thought, and this coherence can be made visible by combining privacy’s negative freedom aspect (controlling access to one’s private sphere) with privacy’s positive freedom aspect (being able to be oneself as an important part of being an autonomous person).

We will attempt to show how the conceptualization of privacy advanced by these scholars can be connected to the working definition we propose in this Article. In a sense, this is an attempt to map definitions onto each other, which will demonstrate that there are strong family resemblances between the different accounts of privacy and the resemblance becomes visible through the lens of identity and space.

Cohen: Room for Boundary Management

In Configuring the Networked Self, Julie Cohen advances a conceptualization of privacy that is capable of accounting for the networked information society, in which subjectivity develops within increasingly networked social spaces.[95] She offers a working definition of privacy as “room for socially situated processes and practices of boundary management.”[96] Although this is close to Altman’s model of privacy as boundary management,[97] Cohen extends this model with an emphasis on space and self-construction,[98] and her account is therefore very close to our working definition. Cohen builds her working definition on a recognition of the importance of the embodied self: people develop themselves in social and material practices, and in order to foster self-development, people need “room.”[99] The spatial metaphor is intentional: “processes of self-construction are geographically mediated.”[100]

One of the great assets of Cohen’s work is her recognition of the intertwining of physical and digital spaces: people live in a networked society where information and digital flows are increasingly important, yet people remain embodied and part of physical space.[101] This implies that the room people need for boundary management involves physical (bodily and territorial) spaces as well as digital spaces, and hybrids thereof.[102] The room people need for self-construction cannot, therefore, be limited to physical places such as the home or an invisible bubble around the person,[103] but must be more abstract. Cohen calls this “breathing room”: the privacy interest “is best described as an interest in breathing room to engage in socially situated processes of boundary management.”[104] This breathing room requires limitations to surveillance because transparency (the characteristic of being seen) tends to have normalizing effects on people that restrain their self-development.[105] It also requires limitations to the designing-in of exposure (the characteristic of being visible) into physical and digital spaces because exposure “alters the capacity of places to function as contexts within which identity is developed and performed.”[106]

Cohen’s account of privacy is clearly closely related to our working definition of privacy as having spaces in which you can be yourselves. Although self-development or identity are not part of her definition of privacy, they are a key part of her conceptualization and actually the main reason for defining privacy as “room for . . . boundary management.”[107] The room functions as breathing space that people need for identity construction, and although such breathing space is not a particular space or place, it requires concrete spaces in which people can breathe.[108]

There is a difference in emphasis, however, between Cohen’s and our account. Cohen argues that the breathing space particularly lies in the “interstitial complexity” of social interactions,[109]—that is, at the meeting points of inside and outside spaces, where friction should occur instead of seamless flows of visibility or of information. It is friction at the interstices of social interaction that enables self-development.[110] This makes Cohen’s account ultimately less spatial than our working definition: her breathing room is a characteristic of the meeting points, the margins or boundaries, of social interactions,[111] rather than a condition of the spaces in which, in our account, people should be able to be themselves.

Nevertheless, the accounts are equivalent in their combination of space (and privacy’s negative freedom aspect) and identity (and privacy’s positive freedom aspect). If someone has a space in which she can be herself, this is only because she has made use of the room to manage the boundaries of her space in social interactions. And, conversely, if someone has room for socially situated processes and practices of boundary management, this will result in having a space in which she can be herself and develop herself. Thus, our accounts are ultimately equivalent, with our working definition emphasizing the end result (a condition in which people have room to be themselves), and Cohen’s working definition emphasizing the process[112] (the precondition for achieving room to be yourself).

Johnson: Freedom From Judgement of Others

Jeffery Johnson’s conceptualization of privacy as freedom from judgement of others[113] is less mainstream than other privacy theories discussed here, but it is appealing because of its intuitive explanatory power. Johnson argues that “all examples of privacy have a single common feature. They are aspects of a person’s life which are culturally recognized as being immune from the judgment of others.”[114]

While it may be somewhat of an overstatement to claim that “all examples” of privacy are related to judgment of others, most situations that we intuitively feel involve a privacy interest are indeed related to the fact that they somehow encompass the risk of someone being evaluated on the basis of something they would have liked to keep private, or at least left out of the equation as being irrelevant to a decision at hand. Thus, privacy involves “the right to control, within culturally defined limits, who may legitimately form evaluative judgments within those boundaries.”[115] For example, if someone asks her colleagues at the coffee table for opinions on the latest cheap murder mystery she should read, they may freely evaluate her reading habits; if her reading trashy murder mysteries (in her spare time) is used to evaluate her functioning as a scholar, or if the mailman delivering her copy of Murder of the Month forms a negative opinion of her, this becomes an interference with her privacy.[116]

Another example Johnson discusses at some length is that of a peeping Sarah watching his naked body through the bathroom window; this is clearly a privacy issue, but it is hard to explain through privacy as control over information.[117] The privacy infringement is not so much that Sarah acquires knowledge of Johnson’s waistline or pink bathroom tiles (which she might know legitimately from other sources), nor necessarily that she will evaluate Johnson as being overweight.[118] Rather, it is the mere fact of being non-consensually observed in a situation of nudity that feels awkward.[119] Johnson explains this by observing that cultural taboos of nudity, sexuality, and excretion involve “a concern with judgment, rather than mere observation,” because they involve shame and embarrassment.[120] Basic bodily functions have an emotional charge, and “emotions are judgments—normative and often moral judgments.”[121]

What does freedom from judgement of others have to do with identity and space? Johnson builds his account partly on Benn’s (Kantian) notion of a person, which serves as a basis of a dignitarian account of privacy: “To conceive someone as a person is to see him as actually or potentially a chooser, as attempting to steer his own course through the world.”[122] Self-consciousness is a crucial element of the person as an agent, and this relates to seeing oneself through the eyes of another.[123] This process of seeing oneself through the eyes of another is a defining feature of identity and identity-building.[124] Being aware how others see you is becoming aware how others may judge you, and this affects one’s self-understanding and one’s freedom to act: people adapt their sense of self and their behavior (at least partly) depending on how they anticipate others will evaluate them and their behavior. This does not make all judgements a privacy infringement, nor do all judgements change people’s personal identity; however, privacy infringements always involve people’s awareness (ex ante, ex post, or in a general sense) of the possibility of being judged, which affects their self-awareness and thus their sense of self.[125]

While freedom from judgement of others is therefore closely connected to identity, it does not seem associated with particular spaces. However, the formulation of privacy in terms of a negative freedom (freedom from judgement) and his use of the metaphor of boundaries[126] are important indications that Johnson’s account assumes some space from which others can be excluded—otherwise, one would never be able to be free from judgement from others in the first place. Goffman’s metaphors of frontstage and backstage are helpful here: people actively manage the impressions they give off on-stage (being aware how their audience will perceive them), but they relax off-stage, leaving behind the different roles they play in their various on-stage social interactions.[127] Off-stage is where people can be “themselves” rather than the “selves” they present to others.[128] The situations in which one is free from judgement of others are therefore essentially those situations where one is, or feels, off-stage—and these off-stage situations are precisely the spaces in which one is fully able to be oneself.

Nissenbaum: Contextual Integrity

Helen Nissenbaum advanced the notion of “contextual integrity” as a framework for explaining why people are upset and experience something as an interference with their privacy, and for helping to evaluate when such interferences could be considered acceptable.[129] Contextual integrity is defined as respect for informational norms,[130] that is, norms “that govern activities and practices within and across contexts” and are “specifically concerned with the flow of personal information . . . from one party to another, or others.”[131] Such norms “define the duties, obligations, prerogatives, and privileges associated with particular roles, as well as acceptable and unacceptable behaviors” and often reflect “the power structures that characterize many familiar social contexts.”[132] To evaluate a certain practice in relation to “entrenched context-relative informational norms,” the practice should be described and analyzed “in terms of actors (subjects, senders, receivers), types of information, and principles of transmission.”[133] Nissenbaum’s basic tenet is that, when context-relevant informational “norms are contravened, we experience this as a violation of privacy, here labeled as a violation of contextual integrity.”[134]

Although her book is entitled Privacy in Context, it remains somewhat unclear whether Nissenbaum proposes contextual integrity as a theory of (informational) privacy, or as a stand-alone concept that is related to, but not equivalent with, privacy. At various points, the text suggests that the right to privacy is synonymous with the right to contextual integrity; for example: “Privacy may still be posited as an important human right or value . . . , but what this amounts to is a right to contextual integrity.”[135] However, at other points, Nissenbaum emphasizes that contextual integrity is “not a full-blown theory of privacy”[136] and that the framework of contextual integrity “is neither a theory of a legal right to privacy nor a definition of a legal concept of privacy.”[137] Instead, contextual integrity is presented as a “benchmark,”[138] “indicator[,] or metric”[139] for privacy—it “can serve as a foundation for law and regulation by providing a standard against which legislation (existing or proposed) and detailed rules are tested.”[140] Altogether, contextual integrity seems a dualistic concept: it primarily serves as a heuristic device to describe, analyze, and understand privacy violations, but therewith it also simultaneously offers an alternative understanding of privacy as such.[141]

Now, how does contextual integrity connect to our working definition of privacy? It is tempting to interpret contexts as spaces, but that would be somewhat misleading. Contexts are “structured social settings characterized by canonical activities, roles, relationships, power structures, norms (or rules), and internal values (goals, ends, purposes),”[142] or in other words “the structured social systems that have evolved to manage and accomplish aspects of social life recognized as fundamental in a given society.”[143] Thus, contexts have a strong family resemblance with Walzer’s spheres of justice, which are spheres of society such as “education, the marketplace, politics, established religion, health care, and the workplace.”[144] Within these broad social spheres, the framework of contextual integrity can be applied well at a meso level of abstraction, for instance, at “a grade school in an educational context; a hospital in a healthcare context; a department store in a commercial marketplace.”[145] But many of Nissenbaum’s discussions reside rather at the macro level, for instance, in the health care context. In contrast, the spaces we are thinking of in terms of being able to be yourselves are spaces at the micro level: a particular room, a car, or a privacy bubble you have around you when phoning in a café. Nevertheless, the meso level of a school or a hospital are also good examples of relevant spaces—not necessarily the concrete buildings, but rather the socio-organizational space, for instance, of a secondary school consisting of teaching rooms, school yards, teachers, pupils, and communication infrastructures used for the school’s purposes. In fact, contexts, just like spaces, are often nested: a context incorporates many more particular contexts, which contain even more specific contexts. “The implications for privacy of such nesting might be that the governing norms of the commercial marketplace may be differentiated from richer, more specific norms for food markets, and even more differentiated for an individual store.”[146] Thus, contextual integrity often ultimately comes down to achieving appropriate information flows in very concrete contexts, which are closely associated with particular places and spaces in, from, and through which the information actually flows.

Contexts are also closely related to identities. For instance, the “contexts of health care, education, employment, religion, family, and the commercial marketplace”[147] typically identify the different roles that people play in social life.[148] A person can be a patient, pupil, employee, confessant, mother, and consumer, although not usually all at the same time. The appropriateness of information-flows largely depends, so Nissenbaum argues, on the expectations associated with the particular role one plays in the particular context.[149] Clashes of contexts, and therewith violations of contextual integrity, occur especially when “participants who consider themselves acting in one capacity in one context are treated as if they are acting in another capacity in a different context.”[150] For instance, a woman telling her confessor about suffering from depression does not expect the priest to warn her children or her physician of a possible suicide risk. Thus, the appropriateness of information-flows is closely associated with, although not necessarily equivalent to, privacy expectations:[151] one usually assumes that information shared in a certain social context, related to a certain role, remains within that context. Appropriateness also strongly relates to purpose limitation: one expects information shared in a certain context not to be revealed (without consent) in a different context; moreover, contextual integrity has to be evaluated in light of the purposes that the particular social context, or sphere of justice, is aimed at serving.[152]

Thus, contextual integrity, as informational privacy, fosters the capacity for people to play the different roles they have in social life, without fear of information known within one context being used against them in another context. This safeguards freedom from judgement of others and allows room for boundary management, which enables people to feel comfortable when they play a certain role without having to continuously think of all the other roles they have in different contexts. In other words, through contextual integrity, people are able to be who they want to be in a particular setting, space, or place, and thus to have privacy in terms of identity-fostering spaces. And conversely, if people have privacy in the sense of having spaces in which they can be themselves, this can only be so because the information flowing in, from, and through those spatial contexts will be handled with care, following the norms and associated expectations that are co-constitutive of the relevant type of spatial context.

Reiman: Privacy and Personhood

In his paper on privacy, intimacy, and personhood, Jeffrey Reiman offers a personhood account of privacy, where privacy is seen as necessary for the creation and maintenance of selves (or persons) out of human beings.[153]

Reiman defines privacy as “a social ritual by means of which an individual’s moral title to his existence is conferred.”[154] According to Reiman, to be a person (a self) requires not only that an individual recognizes her actual capacity to shape her existence (her thoughts, body, and actions) by her choices; she must also recognize that she has an exclusive moral right to shape her existence.[155] In other words, privacy is a condition or set of social practices constituting and sustaining boundaries that need to be drawn between ourselves and others “in virtue of our status or potential as persons.”[156] The mentioned social practices involve a complex of behaviors, such as refraining from asking questions about another’s sex life, looking into open windows from the street, and entering closed doors without knocking. It is through such (more or less) complex social practices, sometimes presupposing social institutions, that social groups recognize—and communicate—to the individual that her existence is her own; that is, that she has a moral right to it.

The role of privacy in Reiman’s account is twofold. On the one hand, it is an “essential ingredient in the process by which ‘persons’ are created out of prepersonal infants.”[157] Privacy is thus a strict prerequisite of personhood. On the other hand, the ritual confirms and demonstrates respect for the personhood of already developed persons. Since the creation of “selves” is an ongoing social process, privacy protects the individual’s interest in becoming, being, and remaining a person.[158] Alongside moral philosophers, Reiman therefore distinguishes between “being a human being” and “being a person in a moral sense,” admittedly without explicating the details of the distinction.[159]

Although there is an intuitive connection between notions of personhood and identity, its relationship merits a brief explanation for the purposes of this Article. Personhood generally concerns the question: what is it to be a person?[160] In other words, what is necessary, and what suffices, for something to count as a person, as opposed to a nonperson? Or one can ask more specifically: at what point in one’s development from a fertilized egg does there come to be a person?[161] Personhood hence refers to the quality or condition of being a person. While personal identity is sometimes discussed under the protean term self,[162] thus seemingly referring to the same set of issues, the term has been used in a narrower sense in privacy theory. In privacy theory, the main points of discussion concern identity development or self-determination. One’s identity is commonly seen as a social construction and persons are situated and embodied beings.[163] This means that humans “develop into persons as they relate to their environment and interact with others.”[164] The main idea here is that the individual only comes to know herself if she becomes an object to herself, thus seeing her own actions from the perspective of the other.[165] Similarly, Reiman states: “since my view of myself is, in important ways, a reflection of how others treat me, I come to view myself as the kind of entity that is entitled to the social ritual of privacy.”[166]

Personal identity (development) is thus connected to that part of “the social ritual of privacy” through which the personhood of already developed persons is confirmed and respected. While Reiman’s notion of privacy is broader, it does encompass those social rituals of privacy that allow existing persons to continuously develop their identity (their selves) by constructing borders between the different roles they play in life (privacy’s positive freedom aspect).[167]

There is also a relatively clear connection to space and privacy’s negative freedom aspect in this personhood account of privacy. Reiman supports his understanding of privacy as the condition of persons by appealing to Goffman’s work on total institutions.[168] In particular, he refers to Goffman, citing that “in total institutions . . . territories of the self are violated.”[169] These territories of the self include informational preserves regarding one’s self or selves (e.g., information about past behavior found in medical files) but also physical and mental preserves. This is because moral ownership of one’s existence, such as one’s body or thoughts, presupposes some control when and by whom my body, my thoughts or my feelings are experienced. Privacy, according to Reiman, “does not assert a right never to be seen even on a crowded street. It is sufficient that I can control whether and by whom my body is experienced in some significant places and that I have the real possibility of repairing to those places.”[170]

This underlines the importance of having (at least some) spaces or places in which people can be, and therewith also become, themselves. While Reiman does not spend much time discussing what exactly the social practices are that foster privacy and how they function (including what types of control they entail),[171] he often refers to concrete places where one can experience or is afforded privacy. Similar to our claim in this Article, he points out that it is important to have at least some significant places in which a person can be herself, in the sense of having control over her body, thoughts, and actions.[172] Thus, a person might not be able to express her enthusiasm for monster trucks at her office, and she might need to hide her sexual frustrations from her partner and children at home. However, having other significant places where she can express herself in regard to those aspects of her identity (e.g., a country music festival among other truck enthusiasts, or a local theater showing the “vagina monologues”) will enable her to sufficiently be herself. Reiman does not delve further into the issue of what distinguishes a “significant” place from a non-significant one or what is a “real possibility” of repairing to it. This will in any case depend on the particular context. Sometimes, repairing to one’s mental space and daydreaming about monster trucks might suffice. At other times, resorting to a closed-off mental space will not constitute a significant place as, for instance, in the case of unwanted sexual advances by her husband, and the person may have to repair (depending on her sense of self) to a sex counselor’s office, a women’s shelter, or a hotel room with a gigolo. What matters in Reiman’s account, and fitting very well in our working definition’s conceptualization, is that people have access to at least certain spaces, at least some of the time, in which they control how their person is experienced by others, and thus be who they want to be—at least at those times in those places. If such spaces are few and far between, or difficult to access, people will have limited privacy, which may hamper their senses of self and their feelings of being real people. But in societies where social rituals abound that recognize others’ moral title to their existence, respecting the spaces into which people repair because they can feel free there from the judgement of others—there, privacy may thrive.

Warren and Brandeis: Being Let Alone

Samuel Warren and Louis Brandeis built their argument for a right “to be let alone”[173] primarily on the developments of instantaneous photography and an increasingly intrusive press. These “invaded the sacred precincts of private and domestic life” and threatened “to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the house-tops.’”[174] The “general right of the individual to be let alone” comprised “the protection afforded to thoughts, sentiments, and emotions,” based on the principle of inviolate personality,[175] and these “thoughts, emotions, and sensations . . . should receive the same protection, whether expressed in writing, or in conduct, in conversation, in attitudes, or in facial expression.”[176] Thus, the right to privacy should protect “personal writings and any other productions of the intellect or of the emotions,” as well as “the personal appearance, sayings, acts, and . . . personal relation, domestic or otherwise.”[177]

The right to be let alone constitutes a “right not merely to prevent inaccurate portrayal of private life, but to prevent its being depicted at all.”[178] The strong rhetorical finale of Warren and Brandeis’s paper connects private life to the space where it classically resides, the home: “[t]he common law has always recognized a man’s house as his castle, impregnable, often, even to its own officers engaged in the execution of its commands. Shall the courts thus close the front entrance to constituted authority, and open wide the back door to idle or prurient curiosity?”[179] The house-as-castle is used here metaphorically to indicate a more abstract space where private life is lived: the private sphere. Nowhere is the right to privacy limited to private or secluded spaces. In fact, Warren and Brandeis’s account is more informational than spatial: the “privacy of private life” is affected when matters are published relating to “the private life, habits, acts, and relations of an individual.”[180]

Nevertheless, the notion of being let alone presumes a boundary of some sort, and its connection to an (abstract) space that is undisturbed is made clear in the following quote:

The intensity and complexity of life, attendant upon advancing civilization, have rendered necessary some retreat from the world, and man, under the refining influence of culture, has become more sensitive to publicity, so that solitude and privacy have become more essential to the individual; but modern enterprise and invention have, through invasions upon his privacy, subjected him to mental pain and distress, far greater than could be inflicted by mere bodily injury.[181]

The space into which one can retreat from the world, to enjoy moments of solitude and privacy away from the intensity of life in society, is here connected to peace of mind.[182] The mental pain caused by privacy intrusions stems from the fact that the intrusion breaches an individual’s “right of determining . . . to what extent his thoughts, sentiments, and emotions shall be communicated to others.”[183] And here, there is a clear connection between privacy as being let alone and identity: the communication of thoughts and emotions is not limited to speaking one’s mind; it encompasses the whole gamut of what Goffman[184] conceptualizes as impression management—“thoughts, emotions, and sensations . . . whether expressed in writing, or in conduct, in conversation, in attitudes, or in facial expression.”[185] Thus, the informational privacy afforded by being able to prevent publication of facts about private life ultimately safeguards behavioral privacy, the freedom to do what one wants without having to fear public censure.[186] The conceptualization of privacy as being able to lead life the way one wants was already recognized in one of the key judgements that informed Warren and Brandeis’s account—Prince Albert v. Strange[187]—and has been expressed in several later opinions following Brandeis’s dissent in Olmstead.[188] The right to privacy, in Warren and Brandeis’s account, is therefore closely connected to enabling individuals to be themselves within their private sphere. That sphere is not concretely spatial, but it requires “some retreat from the world”[189] that presupposes “some significant places” to which one can repair,[190] if only to one’s “house as his castle.”[191]

Westin: Control Over Information

Alan Westin famously defined privacy as “the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.”[192] This conceptualization of privacy as informational—controlling the flow of information about oneself—seems far removed from our working definition of privacy in terms of space and identity. Yet there are profound similarities between the two accounts.

While Westin’s definition of privacy focuses on information flows, his conceptualization of privacy is broader: rooted in insights from biology, anthropology, and sociology, Westin’s account of privacy captures the ways in which humans can determine their individual life[193] within a social setting.[194] “One of the basic functions of privacy is to protect the individual’s need to choose those to whom he will bare the true secrets of his soul and his personality.”[195] Thus, privacy is “basically an instrument for achieving individual goals of self-realization.”[196] Privacy’s role in identity-building is reflected in three[197] major functions that privacy serves: autonomy,[198] emotional release,[199] and self-evaluation.[200] Westin also emphasizes the role of privacy in playing social roles,[201] and, following Goffman’s metaphor, the necessity of relief from always having to be on-stage:

There have to be moments “off stage” when the individual can be “himself”: tender, angry, irritable, lustful, or dream-filled. Such moments may come in solitude; in the intimacy of family, peers, or woman-to-woman and man-to-man relaxation; in the anonymity of park or street; or in a state of reserve while in a group. Privacy in this aspect gives individuals, from factory workers to Presidents, a chance to lay their masks aside for rest.[202]

In this quote, we see most clearly how privacy, in Westin’s account, also consists in people being able to be themselves in certain spaces. To be sure, Westin’s notion of privacy is broader than off-stage emotional release; yet also in its other guises—where it serves autonomy and self-evaluation—the control of information-flows fosters self-realization, that is, being able to be or become the person you want to be.

Moreover, the quotation also shows how privacy is spatially situated. Westin articulates four “basic states” of individual privacy, which are not spaces themselves but conditions that pertain to persons in certain settings.[203] These are solitude (where someone is alone and free from observation of others), intimacy (where someone is part of a small unit involving a “close, relaxed, and frank relationship”), anonymity (where someone is in public places or performs a public act but “seeks, and finds, freedom from identification and surveillance”), and reserve (where someone has created “a psychological barrier against unwanted intrusion; this occurs when the individual’s need to limit communication about himself is protected by the willing discretion of those surrounding him”).[204] All of these states, as the above-quoted text indicates, can bring moments of “off-stage” relaxation in which someone can be herself, and this can occur in different spatial settings. Solitude and intimacy will often be achieved in private places, typically in closed-off spaces (a bedroom, a bathroom, a private office); nevertheless, they can also (particularly in crowded social contexts) be sought in public places, such as a park or a beach.[205] Anonymity and reserve are states of privacy that will usually occur in public or publicly accessible places because these states are relevant when someone finds herself in the presence of others yet seeks to reserve a space for herself free from the curiosity or surveillance of others. Anonymity is achieved when someone “is able to merge into the ‘situational landscape’” and thus can enjoy “the sense of relaxation and freedom that men seek in open spaces and public arenas” without being under (systematic) observation.[206] Reserve is metaphorically spatial: it involves “mental distance” to protect the personality.[207]

To what extent states of privacy are associated with particular spaces or places is culturally dependent; Westin claims, for instance, that “[t]he English accomplish with reserve what Germans require doors, walls, and trespass rules to enforce.”[208] Yet all societies, to a greater or lesser extent, apply “distance-setting mechanisms to define territorial spacing of individuals in the group.”[209] Mental distance serves as a complement to physical distance to acquire the desired level of distance from others in order to delineate and defend a space around oneself that is shielded from (too much, or undesired) curiosity and surveillance. Such creation of a space of one’s own in society is important not only for enabling moments of emotional release (off-stage relaxation) but also for enabling autonomy and self-evaluation in (on-stage) interactions with others. Thus, the informational self-determination that is the gist of Westin’s privacy definition is nothing more or less than the setting and managing of informational boundaries around the multiple spaces that individuals need in society to be able to realize themselves.

IV. Discussion

After tasting the pudding, we can now discuss the merits and limitations of our kaleidoscopic approach to privacy definitions. First, we discuss its strengths, particularly the added value of our approach for privacy theory in today’s digital world. Subsequently, we consider its limitations and three concrete challenges for future research.

Strengths

The first thing we can say is that we have successfully shown that there are significant family resemblances between seemingly widely diverging privacy definitions as found in the six chosen accounts of privacy. This privacy family consists of the positive freedom of self-development combined with the negative freedom of spatial boundary management. Of course, the question that arises here is how we can ascertain or measure the success of this model. In this we follow Johnson (the author discussed in IV(B)), according to whom success can be measured by demonstrating that a model is “more plausible, less ad hoc, simpler[,] and more complete than competing models and analyses of this concept.”[210] Our model—that is, seeing the concept of privacy as a kaleidoscope—is indeed less ad hoc and more complete than existing models that see privacy as a haystack or muddle. First of all, several scholars make “muddle claims” but do not create “muddle models” that would be based on a more or less systematic analysis of incoherence in privacy theory.[211] Furthermore, even in the case of “muddle models,” these do not have explanatory power as to why privacy is one concept, a widely used concept, and a well-established notion in law and society, all under the moniker of this single notion called “privacy.” In contrast, our kaleidoscope model exposes and explains this unity in diversity of privacy theory.

We posit that our kaleidoscopic perspective on privacy definitions has added value for privacy theory in at least three ways. First, it preserves the value of all of the chosen definitions of privacy (and many others), which we do not wish to replace with our own definition—all these definitions are valuable to have. Second, the kaleidoscopic perspective shows that all these definitions do not define something fundamentally different (that is, seemingly talking about the same—i.e. privacy—but actually talking about different entities), nor do they fundamentally disagree on what privacy means. Instead, the kaleidoscope explains that authors disagree on the focus of privacy, so that they are emphasizing different aspects of the same entity. Therewith, and third, our model also helps explain why so many authors over time have come up with different definitions and their own accounts of privacy: this is so because privacy issues form a type of kaleidoscope. This idea is not new. While in 1971, Arthur Miller declared that privacy is “difficult to define because it is exasperatingly vague and evanescent,”[212] he came to a different conclusion in 1992:

As I have watched events unfold over the past twenty-five years, the privacy issue has been something like a kaleidoscope. The panorama is a constantly changing one. Every year or two you turn the kaleidoscope and the pretty little glass particles rearrange and there is a new issue – data banks, credit reports, school files, criminal records, medical and job information, drug and AIDS testing – the list goes on and on. The ever-changing character of the issues is a constant reminder that the value is something that we cherish and we constantly think about and need.[213]

The kaleidoscope has not ceased to turn since 1992. Quite the contrary, many scholars claim that we are experiencing more and increasingly complex privacy issues today, particularly in light of rapid socio-technological developments.[214] As Miller himself noted: “I am sure that if we gaze once more through the privacy kaleidoscope at that time [twenty-five years later, that is, in 2017], we will see that the twenty-first century has brought us a spate of new and challenging privacy problems.”[215] Indeed, it has.

We think that Miller’s kaleidoscope of privacy issues may benefit from a kaleidoscope of privacy definitions, as each issue might best be addressed through a certain conceptualization of privacy that works in that particular context. As the world turns its kaleidoscope of emerging privacy issues, privacy scholarship should turn its kaleidoscope of privacy definitions along, helping us understand and evaluate current or emerging privacy challenges. The kaleidoscopic turn we gave it—using our working definition of privacy—is a case in point: defining privacy as having spaces in which you can be yourselves helps us understand the current challenges of privacy in a digital, connected world and offers a good frame to address those challenges. That is, defining space in a more physical sense helps remind us that we are embodied beings, that digital spaces connect to physical spaces, and suggests that contemporary digital spaces have not come out of the blue, as sui generis spaces, but are extensions, reappearances and mash-ups of traditional spaces.[216] Thus, the working definition of privacy highlights the great challenge of privacy in today’s connected world: as traditional physical spaces in which people could be themselves are increasingly being replaced by hybrid onlife spaces, which encompass multiple roles and different possible audiences at the same time, it becomes increasingly difficult to have breathing space and to retreat from the world. Thus, “digital, or onlife, impression management virtually requires people to be aware of all their selves all of the time, severely hampering their feeling they can safely be ‘themselves’ in any given situation, and leading to a demise of backstage spaces where people can relax from impression management.”[217] In other words, one of the major privacy challenges in today’s connected world is to safeguard that people still have access to at least some “significant” privacy spaces, that is spaces in which one feels “in place” and that form a part of one’s private sphere.

Limitations and Challenges for Future Research

Of course, our exploration in this Article is not without limits. The first limitation can be found in its broad-brush approach to privacy definitions. That means that we omitted details and occasionally cut corners. For instance, we purposefully understood Nissenbaum’s “contexts,” which represent broad social spheres, in a more concrete and narrow manner so that we could apply or map them onto our understanding of “space.” Something similar can be said about the relatively loose connection between Johnson’s account of privacy as freedom from judgment and space, which we based on two very general factors: the formulation of privacy in a negative manner (freedom from) and the use of the metaphor of boundaries. However, the aim of the exercise was to map the six seemingly very different accounts of privacy onto each other; if the accounts would have been the same or very similar, we would not have included them in our mapping exercise. Thus, our claim in this Article is not that the definitions are the same or fully equivalent but that they are, in important respects and/or to a considerable degree, functionally equivalent in their explanatory power of what privacy entails.

Another limitation can be seen in our particular choice of six authors. Whereas we have attempted to select six authors in a relatively random manner from the body of authoritative accounts of privacy, our choice may have been biased. In order to address this limitation, a relatively simple solution comes to mind: to attempt the same with different privacy definitions. This remains a challenge for future research. Furthermore, our selection included authors solely from American literature. Yet, privacy—historically and culturally dependent as it is—may be conceptualized differently in other cultures. Nevertheless, it can be asserted that many scholars, at least in Western cultures, commonly refer to U.S. scholarship when defining or conceptualizing privacy.[218] Another challenge for future research, then, is to attempt the same mapping exercise using authors from different legal and social cultures.

A final limitation of our approach can be found in the framing effect of applying the particular lens of our working definition, which led us to focus on elements in the accounts that are associated with identity and space. It is quite possible that conceptualizations and family resemblances would have emerged differently if viewed through a different lens. A final challenge for future research, therefore, is to attempt a similar mapping exercise with a different lens. In a time when the liberal individualist foundation of privacy conceptualizations and rights seems to be increasingly criticized,[219] an interesting lens to employ might be one that examines privacy definitions through trust and the development of social relations. Another idea would be to examine the kaleidoscope of privacy through other major themes in privacy theory—such as dignity, autonomy, control, and secrecy—in various combinations. We hypothesize that these other lenses would yield slightly different kaleidoscopic pictures. We thus foresee that other possible kaleidoscopic perspectives on privacy might emerge. However, in line with our initial claim that privacy theory is more coherent than it seems at first blush, we postulate that there would be only a handful rather than infinitely many of such kaleidoscopic perspectives. It is also possible that these kaleidoscopic perspectives would share important family resemblances amongst themselves, thus possibly enabling us to construe a “metakaleidoscopic” view of the—perhaps widely branched but still genetically related—family of privacy definitions.

Conclusion

In this Article, we have argued that there is more coherence in unitary definitions of privacy than is commonly claimed in scholarship. For this purpose, we have proposed a definition of privacy as “having spaces in which you can be yourselves.” By explicating the connection between privacy, identity, and space, and combining privacy’s negative freedom aspect (controlling access to one’s private sphere) with privacy’s positive freedom aspect (being able to be oneself), we were able to bring together wide-ranging privacy definitions by Cohen, Johnson, Nissenbaum, Reiman, Warren and Brandeis, and Westin. We have tried to show that, while these definitions sometimes emphasize different aspects of privacy (e.g., informational privacy, informational norms and freedom from judgement), they all seem to encompass “having spaces” that allow people to develop their identity. This enabled us to present a kaleidoscopic perspective on privacy definitions and show that there is unity in privacy diversity—not complete unity, surely, otherwise privacy would not prove such a widely debated concept, but much more than is often assumed in privacy scholarship.

  1. * Bert-Jaap Koops is a Professor of Regulation and Technology at TILT – Tilburg Institute for Law, Technology, and Society, Tilburg University, the Netherlands. He a was Distinguished Lorentz Fellow at NIAS, the Netherlands Institute for Advanced Study, where part of this Article was written. Maša Galič is an Assistant Professor of criminal (procedure) law at Vrije Universiteit Amsterdam, the Netherlands.
  2. Ψ The research for this Article was made possible by a VICI grant from the Dutch Research Council (NWO), project number 453-14-004. We thank Bryce Newell, Ivan Škorvánek, and Tjerk Timan for valuable comments on a draft version of this Article and many inspiring discussions; the NIAS fellows for stimulating discussions and helpful suggestions; Norberto Andrade and workshop participants for valuable suggestions at PLSC-Europe; and Aldo Sghirinzetti for research assistance.All translations in this Article are ours, except where otherwise indicated.
  3. . See infra Part II.
  4. . Ettore v. Philco Television Broad. Corp., 229 F.2d 481, 485 (3d Cir. 1956).
  5. . Julie Inness, Privacy, Intimacy, and Isolation 3 (1992).
  6. . Lillian R. BeVier, Information About Individuals in the Hands of Government: Some Reflections on Mechanisms for Privacy Protection, 4 WM. & Mary Bill Rts. J. 455, 458 (1995).
  7. . See generally Bert–Jaap Koops, Bryce Clayton Newell, Tjerk Timan, Ivan Škorvánek, Tomislav Chokrevski & Maša Galič, A Typology of Privacy, 38 U. Pa. J. Int’l L. 483 (2017) (presenting a systematically developed typology of privacy, informed by a comparative analysis of constitutional privacy law and theoretical literature on privacy across nine countries: Canada, Czech Republic, Germany, Italy, the Netherlands, Poland, Slovenia, the United Kingdom, and the United States).
  8. . See id. at 487.
  9. . E.g., Daniel J. Solove, Understanding Privacy 1 (2008); Rachel L. Finn et al., Seven Types of Privacy, in European Data Protection: Coming of Age 3, 4 (Serge Gutwirth et al. eds., 2013).
  10. . See generally Koops et. al., supra note 5.
  11. . Id. at 566–69.
  12. . See id. at 510­–14.
  13. . See id. at 515–16, 521–22.
  14. . Id. at 487.
  15. . See infra Part II.A.
  16. . See infra Parts IV.E, IV.B, and IV.C, respectively.
  17. . Note that this Article presents a working definition of privacy, not of the right to privacy. Rights to privacy should aim to safeguard spaces in which people can be themselves, but those rights might be conceptualized and formulated in different terms. Understanding privacy, which is the concern of this Article, is a precondition for discussing whether and how privacy rights are still adequate to address contemporary privacy challenges.
  18. . See infra Part III.A; see also Bert-Jaap Koops, Privacy Spaces, 121 W. Va. L. Rev. 611, 613–14 (2018) (defining privacy space as a “space in which you can be yourselves” and describing privacy as “having a space in which you can be yourselves”). The present Article elaborates the conceptualization of privacy announced in this earlier paper. See id. at 614.
  19. . See infra Part III.B.
  20. . Étienne Picard, The Right to Privacy in French Law, in Protecting Privacy 49, 58 (Basil S. Markesinis ed., 1999).
  21. . Gary T. Marx, Coming to Terms: The Kaleidoscope of Privacy and Surveillance, in Social Dimensions of Privacy 32, 33 (Beate Rössler & Dorota Mokrosinska eds., 2015).
  22. . See, e.g., Inness, supra note 3, at 5; Judith Wagner DeCew, In Pursuit of Privacy: Law, Ethics, and the Rise of Technology 47 (1997); William A. Parent, Privacy, Morality, and the Law, 12 Phil. & Pub. Affs. 269, 271 (1983) (“I believe the personal knowledge definition isolates the conceptual one of privacy, its distinctive and unique meaning.”); Ruth Gavison, Privacy and the Limits of Law, 89 Yale L.J. 421, 423–24 (1980) (claiming that privacy is a coherent concept, because the various privacy interests relate to a common concern over our accessibility to others, and because the reasons for which we claim privacy in different situations are similar).
  23. . Anita L. Allen, Uneasy Access: Privacy for Women in a Free Society 5 (1988).
  24. . Beate Rössler, Privacies: An Overview, in Privacies: Philosophical Evaluations 1, 1 (Beate Rössler ed., 2004); see David Lindsay, An Exploration of the Conceptual Basis of Privacy and the Implications for the Future of Australian Privacy Law, 29 Melb. U. L. Rev. 131, 135 (2005).
  25. . Lindsay, supra note 22, at 135.
  26. . Id.; see also Judith Jarvis Thomson, The Right to Privacy, in Philosophical Dimensions of Privacy 272, 272 (Ferdinand David Schoeman ed., 1984) (declaring that “[p]erhaps the most striking thing about the right to privacy, is that nobody seems to have any very clear idea what it is”).
  27. . Cf. Lindsay, supra note 22, at 145.
  28. . James Fitzjames Stephen, Liberty, Equality, Fraternity 174 (2nd ed. 1874).
  29. . See Lindsay supra note 22, at 157.
  30. . Arthur R. Miller, The Assault on Privacy: Computers, Data Banks, and Dossiers 25 (1971).
  31. . Richard A. Posner, The Right of Privacy, 12 Ga. L. Rev. 393, 393 (1978).
  32. . William A. Parent, Recent Work on the Concept of Privacy, 20 Am. Phil. Q. 341, 341 (1983).
  33. . Kim Lane Scheppele, Legal Secrets 184–85 (1988).
  34. . David H. Flaherty, Controlling Surveillance: Can Privacy Protection Be Made Effective?, in Technology and Privacy: The New Landscape 167, 171 (Philip E. Agre & Marc Rotenberg eds., 1997).
  35. . Robert C. Post, Three Concepts of Privacy, 89 Geo. L. J. 2087, 2087 (2001).
  36. . Colin J. Bennett, In Defence of Privacy: The Concept and the Regime, 8 Surveillance & Soc’y. 485, 491 (2011).
  37. . Inness, supra note 3, at 3.
  38. . Solove, supra note 7, at 2.
  39. . Id. at 1.
  40. . Daniel J. Solove, A Taxonomy of Privacy, 154 U. PA. L. Rev. 477, 479 (2006).
  41. . Solove, supra note 7, at 1.
  42. . Priscilla M. Regan, Response to Bennett: Also in Defence of Privacy, 8 Surveillance & Soc’y. 497, 497 (2011).
  43. . See Deirdre K. Mulligan et al., Privacy is an Essentially Contested Concept: A Multi–Dimensional Analytic for Mapping Privacy, 374 Phil. Transactions Royal Soc’y. 1, 15 (2016) (discussing heated debates regarding the definition of privacy); Ari E. Waldman, Privacy as Trust 11 (2018) (“Scholars have been trying to conceptualize and frame a legal right to privacy since at least 1890 . . . .”).
  44. . W.B. Gallie, Essentially Contested Concepts, 56 Proc. Aristoelian Soc’y. 167, 194 (1956).
  45. . See id. at 169.
  46. . Id.
  47. . Regan, supra note 40, at 497.
  48. . See Colin J. Bennett & Rebecca Grant, Introduction, in Visions of Privacy: Policy Choices For the Digital Age 3, 5 (Colin J. Bennett & Rebecca Grant eds., 1999) (stating that “it would be misleading and confining even to try to provide a general definition of ‘privacy’ to focus the analysis . . . . More than thirty years of semantic and philosophical analysis leaves us with the overwhelming sense that privacy is a deeply and essentially contested concept.”).
  49. . Mulligan et al., supra note 41, at 1.
  50. . Id. at 3.
  51. . Peter Blok, Het Recht op Privacy: Een Onderzoek naar de Betekenis van het Begrip ‘Privacy’ in het Nederlandse en Amerikaanse Recht 277 (2002).
  52. . Waldman, supra note 41, at 11.
  53. . Id.
  54. . Id.
  55. . See id.
  56. . See, e.g., Janice Richardson, Law and the Philosophy of Privacy (2016) (examining Locke’s, Kant’s, and Mill’s conceptual frameworks that underlie contemporary privacy theory); Beate Rössler, The Value of Privacy 10–13 (2005) (developing a theory of privacy in the context of modern, liberal societies).
  57. . As explained in Koops, supra note 16, at 614 n.5, we use “yourselves” here “rather than ‘yourself’” to emphasize that “people do not have a ‘core’ self or a single, static, or ‘true’ identity; ‘being yourselves’” is “shorthand for feeling free to perform, without unreasonable constraints, one or more roles that are relevant in a particular” place “at a particular moment in time.” Cf. Russell W. Belk, Extended Self in a Digital World, 40 J. Consumer Rsch. 477, 483 (2013) (“[T]here is no singular core self.”); Ferdinand Schoeman, Privacy and Intimate Information, in Philosophical Dimensions of Privacy, supra note 24, at 403, 410 (discussing and defending the view “that there is no core self”). However, while using “being yourselves” where needed for precision’s sake, we will use “being yourself” as a synonym for “being yourselves” where possible for the sake of readability.
  58. . See, e.g., Philip E. Agre, Introduction, in Technology and Privacy, supra note 32, at 1, 7; Tom Gerety, Redefining Privacy, 12 Harv. C.R.–C.L. L. Rev. 233, 236 (1977).
  59. . Agre, supra note 56, at 7.
  60. . Gerety, supra note 56, at 236.
  61. . Erving Goffman, The Presentation of Self in Everyday Life (1956).
  62. . See, e.g., Daniel Susser, Information Privacy and Social Self-Authorship, 20 Techné: Rsch. Phil. & Tech. 216, 216 (2016) (arguing that information privacy “is thus about more than controlling information; it involves the constant work of producing and managing public identities”); Elizabeth De Armond, Tactful Inattention: Erving Goffman, Privacy in the Digital Age, and the Virtue of Averting One’s Eyes, 92 St. John’s L. Rev. 283, 300 (2018) (giving examples of scholars who invoke Goffman’s conceptualizations); Waldman, supra note 41, at 18 (explaining that Goffman’s spatial analogies “have come to pervade our thinking of privacy”); Priscilla M. Regan, Privacy and the Common Good: Revisited, in Social Dimensions of Privacy, supra note 19, at 50, 57 (Beate Rössler & Dorota Mokrosinska eds., 2015) (stating that Goffman’s “theoretical arguments about the common value of privacy have only become more important in privacy thinking as the contours of the twenty-first century evolve”).
  63. . See, e.g., Ybo Buruma, Stelselmatig, een sleutelbegrip in de Wet bijzondere opsporingsbevoegdheden, 25 NJCM-Bulletin 649, 653 (2000) (referring to Dutch cases applying this definition); Serge Gutwirth, Privacyvrijheid! De vrijheid om zichzelf te zijn (1998) (discussing privacy as “the freedom to be oneself,” as the book’s subtitle reads).
  64. . Phil Hubbard & Rob Kitchin, Introduction: Why Key Thinkers?, in Key Thinkers on Space and Place 1, 4 (Phil Hubbard & Rob Kitchin eds., 2d ed. 2010).
  65. . Henri Lefebvre, The Production of Space 77 (Donald Nicholson-Smith trans., 1991).
  66. . Rob Kitchin & Martin Dodge, Code/Space: Software and Everyday Life 65 (2011).
  67. . See generally Marshall Berman, On the Town: One Hundred Years of Spectacle in Times Square (2006) (describing the ideas, artwork, and people that shape Times Square, and how Times Square shaped them).
  68. . Tim Cresswell, Place: A Short Introduction 7 (2004).
  69. . Id.; see also Yi–Fu Tuan, Space and Place 6 (1977) (explaning the relations of space of place).
  70. . Bert–Jaap Koops & Maša Galič, Conceptualizing Space and Place: Lessons from Geography for the Debate on Privacy in Public, in Privacy in Public Space 19, 19, 23 (Tjerk Timan et al. eds., 2017).
  71. . However, we will refer to “place,” where this term is used by another scholar we are referring to, or where this term will be more appropriate (referring to a particular meaningful location).
  72. . Koops, supra note 16, at 622. See generally Koops & Galič, supra note 68 (giving an overview of concepts and theories of space and place in human geography for legal, governance, and other scholars).
  73. . Koops, supra note 16, at 619; see, e.g., Edward T. Hall, The Hidden Dimension 10 (1990) (describing animals being “surrounded by a series of bubbles or irregularly shaped balloons that serve to maintain proper spacing between individuals”); Robert Sommer, Personal Space 26 (1969) (“Personal space refers to an area with invisible boundaries surrounding a person’s body into which intruders may not come.”).
  74. . William J. Mitchell, Me++: The Cyborg Self and the Networked City 4 (2003).
  75. . See Julie E. Cohen, Configuring the Networked Self: Law, Code, and the Play of Everyday Practice 109 (2012) (discussing the role of spatial metaphors in privacy discussions); Irwin Altman, The Environment and Social Behavior: Privacy, Personal Space, Territory, Crowding 18 (1975) (discussing “privacy as a bidirectional process”).
  76. . Cohen, supra note 73, at 109.
  77. . Id. at 139.
  78. . Altman, supra note 73, at 18 (defining privacy as “selective control of access to the self or to one’s group”).
  79. . Hall, supra note 71, at 113–29.
  80. . See, e.g., Ruth Gavison, supra note 20, at 423 (conceptualizing privacy “as a concern for limited accessibility”); Allen, supra note 21, at 15 (defining personal privacy as “a condition of inaccessibility of the person, his or her mental states, or information about the person to the senses or surveillance devices of others”); Blok, supra note 49, at 278 (conceptualizing privacy as “the inaccessibility of the personal sphere of life”).
  81. . Cohen, supra note 73, at 122 (observing that “[e]ven in contexts that are not thought to involve spatial privacy at all, judges routinely and unselfconsciously refer to ‘spheres’ and ‘zones’ to describe privacy interests”).
  82. . The relationship between place and identity, however, has been discussed in psychology at least since the 1970s. See, for example, Harold M. Proshansky et al., Place–Identity: Physical World Socialization of the Self, 3 J. Env’t Psych. 57 (1983), which theorizes how the physical world participates in the socialization of the self through the concept of place-identity.
  83. . A. Van Braam, Verhuld en Onthuld. Sociologische Beschouwingen over Privacy en Deprivatisering 7 (1966).
  84. . Adam D. Moore, Toward Informational Privacy Rights, 44 San Diego L. Rev. 809, 813 (2007).
  85. . Wolfgang Sofsky, Privacy: A Manifesto 30 (Steven Rendall trans., Princeton Univ. Press 2008) (2007).
  86. . See infra Part IV.A.
  87. . Ciarán Mc Mahon & Mary Aiken, Privacy as Identity Territoriality: Re-Conceptualising Behaviour in Cyberspace 2 (RCSI CyberPsychology Rsch. Ctr., Working Paper No. 14.1.p, 2014), https://ssrn.com/abstract=2390934 [https://perma.cc/9R9P-KAHH].
  88. . Helen Nissenbaum, Privacy in Context: Technology, Policy, and the Integrity of Social Life 67 (2010).
  89. . Koops et al., supra note 5, at 484.
  90. . Samuel D. Warren & Louis D. Brandeis, The Right to Privacy, 4 Harv. L. Rev. 193, 195 (1890).
  91. . Alan F. Westin, Privacy and Freedom 7 (1968) (defining privacy as “the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others”).
  92. . See Stephen T. Margulis, Privacy and Psychology, in Contours of Privacy 131, 133 (David Matheson ed., 2009) (“[P]rivacy should be regarded as a condition of the person.”). See also infra Part IV.A, IV.C, and IV.E, on the conceptualizations of privacy as a condition by Cohen (having room for boundary management), respecting information norms by Nissenbaum, and being “let alone” by Warren and Brandeis.
  93. . Koops, supra note 16, at 616 (emphasis in original); see also Hall, supra note 71, at 186.
  94. . Koops, supra note 16, at 621.
  95. . Cohen, supra note 73, at 127.
  96. . Id.
  97. . Altman, supra note 73, at 18.
  98. . Cohen, supra note 73, at 127.
  99. . Id. at 148.
  100. . Id. at 132.
  101. . Id. at 141.
  102. . Id. at 216.
  103. . Cf. id. at 142–43.
  104. . Id. at 149.
  105. . Id. at 152.
  106. . Id. at 141.
  107. . Id. at 148.
  108. . Id. at 150.
  109. . Id. at 239 (arguing that we need semantic discontinuity—the opposite of seamlessness—as a function of the interstitial complexity within information practices, which creates “space for the semantic indeterminacy that is a vital and indispensable enabler of the play of everyday practice”).
  110. . Id. at 127.
  111. . Id. at 149.
  112. . Id. at 151.
  113. . Jeffery L. Johnson, Privacy and the Judgment of Others, 23 J. Value Inquiry 157, 157 (1989).
  114. . Id.
  115. . Id. at 158.
  116. . Example adapted from id. at 157–58. The example is also strongly connected to contextual integrity, see infra Part IV.C.
  117. . Example adapted from Johnson, supra note 111, at 161.
  118. . Id.
  119. . Id. at 161, 165–66.
  120. . Id. at 165.
  121. . Id. at 166.
  122. . Id. at 163.
  123. . Id. at 164 (discussing Benn’s argument that “[f]inding oneself the object of scrutiny, as the focus of another’s attention, brings one to a new consciousness of oneself, as something seen through another’s eyes”) (alteration in original).
  124. . See, e.g., Paul Ricoeur, Soi-même comme un autre (1990).
  125. . See Johnson, supra note 111, at 164.
  126. . Id. at 158 (discussing “the right to control . . . who may legitimately form evaluative judgments within those boundaries”) (emphasis added).
  127. . Goffman, supra note 59, at 78.
  128. . Id. at 69–70 (discussing “backstage” as “a place, relative to a given performance, where the impression fostered by the performance is knowingly contradicted as a matter of course” and, thus, is a place where “the performer can relax; he can drop his front, forgo speaking his lines, and step out of character”).
  129. . Nissenbaum, supra note 86, at 127.
  130. . Id. at 140 (observing that contextual integrity is “defined in terms of informational norms: it is preserved when informational norms are respected and violated when informational norms are breached”).
  131. . Id.
  132. . Id. at 133.
  133. . Id. at 159.
  134. . Id. at 127.
  135. . Id. (claiming that the right to privacy is “neither a right to secrecy nor a right to control but a right to appropriate flow of personal information”) (emphasis added); see also id. at 187 (rhetorically asking “[i]f a right to privacy is a right to context-appropriate flows”) (emphasis added); id. at 231 (starting the concluding chapter by claiming that “[w]e have a right to privacy, but it is neither a right to control personal information nor a right to have access to this information restricted. Instead, it is a right to live in a world in which our expectations about the flow of personal information are, for the most part, met . . . . This is the right I have called contextual integrity . . . .”) (emphasis added).
  136. . Id. at 189.
  137. . Id. at 236.
  138. . Id. at 140, 150.
  139. . Id. at 181.
  140. . Id. at 236.
  141. . See id. at 148 (observing that in “proposing contextual integrity as an alternative conception of information privacy I am not as concerned with capturing the full meaning of privacy but with precisely and systematically characterizing the nature of these radical alterations [in information flows caused by socio-technical change]. . . . I call on it to serve as a decision heuristic, a framework for determining, detecting, or recognizing when a violation [of privacy] has occurred”) (emphasis added).
  142. . Id. at 132.
  143. . Id. at 242–43.
  144. . Id. at 167.
  145. . Id. at 149.
  146. . Id. at 136.
  147. . Id. at 130.
  148. . Id. at 133 (noting that contexts incorporate “assemblages of roles”).
  149. . Id. at 129.
  150. . Id. at 225.
  151. . Id. at 116 (discussing the “reasonable expectations [of privacy] standard” in relation to the public/private dichotomy).
  152. . Id. at 160.
  153. . Jeffrey H. Reiman, Privacy, Intimacy, and Personhood, 6 Phil. & Pub. Affs. 26 (1976).
  154. . Id. at 39.
  155. . Id.
  156. . Allen, supra note 21, at 43.
  157. . Reiman, supra note 151, at 39.
  158. . Id.
  159. . See, e.g., G.E. Scott, Moral Personhood 132–42 (1990) (discussing Reiman’s theory “that there is an intimate connection between the notions of privacy and personhood”).
  160. . Eric T. Olson, Personal Identity, Stan. Encyc. Phil. (Sept. 6, 2019), https://plato.stanford.edu/entries/identity-personal/ [https://perma.cc/KXV8-LCNH].
  161. . Id.
  162. . Id.
  163. . See Julie E. Cohen, Examined Lives: Informational Privacy and the Subject as Object, 52 Stan. L. Rev. 1373, 1377 (2000) (“[T]he idea that ‘privacy’ might encompass an enforceable right to prevent the sharing of (certain kinds of) personally-identified data seems to conflict with deeply held social values that elevate choice over constraint, freedom of speech over enforced silence, and ‘sunlight’ over shadow.”); Regan, supra note 60, at 57; Valerie Steeves, Reclaiming the Social Value of Privacy, in Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society 191, 205 (Ian Kerr et al. eds., 2009) (“[P]rivacy iswhat enables the self to see itself as a social object and to negotiate appropriate levels of openness and closedness to others.”).
  164. . Mireille Hildebrandt, Privacy and Identity, in Privacy and the Criminal Law 1, 8 (Erik Claes et al. eds., 2006).
  165. . George H. Mead, Mind, Self, and Society 32 (Charles W. Morris ed., 1972). This idea is echoed in the thought of Ricoeur. See Paul Ricoeur, Oneself as Another (1994).
  166. . Reiman, supra note 151, at 43 (emphasis added).
  167. . See Hildebrandt, supra note 162, at 8.
  168. . Reiman, supra note 151, at 40.
  169. . Id.
  170. . Id. at 44.
  171. . Cf. Allen, supra note 21, at 45 (critiquing Reiman’s account in leaving “unclear just what the social rituals of privacy are” and how these bring about personhood).
  172. . Reiman, supra note 151, at 42.
  173. . Warren & Brandeis, supra note 88, at 193.
  174. . Id. at 195.
  175. . Id. at 205.
  176. . Id. at 206.
  177. . Id. at 213.
  178. . Id. at 218.
  179. . Id. at 220.
  180. . Id. at 216.
  181. . Id. at 196.
  182. . See id. at 200 (referring to the peace of mind afforded by the ability to prevent any publication at all).
  183. . Id. at 198 (referring to Yates, J., in Millar v. Taylor, 4 Burr. 2303, 2379 (1769), who asserted that every man “has certainly a right to judge whether he will make [his own sentiments] public, or commit only to the sight of his friends”).
  184. . Goffman, supra note 59.
  185. . Warren & Brandeis, supra note 88, at 206.
  186. . This connects strongly to privacy as freedom from judgement of others. See supra Part IV.B.
  187. . Prince Albert v. Strange (1949), 41 Eng. Rep. 1171; 2 DeGex & Sm. 652; see Warren & Brandeis, supra note 88, at 202 n.1 (“A man may employ himself in private in a manner very harmless, but which, disclosed to society, may destroy the comfort of his life, or even his success in it.”).
  188. . Olmstead v. United States, 277 U.S. 438, 475–76 (1928) (Brandeis, J., dissenting); see Daniel J. Solove, Conceptualizing Privacy, 90 Cal. L. Rev. 1087, 1101 (2002) (citing Time, Inc. v. Hill, 385 U.S. 374, 413 (1967) (Fortas, J., dissenting) (interpreting the right to be let alone as a right “to live one’s life as one chooses, free from assault, intrusion or invasion except as they can be justified by the clear needs of community living under a government of law”); Doe v. Bolton, 410 U.S. 179, 213 (1973) (Douglas, J., concurring) (observing that the right to be let alone includes “the privilege of an individual to plan his own affairs, for ‘outside areas of plainly harmful conduct, every American is left to shape his own life as he thinks best, do what he pleases, go where he pleases’”).
  189. . Warren & Brandeis, supra note 88, at 196. 
  190. . Reiman, supra note 151, at 44. 
  191. . Warren & Brandeis, supra note 88, at 220. 
  192. . Westin, supra note 89, at 7. 
  193. . Westin’s account also applies to groups and organizations, but since our concern in this Article is privacy of individuals, we limit the description here to individual privacy. See id. at 42–51.  
  194. . This has also been pointed out by Steeves. See Steeves, supra note 161, at 201.
  195. . Westin, supra note 89, at 61. 
  196. . Id. at 39. 
  197. . Westin distinguishes a fourth function of privacy, namely limited and protected communication. Id. at 37–38. We see this as a function instrumental to the first three functions, in particular to autonomy, rather than an intrinsic, separate function. 
  198. . Id. at 33 (discussing autonomy in the context of an “individual’s relations with others in terms of a series of ‘zones’ or ‘regions’ of privacy leading to a ‘core self,’” and observing that “[e]ach person is aware of the gap between what he wants to be and what he actually is, between what the world sees of him and what he knows to be his much more complex reality”). 
  199. . Id. at 34 (“[R]elaxation is required from the pressure of playing social roles.”). 
  200. . Id. at 36 (“Every individual needs to integrate his experiences into a meaningful pattern and to exert his individuality on events.”).  
  201. . Id. at 13 (“[I]ndividuals have conflicting roles to play in any society; to play these different roles with different persons, the individual must present a different ‘self’ at various times. Restricting information about himself and his emotions is a crucial way of protecting the individual in the stresses and strains of this social interaction.”).  
  202. . Id. at 35. 
  203. . Id. at 31.
  204. . Id. at 31–32. 
  205. . Cf. id. at 15 (discussing that in cultures “where the household is crowded, or when there are communal households of large numbers of families sharing the dwelling, the sexual act is usually performed outside, so that privacy can be obtained, in bush, field, forest, or beach”). 
  206. . Id. at 31. 
  207. . Id. at 32. 
  208. . Id. at 29. 
  209. . Id. at 9. 
  210. . Johnson, supra note 111, at 158. 
  211. . There are notable exceptions. Solove, supra note 38, at 480; Inness, supra note 3, at 11.   
  212. . Miller, supra note 28, at 25. 
  213. . Arthur R. Miller, Right of Privacy – A Look Through the Kaleidoscope, 46 SMU L. Rev. 37, 38 (1993) (emphasis added).
  214. . Waldman, supra note 41.
  215. . Miller, supra note 211, at 46. 
  216. . See also Koops et al., supra note 5, at 564.  
  217. . Koops, supra note 16, at 613.
  218. . See, e.g., Rössler, supra note 54, at 20; Serge Gutwirth, Privacy and the Information Age (2002) (referencing American legal scholors); Hildebrandt, supra note 162; see also Koops, supra note 5.  
  219. . E.g., Julie E. Cohen, What Privacy is for, 126 Harv. L. Rev. 1904, 1906 (2013); Waldman, supra note 41.