Privacy concerns some of the most personal aspects of our lives, for instance about our health, personal habits, financial situation. It is tempting to think of privacy as solely an individual affair. But as philosopher Carissa Véliz has argued, privacy is not just an individual affair; it is increasingly often a collective concern. Data is not just used to gain information about individuals. Data is often used to gain information about groups of people.
Suppose that your sister uses an app to track her mood. Every day she logs in to the app, notes her general mood, and writes a small diary entry, and every day the app collects and transmits data about her mental health. Suppose the app picks up through keywords and pattern recognition that she is likely suffering from a depression.
Now, it is not difficult to see how this particular information could be lucrative in the right (or wrong!) hands. For instance, cynical advertisers may be interested in using this information to target depressed people, as depression (just like stress and anxiety) typically increases overspending and compulsive buying. Similarly, mental health clinics, life insurance providers, employers, and so on may also be interested in using this information to further their own gains.
By handing over her mental health data, however, your sister has not just compromised her own privacy. She has also compromised your privacy – and potentially also the privacy of her (present and future) children. Whether hereditary or environmental, we know that depression runs in the family. That is, if someone has a sibling or a parent who has suffered from depression, that person is 2-3 times more likely to develop depression themselves. In cases of severe depression that number may be as high as 4-5 times.
As the example shows, privacy is not just an individual affair. We are connected to each other in so many different ways, and we are therefore not just vulnerable with regards to our own information but also to information given out by others. Sometimes at least, privacy is a dish that can only be enjoyed together.
Other examples of entangled privacy include e.g. genetic testing, social media, and online communication. For instance, you may care a lot about protecting your password to your email account, but if I am not equally diligent about protecting the password to my account, it does not matter much when it comes to the privacy of our correspondence.
There are two upshots to the above. The first is that since privacy is at least sometimes a collective concern, protecting our privacy is not just something that is usually in our own best interests. It is also often in the best interests of others – in particular the people we care most about. All of us therefore (to some extent) have a responsibility to protect our own privacy in order to protect the privacy of others.
The second upshot is that protecting privacy is about more than just protecting individual control over information. Since data can be used to gain information about groups of people, sometimes privacy can only be protected by limiting what kind of data can be collected and shared between different parties and contexts. This point will become increasingly more important as more and more data is collected, and connected in new ways, to gain more and more information – not just about individuals but also about groups of people.
Protecting our common or group privacy can have costs, however. It may sometimes come at the expense of individual interests. For instance, in the example above, your sister may have an interest in giving up her privacy, or rather: in pursuing knowledge about herself, and that interest can clash with your interest in keeping certain information private. How to balance these competing interests should be a topic of more public debate.
One crucial step in this process is to recognize and emphasize that privacy is not just an individual affair, but quite often also a collective concern. Going forward we need to engage in wider discussions about how to protect our privacy together, and in particular we need to discuss the responsibilities of individuals, companies, and policy makers in this regard. Otherwise privacy may become a dish only some of us gets to enjoy.
Rune Kligenberg is postdoctural researcher