Skip to content

Privacy as Contextual Integrity

nissenbaumHelen Nissenbaum (pictured left) is a dynamic philosopher of technology who’s work is now focused on providing a justificatory privacy framework. Her framework is meant to capture the nature of the challenges posed by contemporary information technologies. To be successful, it must speak to situations where there is a widespread dissemination of ‘public’ info (e.g. moving government records online), address the effects of the advances of data storage, retrieval, and analysis (e.g. consumer profiling and data mining), and attend to the hyper-efficient ability to capture data (e.g. RFID tags). Rather than approach these three sets of issues from a policy angle, she wants to find the foundation of law and policy as expressed in terms of moral, political, and social values.

As a caveat: her article “Privacy as Contextual Integrity” focuses on individuals, not groups or organizations, and recognizes a difference between personal and sensitive data.

Prior to discussing contextual integrity itself, we should think of the principles that are embedded in public deliberation about privacy in the United States [1].

  1. There should be limited surveillance of citizens and similar limitations on the use of that information against citizens by powerful agents. This should lead to powerful and less powerful agents being involved in a discussion/negotiation of information sharing.
  2. There exists a value on restricting access to intimate, sensitive, and confidential information.
  3. We must curtail invasions into spaces or spheres deemed personal or private – people should be shielded from unnecessary surveillance.

Emergent from these principles, we can recognize that there are shifting boundaries for how they would apply (e.g. policy shifts surrounding wiretaps); grey zones do exist. What is helpful in these cases is to separate what people want to be private versus what they should expect to be private [2]. Anything that violates the three principles constitutes a potential privacy invasion; anything outside of them is up for grabs. Having briefly outlined the principles, we can move to contextual integrity itself.

Contextual integrity is ‘posed as a restrictive account of what does and does not warrant restrictive, privacy-motivated measures’ and expresses a right to privacy ‘in terms of dichotomies … that line up, interestingly, with aspects of the general public/private dichotomy that has been useful in other areas of political and legal inquiry’ (Nissembaum 2004: 118-119) [3]. Nissenbaum presents two norms responsible for driving her framework:

  1. Appropriateness – information about people is appropriate, or fitting to reveal, only in certain contexts. Significantly, this means that even when ‘in public’ we can (and do) expect some measure of privacy. Being in public does not mean shedding all of one’s privacy.
  2. Distribution – this relates to the distribution or transfer of information between parties. The question when information is transferred becomes “does the distribution respect the event’s contextual norms?”

Under this account of justice, information is always ‘tagged’ with context, with the norms that should be applied to a particular event being internal to the event’s context. As a result, contextual integrity tends to be relatively conservative and leads us to ask how we can establish prescriptive (as opposed to reactive/descriptive) norms. The latter point leads us to three common points:

  1. We must distinguish between actual and prescribed practices.
  2. The grounds for prescription can vary.
  3. Entrenched norms can change over time and across difference places and spheres. Importantly, these entrenched norms should be protected unless there are powerful reasons supporting change. [4]

To conclude,  her model will broadly allow for the following:

  • Limitation of informational harms
  • Limitation of information inequality
  • Autonomy and freedom
  • Preservation of important human relations
  • Democracy and other values

As a note: her newest book, Privacy in Context, will be out in December of this year – pick it up if the idea of contextual privacy interests you!

[1] Nissembaum identifies her three principles as emergent from American politics – can we think of  principles in other jurisdictions that would not be covered by her three?

[2] Perhaps just a question of application, but what kind of socio-normative assumptions are being made here? Courts of law have repeatedly demonstrated that what they see a public and private radically diverge from the attitudes of the public. Further, in a society that is substantially constituted by immigrants and multiculturalism, does one just rely on traditional nationalist (often ‘thick’) norms of private/public, or do we have courts that very seriously take cultural backgrounds into account when judging cases?

[3] Does the fact that her dichotomies ‘conveniently’ line up with public/private open her theory to broader critiques of the public/private distinction itself? Can we even consider a ‘privacy’ theory without reinforcing ‘traditional’ binaries, and would we want to have such a theory?

[4] Related to many other points (and I do want to acknowledge that I see the immense value in holding a conservative attitude towards norms), but doesn’t this suggest that dominant social norms might overwhelm competing stances towards justice? My understanding is thatNissenbaum would respond by saying that identifying how fundamental values may be served or obscured by information norm lets us can navigate our way through these kinds of issues, but I’m not wholly certain that this resonates with me. History has shown us (repeatedly) that dominant norms persistently are used as a means of infringing on the values, rights, and expectations of those holding deviant, or minority, norms.

Posted in Session One.

By Christopher
April 17, 2009

2 comments

2 Responses

Stay in touch with the conversation, subscribe to the RSS feed for comments on this post.

Continuing the Discussion

  1. Technology, Thoughts, and Trinkets » Blog Archive » Twitter and Privacy in Social Context linked to this post on May 10, 2009

    [...] Helen Nissembaum would likely insist that citizen-solidarity (in terms of the privacy discussion) is only threatened when data is appropriated in violation of normative expectations concerning how personal information will be appropriated and subsequently distributed. The former norm correlates with what is appropriate or fitting to reveal depending on context of the data collection – merely being in a public space does not mean that all information collections are appropriate (e.g. demanding to know a stranger’s name and not accepting ‘it’s none of your business’ as a response would be inappropriate, whereas giving one’s name to an employer would be appropriate) (Nissenbaum 2004: 120-121). The latter norm is meant to establish that there are some transmissions of personal data are acceptable whereas others are not; while I might expect a public ‘tweet’ to be reposted on Twitter, I might not expect it to be transferred into a databank that us used to develop detailed consumer profiles. [...]

  2. Technology, Thoughts, and Trinkets» Twitter and Statutory Notions of Privacy linked to this post on July 5, 2009

    [...] nuanced understandings of what individuals expect o remain private online – the challenge for theorists such as Nissenbaum will be translating these insights into actionable principles and guidelines that data and privacy [...]

Some HTML is OK

(required)

(required, but never shared)

or, reply to this post via trackback.

Engaging Privacy by Christopher Parsons, Pablo Ouziel, Adam Molnar, Jonathan Floyd, Colin Bennett is licensed under a Creative Commons Attribution-Non-Commercial-Share Alike 2.5 Canada License.