Opinions ∙ The Case Against Idealising Control

W. Hartzog
2018 European Data Protection Law Review  
Every year on the first day of my course on information privacy law, I begin by asking each of my students to give me their definition of 'privacy.' Their answers wouldn't surprise you-many say something like 'things that are secret,' 'sensitive information,' and 'things shared in confidence.' But every year one conceptualisation of privacy dominates the conversation: privacy as 'control over our personal information.' My students aren't the only ones who think this way. Ostensibly, nobody can
more » ... gree on a singular definition of privacy. 1 I've argued as much on several occasions. 2 However, a closer inspection reveals the truth: most people in industry and policy think of privacy and data protection in terms of control. 3 Let's look at the evidence. Mark Zuckerberg testified on behalf of Facebook that 'We believe strongly in providing meaningful privacy protections to people. This is why we work hard to communicate with people about privacy and build controls that make it easier for people to control their information on Facebook.' 4 Bill Gates wrote for Microsoft that Users should be in control of how their data is used. Policies for information use should be clear to the user. Users should be in control of when and if they receive information
doi:10.21552/edpl/2018/4/5 fatcat:r5jppqhk3be2rdvhdkb46gf7j4