It is first necessary to establish the theoretical tradition from which the contemporary justification for information privacy was derived, and to present the various critiques of this position. Whatever the psychological or sociological evidence for the importance of privacy, the contemporary political justifications overwhelmingly rest on general assumptions about the continued viability of a liberal political philosophy and epistemology. We first discuss how those assumptions have been reflected in the privacy literature in different countries. These assumptions entail a number of policy implications. We then review some of the major critiques of the 'privacy paradigm' and conclude by suggesting that some of the principal assumptions behind the privacy paradigm require reformulation as a result of some key shifts in the nature and scope of the privacy issue under conditions of globalization.

The privacy paradigm rests on a conception of society as comprising relatively autonomous individuals. It rests on an atomistic conception of society; the community is no more than the sum total of the individuals that make it up. Further, it rests on notions of differences between the privacy claims and interests of different individuals. The individual, with her liberty, autonomy, rationality and privacy, is assumed to know her interests, and should be allowed a private sphere untouched by others. In John Stuart Mill's terms, there should be certain 'self-regarding' activities of private concern, contrasted with 'other-regarding' activities susceptible to community interest and regulation (Mill, 1859).

The modern claim to pnvacy, then, is based on a notion of a boundary between the individual and other individuals, and between the individual and the state. It rests on notions of a distinction between the public and the private. It rests on the pervasive assumption of a civil society comprised of relatively autonomous individuals who need a modicum of privacy in order to be able to fulfil the various roles of the citizen in a liberal democratic state. Thus, as Warren and Brandeis comment in their seminal article on the right to privacy: 'Still, the protection of society must come mainly through a recognition of the rights of the individual. Each man is responsible for his own acts and omissions only' (Warren and Brandeis, 1890, pp. 219-20).

Shils is a twentieth-century proponent of this view that privacy reinforces the barriers between the individual and the state and within the contours of civil society (Shils, 1956, pp. 154-60). Privacy, for Shils, is essential for the strength of American pluralistic democracy because it bolsters the boundaries between competing and countervailing centers of power. Westin (1967) has provided perhaps the most eloquent statement of the importance of privacy for liberal democratic societies. In contrast to totalitarian regimes:

Westin goes on to address the specific functions that privacy plays. It promotes freedom of association. It shields scholarship and science from unnecessary interference by government. It permits the use of a secret ballot and protects the voting process by forbidding government surveillance of a citizen's past voting record. It restrains improper police conduct such as 'physical brutality, compulsory self-incrimination, and unreasonable searches and seizures' (Westin, 1967, p. 25). It serves also to shield those institutions, such as the press, that operate to keep government accountable.

Westin also argues that different historical and political traditions among Western nations were likely to create different results in the overall balance between privacy and government. In his view, England exhibits a 'deferential democratic balance', a combination in which there is 'greater personal reserve between Englishmen, high personal privacy in home and private associations, and a faith in government that bestows major areas of privacy for government operations'. West Germany exhibits an 'authoritarian democratic balance' in which 'respect for the privacy of person, home, office and press still gives way to the claims of official surveillance and disclosure.' The United States exhibits an 'egalitarian democratic balance, in which the privacy-supporting values of individualism, associational life, and civil liberty are under constant pressure from privacy-denying tendencies toward social egalitarianism, personal activism, and political fundamentalism' (Westin, 1967, pp. 26-7).

Whether or not these generalizations from the 1960s were, or still are, valid, it is no doubt interesting to hypothesize that the way the balance between privacy and community obligations and duties is struck within different democratic societies will vary according to different cultural traditions. The belief in privacy is arguably related to wider attitudes about participation in public affairs and about trust in the authority of governmental agencies. These questions have attracted considerable attention from students of comparative politics (e.g., Almond and Verba, 1965, 1980), as well as from more anthropological perspectives on social and cultural history (Moore, 1984). Unfortunately, we have little systematic cross-national survey evidence about attitudes to privacy with which to investigate the nature and influence of wider cultural attributes. Much of this argumentation tends, therefore, to invoke anecdotes or cultural stereotypes: 'the Englishman's home is his castle', and so on. As we will see in Chapter Three, sample surveys on privacy in many countries suggest superficially that populations everywhere have high, and increasing, levels of concern about privacy. These seem mainly to be driven by fears of new technology, and by people's distrust of public and private institutions to use that technology with sufficient respect for the civil liberties of the individual. That distrust may be rooted in different historical experiences, but it appears to be pervasive and strong (Bennett, 1992, pp. 37-43).

We would therefore observe that privacy protection is normally justified in individualistic terms in the academic literature and in the popular mind. We each have a right or claim to be able to control information that relates to ourselves. Privacy has an aesthetic and humanistic affinity with individual autonomy and dignity. It can be justified in political terms in that it promotes the institutions of liberal democracy, and it has a number of utilitarian values by way of fostering the principle that only the 'right people should use the right information for the right purposes' (Sieghart, 1976). Whether justified in philosophical, political or utilitarian terms, privacy is almost always seen as a claim or right of individuals that is threatened by a set of social and technological forces. Privacy is something that 'we' once had; now it is something that public and private organizations employing the latest information and communications technologies are denying us.

This paradigmatic theme is represented in a large corpus of literature, written mainly by journalists, activists and academics, which has a polemical tone. Orwellian metaphors and imagery are naturally prolific, even though '1984' came and went without any palpable change in the attention paid to privacy questions. Among the early examples of the popular American literature are Packard's The Naked Society (1964) and Brenton's The Privacy Invaders (1964). Continually over the last thirty years or more, publishers in North America,¹ Britain² and elsewhere have been attracted by this more polemical genre. The literature also encompasses a shifting anxiety over emerging technologies. This ranges from apprehension over the 'snooping devices' of the 1960s, to worries about the sophisticated trade in personal information revealed in Rothfeder's Privacy for Sale (1992), to the more contemporary concerns about the Internet discussed by Diffie and Landau (1998), and by Garfinkel (2000).

The importance of this literature arguably lies in its cumulative impact and message. A steady flow of horror stories about the intrusive nature of modern technology, about the abuse and misuse of personal data, and about the size and interconnectedness of contemporary information systems has probably had a steady impact on public and political consciousness (Smith, 1993). Moreover, many of these stories have then been picked up by the print and visual media, especially television. Big Brother imagery, together with accounts of how the powerless can be denied rights and services through the wrongful collection, use and disclosure of personal data certainly make good copy; they also make good films.³

The contexts may change, the technologies may evolve, but the message of this genre is essentially the same: privacy is eroding, dying, vanishing, receding, and so on. Despite privacy laws, conventions, codes, oversight agencies and international agreements, privacy (as typically defined) is something of the past, to the extent that a prestigious magazine can proclaim in an editorial (The Economist, 1999, p. 16): 'Privacy is doomed.... get used to it.'⁴

Concerns obviously differed among a number of advanced industrial states. However, a closely-knit group of experts in different countries coalesced, shared ideas, and generated a general consensus about the best way to solve the problem of protecting the privacy of personal information (Bennett, 1992, pp. 127-9). The overall policy goal in every country was to give individuals greater control of the information that is collected, stored, processed and disseminated about them by public, and in some cases, private organizations. Essentially, the common view was that this goal necessitates a distinction between the subject of the information and the controller of that information. This distinction is one of role rather than of person: although we are all 'data subjects', many of us are also 'data controllers', also known as 'data users'. By the 1980s, therefore, it is possible to discern the set of key assumptions upon which information privacy policy development rested.

The first assumption was that privacy is a highly subjective value. Concerns about the protection of personal information vary over time, across jurisdictions, by different ethnic subgroups, by gender, and so on. Consequently, public policy cannot second-guess the kinds of personal information about which a given population or group will be concerned at a given time. Public policy and law can only establish the rules, principles and procedures by which any individually identifiable personal information should be treated, and by which the worst effects of new technologies can be countered. Information privacy policy is based inevitably, therefore, on procedural, rather than substantive, tenets. It can put in place the mechanisms by which individuals can assert their own privacy interests and claims, if they so wish, and it can impose obligations on those who use personal data. But for the most part, the content of privacy rights and interests have to be defined by individuals themselves according to context.

It is generally difficult to define a priori those data that are inherently worthy of greater protection ('sensitive data'). It is often the shift of context - detaching personal data, through processing, from the circumstances of their original collection - rather than the properties of the data that lead to privacy risks when false conclusions are drawn about persons (Simitis, 1987, p. 718). In addition, the same information can take on very different sensitivity levels in different contexts. Our names in the telephone directory may be insensitive; our names on a list of bad credit risks or of sex offenders may be very sensitive. A name and address in a telephone directory may be insensitive for most people, but may be very sensitive for vulnerable persons who do not want to be monitored and tracked down. Whereas the name 'P. J. O'Reilly' is not particularly conspicuous in the telephone directory of an Irish town, it stands out in the telephone directory of a Chinese town. Little wonder that many people prefer to have unlisted telephone numbers. Examples of such people would be battered wives, doctors who perform abortions, celebrities, child protection staff, police officers, and so on.

For the most part, theretore, public policy cannot draw a definite line between those types of information that should remain private, and those that may be in the public domain. Law cannot easily delineate between those types of data that are particularly worthy of protection and those that are not. Despite this, however, data protection laws have distinguished between what are generally agreed to be 'sensitive' data - religious beliefs, political opinions, sexual preferences, health, and the like - and the rest. But this distinction, and the inventory of data deemed 'sensitive', has remained controversial.

A second conclusion stemmed from the observation that personal information cannot easily be regarded as a property right. Classic economic theorizing would contend that an imperfect marketplace can be rectified in one of two ways. First, one can give a value to personal information so that the costs and benefits of transactions are allocated more appropriately. But is very difficult to establish personal information as property in law, and then to define rights of action over its illegitimate processing. Consumers may have some bargaining power with a direct marketing firm that wants to trade lists of named individuals; citizens, however, have no bargaining power when faced with a warrant or any other potentially privacy-invasive technique backed up by the sanctions of the state. Let us recall that, at the outset of the privacy debate, it was the power of government agencies that were considered to pose the most significant challenges. It was therefore hard to resist the conclusion that the imbalance could only be set right by regulatory intervention. Consequently, information privacy was generally defined as a problem for public policy, rather than as an issue for private choice.

More recently, as critiques of the dominant approach have surfaced, the personal data processing practices of the private sector have arisen as equally significant concerns. Moreover, as Internet communications and e-commerce have risen to prominence, so a variety of market-based solutions have been proposed, all of which have been based on the premise that personal information can be given a property value, to be traded and exchanged within the personal information market (Laudon, 1996; Rule and Hunter, 1999; Lessig, 1999). Such arguments had, however, very little influence on the experts and legislators that grappled with the information privacy problem in the 1970s.

A third assumption concerned the relationship between information privacy and information security. These and related concepts (data protection, data security, confidentiality, etc.) have caused considerable confusion. Clarke notes that:

In other words, data security is a necessary but not a sufficient condition for information privacy. An organization might keep the personal information it collects highly secure, but if it should not be collecting that information in the first place, the individual's information privacy rights are clearly violat...