Exploring Privacy Harm

Danger de mortWe live in an online world, where increasingly the value proposition as users is a trade of our information and attention.  In exchange for our time and attention – we receive this value  – the free-use of innovative, fun or useful services online.  I’ve mentioned this issue of “Data Harm” previously, and briefly in my “Read Our Lips: You Are The Product” Post.

In my “Snowden 101” post, I mentioned the idea of narrowing in further on what actual harms can come to individuals as Data Subjects as an interesting privacy issue on its’ own.

It may be that the issues of Data Privacy get co-mingled with those of Data Security issues, relative to end user harm.  I don’t think there is any question that Data Security issues are more clearly correlated with risk and harm.  If my financial account credentials are stolen, I can lose specific property and assets.  Data Security events lead to things well defined under law, such as “theft”, where the “harms” are very clear.

Data Privacy issues however are different, and squishier – yet it seems as users we are no less vocal about them.  Even more vocal in some ways.

With Data Privacy issues, it’s a question of the impacts to us on how our data is used.  The use of our data related to our activities on line.  When we interact with websites, we are either anonymously tracked and profiled, or discretely and uniquely tracked for this purpose.  We get creeped out by the idea that we are being “tracked and profiled”.  No doubt, the offline analogies to that are very concerning.  But online, anonymously, are the impacts as impactful or dangerous?

What is the intent of online tracking and profiling though?  Primarily, it’s for serving more relevant and targeted advertising.  And, to that end, what could the harm be in that?  Is there harm in serving a more targeted advertisement?  Should users be creeped out by this?

As you can tell, I’ve not clearly constructed the issues for a good dialog – but I’m writing here about it, because I’m starting to.

I’ll be attending this event in early 2014:

The New Frontiers of Privacy Harm
Silicon Flatirons
A Center for Law, Technology, and Entrepreneurship at the University of Colorado

Here’s the overview:

What harms are privacy laws designed to prevent? How are people injured when corporations, governments, or other individuals collect, disclose, or use information about them in ways that defy expectations, prior agreements, formal rules, or settled norms? How has technology changed the nature of privacy harm?

I find this issue fascinating – and as we continue to steam ahead as an online-enabled society – making determinations in this area are critical.

I’m hopeful of a day where the concepts of Fair Information Principles (see references from Wikipedia or EPIC) are connected end-to-end, from the up  front management of user expectations, with Notice and Choice and other disclosures made clear upon the initiation of a relationship – through the execution of those promises.

There still seems to be a lot of concern, some noise and hyperbole no doubt, and much legitimate, about online tracking.  Despite that, I’m not sure the line has been drawn all the way to the end, clearly enumerating the types of actual “harm” that can come to an end user or consumer.

What do you worry about online with regard to behavioral tracking for advertising?  Are you creeped out?  Is it a fair exchange for access to things like Facebook, Twitter or Linked In?

Let me know, I’d love to know what people think!


photo by: zigazou76

4 thoughts on “Exploring Privacy Harm”

  1. Bill Peterson says:


    Really fascinating stuff with long-reaching consequences. I’m still processing what you’ve written.

    First gut reaction: I suspect there is harm done in some potentially overlooked ways, including loss of individuality. There is something inherently invasive about the idea of someone looking over our shoulder, possibly similar to how we guard personal space in interactions with others. It’ll take time for me to formulate more cogent thoughts on this, and I appreciate you sharing your thoughts.

    Second gut reaction: Intuitively, I think these issues are like a very real monster under the bed.

    Third gut reaction: Without the ability to decline this type of tracking, vs opting in, I’m stridently opposed to someone/anyone taking what doesn’t inherently belong to them. Possibly it will be helpful/necessary to define one’s online behavior as personal property. This would make for interesting legal precedence. For instance, people ‘own’ their bad behavior when they commit crimes, are caught and punished. Maybe we should conceive of ‘owning’ behavior as a sort of personal property right.

    1. Tom Bartel says:

      Bill, really great thoughts, thanks for sharing them. I think this is exactly one of the things needed – outside of internet technology producers, and privacy wonks, what does the general population think of these things? You’re gut instincts make sense to me – I’d love to gather more information from others to see how they think about this stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *