Tech Law: Privacy — what do you expect?
by Paul Jacobson (@pauljacobson) We’re fortunate to have a constitutional right to privacy in South Africa. Section 14 of the Bill of the Rights states the following:
- their person or home searched;
- their property searched;
- their possessions seized; or
- the privacy of their communications infringed.
This right is not absolute and can be limited by competing rights or laws that have general application
to the extent that the limitation is reasonable and justifiable in an open and democratic society based on human dignity, equality and freedom, taking into account relevant factors …
It is a fundamental right and not to be interfered with lightly. Or, at least, that is the idea.
Don’t really have a clear sense
The problem with the right to privacy, generally, is that we, collectively, don’t really have a clear sense of what the content of our right to privacy is. We talk about our right and how it is infringed upon by a number of daily activities but, when we are pressed to identify the point at which an activity crosses the line that separates respecting the right and infringing upon it, we are frequently at a loss.
That has a lot to do with our expectations — the focus of a test the Constitutional Court, explained in the 1996 decision in the case Bernstein and Others vs Bester NO and Others, which predated the current Constitution and the right I quoted above.
The judges wrote that a central test, for determining when our right to privacy is infringed upon, is whether we have a legitimate expectation of privacy. When we have this, legitimate expectation of privacy is assessed upon a continuum of sorts, with a clear infringement on the one side and a clear respect for the right on the other. The shift from respect to an infringement occurs somewhere in between and depends, at least in part, on context.
Test has two components
The test has two components. The first component is a subjective expectation of privacy and this is balanced out by the second component, which is what society recognises as an objectively reasonable expectation of privacy.
An example, which may help illustrate this tension and how the test is applied, is the following:
On the one hand, let’s say I go for a walk in a busy public square in current times, when I am aware that a substantial number of people carry cameras in their pockets and I notice citizens taking photos of features in the public square.
My subjective expectation that I not be photographed and that photographs of me not be published on Twitter, say, are probably not objectively reasonable in that context. After all, it is a public space and people’s tendency to take photographs and share them is hardly new in 2014.
Objectively reasonable expectation
On the other hand, if someone climbs over my high wall and takes photographs of me playing with our kids in our garden and shares that online, I would not only have a subjective expectation of privacy but society would likely recognise that as an objectively reasonable expectation and my right to privacy would have been violated.
When we think about privacy, we think about these sorts of examples but, even with these examples, we remain unclear about what this right really protects.
The tendency is to think about the right to privacy as a protection of our right to our secrets but, as we share more and more digitally, that is not a sustainable model. The more you share, the more you should assume that what you have shared is beyond your control and being accessed in ways you didn’t anticipate when you shared it.
Approaching a point
We’re approaching a point where the only people who can regard their right to privacy as their right to secrecy are the few who have not connected to the digital collective.
No, the right to privacy is much more about the right to influence and, perhaps, control how your personal information is used and by whom. The Protection of Personal Information Act and its predecessors are written for this privacy model and assume that secrecy is rapidly becoming an anachronism in our increasingly connected society.
For the most part, we are concerned about what our social networks, brands and governments are doing with our personal information and, the way we talk about it, you’d think these institutions wrest our personal information from us and do objectionable things with it.
Yet how often do we stop to reconsider sharing so much of our lives on Facebook, Twitter, in competition entries and surveys and elsewhere? We blame others for abusing our trust when it seems some corporation or intelligence agency is profiting from our data or spying on us but what was the extent of our role in facilitating that?
To muddy the waters even further, we are ambivalent about sharing so much about ourselves. The more we share, the more useful services such as Facebook may become. More information about us often translates into more personalised services that may have more value to us and increase our enjoyment of the whole experience.
At the same time, this is all made possible because advertisers may spend a lot of money to know more about us and target us more effectively with ads. Preventing the latter often means sacrificing the former’s benefits.
We are conflicted about our privacy and, until we decide where to draw the line, those social networks, brands and government agencies are going to continue making decisions about what privacy means to us based on their clearer ideas about what works for them.
Pause for a moment
The next time you feel your right to privacy has been violated, you may want to pause for a moment and ask yourself what you expected in the first place.
Paul Jacobson (@pauljacobson) is the founder and director of Web•Tech•Law. He contributes the regular “Tech Law” column focusing on issues in the digital marketing space to MarkLives.com. CC BY-SA 2.5
— MarkLives’ round-up of top ad and media industry news and opinion in your mailbox every three work days. Sign up here!