Many privacy advocates, and scholars, seek to liberate privacy from shame. We need to understand that privacy norms do more than insulate individuals from the exposure of shameful secrets and intimate information, the argument goes, in order to deal with contemporary privacy issues that concern the collection of information that is often not sensitive or intimate and may even be publicly available. This essay argues that privacy does not need to be liberated from shame - to the contrary, it is shame that can liberate privacy. A proper understanding of shame reveals that it involves a complex form of self-consciousness - how you feel about how others view you; it is triggered by a disjunct between how you would like others to see you and the consciousness that they do not see you in this way. Privacy norms can insulate us from shame because they protect our self-presentation from the disruptions that can cause us to feel shame. Accounts of privacy go wrong when they do not understand this idea of identity that is at stake in privacy norms. By relying upon different ideas of identity, such as self-revelation or self-determination, both control-based and limited-access accounts of privacy misunderstand the social dimensions of identity and end up with an impoverished account of privacy norms. By ignoring the centrality of identity, “contextual” accounts of privacy lose analytic rigour by running together a broad set of interests and norms under the category of “privacy.” A focus on the constitutive relation between privacy and identity can also show why the idea that privacy should be protected through legal rights is misplaced. Justifications for legal rights rely upon ideas of autonomy and harm but privacy’s focus on the conditions of self-presentation sound in an altogether different register. This essay argues that legal rights such as the tort of invasion of privacy lie, at best, on the periphery of the legal protection of privacy and that the emerging international standards of Fair Information Practices provide a better framework. The best way to understand this framework is not through the language of rights but through a set of alternative ideas about the role of law in enabling and empowering individuals to act within a context of settled expectations necessary for the production of identity and agency. The role of privacy law is not simply to protect identity but in fact to help produce it.Austin concludes that -
Privacy is not best understood as a state of social withdrawal but as a set of norms that enable social interaction. Privacy norms ensure somemeasure of individual control over one’s social identity through securing settled expectations in relation to audience segregation that can then be negotiated by an individual - but can also protect the social and interactional aspects of self-presentation and so should not be conflated with simply enabling individual control. The legal model for this understanding of privacy is not legal rights like we find in tort law, for example, but the Fair Information Practices that have come to underpin data protection law internationally.
This analysis brings into view a very different role for law in relation to privacy than is often claimed. Instead of privacy law protecting an already-developed identity from outside pressure, privacy law can help produce identity as it is created through social interaction. Increasingly, our social interactions are mediated through technologies that disrupt the settled social expectations of audience segregation that have developed in the past. In response to this, what we need are information practices governed by law—not just positive laws but the basic legal values that animate ideas like the rule of law that create an environment of stable, predictable norms of audience segregation within which individuals can negotiate their social identities.
This analysis also points us in the direction of other related identity concerns that require more attention from legal scholars. Self-presentation functions well in an environment where the reactions of others can be reasonably anticipated based upon shared social understandings.
However, in many contemporary contexts involving information collection and use the reactions of others cannot be reasonably anticipated - instead of shared social understandings, we sometimes interact within contexts of severe information asymmetries. This is especially true in institutional settings. As others have maintained, increasingly individuals are “sorted” into different categories based upon their personal data, without access to why they have been sorted in this way, and sometimes with serious personal consequences. What this points to is the need to expand our analysis to critically examine these other aspects of identity. But this is an expansion that remains tethered to identity concerns and the manner in which these are undergoing a serious of profound changes and disruptions in the face of contemporary information and communications technology.
If liberal rights were the response to a different era, a challenge to social hierarchies that depended on strategies of abstraction from the particular identities and social contexts of individuals for its emancipatory effect, today we face different challenges. What we need to recover and reimagine is a vocabulary of identity, and a legal framework that supports and enables the conditions of identity, in order to respond to the new challenges of the information society.