People freely disclose vast quantities of personal and personally identifiable information. The central question of this Meador Lecture in Morality is whether they have a moral (or ethical) obligation (or duty) to withhold information about themselves or otherwise to protect information about themselves from disclosure. Moreover, could protecting one’s own information privacy be called for by important moral virtues, as well as obligations or duties? Safeguarding others’ privacy is widely understood to be a responsibility of government, business, and individuals. The “virtue” of fairness and the “duty” or “obligation” of respect for persons arguably ground other-regarding responsibilities of confidentiality and data security. But is anyone ethically required — not just prudentially advised — to protect his or her own privacy? If so, how might a requirement to protect one’s own privacy and to display ethical virtues of reserve, modesty and temperance properly influence everyday choices, public policy, or the law? I test the idea of an ethical mandate to protect one’s own privacy, while identifying the practical and philosophical problems that bear adversely on the case. I consider “conceptual” and “libertarian” objections to the view that each individual indeed has a moral obligation to safeguard his or her own privacy. Government and industry are not off the hook if privacy is a duty of self-care and self-respect: they have responsibilities and are freshly viewed as partners in moral agents’ quest for ethical goodness.Allen comments that
As we can see from the foregoing discussion, there are several negative positions one might take respecting whether information privacy protection is a duty to oneself, including these:
(1) No moral duty to or regarding oneself. There are no moral duties to oneself or regarding oneself, and therefore, no duty to protect one’s own privacy. We may (or may not) have reasons of prudence and self-interest to protect our own privacy.
(2) No moral privacy protection duty. There are moral duties to oneself, but they do not include a duty to protect one’s own informational privacy. We may (or may not) have reasons of prudence and self-interest to protect our own privacy.
(3) No first-order moral duty to or regarding oneself. There are no first-order moral duties to oneself, and therefore no such duty to protect one’s own privacy, but there are first-order duties to others that may entail derivative second-order duties to protect one’s own privacy.
(4) Prudence Only. We may have reasons of prudence and selfinterest to protect our own privacy, and commonly do. There are no moral duties to oneself, and therefore no duty to protect one’s own privacy. Nor is there any primary duty to others that entails a derivative duty to protect one’s own privacy.
(5) No Reason to Protect. There are no general reasons of prudence and self-interest to protect one’s own privacy. There are no moral duties to oneself, and therefore no duty to protect one’s own privacy. Nor is there any primary duty to others that entails a derivative duty to protect one’s own privacy.
I reject 1–5 above and subscribe to duties to oneself as an obligation to act in ways that protect one’s welfare and promote self-respect. Moreover, I believe that among our duties to ourselves are duties of privacy protection. ...
We should make a habit and virtue of protecting our own privacy. Duties to protect one’s own privacy can be articulated in admixtures of deontological, utilitarian, and aretaic frameworks, to name the most routinely discussed. The duty to protect one’s own privacy is akin to a duty to promote the happiness, autonomy, and character of one’s current and future self. (I note that Kant himself did not maintain that individuals have a duty to promote their own happiness, as I would.) A modern deontological morality might understand privacies of modesty and reserve as modes of self-esteem, self-respect, or spirituality. An aretaic or perfectionist morality might treat a degree of modesty and reserve as favorable character traits conducive to the best life. Imagine a man with colon cancer who tells his coworkers in a limited distribution e-mail that he has colon cancer and is about to take some time off from work to begin treatment. Such a sensitive disclosure is not one that I would characterize as unethical. But now imagine that this same man e-mails, unsolicited, to his same coworkers a detailed electronic diary about his cancer that includes photographs of his surgical wounds, MRIs, and X rays, along with emotional accounts of his feeling before, during, and after months of chemotherapy, radiation, and recovery. Now we have “oversharing” that raises ethical concerns. Why? Because of the discomfort he causes others, but also, critically, for the damage to his own reputation, his loss of dignity, and his departure from good judgment and temperate character.