What is the definition of privacy?
The Atlantic has an article posted on its site today entitled “By 2025, the Definition of ‘Privacy’ Will Have Changed“. This got me thinking again (and I’ve thought about it quite a bit) about just what is a reasonable definition of privacy? My two major conclusions to that question are that 1) it’s very complicated and 2) it depends.
A simple definition of privacy used in  attributed to Professor Weston of Columbia University is
the right “to determine what information about ourselves we will share with others.”
In terms of directly opting in or out of some data collection process, this is a straight forward definition. However, it’s not always this simple. For starters, I may want to share my data with organization X but I don’t want to share that same information with organization Y. So for starters, I would extend this definition to say something like: the right to determine what pieces of information about ourselves we are willing to share and with who.
Using this definition, someone now would have control over what data they are willing to share and what organizations they are willing to share it with. Ok easy right?
Well what about this scenario: You are in a class with three students. You all take a test, and after the test the professor hands back your exam with your grade and tells the class the average test score. If any two of the three students collude and share their test scores, they can immediately calculate the third students exact score. I would argue that this is clearly a violation of the third students privacy. They never willingly shared their exam score with the two other colluding students. But a piece of information about them was learned.
However, what about situations where the third students score is learned within some range. Clearly, if you know the students score is between 0 and 100, their privacy is not violated. But what if you learn that their score was between 80 and 85? above 50? or less than 70? Is learning any of these pieces of information a violation of privacy? I don’t know. Defining privacy is hard.
The other aspect of defining privacy that I find fascinating is that privacy is not tied directly to a piece of information. It’s often about HOW that information was obtained. For instance, if a friend tells me that they have cancer, that is not a violation of privacy. However, if the hospital without the consent of my friend, discloses that my friend has cancer, a clear violation of privacy has occurred. EVEN if I already knew that the friend had cancer. So it’s not the information itself that causes a privacy problem, it is a combination of the data AND the mode of transmission. (Another random question: Is it a privacy violation for a hospital to confirm that you do NOT have cancer? I would argue yes.)
My point here is that privacy is a very slippery concept and difficult to pin down an exact definition of. But studying and learning about privacy is going to be an increasingly valuable topic as data about ourselves is being collected on such a monumental scale that it would have been hard to imagine this even ten years ago. Try to imagine what this will be like in another 10 year? or 25 year? or 50 years?
Finally, I especially like (and am terrified by) this quote from the last paragraph of that article:
We are embarked, irreversibly, I suspect, upon a trajectory toward a world in which those spaces, times, and spheres of activity free from data collection and monitoring will, for all practical purposes, disappear.
 Fellegi, I.P., 1972. On the question of statistical confidentiality. Journal of
the American Statistical Association 67 (337), 7–18.