on “Protecting Consumer Privacy in an
Era of Rapid Change” is more nuanced:
“Companies should provide reasonable access to the consumer data they
maintain; the extent of access should
be proportionate to the sensitivity of
the data and the nature of its use.” 8 To
this end, we posit:
The Inverse Privacy Entitlement
Principle. As a rule, individuals are entitled to access their personal infons. There
may be exceptions, but each such exception needs to be justified, and the burden
of justification is on the proponents of the
exception.
One obvious exception is related to
national security. The proponents of
that exception, however, would have to
justify it. In particular, they would have
to justify which parts of national security fall under the exception.
The Inverse Privacy Problem
We say that an institution shares back
your personal infons if it gives you access to them. This technical term will
make the exposition easier. Institutions may be reluctant to share back
personal information, and they may
have reasonable justifications: the privacy of other people needs to be protected, there are security concerns,
there are competition concerns. But
there are numerous safe scenarios
where the chances are negligible that
sharing back your personal infons
would violate the privacy of another
person or damage the legitimate interests of the information holding institution or any other institution.
The inverse privacy problem is the
inaccessibility to you of your personal
information in such safe scenarios.
Q: Give me examples of safe scenarios.
A: Your favorite supermarket has
plentiful data about your shopping
there. Do you have that data?
Q: No, I don’t.
A: But, in principle you could have.
So how can sharing that data with you
hurt anybody? Similarly, many other
businesses and government institutions have information about you
that you could in principle have but
in fact you do not. Some institutions
share a part of your inversely private
information with you but only a part.
For example, Fitbit sends you weekly
summaries but they have much more
information about you.
Q: As you mentioned earlier, institutions have not only raw data about
me but also derived information. I can
imagine that some of that derived information may be sensitive.
A: Yes, there may be a part of your
inversely private information that is
too sensitive to be shared with you. Our
position is, however, that the burden
of proof is on the information-holding
institution.
Q: You use judicial terminology. But
who is the judge here?
A: The ultimate judge is society.
Q: Let me raise another point. Enabling me to access my inversely private information makes it easier for intruders to find information about me.
A: This is true. Any technology invented to allow inverse privacy information to be shared back has to be
made secure. Communication channels have to be secure, encryption has
to be secure, and so forth. Note, however, that today hackers are in a much
better position to find your inversely
private information about you than you
are. Sharing that information with you
should improve the situation.
Going Forward
As we pointed out previously, the inverse privacy problem is not simply
the result of ill will of governments
or businesses. It is primarily a side effect of technological progress. Technology influences the social norms of
privacy. 17 In the case of inverse privacy, technology created the problem,
and technology is instrumental in
solving it. Here, we argue that the inverse privacy problem can be solved
and will be solved. By default we restrict attention to the safe scenarios
described previously.
Social norms. Individuals would
greatly benefit from gaining access
to their inversely private infons. They
will have a much fuller picture of their
As a rule, individuals
are entitled to access
their personal infons.
health, their shopping history, places
they visited, and so on. Besides, they
would have an opportunity to correct
possible errors in inversely private in-
fons. To what extent do people under-
stand the great benefits of accessing
their inversely private infons? We do
not have data on the subject, but one
indication appears in Leon et al.12: “We
asked participants to [t]hink about the
ability to view and edit the informa-
tion that advertising companies know
about you. How much do you agree or
disagree with the following, showing
them six statements. 90% of partici-
pants believed (agreed, strongly agreed)
they should be given the opportunity
to view and edit their profiles. A large
percentage wanted to be able to decide
what advertising companies can collect
about them (85%) and saw benefits in
being able to view (79%) and edit pro-
files (81%). The majority thought that
the ability to edit their profiles would
provide companies with more accurate
data (70%) and allow them to better
serve the participants (64%).”
As people realize the benefits at is-
sue more and more, they will demand
access to their inversely private infons
louder and louder. Indeed, it is easy
to underestimate the amount of in-
formation that businesses have about
their clients. The story of Austrian pri-
vacy activist Max Schrems is instruc-
tive. “In 2011, Schrems demanded
that Facebook give him all the data
the company had about him. This is
a requirement of European Union
(EU) law. Two years later, after a court
battle, Facebook sent him a CD with a
1,200-page PDF.” 14
Social norms will evolve accordingly, toward a broad acceptance of the
Inverse Privacy Entitlement Principle
described earlier. Institutions should
share back personal information as a
matter of course. Furthermore, they
should do so in a convenient way. Your
personal infons should be available to
you routinely and easily—just as the
photos that you upload to a reputable
cloud store. You do not have to file a legal request to obtain them.
The evolving social norms influence
the law, and the law helps to shape social norms. Here, for brevity, we restrict
attention to the U.S. law. We already
quoted the 1970 Fair Credit Reporting
Act, the 1973 HEW report, and the 2012