Professor Neil Richards of Washington University Law School has posted on SSRN his recent essay, The Information Privacy Law Project, 94 Geo. L.J. 1087 (2006). He reviews my book, The Digital Person, and offers an interesting and insightful critique. Although he takes issue with some of my arguments and with the term “privacy,” I find his review to be mostly a friendly amendment rather than an attack. Here’s the abstract:
One of the most interesting developments in privacy law literature over the past few decades has been the emergence of “The Information Privacy Law Project,” a group of scholars focused on the legal issues raised by the increasing collection, use, and disclosure of personal information made possible by evolving digital technologies. These scholars have sought to establish “information privacy law” as a field of study distinct from the constitutional right to “decisional privacy.” This Essay uses the recent publication of a major work by Daniel J. Solove, The Digital Person: Privacy and Technology in the Digital Age, as a lens through which to assess two aspects of the accomplishments and potential of the Information Privacy Law Project. First, it argues that although “information privacy law” may be a useful shorthand to describe a subset of legal issues associated with the use and abuse of personal information, The Digital Person itself reveals that there are enough doctrinal, historical and theoretical linkages between informational and decisional privacy law that the two are ultimately analytically indistinct. Nevertheless, this conceptual confusion can be an opportunity for the Information Privacy Law Project, as insights drawn from decisional privacy could possibly supply solutions to some of the Information Privacy Law Project’s most intractable problems. Second, this Essay argues that The Digital Person’s assertion that the problems of personal databases are best understood by reference to Franz Kafka’s The Trial obscures a more powerful insight that problems of databases are problems of power and consumer protection. Nevertheless, such an attention to the importance of metaphor in this context reveals that thinking of the database problem as one of “privacy” limits the law’s ability to respond imaginatively. It would be far better, the Essay concludes, to engage in an effort to conceive of these problems as implicating “data protection law” or “confidentiality law” than to rely so much upon the notoriously slippery, baggage-laden, and limiting concept of “privacy.”
Originally Posted at Concurring Opinions
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.