News, Developments, and Insights

high-tech technology background with eyes on computer display

Future of Reputation

A few weeks ago, I offered free review copies of my book, The Future of Reputation: Gossip, Rumor, and Privacy on the Internet (Yale University Press, Oct. 2007) to bloggers who would agree to write a review of the book. A few reviews have now come in, and they are quite thoughtful and interesting. Many engage with the book at a more substantive level than the typical mainstream media reviews, and I’d like to discuss and respond to some of them.

1. David Giacalone at f/k/a

David Giacalone,a lawyer, haiku writer, and former FTC official, has written two posts about The Future of Reputation at his blog f/k/a. His first post, a prelude to his review, is a fascinating etymology on the word “gossip”:

If you click on, you’ll see the many meanings of the word gossip. . . . The first three meanings were expected. But #3 and #4 were surprising. A gossip is “a close friend or companion,” and in Britain the term is sometimes used to denote one’s godparent. . . . Similarly, Wiktionary explained, “From Old English godsibb, where it meant “godparent”. Later it came to mean a person who is your friend or companion. Since friends do a lot of talking the modern meaning of ‘idle talking’ has stuck.” . . . . So, “a gossip” went from being a friend you would choose to serve as godparent to your child to “A person who habitually spreads intimate or private rumors or facts.”

In his second post, he reviews my book. David writes:

The Future of Reputation brings together the themes in useful and interesting ways, showing important connections and ramifications, and making me want to talk about them with friends (and foes) and to find solutions to the problems he raises. . . .

This book is the perfect playground and mosh pit for guys and gals who enjoy designing or critiquing statutory (or common law) legal solutions to important societal problems. Dan Solove has suggested an ample variety of potential legal changes (with lots of details both offered and lacking) to keep the wonks up late at night debating the proposals — talking them out, fleshing them out, or throwing them out. Of course, law students and professors, lawyers and legislative staffers, come readily to mind. But, you don’t need a law degree to be intrigued by the proposals in The Future of Reputation, and to have a contribution to make in the discussion this book should inspire and provoke.

David’s review isn’t without some thoughtful criticism of my book:

Dan speaks of wanting the law to “cast a wider net, yet have a less painful bite,” and of using the law to shape norms rather than imposing direct prohibitions. But, laws that create wider nets of responsibility and impose new restrictions are unlikely to be effective if their “bite” doesn’t draw some blood or leave a scar. Likewise, new norms usually only make an impression and change behavior when there is a genuine downside to ignoring their prescriptions and proscriptions.

I assume Dan doesn’t want to give specifics that would scare away the freedom-loving, often self-absorbed denizens of the internet he is trying to convert into responsible citizens. But, without more detail and discussion of how laws and legal principles would be shaped — so as to impose discipline on the likes of bloggers, angry consumers, jilted lovers, and social network entrepreneurs — practical-minded lawyers, judges and law-makers are left unconvinced that the Moderate Approach will really have significant moderating effects.

David makes a valid point — my proposed solutions are cast at a very general level, and I do attempt to broaden the applicability of privacy law yet cut back on its bite. The reason for this is to prevent excessive lawsuits. At best, my solutions will serve as a mild way to help steer the norms of cyberspace. I am concerned that stronger and more powerful legal consequences for online gossip would be too heavy-handed, too chilling of free speech. Part of the difficulty in addressing the problems I discuss in the book is how to navigate between two very important values — free speech and privacy. The balance must be very careful, and I found myself trying to dance on a wire with very clunky boots, as the law is often not a very delicate tool.

David also wished I fleshed out my discussion of the use of the breach of confidentiality tort in more detail:

Frankly, being told that lawyers and doctors have to keep confidences, so the rest of us should, too, is not sufficient explanation. The law has created limited rules of professional confidentiality because we as a society have something to gain from clients, patients, and penitents being fully truthful with lawyers and doctors and priests. Despite this, those confidentiality protections are often circumscribed, limited in application, and under attack. [We don’t even require blanket confidentiality now within a marriage, but merely allow a spouse to invoke it when being asked to divulge information about the other spouse.] The lawyer-client analogy simply doesn’t get us very far. There does not seem to be an analogous reason to motivate individuals to tell the whole truth about their personal situations to families, lovers, and friends. Before imposing penalties for the disclosure of “confidential” information, we need more justification and more details on how it might work in practice.

My discussion of expanding the breach of confidentiality tort is indeed rather general in scope. Part of the reason for this is that I am writing for a general audience, and I don’t want to get too bogged down in legal theory. Another reason is that I have explored the breach of confidentiality tort in depth elsewhere — in my recently-published article with Professor Neil Richards: Privacy’s Other Path: Recovering the Law of Confidentiality, 96 Georgetown Law Journal 123 (2007). In this article, Neil and I discuss the English version of the tort. In England, the breach of confidentiality tort (referred to in England as “breach of confidence”) does cover friends and family, and it has developed into a workable jurisprudence. Neil and I plan to write some follow-up articles that will sketch the full contours of the tort and examine some of the normative issues. So stay tuned, as I will be writing more about breach of confidentiality in the future.

2. Thomas Otter at Vendorprisey

Over at the blog Vendorprisey, Thomas Otter, a solution architect the German software company SAP and a PHD student, offers a very positive review:

Solove is on a mission to get people thinking about privacy who haven’t really thought about it before. Anyone who has a Facebook profile, a blog, or who posts photos online, or has friends and family who do, ought to read it. As a very successful blogger himself, he brings a practical perspective to the topic of gossip, ‘rumor’ and privacy on the Internet. . . .

The book works because it uses lots of anecdotes to explain complex issues, simply. It covers the awkward and subtle tensions between privacy and the first amendment-freedom of speech brilliantly. It also provides an excellent quick tour through US privacy law history.

Thomas’s only “gripe” is that “the book is very US and tort centric. It made passing mention of UK tort, but it made no mention of European Data Protection Law, nor of the right to privacy in the Universal Declaration of Human Rights or other significant legal instruments.” This is certainly true. When it comes to the topic of Internet gossip and the clash between privacy and free speech, I am much more comfortable in my knowledge of US law. I have a forthcoming book about my general theory of privacy that explores foreign privacy laws in more depth.

3. Scott Greenfield at Simple Justice

Scott Greenfield, a lawyer in New York City who focuses on criminal defense, has written a very thoughtful review of my book in his blog, Simple Justice:

The first half of the book is quite a cautionary tale, to be read and digested by anyone who posts online, or knows anyone who posts online, or doesn’t know anyone and rarely leaves the house. The point is, no one is safe, and Dan backs up the claim with example after example. The only reason the stories are funny is because they aren’t about you. Yet.

The second half of the book is an effort to find a way to address the plethora of problems. Given the breadth of issues, complicated by the myriad of people who are potentially involved, the mere idea that the problems are subject to resolution may be somewhat arrogant. Still, Dan gives it a shot. Alas, the answers do not come as easily, or as successfully, as the problems.

Scott’s point is a fair one. My book is indeed more successful at delineating the nature of the problems than it is at finding a solution. I really wanted to be able to pull a rabbit out of a hat — to find a nifty and elegant solution. But, alas, I couldn’t. Thus, I came up with a number of small tweaks and fixes to the law, to help make it better. It isn’t meant to be a cure — in the book I wrote that I don’t think that there is a cure — but my suggestions for legal reform are meant to be improvements.

At times, when writing the book, I just wanted to throw up my hands and say that these problems are unsolvable. And without a cure, the best I could offer were some ways to better cope.

4. Professor James Grimmelmann at The Laboratorium

Professor James Grimmelman at New York Law School has reviewed my book on his blog, The Laboratorium. He didn’t even ask for a free review copy, so his review comes gratis. James seems to have enjoyed the book, but was ultimately underwhelmed by its impact, and so he gave it only three out of five stars:

I couldn’t help but come to this book with unrealistically high expectations. After all, the author of A Taxonomy of Privacy, The Digital Person, and A Model Regime of Privacy Protection brings to the table a pretty good, well, reputation. Unfortunately, this latest book offers not so much a definitive knock-down solution to the problems of privacy and reputation online (you see what kind of a standard I’m holding you to, now), as, well, some basically good ideas that are already out there.

Of course, many of those ideas are out there thanks to Dan Solove himself, but this is a tough town, and what have you done for me lately? The basic problem here is that this book is a summa of a lot of Solove’s thinking about online privacy, particularly as articulated in his blogging.

Fair enough. This book is written for a general audience, and I’m not attempting to strike bold new theoretical ground. My purpose is to examine a very interesting set of problems, spark a debate among both legal scholars and lay people, and to draw from some of my theories and the theories of others to address these problems.

When I was writing this book, one of the greatest challenges was how to write in a way that appealed both to experts and to non-expert readers. How should I describe legal solutions in a way that law professors and lawyers would appreciate yet that lay people wouldn’t find too complicated and detailed? How should I describe the blogosphere in a way that people unfamiliar with blogs and social network websites can understand yet at the same time not make seasoned bloggers groan? And how do I discuss solutions when there isn’t any easy fix? What I discovered is that there is no perfect way to do all these things. It’s about striking a balance. My hope is that most readers understand what I’m trying to do and still appreciate what the book has to offer. Unlike some of my other work, my primary goal for the book was to spark a debate and discussion, not to advance my own theories. I still do suggest ideas and solutions, but my central aim is to get people thinking, talking, and debating. This is a more modest goal compared to some of my other work, but I think it is still an important one, and I hope I have achieved it.

James goes on to argue that he was convinced by my critique of online shaming, yet he was less convinced by my justification for why privacy should trump free speech in certain cases:

I want to have a strong theory of privacy. I really do. And yet, I’m getting increasingly uncomfortable with a lot of the standard justifications of strong personal privacy. When you think about it, and I mean really think about it, what exactly is the privacy interest in preventing people from taking pictures of me on the toilet? Solove runs through many of the standard theories—bad judgments based on incomplete knowledge, contextual identities, identity change over time, irrational reasoning by others, preservation of diverse behaviors, second chances, autonomy, the oppressive feeling of being watched, and others.

But they all feel incomplete, or misdirected. If people make misjudgments about me based on incomplete information, isn’t the solution to supply them with the full context, not to take away what little information they do have about me? If we’re talking about others’ irrational reasoning about me, isn’t the problem the irrationality, not the information used as an input to it? If we’re concerned about identity change over time, isn’t it sufficient for me to say that my identity is changing, so please update your priors? And so on and so forth. It’s not that the concerns feel wrong. It’s just that the privacy violation always seems to be secondary to some deeper way in which society is messed-up. Privacy protection is the law of the second-best.

This is a very interesting point. One of the reasons we protect privacy is because others might use our personal information to judge us in ways that we might not desire. But why not just blame society for condemning people hypocritically? Or blame society for being too harsh about judging others? Privacy is indeed a second-best solution, but it is still a necessary one. That’s because it is very hard to change society. We live in an imperfect society, and while the ideal would be to make society a Utopia, the second-best option of providing some better armor for individuals is much more practical. We might not be readily able to get people to all start making rational and fair judgments about each other, but at least we can allow people to withhold information that can tend to lead to such judgments.

After reading James’s review, I was pleased that my book inspired such interesting thoughts, and so I think he could at least grant me one more star . . .

I’ve gone on long enough about the reviews. There are many more reviews to come, and if they are as interesting and thoughtful (even when critical) as the ones above, then I’ll be eagerly looking forward to them.

Originally Posted at Concurring Opinions

* * * *

This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.

Professor Solove is the organizer, along with Paul Schwartz, of the Privacy + Security Forum and International Privacy + Security Forum, annual events designed for seasoned professionals.

If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
LinkedIn Influencer blog

TeachPrivacy Ad Privacy Training Security Training 01