Spheres of Contextual Integrity

Upon finishing Helen Nissenbaum's book, Privacy in Context,  I was compelled to dwell on a disturbing nuance to her argument; that her concept of contextual integrity in privacy online could be warped by various actors, providing heterogeneous spheres of contextual integrity, which might impinge on others from a perceived legitimate perspective.

Nissenbaum pushes our conceptualization of privacy beyond mere binary definitions; her view is that privacy online relates to ones ability to appropriate the flow of his/her information online, while her definition leaves room for sharing bits of your life online as that is merely an extension of a 'real world' relationship with friends and the like. Contextual integrity is framework and benchmark for privacy, one that considers several factors; the moral and political factors of sharing information that might threaten autonomy or freedom of the source, the system or practices that impinge on 'real world' values and norms, what is the prevailing context of the information flow, what are the transmission principles and who are the actors involved.

Her definitions, arguments for, and supporting evidence for these two concepts is quite sound, and is thoroughly examined in her other papers, A Contextual Approach to Privacy and Privacy and Contextual Integrity: Framework and Applications. However, when we incorporate her view on norms into the mix, we arrive at a worrying conclusion. Nissenbaum adopts the prescriptive interpretation of norms, which is essentially an objective stance on what people ought to do. I draw much contention to this as I believe that each individual contains a myriad of opinions, producing populations with massive variance in world views. Even with some of the worlds most durable democracies subscribing to this interpretation of norms, the subjective streak in humanity is ever still articulated in perpetuity. 

 If we understand that there might be several actors, each imbued with a separate objective viewpoint, thus entrenched with the concept of prescriptive norms, we might find that spheres of contextual integrity emerge at various levels, rather than with the uniformity Nissenbaum hopes to see.

On a prima facie basis, there might be three major spheres; government agents and institutions, corporate and commercial interests, societal and individual actors. Each group will perhaps internalize this notion of contextual integrity in privacy online, yet will enunciate their understanding in wildly different ways. 

Consider the USA based National Security Agency and their Prism program. Within their informational norms, transmission principals, and indeed their modus operandi, the widespread surveillance of citizens and foreign aliens is accepted and encouraged. Their sphere of contextual integrity gives them the self-professed legitimacy to do so. Being a government actor, and thus on the side of the legal system, they cannot be challenged by other spheres, without some cost in legal fees, time, and effort. 

Consider Apple Inc and their integrated finger print scanners in their mobile devices. Their sphere of contextual integrity allows them to capture the bio-metric data of their customers and then store that data on the device's processor. As a commercial interest, the primary motivation is profits and the question of whether or not the privacy of the end user is compromised or not does not appear to be the main consideration. Another example is ChoicePoint, a USA based company which was fined $15 million due to the non-consensual transfer of customer data to identity thieves. ChoicePoint is an information company aimed at providing marketers with valuable consumer data. However, prior to their legal slap they were happily operating within a sphere of contextual integrity that allowed for the conversion of private data into profits. 

Consider the individual, perhaps even yourself, who has been the victim of the HeartBleed bug. Our sphere of contextual integrity calls for notice and consent and an appropriation of our information flow, yet our sphere was penetrated by a malignant flaw in the technical code of the Internet. Our sphere of contextual integrity is not motivated by control of the masses (as is the case of the government), or the pursuit of profits (as in the case of commercial interests), but is propelled by a longing to own ourselves, and maintain autonomy and the right to be hidden. 

The brief examples sketched up should illustrate that there are several ways in which contextual integrity can manifest, which can either be divergent or convergent with other spheres.

While I appreciate Nissenbaums arguments and the color of her writing, I am upset by the notion that prescriptive norms might produce such disparity between various spheres of contextual integrity, ultimately producing winners and losers on the web.