Boundaries of Privacy Harm, The

Privacy and Security

Article Snapshot


M. Ryan Calo


Indiana Law Journal, Vol. 86, No. 3, pg. 1131, 2011


Proposes two categories of privacy harm: unwanted observation, and the use of a person’s information against them.

Policy Relevance

This working definition of privacy harm gives courts and regulators criteria to identify privacy harms and rank the severity of privacy harm. It also provides a ‘limiting principle’ that guards against dilution of the concept of privacy, and a ‘rule of recognition’ to identify new privacy harms as they emerge.

Main Points

  • Objective privacy harm occurs when a person’s information is used in an unanticipated or coerced way against him, with negative consequences.
  • Subjective privacy harm is the perception of unwanted observation, which results in unwelcome mental states, like anxiety, embarrassment or fear.
  • Objective and subjective privacy harms are interrelated: objective privacy harms involve adverse, external consequences from the loss of control of information, while subjective harms are internal and arise from the perceived loss of control over information.
  • Privacy harms can occur even when there is no ‘human perpetrator’ – when no human is actually watching the person, but she perceives she is being watched. Harms can also result from machines observing a person.
  • Courts have over-identified privacy harms in recent cases involving contraception, abortion, and homosexuality, where privacy may not have been the central issue, and privacy harms did not occur.
  • Privacy harms can occur in public settings as well as in private ones.
  • The severity of privacy harms can be determined by the degree of knowledge or consent by the person, by the aversion of the person to observation, and by the extent of surveillance.

Get The Article

Find the full article online

Search for Full Article