A little while ago, I referred to a posting by Timothy Grayson, discussing the lack of a common vocabulary about privacy (see The Canadian Privacy Law Blog: The language of privacy). That posting on Grayson's blog has garnered a lot of attention, most recently from David Kearns of Network World:
What's the meaning of 'privacy'?
"...Last week, I read a lament by Timothy Grayson (he works for the Canadian Postal Administration, but likes to talk about identity) called "I guess I just don't understand Privacy" http://timothygrayson.com/blog/archives/000737.html.
It seems that a Canadian Privacy Commissioner had ruled that those sometimes annoying inserts that come along with your bank statement amounts to a breach of the customer's privacy. Read the whole entry by Grayson (and the articles he links to) as it's much too long to re-create here. But I do like his reasoning:
"To be an invasion of one's privacy presumes that all communication and contact with a person has to be approved by the recipient. The logical extent of this is that there can be no communication because the initial mover is prevented from moving. That logical extent is, of course, ridiculous. But what it does present is bold relief of the inherently unworkable nature of a 'privacy culture' that extends the definition of privacy in this excessive, individual-centric way."
In other words, we need some generally understood definitions of terms like "privacy," "identity," "personal information," etc. How can we ever hope to move to a worldwide, federated, everybody's-included identity metasystem if we can't even agree on the meaning of "identity" and "privacy" and can't tell which information is "personal" and what isn't?"