What do you think of when you hear the term “privacy”? Does it mean that you should be able to keep information about yourself secret such as where you go with your friends for fun on Saturday night, whether you ever drink alcohol or use illegal drugs, what books or movies you read or watch, what grades you earn in school, or how much money you make? Does it mean you should have a right to know whether and how law enforcement officers monitor your electronic communications when you use your tablet or smartphone to post to Facebook or Twitter? Does it mean you should be able to control what kind of information an online retailer collects about your purchasing or browsing history? Does it mean that you should be able to seek medical care without the government learning about the choices you make?

“Privacy” in the twenty-first century means all these things, and more. The advent of the digital has created unprecedented opportunities to share and access information about each one of us. This makes it simpler and quicker than ever to obtain a store credit card, to pay bills online without ever writing a check, and to publish our ideas and thoughts to the world. But it also gives both government and the private sector unprecedented opportunities to keep an eye on our movements, our interactions with others, and in some ways, our thoughts and ideas.

This is the paradox of privacy. On the one hand, we benefit from the easy exchange of personal information through digital communications. On the other, we give up some degree of control about what happens to that information. Is that an appropriate trade off? Is it worth it?

It may surprise you to learn that privacy is a relatively new concept. In 1890, an American attorney named Louis D. Brandeis was fed up with what he saw as the excesses of the popular press in Boston, Massachusetts. Gossip columns in the newly-emerging “penny press” regaled ordinary readers with insolent and insinuating details about the doings of Mabel, the socially prominent wife of Brandeis’s law partner, Samuel D. Warren. The stories were not outright lies, so she could not sue for libel. Such lawsuits are limited to situations where someone has published false information that harms an individual’s reputation. To make matters worse, the invention of smaller cameras allowed photographers to take pictures with a snap of the shutter. Although the cameras manufactured by companies such as Eastman Kodak would seem cumbersome to us today, they were a significant advance over the clunky, slow-exposure cameras used only a few years earlier by Matthew Brady and other Civil War photographers. The pictures these photographers captured ended up in the mass circulation Sunday rotogravure magazines, sold for only a few cents a copy. Worse still, inventors like Thomas Edison were working on cameras that would produce moving pictures. Moreover, there was nothing the law could do to stop them.

So Warren and Brandeis wrote a scholarly article about the situation that they found so appalling, and published it in the Harvard Law Review, the scholarly journal produced at Harvard Law School. They wrote:

However, Warren and Brandeis were not bothered only by the intrusions into their personal lives when the press published the “gossip” about them. They were also worried that these articles degraded the readers as well.

Thinking like the lawyers they were, Warren and Brandeis concluded that the best solution would be to create a new legal theory, a “right to be left alone,” to be recognized by judges, which would allow individuals to sue others for money damages if they believed that their privacy had been violated.

Brandeis and Warren were not the only ones who thought that the press was going too far using new-fangled “mechanical devices” that could record conversations and cameras that produced “instantaneous” pictures. Lawsuits in England had already prevented the exhibition and distribution of copies of photographic portraits without the subject’s consent. Nor did the law partners invent the concept of “privacy.” They acknowledged that France already had recognized the right to “la vie privée” in its 1868 press law.

Nevertheless, U.S. courts were slow to embrace this new right, and the legal liability that would accompany it. Congress did nothing to enact laws addressing the issue, and most legislative action in the states was limited to protecting an individual’s right to safeguard his name and image from commercial exploitation through advertisements.

With one law review article, this pair of Boston lawyers—one of whom would later become a Justice of the Supreme Court of the United States—began a discussion that continues to the present day. What is the right to privacy? How much control should we have over our personal information? When do freedom of the press and freedom of speech outweigh the individual’s right to be left alone? When do national security concerns justify the government’s monitoring of our electronic communications? How much of our personal data are we prepared to give away or “trade” in exchange for making consumer transactions like shopping or traveling faster and easier?

Several international human rights declarations and conventions created after the Second World War recognize that privacy—traditionally defined as a person’s private life, home, and correspondence—is a fundamental right. This means that the preservation of privacy is seen as essential to personal fulfillment, and to functioning within a democratic society. Inevitably, the equally “fundamental” right of the news media to gather and report news and to inform the public collides head on with this “fundamental” right of privacy.

However, the right to privacy has never been elevated to this level in the United States. The Fourth Amendment to the Constitution guarantees citizens the right to be “secure in their persons, houses, papers, and effects” and to be protected from the government conducting unreasonable searches and seizures of people and their property. This is a powerful statement supporting individual autonomy. In recent years, it has been interpreted by the Supreme Court not only to limit how law enforcement conducts criminal investigations, but to curb the power of government to control or intrude into intimate aspects of our lives, such as the right to obtain contraception and abortion. As important as the Fourth Amendment is, it says nothing about invasions of privacy committed by non-governmental actors like corporations or the press.

In fact, the First Amendment right of the press to report on newsworthy matters has been vigorously protected by rulings of the Supreme Court. The high court has been reluctant to curtail the news media when they choose to report on subjects that are considered newsworthy and of legitimate public interest, even if they involve such controversial matters as the identities of crime victims. The idea that journalists could be punished for simply telling the truth seems to violate those constitutionally-guaranteed rights.

And so there seemed to be a stalemate. Although a few skirmishes between proponents of these seemingly irreconcilable interests cropped up during the years immediately after the Warren and Brandeis article appeared, the conflict did not come to a head until roughly a hundred years later. By that time, a growing debate, driven by new incarnations of the factors that had so upset the two lawyers, prompted courts and legislatures to begin rethinking the concept of privacy. Many argued that sensational media who profited from salacious stories about the rich and powerful, and who utilized sophisticated equipment to capture their subjects in embarrassing and compromising situations, needed to be reined in. Laws to make it a crime to use surreptitious surveillance devices such as hidden cameras were enacted, and both federal and state law prohibited wiretapping of telephone conversations. Courts began to recognize a right to protect one’s personal information from disclosure by others, at least in cases where it would be highly offensive to a reasonable person. A few states allowed individuals to sue for invasion of privacy when someone described or depicted them in a “false light”—for example, by publishing an accurate photograph with a misleading caption that distorted reality.

However, it was not until 1997, following the death of Diana, Princess of Wales, in a car crash in a Paris tunnel while she and her companions were attempting to dodge a pack of paparazzi, that public support for new restrictions on reporting about individuals took off. Using Diana’s death as a pretext, the European Parliament scheduled an “emergency” debate on strengthening privacy laws, and its Culture and Media Committee asked the European Commission to launch a comparative study of existing legislation with the aim of developing an international “code of conduct” for the news media. The Press Complaints Commission in the United Kingdom declared that British newspapers should stop buying paparazzi photographs obtained “illegally or unethically.”

In the United States, legislators introduced bills in Congress and in several states to invent a new federal crime of “harassment,” create buffer zones around famous people, and authorize official inquiries into journalistic behavior. Celebrities testified about how the media were making their lives, and those of their families, miserable. Although much of the initial hysteria about intrusive news coverage eventually died down, new and growing privacy concerns have continued to fuel new efforts to restrict both newsgathering and reporting.

One example is the increasing use of drones by the general public and by businesses. This particular technology, which at one time was limited to use by the military and law enforcement, has become comparatively inexpensive and readily available for a variety of recreational and commercial uses. However, drones also raise legitimate privacy concerns. The Federal Aviation Administration and several states have considered measures to restrict the use of drones.

The Los Angeles Times reported on August 16, 2014, that the Paparazzi Reform Initiative, described as “a group representing celebrities and others,” persuaded Assemblyman Ed Chau to introduce a bill in the California legislature that would prohibit the use of aerial drones to collect video, photos, and audio of celebrities. The newspaper also reported that a drone had taken photographs of singer Miley Cyrus in her backyard. The photographs were offered for sale to a “major photo broker” who declined to purchase them, although he did tell the Times that he would use drones to take photographs of celebrities’ homes “as long as no individuals can be seen in the pictures to raise personal privacy issues.” Laws and regulatory initiatives like these illustrate the difficulty of striking the appropriate balance between competing rights of privacy and freedom of expression.

The digital age has only complicated these issues. As we utilize computer technology for our everyday communications, we are creating a digital profile that can be tracked by the government and the private sector to create elaborate dossiers about our habits, our health, our preferences in food and entertainment, and much more. Although often this is done transparently, the exact parameters of collection of personal data by retail merchants, social media sites like Facebook, and other digital service providers are often buried in complicated “Terms of Service” which consumers rarely read in full before clicking a box to signify their consent. Most people agree to share their personal information without giving much thought to the consequences. Moreover, if the most significant consequence of sharing data is that the consumer receives targeted emails or other electronic communications tailored to her preferences, is that a big deal? Isn’t it a benefit to patients if their health care providers can access digitized medical records? Doesn’t the existence of reports that compile our financial history make it easier to obtain loans and other forms of credit?

By contrast, when the government conducts the surveillance, the consequences can be a very big deal indeed. Although law enforcement, including the FBI, has long had the authority to observe and record individuals’ communications, that authority was limited by strict legal requirements that search warrants or court orders be obtained, often in advance, from judges. Oversight of the executive branch by the judiciary helped to keep overzealous investigations in check. However, after the 2001 terrorist attacks on the World Trade Center in New York and the Pentagon in Washington, DC, the intelligence community demanded—and was given by Congress in the USA PATRIOT Act—legal authority to conduct much more extensive surveillance than had been authorized previously. They argued that some suspension of the Fourth Amendment protections was necessary to protect the public from similar terrorist attacks in the future. Many Americans accepted this as a necessary bargain “to keep us safe.”

But even those who were prepared to go along with expanded government powers to keep tabs on “the bad guys” were shocked to learn just how extensive surveillance was when, in 2013, a former defense contractor named Edward Snowden disclosed classified documents detailing how the intelligence community monitored the communications of millions of ordinary American citizens. He revealed details about how the National Security Agency (NSA) and its counterparts in other countries intercepted phone records, text and email messages, video chats, and locational data. Even people who had believed that they had nothing to fear as long as they “weren’t doing anything wrong” began to question whether the government’s actions prying into so many details of their personal lives actually infringed on their fundamental civil liberties.

In response to outcries from their citizens, the U.S. Congress, as well as other legislatures around the world, has been forced to confront the difficult question of how to balance safety and security against privacy. Even under ideal circumstances, drafting new digital privacy laws is a challenge. Putting aside the inevitable and constant political squabbles, evolving technology moves much faster than any legislative body can. The intelligence community, having acquired the ability to conduct massive surveillance, is reluctant to surrender it. Moreover, countless consumer data breaches launched by hackers—often based outside the United States—have repeatedly compromised personal information held by credit card companies, retailers, and health providers, and the law seems powerless to stop them. It hardly seems possible to encrypt or secure digital systems quickly enough to prevent their exploitation by criminals, and consumers understandably worry about financial fraud and identity theft.

Legitimate as these concerns are, however, they can lead to unintended consequences. For example the federal Freedom of Information Act (FOIA), which provides the public with access to executive branch documents, is an important tool to allow citizens to keep an eye on “what the government is up to,” as a Supreme Court Justice once wrote. Of course, before computers, these records were kept in paper form, in file drawers, and it took some doing to find them. However, converting these documents to digital form, and making them accessible online, changed everything. Now anyone, anywhere in the world, at least theoretically, could look at whatever government documents he chose. The sheer quantity of personal information that governments collect, coupled with the ease of access to this information, has led the Supreme Court to permit agencies to withhold otherwise public documents claiming that disclosure would constitute an “unwarranted invasion of personal privacy.” The Court’s rulings have included denying access to computerized “rap sheets” that compile someone’s criminal history, photographs taken at a crime scene, and even arrest records—which traditionally have been open to the public. The high court has determined that whatever the legal history may have been during the era of parchment and paper, the digital age has changed the rules. Combine privacy with post-9/11 security concerns, and the net result is that the public’s access to government information is under serious threat.

Ultimately, the concept of privacy is really about control. Should individuals, through the instrumentalities and often with the complicity of the government, have the power to control the content of news reporting? Should public officials be able to hide the facts from the public in the name of protecting privacy? Should legislatures and international bodies restrict the collection, retention, and distribution of “personal” data by businesses in the name of protecting privacy?

An example from Europe helps to illustrate this. The European Union’s 1995 Data Protection Directive grants “data subjects” the right to exercise dominion over information that uniquely identifies them, including physical, economic and cultural characteristics such as race, ethnicity, religion, or political affiliation. Among other things, the Directive requires “processors” of data to notify individuals of how they will use information collected about them, as well as give the subjects the right to approve or veto those uses, gain access to databases containing the information, and demand copies, corrections, or deletions. Although the Directive deals only with the personal information of EU citizens, it prohibits the transfer of that information into other countries that have less protective laws, which has significant consequences for international trade and business. The United States entered into a “Safe Harbor” agreement that allowed domestic companies to certify that they would comply with the EU rules, even though these practices were not required under United States law. However, less than 20 years after the Directive took effect, the European Union has declared that the Safe Harbor provides inadequate protection, and new negotiations to try to reach a compromise are ongoing.

As far-reaching as the impact of the Data Protection Directive has been, a new idea out of Europe threatens to be even more significant. The “Right to be Forgotten” (RTBF) has been discussed and debated by European policymakers and privacy advocates since about 2010, but first formally appeared in a proposal to reform the Data Protection Directive issued in January 2012. It is based on a right to privacy, or personality, enshrined in Article 8 of the European convention on human rights, which provides that “Everyone has the right to respect for his private and family life, his home and his correspondence.” However, the RTBF goes far beyond mere “respect” for privacy. Driven initially by concerns about data harvesting by search engines like Google, and exacerbated by the Snowden revelations, the RTBF elevates privacy interests to a new level. As Viviane Reding, vice-president of the European Commission stated in 2012, “I want to explicitly clarify that people shall have the right—and not only the ‘possibility’—to withdraw their consent to the processing of the personal data they have given out themselves.” The RTBF would allow record subjects to control personal data that they consider to be “irrelevant or outdated,” regardless of whether they affirmatively chose to place it in the public domain initially.

Many would argue that teenagers should have the power to “erase” ill-advised photographs of themselves that they impetuously posted online without considering the consequences in the longer term. California enacted a law, effective in 2015, that does just that. However, the RTFP goes far beyond shielding youthful indiscretions from public scrutiny. Not only journalists, but historians and archivists also fear that the RTFP could wipe out their primary source materials. Should individuals be able to decide for themselves when accurate information about them is “no longer relevant” and consign it to oblivion? A former concentration camp guard in his nineties who now lives quietly in retirement in Germany as a model citizen might argue that the record of his affiliation with the Nazi death camps is “no longer relevant.” However, even elderly alleged war criminals could still face prosecution, which supports the counterargument that archives like these should be maintained in perpetuity, no matter what the record subject prefers.

In the classic 1938 drama, Our Town, the character of the Stage Manager describes the mythical American town of Grover’s Corners: “In our town we like to know the facts about everybody.” And he is right. We do want to “know the facts” about our friends, neighbors, and colleagues. The news media report facts they deem newsworthy about government officials, celebrities, and ordinary individuals. Government files reveal many facts about individuals and their interactions with government, which in turn tell us a lot about how the government functions. The commercial sector collects information about its customers to “serve them better”—and to increase its profits.

Some of these practices are beneficial. Others have the potential to harm. The difficulty lies in deciding where the public interest stops and privacy interests prevail. That is the privacy paradox that this encyclopedia explores.

Privacy is a subjective, and therefore, elusive, concept. Invoking it can create unlimited opportunities for mischief and genuine damage to public welfare. Ignoring it can undercut the individual’s right to determine for herself what her identity and destiny will be.

How much is your privacy worth to you? Are you willing to give it up for convenience, for access to information, or for safety and security? Do you think that privacy is an outdated idea? Does privacy even matter anymore?

How would you resolve the “privacy paradox”?