Defining privacy at UW
Privacy is a dynamic topic that inspires robust debate amongst academic and legal scholars about its definition and impacts on people, organizations, and society as a whole. With philosophical, legal, social, and technological aspects it can mean different things to different people. There are different types of privacy: intellectual[1], informational, bodily, communication, and territorial[2]. Personal positions on use of personal data and privacy can also vary based on people’s geographic origin, culture, or past experiences.
UW resources available to help units put privacy into action focus on:
- Use and governance of data that relates to an identified or identifiable person.
- The appropriate and responsible collection and use of personal data.
- Respect for individuals’ preferences when it comes to the use of their personal data.
To learn more about personal data, please review our resource on personal data, classifications, and structures.
Why does privacy matter?
Though privacy concerns are not new, they have evolved with innovations in the use of personal data enabled by technology. The impacts of the intentional and unintentional misuse of personal data can relate to individuals, organizations, distinct communities, and society as a whole. While there are privacy-related risks to the organization that we work to minimize at the UW, the privacy harms listed on this page are focused on impacts on people.
Privacy harms are the negative impacts on a person’s well-being related to the use or perception of use of their personal data. As with the definitions of privacy, privacy harms are widely debated and have been categorized in different ways. For our purposes, we find it helpful to draw on the work of Ryan Calo (2011) and Daniel Solove and Danielle Keats Citron (2022).
Types of privacy harms
Calo proposes two categories of privacy harms – subjective and objective – as a means to better recognize what does and does not count as privacy harm. Subjective privacy harm is felt by a person and stems from a belief that they are being monitored and have negative psychological or emotional impacts. Objective privacy harm occurs when a person’s information is used against them in some way. This use may be unexpected or coerced and results in a negative consequence for the person. Together, subjective and objective privacy harms “represent the anticipation and consequence of a loss of control over personal information”[3].
Citron and Solove[4] describe seven types of privacy harms that help us recognize various ways that subjective and objective privacy harms impact people. These include:
- Physical (e.g., stalking, harassment, doxing, assault and other harms to the body).
- Economic (e.g., predatory lending, identity theft).
- Discrimination (e.g., profiling, targeted advertising, housing discrimination, higher mortgage rates, employment discrimination).
- Psychological (e.g., emotional impacts: fear, anxiety, anger, disturbance).
- Autonomy (e.g., coercion, manipulation, thwarted expectations, lack of control/agency, chilling effects).
- Reputational (e.g., resulting in the loss of employment, social standing, business).
- Relationship (e.g., loss of confidentiality, trust impacted, damaging relationships).
At the UW, we are guided by the UW’s Privacy Principles, policy, laws, ethical considerations, and the Privacy by Design framework in our actions to minimize the risk of harm to individuals and to the UW. The articles in the following additional reading section offer examples of privacy issues related to universities.
Additional reading
The following selected readings offer additional context for understanding privacy, varying perspectives, and examples of harms related to universities.
Constituent perspectives
- Auxier, B., Rainie, L., Anderson, M., Perrin, A., Kumar, M., & Turner, E. (2020, August 17). Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information. Pew Research Center: Internet, Science & Tech. Pew Research Center.
Organization perspectives
- D’Agostino, Susan. (2022, October 28). Educause lays out higher ed’s top 10 technology issues. Inside Higher Ed.
Examples of higher education privacy issues in the news
- Brown, Elizabeth Anne. (2023, May 15). Your DNA can now be pulled from thin air. Privacy experts are worried. New York Times.
- D’Agostino (2022, Aug. 17). The Vulnerability of Student Reproductive Health Data. Inside Higher Ed.
- Douglas Sen, Arijit and Bennett, Derêka. (Sept. 20, 2022). Tracked: How Colleges Use AI To Monitor Student Protests. Pulitzer Center.
- Shepherd, Katie. (2018, March 07). Portland State University Researchers may have violated federal law by using the personal data of thousands of Portland-area K-12 students. Willamette Week.
- Verma, Pranshu and Oremus, Will. (2023, April 5). ChatGPT invented a sexual harassment scandal and named a real law prof as the accused. The Washington Post.
References
[1]Richards, N. (2022). Why privacy matters. Oxford University Press.
[2]International Association of Privacy Professionals. Glossary of Privacy Terms. (n.d.).
[3]Calo, M. R. (2011). The boundaries of privacy harm. Indiana Law Journal (Bloomington), 86(3), 1131–1162.
[4]Citron, D. K., & Solove, D. J. (2022). PRIVACY HARMS. Boston University Law Review, 102(3), 793–863.