SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez nos Conditions d’utilisation et notre Politique de confidentialité.
SlideShare utilise les cookies pour améliorer les fonctionnalités et les performances, et également pour vous montrer des publicités pertinentes. Si vous continuez à naviguer sur ce site, vous acceptez l’utilisation de cookies. Consultez notre Politique de confidentialité et nos Conditions d’utilisation pour en savoir plus.
Privacy as identity territoriality re-conceptualising behaviour in cyberspace
Electronic copy available at: http://ssrn.com/abstract=2390934
Privacy as identity territoriality: Re-conceptualising behaviour in cyberspace
(Working paper series #14.1.p)
Ciarán Mc Mahon,
RCSI CyberPsychology Research Centre,
RCSI CyberPsychology Research Centre,
Electronic copy available at: http://ssrn.com/abstract=2390934
Recent exposés of global surveillance have heightened already-heated debates
about privacy in a technological society. In this paper, we explore the context and
probable effects of this crisis, the character of privacy concerns, re-interpret what
is meant by 'privacy', provide some solutions to the crisis. Fundamentally, we
explore privacy not as a forensic or civil rights issue, but instead as a secondary
psychological drive, the combination of two more profound drives – territoriality
and identity. As such, the problem lies in the fact that cyberspace generally, is a
wholly interconnected and networked environment which makes the demarcation
of individual spaces problematic. However, by viewing privacy as identity
territoriality, and by examining the psychology of those concepts, we can chart
solutions to this crisis more easily. For example, we should interpret lower
privacy concerns among youth as reflective of normal identity development
processes in adolescence and young adulthood. Similarly, aspects of gender and
temporality can be fruitfully incorporated to the discourse on privacy. On this
basis, possible solutions and research directions are outlined to overcome the
Electronic copy available at: http://ssrn.com/abstract=2390934
While it has become a common trope in public and academic discourse since at least
Warren and Brandeis' (1890) paper, privacy has become a more pressing concern since the
dawn of the ‘information age’ in the 1980’s. Computer technology initially, and the internet
in particular, have rapidly increased the potential for personal information to be sourced and
combined in injurious fashion. In addition, the arrival and proliferation of social media and
cloud computing in the last decade has exponentially increased the amount of what is known
as ‘personally identifiable information’ within reach of adversarial actors.
This has extended privacy, among other related concepts, out of a very physical sense
of ‘someone watching me when I would prefer not to be watched’ – the foregoing citation
having apparently been inspired by reportage of attendance at a Warren family funeral – into
much more conceptual sense of ‘someone looking at my information’. For the purpose of this
article, these are the sort of data we are most interested in: what may be termed consciously
self-generated information: i.e. our emails, text messages, social media and other online
service profiles and content, cloud-hosted documentation, online photo albums etc. This
excludes, for example, material we are not usually conscious of creating, such as our image
being recorded by onstreet cameras, or the use of our medical records. While these are
obviously important areas for privacy research, and surveillance studies in particular, they are
beyond the scope of this paper, where we are most concerned about privacy qua personal
Following from that delineation, it is argued below that to properly understand not
only our most recent privacy concerns and crises, but the psychology of information
generally, we must unpack the very concept of privacy itself – firstly in this limited sense of
‘personally identifiable information’, latterly, in a broader sense. We demonstrate that if
privacy concerns are appreciated for what they fundamentally are, namely territoriality of
identity, then this current crisis becomes easier to unpack and manage. While privacy has
been previously linked to territoriality (Pastalan, 1970) and identity to territoriality (e.g.
Brown, 2009; Edney, 1974), this is the first, that we know of, to combine all three,
particularly in the context of information technology and cyberspace.
What we are dealing with is our individual and primaeval drive to mark out and
defend our own unique domain of development and subsistence. Our identity is our own self-
property, the product of our individual creation and labour, the symbolic denotations and
connotations of which we experience as our own private territory. Where the problem arises
is when these factors play out in an implicitly shared, networked and contested context such
as cyberspace. However, as we shall see, there are demographic and psychological aspects to
the process of identity and territory development, so that it may be possible to design
technologies that allow for them, making this space safer and more civilised.
The privacy crisis
What is likely to be the most significant single episode in the recent history in this area
concerns the reveal of massive global surveillance by Mr Edward Snowden beginning in the
middle of last year (cf. Greenwald, 2013) and continuing at time of writing (January, 2014).
While the full and precise nature of this episode are not only too extensive to detail here, it is
still underway, so let us limit ourselves to an interpretation of its cyberpsychology – what
exactly it means in the context of online behaviour – before exploring how its consequences
can be overcome. An initial and uncontroversial premise of this paper must be, however, that
the Snowden affair is unlikely to leave no trace in subsequent privacy behaviour, discourse
It should be noted at the outset however, that the intellectual milieu into which
Snowden landed was not a tabula rasa – privacy concerns had been intensely rising for some
time. Notwithstanding the figures of Julian Assange and Chelsea Manning, with whom
Edward Snowden can also juxtaposed with, the major internet service corporations had been
under journalistic and academic scrutiny for some time with regard to how they treated user
information. For example, Google Street View came under immediate question with regard to
privacy concerns on its launch in (Mills, 2007), and, as we shall discuss further below, there
have long been similar concerns about Facebook in academia (Debatin, Lovejoy, Horn, &
It is beyond the remit of this paper to consider the ethics of global surveillance, or, for
that matter, its subsequent exposure. It is however, within its remit to consider the evolution
and adaptation of the human cyberpsychological response to the subsequent atmosphere
created, given that neither the former nor the latter aspect are likely to have concluded. As
long as massive amounts of data are created, massive amounts of data will be stored: but
equally, massive potential for disclosure will exist.
What is interesting to conjecture however, is whether or not the Snowden revelations
will have an effect on behaviour: a perspective the current author believes is more enlighten
than simply ignoring the episode, as many academics have done. In that regard, we do not
have much data to go on, but what we do have is curious. On the one hand, as might be
expected, we read reports that not only are there fears that terrorists will change their modes
of operations (Whitehead, 2013), but also that intelligence organisations are doing likewise –
with the KGB apparently investing in typewriters (Fitsanakis, 2013). On the other hand, there
are estimates that the United States cloud computing industry alone could lose anywhere
between $21.5 billion (Castro, 2013) and $180 billion (Staten, 2013) in lost revenue over the
next three years as a result.
In terms of the behaviour of the private individual though, there are also some
indicative reports. An admittedly self-selected (and possibly indicative) survey of 528
American writers found that 28% had ‘curtailed or avoided social media activities’ since the
Snowden revelations (PEN American Center, 2013). More generalisable figures are available
from a series of surveys carried out over May – July 2013, involving over 2,100 American
adult internet users (Annalect, 2013) – that the percent of Internet users who rate themselves
as either “concerned” or “very concerned” about their online privacy rose from 48% in June
to 57% in July. This shift, the authors note, “is largely from unconcerned Internet users
becoming concerned—not from the normal vacillation found among neutral Internet users”
(p.2), with even 27% of ‘unconcerned’ internet users taking some form of action, like editing
their social media profile, researching ways to improve privacy or using private modes while
browsing (Annalect, 2013). Thus we have some inkling that internet users as a class may
have been roused to a new reality. But from what? A more subjective, qualitative account
provides some allusion:
Hearing Edward Snowden tell us in detail how our privacy is a joke was the stone
that started the landslide. My denial about the impact of my online activities on
my privacy and my relationships with others has come to an end. I started
changing my online behaviour. I started to feel very angry. I should not have to
be censor what I say online to avoid "incriminating" myself.
I should be able to share my personal life online according to my own wishes, and
not those of corporations and governments… (Dale, 2013, n.p.)
This is a revealing paragraph, but it is the penultimate point raised by Dale (2013), a
Canadian writer, which is immediately pertinent: while Snowden fundamentally exposed
surveillance by governments, this activity is carried out via the services built by corporations.
As Marwick (2014) notes:
Data about your online and offline behavior are combined, analyzed, and sold to
marketers, corporations, governments, and even criminals. The scope of this
collection, aggregation, and brokering of information is similar to, if not larger
than, that of the NSA, yet it is almost entirely unregulated and many of the
activities of data-mining and digital marketing firms are not publicly known at
So while Snowden’s expose of the NSA may continue to grab the headlines, there is probably
far more subtle surveillance of ostensibly our information going on by profit-driven
enterprises. In some cases, these are third parties, who aggregate and analyse data bought
from elsewhere, but in other cases they are the analysed by the entities who collected the data
in the first place – but in the vast majority of instances the data has been gathered entirely
legally, and indeed supplied by us willingly.
In that regard, it is worth standing back from this whole episode, of governmental and
corporate surveillance of our personally identifiable information – our privacy – and
reflecting for a moment. The histrionics of this particular blog post is noteworthy, written in
the wake of an open letter (reformgovernmentsurveillance.com) signed by major technology
companies, calling on governments to limit surveillance in the wake of the Snowden
The giant online firms complaining of intrusion on personal data is laughable.
Nearly all of the companies above are very happy to mine personal data to make
money — they don’t like the government beating them at their own game.
(Payne, 2013, n.p.)
This post, titled with a ‘hypocrisy warning’, is at least getting some way towards the truth.
But, being mindful of Bohr’s characterisation of truth1
, we perhaps should not rest a such an
analysis. While it is true that whatever surveillance, legal or illegal, moral or immoral, that
has been carried out by the NSA and its international partner organisations, would not have
“One of the favourite maxims of my father was the distinction between the two sorts of truths, profound truths
recognized by the fact that the opposite is also a profound truth, in contrast to trivialities where opposites are
obviously absurd” - Hans Bohr, ‘‘My Father,’’ in S. Rozental (1967, p. 328)
been possible without the use of the technology built by those companies, neither would they
have been possible without the participation – nay, industry – of its users. Social networks are
the most obvious example – the entire social graph, the most valuable aspect of Facebook’s
multi-billion dollar value, was not built by its developers or engineers, but by a billion
individual private users, laboriously, thanklessly and gratuitously clicking ‘like’.
Fundamentally, no spy had to work very hard to get extremely valuable information about the
world’s internet users: in fact, many of us queued long hours for the privilege of buying the
technology with we could provide them with it.
There have been many retorts to the ‘outrage’ over the Snowden revelations largely
hung on words like ‘naïve’ and to the effect that we should have expected that our emails and
suchlike were being read, both by the companies who service them and the governments who
control them, but the reader can be assured that this is not another one of them. The crux of
the issue is more fundamental than that: why have we participated in this so readily?
A research study published a few months ahead of the Snowden revelations
documented how personal attributes such as sexual orientation, religious and political views,
personality traits, intelligence, happiness, and use of addictive substances could all be easily
and accurately inferred from a Facebook user’s Likes (Kosinski, Stillwell, & Graepel, 2013).
The authors, though remarking on the obvious privacy concerns regarding such a finding,
conclude with the hope “…that the trust and goodwill among parties interacting in the digital
environment can be maintained by providing users with transparency and control over their
information” (Kosinski et al., 2013, p. 4). While such a hope may have been thwarted by
subsequent revelations, my preceding question remains: how on earth could people not
realise that the dots they were placing in cyberspace would eventually be joined up?
There has long been a truism in ‘internet lore’ which goes along the lines of ‘if you’re
not paying, you’re the product’, (Zittrain, 2012) which, despite containing an intuitive nugget
of truth, has been wonderfully deconstructed as both inaccurate and disempowering
(Powazek, 2012). It is, however, an aim of this paper to explore where the power has gone in
this equation: where it seems we have given away much privacy and not been paid.
Another issue often thrown in with the ‘naiveté’ argument is the infamous privacy
policy – the lengthy legalistic tracts presented at the start of every programme installation and
profile instantiation, with so much signed away with a single click. In 2008 it was calculated
that “if Americans were to read online privacy policies word-for-word, we estimate the value
of time lost as about $781 billion annually” (McDonald & Cranor, 2008, p. 564). Or, to put it
more granularly, an average of 40 minutes per day – which must be juxtaposed with the
reported estimate of ‘time spent browsing the internet per day’ of 72 minutes (McDonald &
Cranor, 2008). Clearly, this is far from the reality and while it is admittedly a lot of reading,
not much of it easy or accessible, but it certainly is all there: we have wilfully ignored it.
How have we sleepwalked into this situation? Have we been massively duped by tech
evangelism, into an illusion of an egalitarian cyber utopia, only to have its nightmarish
surveillance state underbelly exposed? Yet, critically, what’s this ‘we’ business – who exactly
is at risk? All of these questions, with their attendant histrionics, are just as important to
answer as the more sardonic questions which have developed from the Snowden revelations
of the ‘no harm, no foul’ variety, which wonder what the big deal is. Well, what is it?
Perhaps it is not so much that we are being surveilled by the government, nor that the
corporations are using governments to surveil us, but that we are using governments and
corporations to surveil our selves, and each other.
Demography and character of privacy concerns
To examine this crisis of privacy information, as cyberpsychologists it is first most instructive
to determine who exactly is experiencing the crisis – the demography of those most
concerned. In terms of our thesis, below we examine privacy in the manner as a psychologist
would, with regard to age and gender and so on.
The first thing that we notice from such a literature review is that, despite much
handwringing and hoopla in the media and popular discourse is that we don’t really know
much about those concerned about privacy. This is perhaps a result of a combination of
legalistic and computer science treatment to the topic – ‘privacy’ is a reified thing which we
should all be concerned about and ‘factor in’ everywhere – but such a blunt trauma approach
is intellectually and culturally redundant. We will learn a lot more about this issue if we tease
out its sociology.
At the outset, it is reasonably clear from the literature that there are gender differences
with regard to privacy – a clear male/female spilt has been reported in privacy concerns on
Facebook, with women being significantly more concerned, and some significant differences
with regard to behaviour (Hoy & Milne, 2010). Additionally, Fogel and Nehmad (2009)
reported that female respondents had significantly higher scores for privacy concerns but not
for privacy behaviour. Similar clear divides between males and females with regard to
privacy in general, if not concern, attitude or particular behaviour, have been reported
elsewhere (Moscardelli & Divine, 2007; Youn & Hall, 2008).
While this is a reasonably facile feature to isolate in the human sciences, it is worth
noting, given that it concurs with our central assertion that privacy is a territorial concept. It
has long been implied, if not asserted, in evolutionary psychology that territoriality is a more
male concern, and plenty of research has borne this out – males more likely to sit on chairs
marked with personal objects in a university library (Sommer & Becker, 1969); males more
likely to negatively evaluate a stranger who sits directly opposite them (Fisher & Byrne,
1975); cross-culturally, men exhibit more nonsharing behaviour in residence halls (Kaya &
Weber, 2003). Consequently, it is suggested that differences in privacy behaviour online
across genders can be interpreted as a more cautious or conservative approach amongst
women, and a more exploratory or aggressive approach amongst men. Though beyond the
scope of this article, it should be clear that gendered approaches to territoriality in cyberspace
have applicability far beyond the concept of privacy (cf. ‘Why women aren't welcome on the
internet’, Hess, 2014).
A factor considerably less easy to isolate is that of age, a point which is implicitly
recognised by Bélanger and Crossler's (2011) review of research in this area. Like much
‘weird’ research (‘Western, Educated, Industrialized, Rich, and Democratic’; Henrich, Heine,
& Norenzayan, 2010), their review found that “information privacy research has been heavily
reliant on student based and USA-centric samples” (Bélanger & Crossler, 2011, p. 1019).
While the cultural aspect is noteworthy, it is in the present context of lesser importance as we
are most interested in the Western, internet-using population: it is the fact that privacy
research has been largely carried out on student samples – i.e. between 18 and 25 years of age
– which is most problematic. Any inference of whether or not privacy concerns vary with age
is consequently impossible when using such a narrow range of age. For example, a study of
risk taking, trust, and privacy concerns used a sample wherein the “average age was almost
22 years old (range: 17–32 years)” (Fogel & Nehmad, 2009, p. 156) and a similar study
restricted itself to adults aged 18-24 (Hoy & Milne, 2010). Admittedly, neither study analyses
with respect to age, but they make it difficult to determine whether or not there are age
differences in privacy concerns – a claim which recurs in the media.
It does seem that there may be some basis to that claim, given that, almost a decade
ago, it was reported that “age is positively related to reading [of privacy policies] and
negatively related to trust” p. 24 (Milne & Culnan, 2004). In addition, a non-peer-reviewed
study, reported that all ages of internet users were in some agreement about privacy concerns,
but that younger users were less so (Hoofnagle, King, Li, & Turow, 2010). This is in addition
to an interesting paper from a prolific source, and one to which we will return, which reports
that adolescents reported disclosing more information on Facebook and using the privacy
settings less than adults (Christofides, Muise, & Desmarais, 2011). Consequently, let us
entertain, at least the possibility, that the privacy ‘issue’ may vary over the lifespan. How this
issue should be conceptualised – either in terms of ‘concerns’ or ‘behaviours’ – is not so
clear, but suffice it to say that it would not be unheard of for such factors to be mutually
Such an perspective on human nature requires a certain amount of wisdom with
regard to human nature, and while the current author would do well to avoid claiming such a
personal attribute, it is generally wise to treat of the opinions of one’s senior generations.
Moreover, let it not pass unremarked that much of the debate, including the foregoing
paragraphs, have dealt with the matrix ‘privacy X age’ very much in a youth-centric
calculation. We seem to have concluded that ‘younger people’ are less concerned about
privacy than ‘older people’, but what exactly do those older people think? A Finnish study of
older adults reiterates in its title, for emphasis, the following quote from one of its
participants: “If someone of my age put her photo on the net, I would think she is a little silly
and empty-headed” (p. 50). That opinion is revealing of that cohort’s opinion of social
networking, but there are other privacy-related issues also:
… our participants perceived uploading photos as not safe. The participants were
very careful about providing personal details related to names, relationships, and
families. In fact, they stated that they want to keep private all such personal
details as concern the circles of personal life (Lehtinen, Näsänen, & Sarvas, 2009,
If there were ever an argument that more educating and informing ‘silver surfers’ about the
wonders of social networking will result in greater disclosure by them of personal
information, let us quietly retire it now: older users have little desire to engage in social self-
In addition, a UK report reveals that “older internet users tend to be more cautious and
yet people with more years of online experience are less cautious.” (Coles-Kemp, Lai, &
Ford, 2010, p. 4). As such, we have something of a paradox - experience and age should go
hand-in-hand. This finding somewhat echoes another study which found that while age
predicted information privacy concerns, internet experience did not (Zukowski & Brown,
2007). Both of these findings are, to an extent, glossed over, perhaps with influence from e-
commerce and marketing fields, due to their contradictory nature. If we look at things
rationally and objectively, and of course view those involved as ‘users’ per se, then of course
as they get older and get more experience, they should become more competent and be happy
to engage online more. However, this elides a satisfactory understanding of human nature –
not to mention the wider question of the inherent ‘good’ in uploading copious amounts of
personal information to the internet, which we will have to set aside for the time being!
The simple point is that we should not assume that older generations can simply be
taught to use the internet in the same way as young people, or for that matter, vice-versa. The
following quotation illustrates this point neatly:
Age-stratified cohorts can also be studied at a single point in time, and change can
be inferred from the differences between the age groups, but this assumes that
younger generations will grow up to resemble older generations, which would not
be the case for life-stage-related behavior. Past research on youth may help to
shed light on the kinds of behaviors that young people can be expected to
outgrow. (Herring, 2008, p. 87)
The bottom line is that we need to have a more profound appreciation of human lifespan
development if we are to better understand age-related differences in privacy concerns,
attitudes and behaviours in the online context. To give but one example, one can easily put
one’s hand to several studies exploring the use of social media to encourage political and
civic engagement by the younger generation (Gibson & Mcallister, 2009; Gueorguieva, 2007;
Owen, 2009; Valenzuela, Park, & Kee, 2009; Vitak et al., 2011; Xenos & Foot, 2008) but for
seniors this is a redundant search: because older people do not need to be encouraged to vote
to anything like the same degree. Ultimately, what we are talking about are differences in
self-concept: an elusive topic at the best of times, but one which we must appreciate if we are
to understand privacy concerns.
It is possible that we have assumed that those who do not like ‘sharing’ their private
information (such as older users), do not do so because they are not tech-savvy, but because
they are sceptical about service providers intentions with their data, which is may derive from
being inherently more confident in their personal identity: their territory is well-established
and they have many years experience of defending it. This is a perspective we must consider
in opposition to the an underlying assumption that older adults concerns about new
technology could be largely erased by better education – that older meant less experience
with technology. Such a perspective, ignoring their experience of life, wisdom of society and
perhaps even scepticism of government and surveillance, now seems embarrassingly naïve in
the light of the Snowden revelations. It also allows us to entertain the possibility that had
older adults taken to the internet before tweens and young adults, such networks might never
have been constructed by such a population of ‘users’. But to understand why such a
networks have in fact been built, we need to understand more about the root concept at play:
Privacy as territoriality of identity
An idea long in germination but short in appreciation is the notion that when we are online,
‘surfing the web’, ‘navigating the information superhighway’, that we act as if we are
negotiating territory. This is a critical learning if we are to understand our relationship to the
internet – our place within cyberspace – because it has been shown that the self is
fundamentally a locative system (Benson, 2001). In order to know who we are, we need to
know where we are:
These “locative demands” are a constitutive part of every moment of a person’s
life. They are what underpin the idea that who you are is a function of where you
are, of where you have been, and of where you want to be. (Benson, 2003, p. 62)
This clearly applies as much to online behaviour as it does elsewhere: note the differences
inherent in ‘I have a Twitter account’ and ‘I am on Twitter’: the former connoting disdain and
lack of enthusiasm, the latter satisfaction and regular use. In this way, we position and
situation our selves online as befits our social and reputational concerns.
More to the point, in the context of personally identifiable information, “Selfhood and
identity are constituted in and by acts of assertion, … and specifically in and by acts of
authorship and ownership, acts of responsibility-taking or responsibility-denying…, as well
as in acts of self-location generally” (Benson, 2013, p. 58). We declare and defend our
ownership of our places as acts of selfhood – and note how information technology has
endorsed our psychology in that regard - ‘My Computer’, ‘My Account’, ‘My Profile’ and so
However, there is a more fundamental and historic aspect to this, which goes to the
heart of Western liberal and civilised thinking: the idea of ‘self as property’. As such we turn
to the dawn of the modern era at end of the 17th
Though the Earth, and all inferior Creatures be common to all Men, yet every
Man has a Property in his own Person. This no Body has any Right to, but
himself. The Labour of his Body, and the Work of his Hands, we may say, are
properly his. Whatsoever then he removes out of the State that Nature hath
provided, and left in it, he hath mixed his Labour with, and joyned to it
something that is his own, and thereby makes it his Property. (Locke, 1689/1751,
Treatise, Ch. V, pgh. 27).
This passage reflects a deep current in the relationship between politics and psychology: that
human rights are intimately tied up with property rights. Crucially in the 21st
not only is our identity our property, but our online identity is the product of our own labour,
and as such it is also our property. Moreover, from this perspective, when we return to the
reality of the industry involved in the creation of, for example, the Facebook social graph,
one might have cause to muse upon the status and legitimacy of its present ownership (cf.
There are other aspects of Locke’s perspective on the self which we will return to
presently, but first it is worth examining how the self has been understood in cyberspace. In
that regard, there is no better theorist to turn to than John Suler. Writing on the human
predilection for acting on the internet in ways that would not be considered conventional in a
face-to-face context, known as the ‘online disinhibition effect’, (a phenomenon which
obviously has significance in the realm of privacy disclosures), Suler tackles the notion of
In fact, a single disinhibited “online self” probably does not exist at all, but rather
a collection of slightly different constellations of affect, memory, and thought that
surface in and interact with different types of online environments.
Different modalities of online communication (e.g., e-mail, chat, video) and
different environments (e.g., social, vocational, fantasy) may facilitate diverse
expressions of self. (Suler, 2004, p. 325)
Consequently, when we place our selves in different online environments, when we create
different types of digital content, we can be said to be expressing different constellations of
the self. This is obviously interesting for creative and artistic reasons, but it is clearly
problematic in a privacy context: because our self-territory is therefore shifting online. Ergo,
privacy of what exactly?
The issue is really quite a tricky one: privacy of a physical space is a matter of walls
and screens – how can this be achieved in the nebulous world of cyberspace? Marking out a
unique and personal territory in an environment fundamentally devoted to connection and
association seems like an impossibility.
In that regard it is helpful to return to earlier work on human territoriality, where
Edney (1974, p. 962) notes that pertinent definitions involve “an interesting variety of
concepts: space (fixed or moving), defense, possession, identity, markers, personalization,
control, and exclusiveness of use”. Notably, Pastalan (1970, p. 88) further argue that “privacy
may constitute a basic form of human territoriality”. Moreover, Proshansky, Ittleson, and
Rivlin (1970, p. 175) explain that “in any situational context, the individual attempts to
organize his environment so that it maximizes his freedom of choice… In all cases
psychological privacy serves to maximize freedom of choice”.
Consequently we have arrived at a picture of the self which, on first examination, will
struggle to maintain its integrity in cyberspace – constructing and marking different aspects
of its uniqueness in a networked and fluctuating context. Privacy concerns in this
environment would seem the least of one’s worries: from this analysis, sanity would be under
threat after a short spell in cyberspace. Ultimately, the solution to this problem of establishing
our own identity in a networked environment is to realise that the internet is a contested
territory of intersubjective construction: everyone thinks they own it.
However, as we shall see below, there are good psychological reasons why this is not
(immediately) the case, which can also be used to help chart possible solutions to this privacy
crisis. As an aside though, it can be useful to review some other recent media concerns about
cyberspace in the lens of territoriality – for example, responses to internet filtering (e.g.
Penny, 2014) should be viewed less as anti-censorship and more as resistance of
confinement. We view the internet both as something we have built and something we
explore – we do not like it being curtailed. However, let us dispense with the tech evangelists
belief that the internet is some kind panacea to humanity’s baser, primeval instincts: in many
cases, it is quite the opposite. At any rate, what seems to be occurring with regard to privacy
concerns in cyberspace is the emergence of well-understood psychological processes in an
Psychological aspects of privacy concerns
When we combine the insights of the two previous sections, namely that there are
demographic and developmental aspects to privacy, and that privacy is fundamentally an
aspect of self, as a combination of identity and territory, then it becomes clear that we should
consider the lifespan aspects of both identity and territoriality. Let us examine the self in
As we have already alluded, there is a possibility that older adults behavioural
patterns online are less to do with lack of education and more to do with life-experience and
wisdom. On closer examination, particularly at the other end of the age scale, we find plenty
of psychological theory to support this hunch, beginning chiefly in the work of a colossus of
psychoanalysis and developmental psychology, Erik Erikson and his concept of the ‘identity
crisis’ (Erikson, 1968). The central idea of the identity crisis is that during adolescence,
having overcome childhood, and being on the way to adulthood, we attempt to answer the
solitary question of who we are. His own words best describe the profundity of this process:
The young person, in order to experience wholeness, must feel a progressive
continuity between that which he has come to be during the long years of
childhood and that which he promises to become in the anticipated future;
between that which he conceives himself to be and that which he perceives others
to see in him and to expect of him. Individually speaking, identity includes, but is
more than, the sum of all the successive identifications of those earlier years
when the child wanted to be, and often was forced to become, like the people he
depended on. Identity is a unique product, which now meets a crisis to be solved
only in new identifications with age mates and with leader figures outside of the
family. (Erikson, 1968, p. 87)
The process of overcoming this crisis has been developed further (Marcia, 1966), as
involving notions such as identity moratorium (being in the midst of the identity crisis,
characterised by vagueness, variability and rebelliousness), identity foreclosure (accepting
the identity which one is expected to take, usually provided by parents, characterised by
rigidity and authoritarianism), identity diffusion (may or may not have had a crisis,
characterised by noncommitment, aimlessness and malleability) and identity achievement
(having successfully overcome the crisis, characterised by commitment to organisational and
ideological choices, with stable, realistic, and internally selected goals). Since then we have a
well-established research strand within developmental psychology building on this theoretical
framework, establishing, among other things, vocational identity (Porfeli, Lee, Vondracek, &
Weigold, 2011), parental and caregiver styles (Cakir & Aydin, 2005; Wiley & Berman,
2012), risk and peer group (Dumas, Ellis, & Wolfe, 2012) as well as isolating certain gender
differences (Archer, 1989; Thorbecke & Grotevant, 1982).
However, the general gist of the Eriksonian approach is that this identity crisis should
be resolved during the teenage years, or soon afterwards. This no longer appears to be the
case as Côté (2006) demonstrates that there is significant evidence that this process of
transition to adulthood is taking considerably longer these days, and for a significant
percentage of the population, is delayed until the late 20s – a finding he describes as one of
the least contested in contemporary developmental psychology. As such, we can expect to
find evidence of identity crisis and construction right from early teens up to thirty-odd years
. Moreover, as Weber and Mitchell (2008, p. 26) point out, for such young people
interested in scrutinising and studying new forms of self and identity, “new technologies are a
good place to start these investigations.” There is, in fact, increasing evidence and support for
this view, that adolescents and young adults are using social networks as locations for
identity construction: as Greenhow and Robelia (2009) report that their high-school sample of
participants often obscured their full name on their MySpace profiles, and that it was easy to
see their “quest for self-discovery, identity exploration, and self-presentation playing out
within their MySpace profiles” (p. 131). Moreover, as Pempek, Yermolayeva, and Calvert
(2009) argue, “the communication with friends that occurs on Facebook may help young
adults resolve key developmental issues that may be present during emerging adulthood,
including both identity and intimacy development” (p. 236). More recently, Jordán-Conde,
Mennecke, and Townsend (2013) support this theoretical direction, and in fact go as far as to
suggest that the affordances of social media, by their suggestion of many and increasing
possibilities for adult development, could be contributing to a prolonged period of
adolescence (p. 9). Furthermore, in all of these studies another message is clear: adolescents
and young adults view privacy risks as a price worth paying for the use of social networks.
It may be a trite observation, but in this context it is worth noting the relative youth of the founder of
Facebook, Mark Zuckerberg (b. 1986), whose perspective on privacy he famously summarised as ‘public is the
new social norm’ (<http://mashable.com/2010/01/10/facebook-founder-on- privacy/) and it would not be
difficult to find several more examples of similarly-aged tech entrepreneurs with reductionist views on privacy.
In other words, what is happening for youth on social networks and in the internet in
general, is a general form of identity construction and exploration of individuality – they are
creating their own territories of personalisation. This is why they may behave as if they are
unconcerned about privacy concerns even though they say that they are – because they are at
that stage of their lives when their personal identities have not yet fully formed and these
behaviours represent that process of self-formation. Disclosure of personally revealing
information on the internet for such children, adolescents and young adults, while
questionable from a privacy perspective, may well be entirely necessary from an identity-
development perspective – these activities which are referred to often as bricólage (Benson,
2013; Herring, 2004; Weber & Mitchell, 2008). There is an experimental aspect to these
identity developmental processes in cyberspace – one might find the term ‘beta self’ a useful
Moreover, from a territorial-development perspective, it should be noted that there are
considerable and varied evolutionary, competitive and sexual pressures on those in this age
group. For example, it can be expected that younger (prepubescent) children will necessarily
be more conservative than those in their middle teens, as risk-taking rises with the onset of
puberty. Moreover, we see many examples of territoriality in social networks, from gender
differences in self-promotion (Mehdizadeh, 2010), ethnic and racial displays (Grasmuck,
Martin, & Zhao, 2009; Seder & Oishi, 2009) and age differences (Strano, 2008).
Interestingly, it is also worth reporting that it there is a considerably amount of
comparative optimism (or ‘unrealistic optimism’ or ‘optimistic bias’) at play with regard to
privacy risk online (Baek, Kim, & Bae, 2014) – in other words, that we assume that other
people’s privacy is more at risk than our own. This was found to be related to a number of
factors – such as age (wherein subjects were more likely to think that a younger person was
most at risk of privacy breach than an older) and maternalistic personality traits and previous
experience of privacy infringement but also in an unexpected way with privacy protective
behaviours. Baek, Kim, and Bae (2014) predicted that comparative optimism with regard to
privacy would be negatively related to the adoption of such protections – i.e. that those who
were most optimistic about their safety would be consequently emboldened to engage in risky
behaviour. From the narrative which we have advanced in this paper to this point, it should
not be surprising to find that this hypothesis was not supported – most likely because those
who are optimistic about their safety online have taken steps to defend their territory.
Furthermore, the application of territoriality to cyberspace finds strong support from
pre-existing theoretical developments and applications. For example, Schwarz (2010) uses
the concept of ‘field’ (Bourdieu, 1992) to explore the use of self-portraits by teenagers as
social capital. Interestingly, Schwarz (2010) argues that, within the particular social network
in question, users choice of photograph is less a ‘reflexively chosen identity’ and more to do
with their positioning within that website’s hierarchy, and also that many dropped out of such
a competitive environment. Consequently, there can be casualties between identity and
territoriality in the production of personally identifiable information, which must be borne in
mind with the rise of the #selfie (OxfordWords, 2013).
When we view privacy as a psychologically-complex combination of identity and territory,
certain oft-trumpeted ‘paradoxes’ of internet behaviour become easier to understand. For
example, as Lepore (2013) laments
… the paradox of an American culture obsessed, at once, with being seen and
with being hidden, a world in which the only thing more cherished than privacy is
publicity. In this world, we chronicle our lives on Facebook while demanding the
latest and best form of privacy protection—ciphers of numbers and letters—so
that no one can violate the selves we have so entirely contrived to expose. (n.p)
Again, as we have said, this is inevitable, as we enter a contested territory, attempting to own
our own corner in a space which is completely shared. This is a point which has been
stumbled over many times: “Herein lies the privacy paradox. Adults are concerned about
invasion of privacy, while teens freely give up personal information. This occurs because
often teens are not aware of the public nature of the Internet” (Barnes, 2006, p.3/11). On the
contrary, it is likely that teens are quite aware of the public nature of the information they
reveal, and the fact that they are revealing it is indicative of progress through a complex
process of identity development.
Similarly, Acquisti and Gross (2006) seem surprised by the many ‘privacy concerned’
college undergraduates who joined Facebook and also revealed large amounts of personal
information, echoed in a subsequent study which found that “paradoxically, more control
over the publication of their private information decreases individuals’ privacy concerns and
increases their willingness to publish sensitive information” (Brandimarte, Acquisti, &
Loewenstein, 2010). Furthermore, when examined longitudinally, users demonstrated
increasingly privacy-seeking behavior, progressively decreasing the amount of personal data
shared publicly yet increased amount and scope of data shared privately (and also with
Facebook & 3rd
parties) (Stutzman, Gross, & Acquisti, 2012). Notably, in all of these studies,
the sample population were college students of North America.
In other words, the risk is more about the other members of the network, not the risk
of the network itself, because that risk is shared across all members of the network and is the
risk implicit in joining the contested territory. The whole point for users is to enter that space,
where the development of one’s identity can be compared with one’s peers, with whom one
competes in the usual evolutionary fashion. Of course, this does not make sense if you view
the phenomenon in terms of communication qua sharing information, because it looks like
contradictory processes of information leakage. When the ‘information’ is seen as part of the
user’s psychology, as the bricólage necessary for the development of self-territory of those in
a culture which supports a period of extended adolescence, it becomes more understandable.
As such, the idea of privacy as ‘information risk’ is not quite as useful as privacy as identity
The crux of the issue is not, however, any ‘paradox’, but how both our identity and
territoriality, with such competing drives, can be protected legally. To do so requires a
recognition that the latter aspect necessitates the creation of some form of controllable
boundaries, while the former requires some form of personalisation. In sum, we want to
create a representation of ourselves online, but at the same time, we do want other people to
actually see it: the most exclusive shows are cordoned off by nothing more than a velvet rope.
This is equally apparent with regard to the infamous ‘Facebook Newsfeed
controversy’. Now a prime feature of that social network, when the feed was first introduced,
which combines updates from all one’s friends into one continuously refreshing stream
(information which had been previously only available on their respective profile pages),
there was considerable uproar from members of the network. As Hoadley, Xu, Lee, and
Rosson (2010) explain, all that information was previously accessible, but not easily or
efficiently. Moreover, as Boyd (2008, p.18) points out, privacy isn’t simply a matter of
‘zeroes and ones’ but more about “a sense of control over information, the context where
sharing takes place, and the audience who can gain access”. We are not annoyed that the
information has been seen, but that our identity has been thrust into a territory that we were
not prepared for.
These interpretations of privacy behaviours are supported elsewhere, with findings
that they may include strategies for gaining social capital and audience control (Ellison,
Vitak, Steinfield, & Gray, 2011) and also that audience size and diversity impacts disclosure
and use of privacy settings (Vitak, 2012). At the same time however, we this does not
discount the importance and subtlety of the network itself, noting important work on the
distinction between exhibitions and performances in social media, with their underlying
algorithms as curators (Hogan, 2010), and the ethics of Facebook’s disclosive power (Light
& McGrath, 2010). While these issues are somewhat beyond the scope of this paper, it is
worthwhile noting that they are consonant with the interpretation of social media as
participatory surveillance (Bucher, 2012; Tokunaga, 2011; Westlake, 2008). In sum, while
online privacy behaviours may reflect a certain expression of identity and territoriality, the
opposite is also true: we are quite adept at using that same technology to compare ourselves
to others, to judge their character and to blockade ourselves from them.
As has been noted, the complexity of demarcating territory in cyberspace is a tricky
one, whereby it might even seem more complex when we add another dimension to that
context, though the opposite is actually the case. There is a temporal aspect to both our
identity and territorial drives, which is reflected in our privacy desires. A recent study breaks
new ground in this area, finding that social media users desire for their content to remain
online was quite varied – some posts to become more private over time, some posts to
become more visible (Bauer et al., 2013). Interestingly, as we might now expect from a pool
with a median age of 26, of whom 27% were students, and 11% were unemployed, the study
found that participants were very poor at predicting how they would like to change the
visibility of their material over time (Bauer et al., 2013). Hence, given that this does not give
much support to the idea of putting ‘expiration dates’ on posted material, Bauer et al. (2013,
p.10) suggest that “a way forward might be to design interfaces that promote reflection about
older content” – this would, in the current author’s estimation, be an excellent design feature
as it may help the user, not only to upon their ‘digital exhaust’, but also overcome the process
of identity moratorium.
Moreover, it is this temporal aspect which may prove instrumental to
surmounting wider issues of privacy – not merely problematic Facebook status updates.
Temporality is also a key aspect of the self, as in Locke’s (1690) understanding:
personal Identity; i.e. the sameness of a Rational being: And as far as this
consciousness can be extended backwards to any past Action or Thought, so far
reaches the Identity of that Person; it is the same self now it was then; and ‘tis by
the same self with this present one that now reflects on it, that that Action was
done. (Locke, 1700) p.183
This is the problematic aspect of Locke’s work, as it verges on exonerating the criminal from
the acts he does not remember, and in fact a few paragraphs later he muses on whether or not
drunks deserve such an amnesty. However, this position is premised on the assumption that
“there being no moment of our lives wherein we have the whole train of all our past actions
before our eyes in one view” (p. 184). This, however, is not quite the case for the youth of
today. Perhaps it is unfair, psychologically, for their bricólage to be stored eternally and their
potentially embarrassing attempts at identity construction remaining publicly searchable?
Locke argues that our sense of identity is based on our continuity of consciousness of what
we can remember, which surely requires that we are allowed to forget what we would like to
move on from.
Moreover, we also find that there is similar temporal aspect to human territoriality
(Edney, 1974, p. 969), whereby “families living in defended homes had lived significantly
longer on the property, but also anticipated a longer residence there in the future.” Ergo, we
expect that those who spend more time on Facebook, for example, will be most concerned
about their privacy, but will also be more likely to see Facebook as both part of their identity,
and part of their future. In fact, this is exactly what the research shows, with items such as “I
would be sorry if Facebook shut down” and “Facebook is part of my everyday activity” being
part of a scale of Facebook intensity positively related to social capital (Ellison, Steinfield, &
Lampe, 2007) and also “positive relationship between participants’ use of the advanced
privacy settings and both bridging and bonding social capital” (Ellison et al., 2011, p. 27).
Such observations lead us to the hope that there may well be technical innovations
which can help us emerge from this privacy crisis in a way which respects human
psychological development. Much has been written in popular media about the notion of
‘ephemeral communication’, which is probably most notably exemplified by Snapchat, a
mobile app whereby photos can be sent to fellow users but will be automatically deleted after
less than ten seconds. While there are obviously concerns about the actuality of this deletion,
(Shein, 2013), this does represent an interesting development for technology use, particularly
for those in identity crisis stages of development.
Additionally, ephemerality and anonymity have been shown not to be detrimental to
the formation of community norms, status and identity on the website known as 4chan
(Bernstein, Harry, Andr, Panovich, & Vargas, 2011). That particular website, known more
for its infamy and vulgarity more than anything else, is worth mentioning given that it often
represents an image of the internet quite different to what most users would like to experience
on a regular basis, yet, as Bernstein et al.’s (2011) paper demonstrates, it does manage to
‘work’ as a community. Consequently, we should be mindful that people will produce
workable solutions for themselves in whatever fashion they care. As one tweet put it,
“Privacy can be achieved by multiplying public selves. Leaving breadcrumbs here to throw
people on to the wrong trail” (Horning, 2014). The vista of privacy only being achievable via
distraction and disruption – in effect, deliberate identity dissociation via multiple accounts –
is thought-provoking, to say the least.
An alternative approach, presumably a more publicly acceptable method of user
empowerment, requires a re-evaluation of the ‘big data’ phenomenon – a move from the
nomothetic to the idiographic. This is where notions like sousveillance and lifelogging enter
the discourse. The former term is most notably associated with Steve Mann and is generally
understood to mean a type of ‘inverse surveillance’, whereby they individual monitors those
in authority – those who they believe are in control of the surveillance. Sousveillance hence
empowers the individual by “… affording all people to be simultaneously master and subject
of the gaze, wearable computing devices offer a new voice in the usually one-sided dialogue
of surveillance” (Mann, Nolan, & Wellman, 2003, p. 348). While such concept represents a
certain philosophical innovation, the rebalancing of a power notwithstanding, it is hardly
practical to ask the population at large to wear video cameras at all times. Assuming that ‘all
people’ will want to participate in sousveillance, is assuming a lot, to put it mildly, such as
but not limited to: that all people disapprove of surveillance, that they would be sufficiently
motivated to engage in sousveillance, and also would be financially and technically
competent to do so, and so on. It is also perhaps over-egging the power pudding – the proof
of which is that in the intervening decade, such wearable technologies have yet to break
through (though more of this anon). The value of sousveillance as a concept lies however, in
its return of the focus to the individual.
In that light, and perhaps in response to the oppositional/conspiratorial theme in the
sousveillance literature, we also have the related concept of lifelogging, which, while also
relying on wearable technology (usually a small neck-slung camera), does not mean to
obviously evoke notions of countering a police state. The idea here is to attempt to record as
much of a person’s everyday life as possible and to save everything to physical memory.
However, as Sellen & Whittaker (2010, p.73) note, “many lifelogging systems lack an
explicit description of potential value for users” and one is left wondering what the point of
these projects really are, except perhaps for the engineers to overcome the technical
challenges involved in storing huge quantities of photographic data. In response to such
criticism, the likes of Doherty et al. (2011) have responded by outlining the many potential
benefits of lifelogging, such as assessing one’s health and physical activity, improving
personal efficiency and lifestyle analysis, all of which have considerable merit - though it
must be noted that privacy concerns have been dealt with in passing, at best.
But the trump benefit to lifelogging which is fundamental and implicit in the whole
enterprise is that of memory enhancement: if we wear these small cameras around our necks
we may never forget anything. However, though, as Locke (1700) explored centuries ago, we
are what we remember and are conscious of. In fairness, Doherty et al. (2012, p. 169)
mention in passing, that “forgetting is very important”, but it needs to be recognised more
profoundly by lifeloggers: keeping a permanent record of a person’s total life activity, while
it has obvious benefits, may also have negative side-effects. There are many and varied links
between memory and well-being, for example: overgeneral autobiographical memory and
trauma (Moore & Zoellner, 2007), positive effects of false memories (Howe, Garner, & Patel,
2013), depressive realism (Ackermann & DeRubeis, 1991) and childhood amnesia (Peterson,
Grant, & Boland, 2005).
Essentially, it is important for the development of a positive self-concept that we
forget, or at least reinterpret, painful past memories. As such, it is important that the
psychological effects of new technologies, for whatever noble purpose they are designed, be
fully audited. While the nuances of ‘memory as a human experience’ contra ‘memory as a
computer feature’ have been noted for some time (Sellen et al., 2007), actually figuring out
the beneficial aspects for the individual user are only more recently being explored (Crete-
Nishihata et al., 2012). The latter study is indicative of benefits as it focuses on older users,
and the possible mental health benefits of using lifelogging-related technologies to ameliorate
cognitive/memory impairments. However, at the same time, while this is an apt clinical
usage, it is most likely that if such technologies ever get to market in a widespread manner
(which is, despite previous false dawns, always possible – see recent CES press), they are
most likely to be aimed at a younger demographic – who, as we have seen, will have far
different psychological motivations.
The main point here is that in this post-Snowden environment, there are many
possible solutions for developers to engage with to overcome public fears with regard to their
data collection, but the fundamental aim must be to empower and enlighten the individual
user. This point has been made before - O’Hara, Tuffield, and Shadbolt (2008) speak at
length on lifelogging, the empowerment of the individual alongside the attendant privacy
concerns – yet it has never been more relevant. If people are going to continue to be asked to
surrender their personally identifiable information to a remote server, visible to whom they
do not know, there must be a quid pro quo of returned utility. That particular point is hardly a
controversial one, yet a parallel observation remains unexplored: while academics and
technicians muse on the viability, utility and privacy of the likes of sousveillance and
lifelogging, the basic data needed to achieve most of those technologies assumed aims
already exists and is incredibly widespread. To put it bluntly, my iPhone already gathers huge
amounts of data about where I go, what activity I am engaged with and who I deal with, but it
is next to impossible for me to view that data aggregated anywhere: I am interested in my
metadata, can someone please show it to me?
In sum, we need to provide individual users with greater visibility of the data which
they are sharing with service providers. For example the MIT Immersion project
(iimmersion.media.mit.edu) provides a very interesting reflection to the user of their Gmail
metadata. At the same time, the response to Apple’s inclusion of a ‘most frequent locations’
in iOS7 (e.g. Rodriguez, 2013) was nothing short of embarrassing: such data must be
collected for basic phonecalls to be successfully carried, it doesn’t happen by magic.
Ultimately we must not be surprised when our data is reflected back to us, in fact we must
demand it and it should be presented to us as a matter of course, if not legislated for.
Such a position recognises the fact that, though some of the more paranoid
participants in the debate might want to, that if is possible at the moment, it very soon will
become impossible to live ‘offline’ (cf. Kessler, 2013). Data about, by and for individual
members of society will continue to be created at an exponential rate and therefore we must
reflect upon how it is used. No one wants to live in the sort of police state surveillance state
which Fernback (2013) seems to believe is upon us, where we must form ‘discourses of
resistance’ against social networks, yet at the same time no-one can deny that there is an
inherent truth to Tokunaga's (2011) finding that there is a considerable amount of
‘interpersonal surveillance’ ongoing also – we are spying on each other informally to a
considerable extent also. The latter’s investigation occurred in the context of romantic
relationships, unsurprisingly finding that ‘interpersonal electronic surveillance’ was more
likely to be exercised by younger users of social networks than older, but it does chime with
other findings that the majority of time spent in such contexts is ‘stalking’ or simply
browsing other users’ profiles (e.g. Lewis and West, 2009) – amateur surveillance, in other
The irony of certain responses to the privacy and surveillance phenomena is
encapsulated in a certain passage in Fernback’s (2013) paper. In describing Facebook’s
effectively bait-and-switch changing of policies which made private data public, Fernback
(2013) reports how many Facebook groups were set up in response, noting themes such as
intrusiveness and disappointment in the ‘discourses of resistance’ therein. However, in
accounting of Facebook users’ anger at not having consented their data to be used in this
way, Fernback (2013) neglects to mention whether or not those users’ he cites were asked for
permission as to whether their posts – which are quoted at length and with users’ full names –
could be reproduced in his paper.
In that light there are a number of final observations which are worth bearing in mind as we
attempt to maturely rebuild cyberspace. In attempting to focus analysis and use of data away
from nomothetic to idiographic, let us also admit why this is important. ‘Big’ datasets are
inherently problematic, and as Ohm notes, (2010, p. 1704), “data can be either useful or
perfectly anonymous but never both”. Through a series of examples, Ohm (2010) shows that
datasets which were ostensibly anonymised were quickly cracked through combination with
other data, and subjects recognized – a process he terms ‘accretive reidentification’, which
will necessarily create and amplify privacy harms. A good example of this is provided by
Zimmer (2010) in showing how the dataset on which Lewis, Kaufman, Gonzalez, Wimmer,
and Christakis’ (2008) study was based, on its subsequent release, was quickly cracked,
participants identified, and had to be recalled. Similarly, de Montjoye, Hidalgo, Verleysen,
and Blondel (2013, p. 1) conclude that “even coarse datasets provide little anonymity. These
findings represent fundamental constraints to an individual’s privacy and have important
implications for the design of frameworks and institutions dedicated to protect the privacy of
individuals.” As Ohm (2010, p. 1723) agrees, “results suggest that maybe everything is PII
[personally identifiable information] to one who has access to the right outside information.”
In characterising the combination of datasets as having the potential to create for any
particular individual a ‘database of ruin’, Ohm (2010), describes some factors which may be
useful in assessing the risk of these privacy harms, such as data-handling techniques, data
quantity and motives for use. These, it must be said, do not over-awe Grimmelman (2014),
who runs the rule over ‘Big data’s other privacy problem’ – in effect, that while privacy
harms or accretive reidentification may be problematic, we also need to be wary of who is
managing the data, and who is managing them – oversight and quis custodes ipsos custodies.
This has ‘Empedoclean regress’ been previously explained as the ‘burden of omniscience’ by
Wilson (2000) p. 244 – a conundrum from which there does not seem to be any obvious
solution. Grimmelman (2014) concludes with some rather vague propositions he calls ‘little
data’, or ‘democratic data’, which do not seem contradictory of the idiographic approach
mentioned above. What is necessary in all of this is for us to acknowledge and demarcate our
own self-worth in our personal information – what the Germans apparently call
informationelle selbstbestimmung – ‘knowing what data you have and being in control over
how it’s used’ (Bartlett, 2013). This may be something of a pipe-dream, but wishing that
NSA surveillance will come to an end, or that there will be no more Snowdens, are both
equally more so naive. The most pragmatic direction out of the crisis is to focus on the
development of strategies and applications of personal reflective development that teach the
individual user more about themselves, their data and its worth.
There are many other potential avenues out of the crosshairs of surveillance and
subversion. For one thing, with regard to youth, it could be argued on the basis of the
research reported above that it is not appropriate for those under the age of 18 to have their
data permanently recorded. Could it be internationally and legally agreed that youth have a
right to ephemeral networks, and their data to be deleted up to their majority? Ultimately we
need to be more understanding around and educational with regard to identity play and
electronic bricólage. These are technical challenges, but what of it? It would be a shame
indeed if the software developers of the world collectively decided that, after having solved
so many previously-intractable problems of computer science and engineering, the protection
of minors on the internet was beyond their self-professed genius.
Other approaches rest on recognising the reality of data accretion and the variability
in personally identifiable information. It might be worthwhile constructing a base level of
online communication in a society, a sort of online directory: this is to recognise that
individual territories have shared boundaries. Access to such post-boxes could be built on a
nested hierarchy of personal information – i.e. if you have a person’s first name and surname,
you may not be able to communicate with them, but if you have their postcode in addition,
you may be able to send them a very short, text-only message, whereas if you have their full
name, date of birth and phone number, you might be able to send them a large, encrypted file.
In this way, a public network would be internally protected by social networks and private
Alternatively, by recognising how people usually manage issues of territoriality – i.e.
in solidarity – we can decentralise the network further with collective privacy. should
consider organisational communication as collectively private - in that each member of a
team should be able to see every other member’s messages. In this way, we have complete
internal transparency: a radical departure organisationally, but one which is probably more
realistic psychologically than most current scenarios.
Of course, the issues of ethical database management still apply in many of these
scenarios. In recognising that the collection of large amounts of data ultimately brings large
amounts of power, which will always be problematic, whatever the motivation or necessity of
such gathering, there are however, contradictory possibilities, when we reflect on this and the
wisdom of the ancients. When Bacon (1597) concluded scientia potenta est (‘knowledge is
power’) and Acton observed that “power tends to corrupt and absolute power corrupts
absolutely” we can easily see how the collection of ‘absolute knowledge’ can cause
It might also lead one to infer, moving from objective to subjective spheres, and
mindful of our previous reference to ‘depressive realism’, that we recoil from ‘absolute
knowledge’ about ourselves out of some kind of deep-seated fear of ‘knowing too much’
about ourselves. We ignore where our information goes, because it implicates and
embarrasses us. Instead, we prefer repression, imagined identities and tentative territories –
cultural values long overdue for revision.
Ackermann, R., & DeRubeis, R. J. (1991). Is depressive realism real? Clinical Psychology
Review, 11(5), 565–584. doi:10.1016/0272-7358(91)90004-E
Acquisti, A., & Gross, R. (2006). Imagined communities: Awareness, information sharing,
and privacy on the Facebook. In PET 2006, LNCS 4258 (pp. 36–58). Berlin,
Annalect. (2013). Annalect Q2 2013 Online Consumer Privacy Study (pp. 1–4). Retrieved
Archer, S. L. (1989). Gender differences in identity development: Issues of process, domain
and timing. Journal of Adolescence, 12(2), 117–138. doi:10.1016/0140-
Bacon, F. (1597). Meditationes sacrae. London: Humfred Hooper.
Baek, Y. M., Kim, E., & Bae, Y. (2014). My privacy is okay, but theirs is endangered: Why
comparative optimism matters in online privacy concerns. Computers in Human
Behavior, 31, 48–56. doi:10.1016/j.chb.2013.10.010
Barnes, S. B. (2006). A privacy paradox: Social networking in the United States. First
Monday, 11(9), 1–11.
Bartlett, J. (2013). iSPY: How the internet buys and sells your secrets. The Spectator.
Retrieved January 20, 2014, from http://www.spectator.co.uk/features/9093961/little-
Bauer, L., Cranor, L. F., Komanduri, S., Mazurek, M. L., Reiter, M. K., Sleeper, M., & Ur, B.
(2013). The post anachronism. In Proceedings of the 12th ACM workshop on
Workshop on privacy in the electronic society - WPES ’13 (pp. 1–12). New York,
New York, USA: ACM Press. doi:10.1145/2517840.2517859
Bélanger, F., & Crossler, R. E. (2011). Privacy in the digital age: A review of information
privacy research in information systems. MIS Quarterly, 35(4), 1017–1041. Retrieved
Benson, C. (2001). The cultural psychology of self: Place, morality and art in human worlds.
Benson, C. (2013). Acts not tracts! Why a complete psychology of art and identity must be
neuro-cultural. In Art and Identity: Essays on the Aesthetic Creation of Mind (pp. 39–
66). Amsterdam: Rodopi.
Bernstein, M. S., Harry, D., Andr, P., Panovich, K., & Vargas, G. (2011). 4chan and /b/: An
analysis of anonymity and ephemerality in a large online community. In ICWSM,
Association for the Advancement of Artificial Intelligence (pp. 1–8).
Boyd, D. (2008). Facebook’s privacy trainwreck: Exposure, invasion, and social
convergence. Convergence: The International Journal of Research into New Media
Technologies, 14(1), 13–20. doi:10.1177/1354856507084416
Brandimarte, L., Acquisti, A., & Loewenstein, G. (2010). Misplaced confidences: Privacy
and the control paradox. In Ninth Annual Workshop on the Economics of Information
Security. Cambridge, MA.
Brown, G. (2009). Claiming a corner at work: Measuring employee territoriality in their
workspaces. Journal of Environmental Psychology, 29(1), 44–52.
Bucher, T. (2012). Want to be on the top? Algorithmic power and the threat of invisibility on
Facebook. New Media & Society, 14(7), 1164–1180. doi:10.1177/1461444812440159
Cakir, S., & Aydin, G. (2005). Parental attitudes and ego identity status of Turkish
adolescents. Adolescence, 40, 847–859.
Castro, D. (2013). How much will PRISM cost the U.S. cloud computing industry? (pp. 1–9).
Washington, DC. Retrieved from www.itif.org
Christofides, E., Muise, A., & Desmarais, S. (2011). Hey Mom, What’s on Your Facebook?
Comparing Facebook Disclosure and Privacy in Adolescents and Adults. Social
Psychological and Personality Science, 3(1), 48–54. doi:10.1177/1948550611408619
Coles-Kemp, L., Lai, Y., & Ford, M. (2010). Privacy on the internet: Attitudes and
behaviours (pp. 1–34). Retrieved from vome.org.uk
Côté, J. E. (2006). Emerging adulthood as an Institutionalized moratorium: risks and benefits
to identity formation. In J. J. Arnett & J. L. Tanner (Eds.), Emerging adults in
America: Coming of age in the 21st century (pp. 85–116). Washington, DC:
American Psychological Association. doi:10.1037/11381-004
Crete-Nishihata, M., Baecker, R. M., Massimi, M., Ptak, D., Campigotto, R., Kaufman, L. D.,
… Black, S. E. (2012). Reconstructing the past: personal memory technologies are not
just personal and not just for memory. Human–Computer Interaction, 27(1-2), 92–
Dale, J. (2013). Facebook privacy is a joke: How Edward Snowden changed my online
habits. rabble.ca. Retrieved January 06, 2014, from
De Montjoye, Y.-A., Hidalgo, C. A., Verleysen, M., & Blondel, V. D. (2013). Unique in the
crowd: The privacy bounds of human mobility. Scientific reports, 3, 1376.
Debatin, B., Lovejoy, J. P., Horn, A.-K., & Hughes, B. N. (2009). Facebook and online
privacy: Attitudes, behaviors, and unintended consequences. Journal of Computer-
Mediated Communication, 15(1), 83–108. doi:10.1111/j.1083-6101.2009.01494.x
Doherty, A. R., Caprani, N., Conaire, C. Ó., Kalnikaite, V., Gurrin, C., Smeaton, A. F., &
O’Connor, N. E. (2011). Passively recognising human activities through lifelogging.
Computers in Human Behavior, 27(5), 1948–1958. doi:10.1016/j.chb.2011.05.002
Doherty, A. R., Pauly-Takacs, K., Caprani, N., Gurrin, C., Moulin, C. J. A., O’Connor, N. E.,
& Smeaton, A. F. (2012). Experiences of aiding autobiographical memory using the
SenseCam. Human-Computer Interaction, 27(27), 37–41.
Dumas, T. M., Ellis, W. E., & Wolfe, D. A. (2012). Identity development as a buffer of
adolescent risk behaviors in the context of peer group pressure and control. Journal of
adolescence, 35(4), 917–27. doi:10.1016/j.adolescence.2011.12.012
Edney, J. J. (1974). Human territoriality. Psychological Bulletin, 81(12), 959–975.
Ellison, N. B., Steinfield, C., & Lampe, C. (2007). The benefits of Facebook “Friends:”
Social capital and college students’ use of online social network sites. Journal of
Computer-Mediated Communication, 12(4), 1143–1168. doi:10.1111/j.1083-
Ellison, N. B., Vitak, J., Steinfield, C., & Gray, R. (2011). Privacy Online. (S. Trepte & L.
Reinecke, Eds.)Environment (pp. 19–32). Berlin, Heidelberg: Springer.
Erikson, E. H. (1968). Identity: Youth and crisis. New York: Norton.
Fernback, J. (2013). Sousveillance: Communities of resistance to the surveillance
environment. Telematics and Informatics, 30(1), 11–21.
Fisher, J. D., & Byrne, D. (1975). Too close for comfort: Sex differences in response to
invasions of personal space. Journal of Personality and Social Psychology, 32(1), 15–
Fitsanakis, J. (2013). Are Russian spies switching to typewriters to avoid interception? |
intelNews.org on WordPress.com. intelNews.org. Retrieved January 06, 2013, from
Fogel, J., & Nehmad, E. (2009). Internet social network communities: Risk taking, trust, and
privacy concerns. Computers in Human Behavior, 25(1), 153–160.
Gibson, R. K., & Mcallister, I. (2009). Crossing the web 2.0 frontier? Candidates and
campaigns online in the Australian Federal Election of 2007. In ECPR General
Conference (pp. 1–30). Potdam, Germany.
Grasmuck, S., Martin, J., & Zhao, S. (2009). Ethno-racial identity displays on Facebook.
Journal of Computer-Mediated Communication, 15(1), 158–188. doi:10.1111/j.1083-
Greenhow, C., & Robelia, B. (2009). Informal learning and identity formation in online
social networks. Learning, Media and Technology, 34(2), 119–140.
Greenwald, G. (2013, June 6). NSA collecting phone records of millions of Verizon
customers daily. The Guardian. Retrieved from
Grimmelmann, J. (2014). Big data’s other privacy problem. In Big Data and the Law (Vol.
11, pp. 1–10). West Academic. Retrieved from
Gueorguieva, V. (2007). Voters, MySpace, and YouTube: The impact of alternative
communication channels on the 2006 election cycle and beyond. Social Science
Computer Review, 26(3), 288–300. doi:10.1177/0894439307305636
Henrich, J., Heine, S. J., & Norenzayan, A. (2010). The weirdest people in the world? The
Behavioral and brain sciences, 33(2-3), 61–135. doi:10.1017/S0140525X0999152X
Herring, S. C. (2004). Slouching toward the ordinary: Current trends in computer-mediated
communication. New Media & Society, 6(1), 26–36. doi:10.1177/1461444804039906
Herring, S. C. (2008). Questioning the generational divide: Technological exoticism and
adult constructions of online youth identity. In D. Buckingham (Ed.), Youth, Identity,
and DigitalMedia (pp. 71–92). Cambridge, MA: The MIT Press.
Hess, A. (2014). Why women aren’t welcome on the internet. Pacific Standard. Santa
Barbara, California. Retrieved January 23, 2014, from
Hoadley, C. M., Xu, H., Lee, J. J., & Rosson, M. B. (2010). Privacy as information access
and illusory control: The case of the Facebook News Feed privacy outcry. Electronic
Commerce Research and Applications, 9(1), 50–60. doi:10.1016/j.elerap.2009.05.001
Hogan, B. (2010). The presentation of self in the age of social media: Distinguishing
performances and exhibitions online. Bulletin of Science, Technology & Society,
30(6), 377–386. doi:10.1177/0270467610385893
Hoofnagle, C., King, J., Li, S., & Turow, J. (2010). How different are young adults from
older adults when it comes to information privacy attitudes and policies? Retrieved
Horning, R. (2014). Privacy can be achieved by multiplying public selves. Leaving
breadcrumbs here to throw people on to the wrong trail. Twitter. Retrieved January
08, 2014, from https://twitter.com/marginalutility/status/419205717829365760
Howe, M. L., Garner, S. R., & Patel, M. (2013). Positive consequences of false memories.
Behavioral sciences & the law, 31(5), 652–65. doi:10.1002/bsl.2078
Hoy, M. G., & Milne, G. R. (2010). Gender differences in privacy-related measures for
young adult Facebook users. Journal of Interactive Advertising, 10(2), 28–46.
Jordán-Conde, Z., Mennecke, B., & Townsend, A. (2013). Late adolescent identity definition
and intimate disclosure on Facebook. Computers in Human Behavior.
Kaya, N., & Weber, M. J. (2003). Territorial behavior in residence halls: A cross-cultural
study. Environment & Behavior, 35(3), 400–414. doi:10.1177/0013916503035003005
Kessler, S. (2013). Think you can live offline without being tracked? Here’s what it takes.
Fast Company. Retrieved January 20, 2014, from
Kosinski, M., Stillwell, D., & Graepel, T. (2013). Private traits and attributes are predictable
from digital records of human behavior. Proceedings of the National Academy of
Sciences of the United States of America, 110(15), 5802–5.
Lehtinen, V., Näsänen, J., & Sarvas, R. (2009). “A little silly and empty-headed” – Older
adults’ understandings of social networking sites. In HCI 2009 - People and
Computers XXIII (pp. 45–54).
Lepore, J. (2013, June). Privacy in an age of publicity. The New Yorker. New York. Retrieved
January 09, 2014, from
Lewis, J., & West, A. (2009). “Friending”: London-based undergraduates’ experience of
Facebook. New Media & Society, 11(7), 1209–1229. doi:10.1177/1461444809342058
Lewis, K., Kaufman, J., Gonzalez, M., Wimmer, A., & Christakis, N. (2008). Tastes, ties, and
time: A new social network dataset using Facebook.com. Social Networks, 30(4),
Light, B., & McGrath, K. (2010). Ethics and social networking sites: A disclosive analysis of
Facebook. Information Technology & People, 23(4), 290–311.
Locke, J. (1700). An essay concerning humane understanding, in four books (4th ed.).
London: Awnsham and John Churchil. Retrieved from
Locke, J. (1751). The works of John Locke, Esq; In three volumes, Vol. II (5th ed.). London:
S. Birt, D. Browne, T. Longman... Retrieved from
Mann, S., Nolan, J., & Wellman, B. (2003). Sousveillance: Inventing and using wearable
computing devices for data collection in surveillance environments. Surveillance &
Society, 1(3), 331–355.
Marcia, J. E. (1966). Development and validation of ego-identity status. Journal of
Personality and Social Psychology, 3(5), 551–558. doi:10.1037/h0023281
Marwick, A. E. (2014). How your data are being deeply mined. The New York Review of
Books, 61(1). Retrieved from
McDonald, A. M., & Cranor, L. F. (2008). The cost of reading privacy policies. I/S: A
Journal on Law and Policy for the Information Society, 4(3), 540–565.
Mehdizadeh, S. (2010). Self-presentation 2.0: Narcissism and self-esteem on Facebook.
Cyberpsychology, behavior and social networking, 13(4), 357–64.
Mills, E. (2007, June 4). Google’s street-level maps raising privacy concerns. USA Today.
San Jose, CA. Retrieved from
Milne, G. R., & Culnan, M. J. (2004). Strategies for reducing online privacy risks: Why
consumers read (or don’t read) online privacy notices. Journal of Interactive
Marketing, 18(3), 15–29. doi:10.1002/dir.20009
Moore, S. A., & Zoellner, L. A. (2007). Overgeneral autobiographical memory and traumatic
events: an evaluative review. Psychological bulletin, 133(3), 419–37.
Moscardelli, D. M., & Divine, R. (2007). Adolescents’ concern for privacy when using the
internet: An empirical analysis of predictors and relationships with privacy-protecting
behaviors. Family and Consumer Sciences Research Journal, 35(3), 232–252.
O’Hara, K., Tuffield, M. M., & Shadbolt, N. (2008). Lifelogging: Issues of identity and
privacy with memories for life. In First International Workshop on Identity in the
Information Society. Arona, Italy. Retrieved from http://eprints.ecs.soton.ac.uk/15993/
Ohm, P. (2010). Broken promises of privacy: Responding to the surprising failure of
anonymization. UCLA Law Review, 57, 1701–1777.
Owen, D. (2009). Election media and youth political engagement. Journal of Social Science
Education, 7(2), 14–24.
Pastalan, L. A. (1970). Privacy as an expression of human territoriality. In L.A. Pastalan & D.
H. Parson (Eds.), Spatial behavior of older people (pp. 88–101). Ann Arbor, MI:
University of Michigan.
Payne, S. (2013, December 9). Hypocrisy alert: Big tech firms complain of data intrusion.
The Spectator. Retrieved from
Pempek, T. A., Yermolayeva, Y. A., & Calvert, S. L. (2009). College students’ social
networking experiences on Facebook. Journal of Applied Developmental Psychology,
30(3), 227–238. doi:10.1016/j.appdev.2008.12.010
PEN American Center. (2013). Chilling effects: NSA surveillance drives U.S. writers to self-
censor. New York. Retrieved from pen.org
Penny, L. (2014). David Cameron’s internet porn filter is the start of censorship creep. The
Guardian. Retrieved January 08, 2014, from
Peterson, C., Grant, V. V, & Boland, L. D. (2005). Childhood amnesia in children and
adolescents: Their earliest memories. Memory (Hove, England), 13(6), 622–37.
Porfeli, E. J., Lee, B., Vondracek, F. W., & Weigold, I. K. (2011). A multi-dimensional
measure of vocational identity status. Journal of adolescence, 34(5), 853–71.
Powazek, D. (2012). I’m not the product, but I play one on the internet. powazek.com/.
Retrieved January 06, 2014, from http://powazek.com/posts/3229
Proshansky, H. M., Ittleson, W. H., & Rivlin, L. G. (1970). Freedom of choice and behavior
in a physical setting. In H. M. Proshansky, W. H. Ittleson, & L. G. Rivlin (Eds.),
Environmental psychology. New York: Holt, Rinehart & Winston.
Rodriguez, S. (2013, August 8). iOS 7’s controversial new feature: Frequent Locations
tracking map. Los Angeles Times. Los Angeles. Retrieved from
Schwarz, O. (2010). On friendship, boobs and the logic of the catalogue: Online self-portraits
as a means for the exchange of capital. Convergence: The International Journal of
Research into New Media Technologies, 16(2), 163–183.
Seder, J. P., & Oishi, S. (2009). Ethnic/racial homogeneity in college students’ Facebook
friendship networks and subjective well-being. Journal of Research in Personality,
43(3), 438–443. doi:10.1016/j.jrp.2009.01.009
Sellen, A., Fogg, A., Aitken, M., Hodges, S., Rother, C., Wood, K., & Ave, J. J. T. (2007).
Do life-logging technologies support memory for the past? An experimental study
using SenseCam. In CHI ’07 Proceedings of the SIGCHI Conference on Human
Factors in Computing Systems (pp. 81–90).
Shein, E. (2013). Ephemeral data. Communications of the ACM, 56(9), 20.
Sommer, R., & Becker, F. D. (1969). Territorial defense and the good neighbor. Journal of
personality and social psychology, 11(2), 85–92.
Staten, J. (2013). The cost of PRISM will be larger than ITIF projects. Forrester Research.
Retrieved January 06, 2014, from http://blogs.forrester.com/james_staten/13-08-14-
Strano, M. M. (2008). User descriptions and interpretations of self presentation through
Facebook profile images. Journal of Psychosocial Research on Cyberspace, 2(2), 1.
Stutzman, F., Gross, R., & Acquisti, A. (2012). Silent listeners: The evolution of privacy and
disclosure on Facebook. Journal of Privacy and Confidentiality, 4(2), 7–41.
Suler, J. (2004). The online disinhibition effect. CyberPsychology & Behavior, 7(3), 321–
Thorbecke, W., & Grotevant, H. D. (1982). Gender differences in adolescent interpersonal
identity formation. Journal of youth and adolescence, 11(6), 479–92.
Tokunaga, R. S. (2011). Social networking site or social surveillance site? Understanding the
use of interpersonal electronic surveillance in romantic relationships. Computers in
Human Behavior, 27(2), 705–713. doi:10.1016/j.chb.2010.08.014
Valenzuela, S., Park, N., & Kee, K. F. (2009). Is there social capital in a social network site?:
Facebook use and college students’ life satisfaction, trust, and participation. Journal
of Computer-Mediated Communication, 14(4), 875–901. doi:10.1111/j.1083-
Vitak, J. (2012). The impact of context collapse and privacy on social network site
disclosures. Journal of Broadcasting & Electronic Media, 56(4), 451–470.
Vitak, J., Zube, P., Smock, A., Carr, C. T., Ellison, N. B., & Lampe, C. (2011). It’s
complicated: Facebook users' political participation in the 2008 election.
Cyberpsychology, behavior and social networking, 14(3), 107–14.
Warren, S., & Brandeis, L. D. (1890). The right to privacy. Harvard Law Review, 4(5), 193–
220. Retrieved from http://www.jstor.org/stable/1321160
Weber, S., & Mitchell, C. (2008). Imagining, keyboarding, and posting identities: Young
people and new media technologies. In D. Buckingham (Ed.), Youth, Identity, and
Digital Media (pp. 25–48). Cambridge, MA: The MIT Press.
Westlake, E. J. (2008). Friend me if you Facebook: Generation Y and performative
surveillance. TDR/The Drama Review, 52(4), 21–40. doi:10.1162/dram.2008.52.4.21
Whitehead, T. (2013, October 22). We will lose terrorists because of GCHQ leaks, warns
minister. The Telegraph. Retrieved from
Wiley, R. E., & Berman, S. L. (2012). The relationships among caregiver and adolescent
identity status, identity distress and psychological adjustment. Journal of adolescence,
35(5), 1203–13. doi:10.1016/j.adolescence.2012.04.001
Wilson, R. A. (2000). Prometheus rising (2nd ed.). Tempe, AZ: New Falcon.
Xenos, M., & Foot, K. (2008). Not your father’s internet: The generation gap in online
politics. In W. L. Bennett (Ed.), Civic life online: Learning how digital media can
engage youth (pp. 51–70). Cambridge, MA: The MIT Press.
Youn, S., & Hall, K. (2008). Gender and online privacy among teens: Risk perception,
privacy concerns, and protection behaviors. CyberPsychology & Behavior, 11(6),
Zimmer, M. (2010). “But the data is already public”: On the ethics of research in Facebook.
Ethics and Information Technology, 12(4), 313–325. doi:10.1007/s10676-010-9227-5
Zittrain, J. (2012). Meme patrol: “When something online is free, you’re not the customer,
you’re the product.” Future of the Internet. Retrieved January 23, 2014, from
Zukowski, T., & Brown, I. (2007). Examining the influence of demographic factors on
internet users’ information privacy concerns. In SAICSIT 2007 (pp. 197–204). Fish
River Sun, Sunshine Coast, South Africa.