The Myth of the Privacy Paradox by Daniel J. Solove, George Washington University Law School [Downloaded from Privacy Law Salon]
Professor Solove points out that the privacy paradox does not exist because it’s illogical to generalize from people’s behavior (or risk decisions) involving specific personal data in specific contexts to reach broader conclusions about how people value privacy. It further mentions that the privacy paradox is born out of this vicious cycle when people express concerns about their privacy, are given a dose of privacy self-management in response, fail to succeed at the impossible project of privacy self-management, and then become disillusioned and resigned.
In addition, Professor Solove mentions two sides of responses to the privacy paradox – “behavior valuation argument” and “behavior distortion argument.” On one side, the “behavior valuation argument” contends behavior is the best metric to evaluate how people actually value privacy. Behavior reveals that people ascribe a low value to privacy or readily trade it away for goods or services. The argument often goes on to contend that privacy regulation should be reduced. On the other side, the “behavior distortion argument” suggests that people’s behavior is not an accurate metric of preferences because behavior is distorted by biases and heuristics, manipulation and skewing, and other factors.
I agree with Professor Solove that privacy law should focus on regulating the architecture that structures the way information is used, maintained, and transferred. Privacy regulation often seeks to provide people more privacy rights so that they can protect privacy. However, people don’t know about the data collection nor privacy risks.