What do you think?
Rate this book
Understanding Privacy
Privacy is one of the most important concepts of our time, yet it is also one of the most elusive. As rapidly changing technology makes information increasingly available, scholars, activists, and policymakers have struggled to define privacy, with many conceding that the task is virtually impossible. In this concise and lucid book, Daniel J. Solove offers a comprehensive overview of the difficulties involved in discussions of privacy and ultimately provides a provocative resolution. He argues that no single definition can be workable, but rather that there are multiple forms of privacy, related to one another by family resemblances. His theory bridges cultural differences and addresses historical changes in views on privacy. Drawing on a broad array of interdisciplinary sources, Solove sets forth a framework for understanding privacy that provides clear, practical guidance for engaging with relevant issues. Understanding Privacy will be an essential introduction to long-standing debates and an invaluable resource for crafting laws and policies about surveillance, data mining, identity theft, state involvement in reproductive and marital decisions, and other pressing contemporary matters concerning privacy.
272 pages, Hardcover
First published November 6, 2008
27 people are currently reading
359 people want to read
About the author
Daniel J. Solove
33 books36 followersDaniel J. Solove is the Eugene L. and Barbara A. Bernard Professor of Intellectual Property and Technology Law at the George Washington University Law School. He is also the founder of TeachPrivacy, a company that provides privacy and data security training programs to businesses, law firms, healthcare institutions, schools, and other organizations. One of the world’s leading experts in privacy law, Solove is the author of 10+ books and textbooks and 100+ articles. His articles have appeared in the Harvard Law Review, Yale Law Journal, Stanford Law Review, and Columbia Law Review, among others. Professor Solove writes at LinkedIn as of its “thought leaders,” and he has more than 1 million followers. He more routinely blogs at Privacy+Security Blog, https://www.teachprivacy.com/privacy-...
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 13 of 13 reviews
August 11, 2016
Dan Solove sent me a review copy of his new book, “Understanding Privacy.” If you work in privacy or data protection either from a technology or policy perspective, you need to read this book and understand Solove’s approach. That’s not to say it’s perfect or complete, but I think it’s an important intellectual step forward, and perhaps a practical one as well.
I’m going to walk through the chapters, and then bring up some of my responses and the reasons I’m being guarded.
Chapter 1 is “Privacy: A Concept in Disarray.” It lays out how broad and complex a topic privacy is, and some of the struggles that people have in defining and approaching it as a legal or social science concept. Chapter 2, “Theories of Privacy and Their Shortcomings” lays out, as the title implies, prior theories of privacy. Having thus set the stage, chapter 3 “Reconstructing Privacy“is where the book transitions from a review of what’s come before to new analysis. Solove uses Wittgenstein’s concept of ‘family resemblances’ as a way of approaching the ways people use the word. Privacy (as I’ve commented) has many meanings. You can’t simplify it into, say, identity theft. Solove uses family resemblances to say that they’re all related, even if they have very different personalities. Chapter 4, “The Value of Privacy” points out that one of the reasons we’re losing privacy is that it’s often portrayed as an individual right, based on hiding something. In policy fights, society tends to trump individualism. (Which is one reason the Bill of Rights in the US protects the individual.) Rather than calling for better protection of the individual, this chapter explores the many social values which privacy supports, bringing it closer to equal footing, and providing a policy basis for the defense and enhancement of privacy because it makes us all better off.
Chapter 5, “A Taxonomy of Privacy” is the core of the book. The taxonomy is rich. Solove devotes seventy pages to expounding on the harms done in not respecting privacy, and discussing a balance between societal interests of privacy and the reason for the invasion. In brief, the taxonomy is currently:
Information collection: Surveillance, Interrogation
Information Processing: Aggregation, Identification, Insecurity, Secondary Use, Exclusion
Information Dissemination: Breach of confidentiality, Disclosure, Exposure, Increased Accessibility, Blackmail, Appropriation, Distortion
Invasion: Intrusion, Decisional Interference.
I’ve tried to apply this taxonomy to issues. For example, when I wrote “Call Centers Will Get More Annoying,” I used the taxonomy, although not the words. There’s surveillance, secondary use, increased accessibility and (what feels like a form of) intrusion. What the taxonomy doesn’t do is capture or predict my outrage. I think that that’s an important weakness, but it may well be asking too much. Solove’s goals of a societal balance don’t admit my outrage as a key factor. They can’t. Outrage is too individual.
I’m also concerned that perhaps this isn’t a taxonomy. If you read the old posts in my taxonomies category, you’ll see that I spent a bunch of time digging fairly deeply into what taxonomies are, how they come about, how they’re used and abused. I don’t think that Solove’s taxonomy really fits into the core of a taxonomy: a deterministic way to classify things which we find, which various practitioners can reliably use. As in my example of the call centers, the flaws are legion, and some of my classification may be wrong.
At Microsoft, we use STRIDE as a “taxonomy” of security issues (STRIDE is Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) I think, as a taxonomy, STRIDE is lousy. If you know about an issue, it’s hard to classify using STRIDE. The categories overlap. On the other hand, it’s very useful as an evocation of issues that you might worry about, and the same may be said of Solove’s taxonomy. I also don’t have a superior replacement on hand, and so I use it and teach it. Taxonomy-ness is not next to godliness.
My other issue with Solove’s taxonomy is that it doesn’t recognize the issuance of identifiers, in and of itself, as a privacy issue. I believe that, even before the abuses start, there are forseeable issues that arise from issuing identification numbers to people, like the Social Security Number. The act of enumeration was clearly seen by as an invasion by Englishmen who named the Doomsday book. The ability of the US government to even take a census is tied directly to the specified purpose of allocating legislative seats. I see it as self-evident, and haven’t been able to find the arguments to convince Solove. (Solove and I have discussed this in email now and then; I haven’t convinced him [that identifiers are, per se, a privacy harm])
Chapter 6 Privacy: A New Understanding closes the book with a summation and a brief discussion of the future.
The book has a strong policy focus. I am very interested in understanding how this new understanding intersects both broad laws and legal principles (such as the Fair Information Practices) and specific law (for example, HIPAA). The FIP, the OECD privacy statements, and Canada’s PIPED act all show up in the discussion of secondary use. I’m also interested in knowing if an organization could practically adopt it as a basis for building products and services with good privacy. I think there’s very interesting follow-on work in both of these areas for someone to pick up.
I also worry that privacy as individual right is important. Even though Solove makes a convincing case that that’s a weaker policy basis than the one he lays out, that doesn’t mean it’s not to be cherished as a social value, and I feel that the view of privacy which Solove presents is weaker to the extent that it fails to embrace this.
In closing, there are three major elements to the book: the first is to take us past the definitional games of “what is privacy.” The second is a serious attempt to address the “what do you have to hide” approach to privacy. The third is the taxonomy. Two of these would have been a pretty good book. Three are impressive, even as I disagree with parts of it. Again, this is an important book and worth reading if you work in or around privacy.
Original: http://emergentchaos.com/archives/200...
I’m going to walk through the chapters, and then bring up some of my responses and the reasons I’m being guarded.
Chapter 1 is “Privacy: A Concept in Disarray.” It lays out how broad and complex a topic privacy is, and some of the struggles that people have in defining and approaching it as a legal or social science concept. Chapter 2, “Theories of Privacy and Their Shortcomings” lays out, as the title implies, prior theories of privacy. Having thus set the stage, chapter 3 “Reconstructing Privacy“is where the book transitions from a review of what’s come before to new analysis. Solove uses Wittgenstein’s concept of ‘family resemblances’ as a way of approaching the ways people use the word. Privacy (as I’ve commented) has many meanings. You can’t simplify it into, say, identity theft. Solove uses family resemblances to say that they’re all related, even if they have very different personalities. Chapter 4, “The Value of Privacy” points out that one of the reasons we’re losing privacy is that it’s often portrayed as an individual right, based on hiding something. In policy fights, society tends to trump individualism. (Which is one reason the Bill of Rights in the US protects the individual.) Rather than calling for better protection of the individual, this chapter explores the many social values which privacy supports, bringing it closer to equal footing, and providing a policy basis for the defense and enhancement of privacy because it makes us all better off.
Chapter 5, “A Taxonomy of Privacy” is the core of the book. The taxonomy is rich. Solove devotes seventy pages to expounding on the harms done in not respecting privacy, and discussing a balance between societal interests of privacy and the reason for the invasion. In brief, the taxonomy is currently:
Information collection: Surveillance, Interrogation
Information Processing: Aggregation, Identification, Insecurity, Secondary Use, Exclusion
Information Dissemination: Breach of confidentiality, Disclosure, Exposure, Increased Accessibility, Blackmail, Appropriation, Distortion
Invasion: Intrusion, Decisional Interference.
I’ve tried to apply this taxonomy to issues. For example, when I wrote “Call Centers Will Get More Annoying,” I used the taxonomy, although not the words. There’s surveillance, secondary use, increased accessibility and (what feels like a form of) intrusion. What the taxonomy doesn’t do is capture or predict my outrage. I think that that’s an important weakness, but it may well be asking too much. Solove’s goals of a societal balance don’t admit my outrage as a key factor. They can’t. Outrage is too individual.
I’m also concerned that perhaps this isn’t a taxonomy. If you read the old posts in my taxonomies category, you’ll see that I spent a bunch of time digging fairly deeply into what taxonomies are, how they come about, how they’re used and abused. I don’t think that Solove’s taxonomy really fits into the core of a taxonomy: a deterministic way to classify things which we find, which various practitioners can reliably use. As in my example of the call centers, the flaws are legion, and some of my classification may be wrong.
At Microsoft, we use STRIDE as a “taxonomy” of security issues (STRIDE is Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege) I think, as a taxonomy, STRIDE is lousy. If you know about an issue, it’s hard to classify using STRIDE. The categories overlap. On the other hand, it’s very useful as an evocation of issues that you might worry about, and the same may be said of Solove’s taxonomy. I also don’t have a superior replacement on hand, and so I use it and teach it. Taxonomy-ness is not next to godliness.
My other issue with Solove’s taxonomy is that it doesn’t recognize the issuance of identifiers, in and of itself, as a privacy issue. I believe that, even before the abuses start, there are forseeable issues that arise from issuing identification numbers to people, like the Social Security Number. The act of enumeration was clearly seen by as an invasion by Englishmen who named the Doomsday book. The ability of the US government to even take a census is tied directly to the specified purpose of allocating legislative seats. I see it as self-evident, and haven’t been able to find the arguments to convince Solove. (Solove and I have discussed this in email now and then; I haven’t convinced him [that identifiers are, per se, a privacy harm])
Chapter 6 Privacy: A New Understanding closes the book with a summation and a brief discussion of the future.
The book has a strong policy focus. I am very interested in understanding how this new understanding intersects both broad laws and legal principles (such as the Fair Information Practices) and specific law (for example, HIPAA). The FIP, the OECD privacy statements, and Canada’s PIPED act all show up in the discussion of secondary use. I’m also interested in knowing if an organization could practically adopt it as a basis for building products and services with good privacy. I think there’s very interesting follow-on work in both of these areas for someone to pick up.
I also worry that privacy as individual right is important. Even though Solove makes a convincing case that that’s a weaker policy basis than the one he lays out, that doesn’t mean it’s not to be cherished as a social value, and I feel that the view of privacy which Solove presents is weaker to the extent that it fails to embrace this.
In closing, there are three major elements to the book: the first is to take us past the definitional games of “what is privacy.” The second is a serious attempt to address the “what do you have to hide” approach to privacy. The third is the taxonomy. Two of these would have been a pretty good book. Three are impressive, even as I disagree with parts of it. Again, this is an important book and worth reading if you work in or around privacy.
Original: http://emergentchaos.com/archives/200...
October 18, 2019
A somewhat awkward read: while I found the taxonomic approach useful, it has to be said that there is quite a lot of repetition in the book, and language that on many occasions is convoluted. And it also feels dated now: the references to various legal and governmental approaches are out-of-date, though this doesn't affect his main thrust. Still, I took a lot of notes. I'll need to look elsewhere for a more lively treatment.
January 9, 2021
Refutes the idea that we can have a cohesive concept of privacy, and proposes that instead of focusing on the concept of privacy—which is necessarily vague a la Wittgenstein’s “game”—we focus on privacy problems. A lot of very bad legal decisions come about because the courts focus on privacy as a concept!
Book is very clearly written and Solove’s proposed framework for privacy problems seems useful. A lot of the silly arguments such as “Oh but it’s aggregated information about you that we gathered from public domain and public settings, so we can do whatever the hell we want with it!” and “Oh but you gave the information to us with no reasonable expectation of privacy, so we can do whatever the hell we want with it!” are a lot easier to refute after reading this book. Solove shows that views like this create well-defined problems that deserve considering. And I ended up with a signed copy of the book!
The most significant chapter, “A Taxonomy of Privacy,” is available for free online and I’d recommend it for anyone interested in the subject.
Book is very clearly written and Solove’s proposed framework for privacy problems seems useful. A lot of the silly arguments such as “Oh but it’s aggregated information about you that we gathered from public domain and public settings, so we can do whatever the hell we want with it!” and “Oh but you gave the information to us with no reasonable expectation of privacy, so we can do whatever the hell we want with it!” are a lot easier to refute after reading this book. Solove shows that views like this create well-defined problems that deserve considering. And I ended up with a signed copy of the book!
The most significant chapter, “A Taxonomy of Privacy,” is available for free online and I’d recommend it for anyone interested in the subject.
August 27, 2022
Comprehensive, if US-centric, analysis of privacy issues and Solove's proposal for categorising different but overlapping concepts of privacy. Written in a digestible and accessible manner, not overly academic. Great read even today, 14 years later.
December 26, 2023
A good start of the journey of deepingly understanding the privacy issues and implications.
August 24, 2016
This book looks at privacy both through a legal and historical lens. Solove describes the various types of privacy issues we face as well as the relevant harms they may cause. In today's age of information technology which encroaches upon our personal and professional environments, this is very relevant to us. When someone purchases a TV or device that can listen to us and our conversations we need knowledge rather than fear to deal with the tradeoffs between benefit and risk.
Solove builds a conceptual framework of four types of privacy and 16 subtypes to help us understand that there is not one definition of privacy but there are distinct types that are related as a family in a general sense. The book was written as a starting point to understanding privacy and does not attempt to offer solutions to the problems we encounter as there is often a tradeoff between privacy and the systems that might infringe upon them. As an example, a British man attempted to commit suicide with a knife by cutting himself. The act was caught on camera and his life was saved. His reaction after recovery was to sue the government.
Solove builds a conceptual framework of four types of privacy and 16 subtypes to help us understand that there is not one definition of privacy but there are distinct types that are related as a family in a general sense. The book was written as a starting point to understanding privacy and does not attempt to offer solutions to the problems we encounter as there is often a tradeoff between privacy and the systems that might infringe upon them. As an example, a British man attempted to commit suicide with a knife by cutting himself. The act was caught on camera and his life was saved. His reaction after recovery was to sue the government.
November 28, 2008
Why did I try yet another book by Solove? Maybe that he writes about a subject matter of professional and personal interest. A new understanding of the concept of privacy definitely worth reading about. But you still have to suffer though his writing style. While not as bad as the last book, he could use a good editor. That would help to eliminate many of his insufferable repetitions, for one. But better still, he might confine himself to an article instead of a full length book. I always feel he desparetly pads his manuscript to have enough to say in book length format. His new formulation of the concept of privacy as a family of related notions make sense and is worth thinking about and perhaps using in analysis, but did it really need almost 200 pages to explain.
April 29, 2010
Not nearly as good of a read as I had anticipated. Fully 1/5 of the book (by pages) is references. Fully 3/5 of the book is repetition of him either telling you what he is going to tell you, or telling you what he already told you. Saying that 1/5 of the book is original, helpful content would indeed be generous.
Might recommend for a quick skim if you can get it from the library, but I wouldn't pay money for it.
Might recommend for a quick skim if you can get it from the library, but I wouldn't pay money for it.
July 1, 2012
Pragmatic approach to defining privacy as a family-resemblance category a la Wittgenstein. There are no necessary and sufficient conditions that cover all the cases where we wish to use the idea of privacy. Therefore privacy should be analyzed based on particular problems from which generalizations emerge. He continues by providing a taxonomy of privacy problems based on information collection, analysis, dissemination, and personal invasion.
September 27, 2010
Would have been better as a long article,too much redundancy and restating of his position. Still,a valuable book and worth reading for his taxonomy of privacy framework if you are interested in the topic or find yourself needing a better vocabulary with which to talk about the nuances of privacy.
August 25, 2013
Great discussion of privacy in the law and how it has been redefined by vertiginous changes in technology that have rendered many of privacy laws under constant attack.
Solove tries to provide a 21st century understanding of what privacy is...
Solove tries to provide a 21st century understanding of what privacy is...
May 27, 2014
Looks at the idea of privacy and the law of privacy from multiple perspectives. I am still pushing myself through the literature of privacy in other books, but this book seems to be comprehensive with a great review of case law and law reviews on the subject.
January 22, 2025
Right book wrong time to read it. Slog to get through. Would’ve enjoyed it more 10 years ago, which I guess speaks in part to how much Solove’s taxonomy has pervaded the practice a decade later.
Displaying 1 - 13 of 13 reviews