Privacy online: reform beyond law reform

Abstract

© Cambridge University Press 2014. Introduction As Roland Barthes reminds us, a myth works not only to attach a meaning to a given sign (such as a word or visual symbol). It fashions a story around the sign with a larger political or cultural weight. We consider below one of the more enduring myths associated with privacy law reform-that a dedicated privacy cause of action will respond sufficiently to individual and social desires for privacy. The idea of a privacy tort as a solution to individual and social problems of privacy was fostered by Warren and Brandeis’ classic article ‘The Right to Privacy’ published in the 1890 edition of the Harvard Law Review, although the century's worth of privacy tort reform that followed the article has produced no privacy utopia in the United States. And it still appears to hold in the United Kingdom, bolstered by a post-war European Convention on Human Rights (ECHR) and the Human Rights Act 1998 (UK). Yet even before courts in England moved to embrace a ‘new’ tort of misuse of private information, the English doctrine of breach of confidence already offered similar protection in many respects. We might now wonder how far a privacy tort or cause of action will go in dealing with the contemporary contexts of digital communications. In Continental Europe, where protection of privacy is well advanced, the ECHR's Article 8 ‘right to private life’ is now being supplemented by an even more ambitious legal right, which appears to have been designed with the Internet in mind-the ‘right to data protection’ in Article 8 of the 2000 Charter of Fundamental Rights of the European Union (the Charter), now part of the Treaty of Lisbon (supplementing the Charter's right to private life in Article 7). In recent cases, the European Court of Justice has ruled that court orders requiring monitoring of uses made of an internet service provider and social network platform for possible copyright infringements would entail a violation of the Charter's right to data protection. Moreover, in January 2012 the European Commission launched a draft Data Protection Regulation, which will go further than the current EU Data Protection Directive of 1995 in protecting personal information in the online environment, citing Article 8 of the Charter as a motivation. Even in the USA there have been proposals for addressing problems of online consumer privacy.