In Protecting Personal Information we (Professor Wacks and I) argue that the right to privacy should be considered as the right to control our own personal information, where the attribute “personal” means “related to the intimate sphere of the individual.”
A major critics to this approach is held by those who find our definition of “personal information” to vague because what is “personal” for subject A may not be alike for subject B. In contrast, they favour the “reasonable privacy expectation” test that is (supposed to be) an objective standard in ECHR Article 10 cases.
I think that this criticism has no merit.
The “reasonable expectation” is – at the very least – as subjective as the “personal” attribute of information claimed lastly in our book and for a lot year by Professor Wacks.
It is enough to think for a while to the matter and it becomes clear that the “reasonable expectation” is a synonym for “what the court thinks is “reasonable””. In other words, “reasonable expectation” is a way to justify the “caprice” of the judge.
In contrast, the notion of “personal” forces the justice to verify the existence of a connection between the individual and the information. So, the alleged “weakness” of our theory becomes its strength: the court is not free to please its own will, but is forced to analyze, case-by-case, whether a specific information can be qualified as “personal”
The core of privacy (at least from the tort perspective) is exactly the opposite of what the “reasonable expectation” test advocates. I don’t give a damn about what “average joe” thinks of being entitled to. I DO know that I DIDN’T WANT that information to be kept from me, against me agreeing or being forced to release it.
So, it is true that what is personal to A might be different from what is personal to B, but the common trait – what makes these different information “personal” – is the fact that to somebody has taken it away from me by way of an abuse (sneaking into my house, reading my correspondence, eavesdropping on me etc.) Therefore, the court doesn’t need to enter into the definition of what is personal, because all that the justice is supposed to do is to answer these “easy” questions:
- has this information about the individual obtained by way of violence, cheat or other fraudulent ways?
- Is the “stolen” information used to damage the individual? Is the damage inflicted to the individual acceptable because of the other rights (for instance, free speech) at stakes?