Four theses on mass surveillance and privacy negotiation

A French Digital Theory approach to a post-Snowden world.

This text first appeared as a chapter of the French Council of State’s 2014 ‘Report On Digital Technology And Fundamental Rights’.

The current political debate is fueled by growing concern over the implementation of a digital mass surveillance framework aimed to gather, store and process data from transactions, interactions and everyday uses of information and communication technologies. In the wake of Edward Snowden’s early revelations about the US PRISM program, the general public were surprised and frightened by the extent to which the intelligence agencies of western democratic governments were intercepting information from their own citizens. These events are poised to force a profound change to the relationship between governments and those they govern, contributing to an unprecedented climate of geopolitical instability compounded by the fact that markets are increasingly playing less of a role as third party forces correcting states’ securitarian excesses. As the responsibilities of stakeholders in the digital economy become clearer through the creation of a vast military-industrial complex, we enter a phase of tension and distrust between consumers and private sector businesses.

In the space where the political challenges of digital technologies are played out, economic and strategic interests promote these surveillance methods, maintaining they simply build on the tools that modern states have long used to monitor populations. In fact, they represent a clean break with past approaches.

The deployment of a digital mass surveillance system has been made possible by a long-term shift towards the expression of a powerful executive, combined with the infiltration of military interests in the democratic apparatus, as well as by the gradual assimilation between domestic security matters and the doctrine of national security.

Although the executive power’s tendency to operate with no counterbalance could be seen as part and parcel of a democratic project that is constantly in fieri (an ‘unfinished democracy’, to borrow Pierre Rosanvallon’s terms), the securitarian phenomenon stands apart by the way it has grown into an all-encompassing discourse influencing the methods of democratic deliberation, obstructing the ability of the legislative and judicial branches to control executive bodies on the one hand, and the manifestations of a general willingness to respect citizens’ freedoms and fundamental rights on the other.


The current debate over the protection of privacy is trapped within a false dichotomy between freedom and security. This opposition is instrumental to the promotion of the indiscriminate collection of personal data, which is seen as the only guarantee against the domestic and external threats that our societies face. The main tool of this erosion of citizens’ rights to privacy and secrecy is the rhetorical expedient of seeking a balance, a fair ratio between the collective right to security and the individual right to confidentiality. However, as highlighted by privacy advocate Caspar Bowden at an inquiry held by the British parliament’s Intelligence and Security Committee in 2014, ‘balance is a misleading metaphor. It tends to connote an unstable equilibrium with a single balance point on a linear scale’. Achieving an optimal balance relies on a representation of privacy and public security as being at two opposite ends of a continuum. Yet, this continuum has been dirsupted by a change in the nature of surveillance itself.

In comparison with past ones, the current digital surveillance system for monitoring populations is unique in that it is not direct, but rather participatory. By ‘participatory’, we mean a mutual, horizontal surveillance based on the intentional, agonistic disclosure of personal informations by users of digital services, mobile applications and online platforms. It is accompanied by a loss of control over the terms of service of the infrastructure where personal data are stored and circulated. This surveillance is participatory insofar as it is mutual and involves a generalization of bottom-up moderation mechanisms and of the way online communities enforce norms within social platforms.

A symbolic transition thus takes place, from surveillance practices relying on a Big Brother vertical conception to those relying on a ‘Big Other’ horizontal one, embodying a move towards an overwhelming social injunction to real-time connectivity. Without this presupposition, surveillance programs based on direct access to large data farms would have been inconceivable. The surveillance system is constantly fed by the very subjects it monitors, who are part of a social system that rewards participation based on reciprocal disclosure aimed to build online social capital.

Connected citizens are not just passive subjects and participatory surveillance does not inhibit their will. Rather, it empowers users by making them responsible for implementing the measures needed for the surveillance, as well as sorting through the duration and quantity of data to be disclosed, depending on the context.

Insofar as the quantity of disclosed data is determined by criteria that govern day-to-day sociability and not by the need to protect the citizens, the search for a balance or fair ratio between privacy and security proves illusory.

We should not see the fact that citizens contribute to these social platforms as a symptom of technological illiteracy or ideological adherence. On the contrary, it should be viewed as a sign that their streams of communication are presently captured by a participatory architecture that uses traces of online presence to personalize usage and record data transfers in digital environments. The order of priorities between protecting privacy and personalizing digital user experience therefore seems reversed in the face of these traces, whose durability and secondary uses (for both commercial and securitarian purposes) are lost on users.


The issue of privacy – which has inevitably and painfully been at the center of political and social debate in recent years – reveals the limits of a theoretical stance that has dominated media discourse and the public debate for some time. This stance focuses on the reports of the ‘end of privacy’ and sees its disappearance from our everyday life and political concerns as a prelude to its abrogation from our legal systems.

This hypothesis has in large part been advocated by corporate interests groups and in particular from tech giants. An imaginary line connects the 1999 press conference during which the Chairman and Managing Director of Sun Microsystems, Scott McNealy, declared ‘You have zero privacy anyway. Get over it!’ and a Federal Trade Commission event in 2013 where the mathematician Vinton Cerf, in his capacity as Google’s ‘Chief Internet Evangelist’, claimed that from a historical point of view, ‘privacy may be an anomaly’. This perspective sits within a highly stylized, politically focused narrative of the transition to modernity. According to this view, our societies have moved from a social structure characterized by small local communities where each individual had a thorough knowledge of the opinions and whereabouts of friends and neighbors, to an urban society where the idea of a private sphere of action and thinking has been imposed by the emerging middle classes. Today, the historical parenthesis of privacy would supposedly be about to close, as part of an inevitable and spontaneous transformation of behaviors and beliefs of social media users. The ‘new norm’, according to the definition given by Mark Zuckerberg in 2010, is one of transparency and publicness. This change is seen as part of a longer historical transition. It legitimizes connectivity services that are based on extracting consumers’ personal data by incorporating them into a wider collective process. The web giants’ spokespeople want nothing less than to show that their aim is to put an end to the isolated and alienated existence of the great industrial cities of the last few centuries.

In an attempt at historical and cultural restoration, the outcome of the fully networked society tech giants aim to, would be the return to a time that they portray as one of harmony and openness among primary circles of socialization.

Other stakeholders, both from academia and from civil society, also adhere to this discourse about the end of privacy while stigmatizing the attitudes of networks’ individual users as paradoxical and alarming. They maintain that members of online and mobile social platforms would be prepared to gradually give up their privacy in order to benefit from commercial advantages and that usages would be moving towards greater transparency, in a regime of generalized sharing where monitoring by governments goes hand in hand with private companies tracking. Although inspired by quite different theoretical and political motivations from those of commercial stakeholders, the academics who support this approach end up at the same conclusion as those digital economy pundits they are trying to disprove – that privacy has well and truly disappeared.

However, observed behaviors run counter to this conclusion. In this ideologically charged climate, users are making increasingly insistent demands for autonomy and personal and collective empowerment. They are not remaining passive in the face of widespread complicity between businesses and governments, scandals surrounding the passing of draconian laws and the lack of legal and technical means to protect the integrity and confidentiality of personal data. To claim that this is the case, as certain ill-informed commentators have done, is misleading.

This loss of trust among users goes hand in hand with a growing demand for services that secure and anonymize online interactions. The increasingly widespread use of encrypted networks such as TOR, ‘amnesic’ operating systems such as Tails and ‘ephemeral’ websites and applications are all clear indications of a increasing interest for tools that give users control over their online presence. Internet giants have reacted by offering ‘competitive privacy services’ (such as Gmail making it easier to encrypt emails) or by paying outrageous prices to acquire businesses that allegedly minimize the collection of metadata (e.g. the 19 billion dollars Facebook paid for WhatsApp in 2014). On the flip side, other sectors of the digital economy are suffering the repercussions of this new cultural and political awareness, such as US cloud computing providers, who stand to lose up to 35 billion dollars over three years.

Whether it is motivated by commercial interests or political concerns, the historical narrative that underlies the hypothesis of the end of privacy remains therefore controversial. Rather than a smooth, linear transition from a world where privacy plays an important role to one where it has supposedly lost its raison d’être, we are today engaged in a full-fledged culture war over confidentiality, anonymity, and secrecy.

There is no guarantee that this war will be won by the civil liberties advocates or by governments, with the complicity of big data companies that currently uphold the system of mass participatory surveillance. Today, more than ever, we need to break free of the ideological framework in which we have become trapped, one that paints privacy as just a fortuitous historical circumstance.


Contrary to the received wisdom that privacy is disappearing, the importance attributed to managing the limits and content of citizens’ personal spheres is in fact growing in the current social and technological climate.

After Michel Foucault’s notion of ‘care of the self’, the care of privacy can be described as the task of defining the boundary between public and private — in other words, between collective responsibilities and constraints, and that which pertains to the individual capacity to think and act.

To break free of the current ideological biases, we need to re-contextualize the historical origins of the notion of privacy. According to Philippe Ariès’ reconstruction of this historical process, the initial point can be set in Middle Ages, characterized by a social life that was neither private nor public in the sense we use these terms today. Before the modern era, interactions in the public space still fashioned an indistinct sphere where individual intimacy was dispersed in a network of ‘collective, feudal and community’ structures ‘within a system that just about functioned: the solidarities of the seigniorial community, those of lineage and vassal relations’.

Over the centuries, the balances of power that supported these structures were gradually dismantled, allowing the distinctive features of the private sphere to emerge — not just an abstract possibility, but rather a concrete concern that affects and permeates into the activities and personal orientations of modern individuals. This care is actualized by social measures that reflect this shift in attitude, such as analyzing oneself through writing, aided by the widespread elimination of illiteracy and the invention of printing; autonomous and egalitarian relationships, with an emphasis on friendship between peers; and the reconfiguration of living space, with a preference for private accommodations over communal and family houses. All of these transformations can be seen as echoing the ‘changes in the “We-I” balance’ referred to by Norbert Elias. Significantly, the ‘social turn’ of the Internet of recent years has continued this trend through an increasing emphasis on writing about oneself online, forging elective friendships and reconfiguring human spatiality. In doing so, it has made the care of privacy, as well as the public demand to protect it, more widespread.

The appearance of the notion of private sphere is situated between the end of the Middle Ages and the onset of the Modern Era. Yet, the idea of privacy as a right and a prerogative to be defended is much more recent. The philosopher John Deigh links its emergence to the need to provide a solution to the problem of the ‘tyranny of the majority’, first set out by Alexis de Tocqueville. The formidable strength of public opinion and the authority of the majority in modern democracies can become a threat to the autonomy of individuals and minorities. The need to guarantee intellectual freedom and to decide on a set of rights that moderate the government’s power over individuals led the philosopher John Stuart Mill to formulate his ‘harm principle’. According to this principle, the private sphere is an inviolable area of freedom. Mill states that ‘The only part of the conduct of anyone for which he is amenable to society is that which concerns others. In the part that merely concerns himself, his independence is, of right, absolute’.

The discussion over the protection of privacy is part of such political and philosophical debate. This liberal tradition was continued by Samuel Warren and Louis Brandeis, two American lawyers who in 1890 set out the now canonical definition of the ‘right to privacy’ in the Harvard Law Review. By developing the harm principle to take account of the need to guarantee not only the freedom to act but also the very ability of individuals to conceal themselves and their ‘domestic circles’ from public scrutiny, they defined privacy as ‘the right to be left alone’.

As Deigh highlights, this legal innovation was indissociable from the technological context and media environment of the late 19th century. In the period when Warren and Brandeis were writing, it was mainly gossip press, photojournalism and investigative journalism that urged to set out the limitations of one of the very postulates of contemporary democracies: a ‘well-informed citizenry’.

More than a century after this first definition of the right to privacy, digital media have become instruments to exert citizenship rights. It has therefore become imperative to examine the effects of changes to the media and technological ecosystem in order to reproblematize the boundary between private and public. To a large extent, online social technologies can be regarded as extensions of the 19th and 20th century tools used to document and capture images and other multimedia contents as proof of behaviors and individual opinions. They also make concerns over managing and restricting their effects more widespread. By looking at the issue from a historical perspective, we can see how the supposed ‘new social norm’ of publicness advocated by corporate interests, but feared by users, hides a completely different reality. Protecting privacy remains key, but it undergoes a qualitative transformation that leads to a gradual distancing from the Anglo-Saxon liberal philosophical tradition and its application to 19th century jurisprudence. Whereas investigative photojournalism would previously have affected only a small number of public figures and politicians, today the risk of improperly capturing and publishing private information affects society as a whole. Privacy scandals, big and small, of the past few years have not only impacted celebrities. The need to manage one’s digital traces now affects us all, as can be seen by the difficulties involved in applying the ‘right to be forgotten’ on a large scale.

This alternative history of the notion of the private sphere goes beyond the basic theory of the ‘end of privacy’ and the revisionist views that would make it a historical anomaly or even a null-and-void event. The care of privacy is the result of long-term cultural, political, technological, and mediatic processes that are continuing in the network society. It fits neatly into our everyday working lives and usages, and reflects the structure of each of the operating social forces. It is closely linked to the democratic functioning and has proved indissociable from the gradual extension of civil liberties and their application to increasingly large swathes of the population. Historically, the requirement to protect privacy has not been perceived equally within populations precisely because, as a concern, it is not immune to the influence of differential hierarchies and forms of subjection. The care of privacy is becoming more widespread insofar as modern democracies advocate – at least theoretically – a political space that is accessible to all. As Hannah Arendt would have it, it is the very possibility of accessing an active, professional and public, life that makes it necessary to draw a line between what pertains to collective achievements and what is confined to the individual’s private sphere.

Although this possibility was previously restricted to a specific category of individuals (free men with steady incomes), it now extends to all those (women, children, disadvantaged citizens, etc.) who previously had no need to protect their privacy precisely because they were excluded from public life.


Recent decades have witnessed the establishment of a technological mediation over the right to a public life and, by implication, a private one. Active citizenship as well as the expression of the public will are achieved through the use of information and communication technologies. Online presence is therefore becoming a proxy for democratic participation. Far from leading to the erosion of the private sphere, this makes privacy an aspiration that is affecting the lives of an increasing numbers of persons around the world.

Yet acknowledging this more widespread concern for private life, however important it may be in strengthening the argument against the hypothesis of the ‘end of privacy’, is not the same as saying that nothing has changed since the rapid rise of digital technologies.

We choose to label the current transition as a shift from privacy-as-penetration to a privacy-as-negotiation.

The first approach takes us back to the ‘right of the individual to be left alone’ as set forth by Brandeis and Warren. It identifies a set of sensitive personal data (the ‘privacies of life’ referred to in a famous US ruling dating from the same period) and places them at the heart of an individual space understood as a set of concentric circles of action. Such data would be ‘private’ by their very nature. This vision is based on a strict hierarchy of information, from more personal data that require greater protection to those that are less sensitive and are known by an ever-growing number of social stakeholders. According to this approach, there is therefore a set of core sensitive data that need to be protected, while the rest can easily be made public in line with a clearly unidirectional vision. An invasion of privacy is perpetrated by an external agent who manages to penetrate an individual’s core sensitive data.

The concept of privacy as an individual right, insofar as it embodies a normative stance, represents an ideal situation that is barely recognizable in our day-to-day lives. It becomes a starting point from where to develop successive applications that are capable of factoring in new cultural sensibilities and technological advancements. Against a backdrop of social connectivity provided by digital devices, the intimate sphere of each individual cannot be composed in isolation. No one wants ‘to be left alone’ on social platforms and yet everyone expresses a care of privacy that is specific to them. In their everyday interactions, individuals endeavor to contribute actively either to disclosing or to keeping information secret, in order to limit intrusions from the outside and, more generally, to establish a set of rules and privileges for accessing specific aspects of their lives. By accepting or avoiding interactions and by adapting their frequency and intensity, individuals themselves adopt behaviors that are aimed, either explicitly or implicitly, at sorting all the informations that could be the subject of social interactions in a dialectical and dynamical manner.

The increasing prominence of networked social interactions empowers social stakeholders to display a strategic desire to create and maintain their areas of autonomy. In this new paradigm, privacy is not be construed as an individual prerogative, but rather a collective negotiation. It results from a relational arrangement that takes into account intersubjective factors and is modeled around the signals received from those with whom an individual interacts. Privacy in online social platforms and in relationships mediated by mobile technologies is unique in that it is a decentralized, complex and multidirectional process.

The social environment of each individual is not fixed in advance, but on the contrary is defined by them. This situation, which typically arises when a user joins an online social network, requires above all that they evaluate the context in which interactions will take place (the participants, limits, norms, etc.) to be able to adjust the content of their communications. Building an online presence also requires users to protect themselves against intrusions from the outside, as well as managing the outgoing flow of data. To do this, each individual normally starts by a gradual disclosure of personal information that is intended to encourage feedback from the community of their interactors.

Unlike the traditional privacy-as-penetration model, none of the data shared are private, sensitive or intimate per se. All information is a signal sent by its author to their own environment, to the members of their personal online network. Because this signal aims to provoke a reaction from these members, the individuals help one another to adapt the information that they share by developing response and collaboration mechanisms. It is primarily by gathering this feedback and these evaluations – whether positive or negative – that users are able to establish which data should be considered private and which can on the contrary be disclosed in a given context.

In that it is based on seeking an agreement between several parties rather than on a rule decreed by just one of them, this vision of privacy can be likened to a collective bargaining.

Stakeholders seek a consonance, compare their different interests and make mutual concessions in terms of disclosure and access to potentially sensitive information. The loss of privacy in certain areas is not equivalent to an uncontrolled debacle, but rather to a strategic withdrawal over subjects where negotiation proves challenging. It is through this collaborative disclosure accompanied by complex processes of selection and influence, that participatory surveillance is made possible — and can eventually be surpassed. From a citizen’s standpoint, mass surveillance programs cannot be countered by asserting an individual right to privacy as a sphere that resists all penetration, but rather by re-establishing a balance between the forces involved in this negotiation process – governments, market stakeholders and individuals.


In the current political climate, defining the notion of privacy by emphasizing the aspects that make up the conflicting interests of various stakeholders gives rise to a reaction that we should try to avoid – that of likening the ‘negotiation’ of privacy to its ‘commercial exploitation’.

Privacy has undergone a transformation. It is no longer a transaction where each individual is alone against all others, but rather a collaborative process where the motivations of each citizen combine to create social collectives (such as advocacy groups, trade associations, and recognized bodies serving shared interests) engaging commercial organizations and governments in confrontations. The eminently collective nature of the current negotiation over privacy enables us to see its advocacy above all as an antagonistic and iterative conflict around the adaptation of rules and terms of service to users’ needs. This process has been marked by a series of disputes and controversies that governments have had difficulty framing, in a generalized trial and error scheme involving the whole of civil society, owners of big data-processing companies and state intelligence agencies.

No one can doubt that this collective negotiation is indissociable from the protection of individual liberties, which must be enabled by specific legislation to counterbalance the bargaining powers between different stakeholders. The existing legislative framework is still based on a privacy-as-penetration model and aimed to ‘leave users alone’ by interrupting communication flows and interconnections. It does not reflect the key demands of the citizens of a network society: to gain greater control over their own data through digital literacy, as well as through comprehensive citizen empowerment programs, and the introduction of infrastructures promoting the autonomy of communities of users.

Inevitably, this vision does not sit well with contemporary moves to apply the principles of private ownership to personal data, something that could be labeled as ‘privatization of privacy’. Viewing privacy solely as an individual issue, or indeed as an infinitely monetizable and alienable asset, is sometimes presented as a way of making up for the commercial exploitation of personal data in which the big online social platforms and data brokers are already engaged. This is the argument put forward by theorists such as Jaron Lanier, who, while highlighting the inability of civil liberties to protect privacy in the age of the Internet, advocates the use of commercial rights through the introduction of a system of micro-royalties that Internet companies would have to pay to users in order to collect, store and use their personal data for commercial purposes.

Whether seen as a simple provocation or as a dystopian vision, steps towards making this proposition a reality have so far been taken both by tech giants and by start-ups willing to experiment with offering remuneration to social media users in exchange for access to their profiles. The World Economic Forum was already describing personal data as a type of emerging asset as early as 2011. This classification, that would equate personal data to a ‘repugnant market’ (such as the trade in human organs or of citizenship rights), poses a problem for both legislators and citizens. Furthermore, in a report published in 2014, the French Digital Council declared its opposition to applying private ownership rights to personal data. The main reason given, which is in line with the need to respect the collective nature of the negotiation of personal data, was to balance ‘the power relationship between consumers and businesses’.

The sale of data under a private ownership system would generate only inconsequential incomes and would further foster socio-economic inequalities.

Moreover, the framing of this debate, with its excessive focus on the commercial element, would do away with the role of governments as stakeholders in this market, in their capacity as buyers of citizens’ personal data for surveillance purposes. With a private ownership system, citizens would be in even less of a position to defend themselves and their negotiating power would therefore be weakened.

These issues are destined to become increasingly only more pressing with the expansion of the Internet of Things. One of its immediate repercussions is the upsetting of the balance between the ‘Internet of publication‘ (which includes contents voluntarily put online by users) and the ‘Internet of emission’ (which includes data and metadata transmitted by our smart devices, over which citizens have little or no configurating and negotiating prospects). To date, in this new paradigm consent to sharing personal data is largely assumed by default, on an opt-out basis, and has not been accompanied by any attempts to raise awareness and understanding of the related personal and social issues. The capture of data emitted by meters, electroncs and smart appliances installed in private homes, as well as by public transports and background components of urban infrastructure (sensors, cameras, etc.), is already a part of our everyday lives. However, it is destined to reach a critical point at which neither individual rights nor measures to protect the private ownership of personal data will be enough to counter the increasingly powerful forms of alienation and expropriation to which citizens will be exposed. In the political context that is currently brewing, legislation based on individual rights would be nothing but a paper tiger.

Breaking free of the conceptual trap of the ‘privatization of privacy’ means both recognizing the dangers of reducing the elements that make up the connected lives of citizens to purely commercial assets and the need to move away from the logic of personalizing privacy, so that it can be envisioned as a collective concern, sitting within a framework in which autonomy and liberties are respected by design.