Autogestão da privacidade e o dilema do consentimento
Resumo
A abordagem regulamentar vigente para a proteção da privacidade supõe o que eu chamo "autogestão da privacidade": A lei da às pessoas um conjunto de direitos que lhes permitem ponderar os custos e benefícios da recoleção, uso ou divulgação de sua informação. O consentimento legitima quase qualquer tipo de recoleção, uso ou divulgação de dados pessoais. Embora a autogestão da privacidade é certamente um componente necesário de qualquer regime regulatório, em este artigo eu considero que as expectativas colocadas sobre este regime estão além de suas posibilidades. A autogestão da privacidade não dá às pessoas um controle significativo sobre seus dados. Além disso, as pessoas não podem autogerir sua privacidade corretamente devido a uma série de problemas estruturais. Há muitas entidades recolhendo e utilizando dados pessoais como para que seja factível que as pessoas gerem sua privacidade separadamente com cada entidade. É virtualmente impossível para as pessoas ponderar os custos e benefícios de revelar informação ou permitir a sua utilização ou transferência sem uma compreensão das potenciais utilizações subseqüentes, limitando ainda mais a efetividade da autogestão da privacidade. Em este artigo, eu proponho várias formas em que as leis de privacidade podem lidar com o dilema do consentimento e deixar de confiar demais na autogestão da privacidade.Palavras-chave:
Privacidade, proteção de dados pessoais, autogestão da privacidade, consentimentoReferências
Acquisti, Alessandro y Jens Grossklags (2006). «Privacy and rationality: A survey». En Katherine J. Strandburg y Daniela Stan Raicu (editoras), Privacy and technologies of identity. Nueva York: Springer.
Acquisti, Alessandro y Jens Grossklags (2008). «What can behavioral economics teach us about privacy?». En Alessandro Acquisti y otros (editores), Digital privacy. Boca Ratón (Estados Unidos): Auerbach Publications.
Allen, Anita L. (2011). Unpopular privacy: What must we hide? Nueva York: Oxford University Press.
Anton, Annie I. y otros (2004). «Financial privacy policies and the need for standardization». IEEE Security & Privacy, 2.
Ariely, Dan (2008). Predictably irrational. Nueva York: HarperCollins Publishers.
Bamberger, Kenneth A. y Deirdre K. Mulligan (2011). «Privacy on the books and on the ground». Stanford Law Review, 63 (2).
Barbaro, Michael y Tom Zeller (2006). «Jr., A face is exposed for AOL searcher 4417749», New York Times, 9 de agosto, sec. Technology. Disponible en <http://select.nytimes.com/gst/abstract.html?res=F10612FC345B0C7A8CDDA10894DE404482>.
Ben-Shahar, Omri y Carl E. Schneider (2011). «The failure of mandated disclosure». University of Pennsylvania Law Review, 159.
Brandimarte, Laura, Alessandro Acquisti y George Loewenstein (2013). «Misplaced confidences: Privacy and the control paradox». Social Psychological and Personality Science, 4 (3). Disponible en <http://www.heinz.cmu.edu/~acquisti/papers/acquisti-spps.pdf>.
Brill, Julie (2010). «Remarks by commissioner Julie Brill. United States Federal Trade Commission» (Trabajo presentado en la Conference of Western Attorneys General Annual Meeting, Privacy 3.0 Panel, Nuevo México, Santa Fe, 20 de julio), disponible en <http://www.ftc.gov/speeches/brill/100720cwagtranscription.pdf>.
Calo, M. Ryan (2012). «Against notice skepticism in privacy (and elsewhere)». Notre Dame Law Review, 87.
Cate, Fred H. (2006). «The failure of fair information practice principles». En Jane K. Winn (editor), Consumer potection in the age of the ‘information economy’. Bodmin (Inglaterra): Ashgate Publishing.
Citron, Danielle Keats (2007). «Reservoirs of danger: The evolution of public and private law at the dawn of the information age». Southern California Law Review, 80.
Cohen, Julie E. (2000). «Examined lives: Informational privacy and the subject as object». Stanford Law Review, 52.
Cohen, Julie E. (2012). Configuring the networked self. New Haven: Yale University Press.
Cohen, Julie E. (2013). «What privacy is for». Harvard Law Review, 126.
Gellman, Robert (2013). «Fair information practices: A basic history». Disponible en <http://bobgellman.com/rg-docs/rg-FIPShistory.pdf>.
Gilbert, Daniel (2006). Stumbling on happiness. Nueva York: Vintage.
Goldman, Eric (2002). «The privacy hoax». Forbes, 14 de octubre. Disponible en <http://www.forbes.com/forbes/2002/1014/042.html>.
Hoofnagle, Chris Jay y otros (2010). «How different are young adults from oder adults when it comes to information privacy attitudes & policies?». Social Science Research Network. Disponible en <http://ssrn.com/abstract=1589864>. Manuscrito inédito.
Janger, Edward J. y Paul M. Schwartz (2002). «The gramm-leach-bliley act, information privacy, and the limits of default rules». Minnesota Law Review, 86.
John, Leslie K., Alessandro Acquisti y George Loewenstein (2009). «The best of strangers: Context dependent willingness to divulge personal information». Social Science Research Network. Disponible en <http://ssrn.com/abstract=1430482>. Manuscrito inédito.
Kafka, Franz (1998). The trial. Traducido por Breon Mitchell. Nueva York: Schocken Books.
Kahneman, Daniel (2011). Thinking, fast and slow. Nueva York: Farrar, Straus and Giroux.
Kahneman, Daniel, Paul Slovic y Amos Tversky (eds.) (1982). Judgment under uncertainty: Heuristics and biases. Nueva York: Cambridge University Press.
Kahneman, Daniel y Amos Tversky (eds.) (2000). Choices, values, and frames. Nueva York: Cambridge University Press.
Leibowitz, Jon (2007). «So private, so public: Individuals, the internet and the paradox of behavioral marketing» (Trabajo presentado en la FTC Town Hall Meeting on «Behavioral advertising: Tracking, targeting, and technology», 1 de noviembre). Disponible en <http://www.ftc.gov/speeches/leibowitz/071031ehavior.pdf>.
Lundblad, Nicklas y Betsy Masiello (2010). «Opt-in dystopias». SCRIPTed, 7 (1). Disponible en <http://www.law.ed.ac.uk/ahrc/script-ed/vol7-1/lundblad.pdf>.
Marotta-Wurgler, Florencia (2011). «Will increased disclosure help? Evaluating the recommendations of the ALI’s ‘Principles of the law of software contracts’». University of Chicago Law Review, 78.
Mazzone, Jason (2003). «The waiver paradox». Northwestern University Law Review, 97.
McDonald, Aleecia M. y Lorrie Faith Cranor (2008). «The cost of reading privacy policies». I/S: A Journal of Law and Policy for the Information Society, 4.
Milne, George R. y Mary J. Culnan (2004). «Strategies for reducing online privacy risks: Why consumers read (or don’t read) online privacy notices». Journal of Interactive Marketing, 18.
Nissenbaum, Helen (2010). Privacy in context. Palo Alto: Stanford University Press.
Nussbaum, Emily (2004). «My so-called blog», New York Times, 11 de enero, sec. Magazine. Disponible en <http://www.nytimes.com/2004/01/11/magazine/11blog.html>.
Post, Robert C. (1989). «The social foundations of privacy: Community and self in the common law tort». California Law Review, 77.
Regan, Priscilla M. (1995). Legislating privacy: Technology, social values and public policy. Chapel Hill: The University of North Carolina Press.
Reidenberg, Joel R. (2003). «Privacy wrongs in search of remedies». Hastings Law Journal, 54.
Richards, Neil M. (2008). «Intellectual privacy». Texas Law Review, 87.
Richards, Neil M. (2013). «The dangers of surveillance». Harvard Law Review, 126.
Schwartz, Paul M. (1999). «Privacy and democracy in cyberspace». Vanderbilt Law Review, 52.
Schwartz, Paul M. (2005). «Privacy inalienability and the regulation of spyware». Berkeley Technology Law Journal, 20.
Schwartz, Paul M. (2013). «The EU–U.S. privacy collision: A turn to institutions and procedures». Harvard Law Review, 126.
Schwartz, Paul M. y Daniel J. Solove (2011). «The PII problem: Privacy and a new concept of personally identifiable information». New York University Law Review, 86.
Sherman, Erik (2008). «Privacy policies are great-for PhDs». CBS News, 4 de septiembre de 2008, sec. MoneyWatch. Disponible en <http://www.cbsnews.com/news/privacy-policies-are-great-for-phds/>.
Simitis, Spiros (1987). «Reviewing privacy in an information society». University of Pennsylvania Law Review, 135.
Solove, Daniel J. (2004). The digital person: Technology and privacy in the information age. Nueva York: New York University.
Solove, Daniel J. y Neil M. Richards (2009). «Rethinking free speech and civil liability». Columbia Law Review, 109.
Solove, Daniel J. y Paul M. Schwartz (2011). Information privacy law. 4.a ed. Nueva York: Aspen Publishers.
Strahilevitz, Lior Jacob (2013). «Toward a positive theory of privacy law». Harvard Law Review, 126.
Swire, Peter P. (2002). «The surprising virtues of the new financial privacy law». Minnesota Law Review, 86.
Thaler, Richard H. y Cass R. Sunstein (2008). Nudge. New Haven: Yale University Press.
Tene, Omer y Jules Polonetsky (2013). «Big data for all: Privacy and user control in the age of analytics». Northwestern Journal of Technology and Intellectual Property, 11.
Turow, Joseph, Lauren Feldman y Kimberly Meltzer (2005). Open to Exploitation: American Shoppers Online and Offline. Annenberg Public Policy Center of the University of Pennsylvania. Disponible en <http://www.annenbergpublicpolicycenter.org/downloads/information_and_society/turow_appc_report_web_final.pdf>.
Turow, Joseph y otros (2009). «Contrary to What Marketers Say, Americans Reject Tailored Advertising and Three Activities that Enable It». Social Science Research Network. Disponible en <http://ssrn.com/paper=1478214>. Manuscrito inédito.
Whittington, Jan y Chris Jay Hoofnagle (2012). «Unpacking privacy’s price». North Carolina Law Review, 90.
Acquisti, Alessandro y Jens Grossklags (2008). «What can behavioral economics teach us about privacy?». En Alessandro Acquisti y otros (editores), Digital privacy. Boca Ratón (Estados Unidos): Auerbach Publications.
Allen, Anita L. (2011). Unpopular privacy: What must we hide? Nueva York: Oxford University Press.
Anton, Annie I. y otros (2004). «Financial privacy policies and the need for standardization». IEEE Security & Privacy, 2.
Ariely, Dan (2008). Predictably irrational. Nueva York: HarperCollins Publishers.
Bamberger, Kenneth A. y Deirdre K. Mulligan (2011). «Privacy on the books and on the ground». Stanford Law Review, 63 (2).
Barbaro, Michael y Tom Zeller (2006). «Jr., A face is exposed for AOL searcher 4417749», New York Times, 9 de agosto, sec. Technology. Disponible en <http://select.nytimes.com/gst/abstract.html?res=F10612FC345B0C7A8CDDA10894DE404482>.
Ben-Shahar, Omri y Carl E. Schneider (2011). «The failure of mandated disclosure». University of Pennsylvania Law Review, 159.
Brandimarte, Laura, Alessandro Acquisti y George Loewenstein (2013). «Misplaced confidences: Privacy and the control paradox». Social Psychological and Personality Science, 4 (3). Disponible en <http://www.heinz.cmu.edu/~acquisti/papers/acquisti-spps.pdf>.
Brill, Julie (2010). «Remarks by commissioner Julie Brill. United States Federal Trade Commission» (Trabajo presentado en la Conference of Western Attorneys General Annual Meeting, Privacy 3.0 Panel, Nuevo México, Santa Fe, 20 de julio), disponible en <http://www.ftc.gov/speeches/brill/100720cwagtranscription.pdf>.
Calo, M. Ryan (2012). «Against notice skepticism in privacy (and elsewhere)». Notre Dame Law Review, 87.
Cate, Fred H. (2006). «The failure of fair information practice principles». En Jane K. Winn (editor), Consumer potection in the age of the ‘information economy’. Bodmin (Inglaterra): Ashgate Publishing.
Citron, Danielle Keats (2007). «Reservoirs of danger: The evolution of public and private law at the dawn of the information age». Southern California Law Review, 80.
Cohen, Julie E. (2000). «Examined lives: Informational privacy and the subject as object». Stanford Law Review, 52.
Cohen, Julie E. (2012). Configuring the networked self. New Haven: Yale University Press.
Cohen, Julie E. (2013). «What privacy is for». Harvard Law Review, 126.
Gellman, Robert (2013). «Fair information practices: A basic history». Disponible en <http://bobgellman.com/rg-docs/rg-FIPShistory.pdf>.
Gilbert, Daniel (2006). Stumbling on happiness. Nueva York: Vintage.
Goldman, Eric (2002). «The privacy hoax». Forbes, 14 de octubre. Disponible en <http://www.forbes.com/forbes/2002/1014/042.html>.
Hoofnagle, Chris Jay y otros (2010). «How different are young adults from oder adults when it comes to information privacy attitudes & policies?». Social Science Research Network. Disponible en <http://ssrn.com/abstract=1589864>. Manuscrito inédito.
Janger, Edward J. y Paul M. Schwartz (2002). «The gramm-leach-bliley act, information privacy, and the limits of default rules». Minnesota Law Review, 86.
John, Leslie K., Alessandro Acquisti y George Loewenstein (2009). «The best of strangers: Context dependent willingness to divulge personal information». Social Science Research Network. Disponible en <http://ssrn.com/abstract=1430482>. Manuscrito inédito.
Kafka, Franz (1998). The trial. Traducido por Breon Mitchell. Nueva York: Schocken Books.
Kahneman, Daniel (2011). Thinking, fast and slow. Nueva York: Farrar, Straus and Giroux.
Kahneman, Daniel, Paul Slovic y Amos Tversky (eds.) (1982). Judgment under uncertainty: Heuristics and biases. Nueva York: Cambridge University Press.
Kahneman, Daniel y Amos Tversky (eds.) (2000). Choices, values, and frames. Nueva York: Cambridge University Press.
Leibowitz, Jon (2007). «So private, so public: Individuals, the internet and the paradox of behavioral marketing» (Trabajo presentado en la FTC Town Hall Meeting on «Behavioral advertising: Tracking, targeting, and technology», 1 de noviembre). Disponible en <http://www.ftc.gov/speeches/leibowitz/071031ehavior.pdf>.
Lundblad, Nicklas y Betsy Masiello (2010). «Opt-in dystopias». SCRIPTed, 7 (1). Disponible en <http://www.law.ed.ac.uk/ahrc/script-ed/vol7-1/lundblad.pdf>.
Marotta-Wurgler, Florencia (2011). «Will increased disclosure help? Evaluating the recommendations of the ALI’s ‘Principles of the law of software contracts’». University of Chicago Law Review, 78.
Mazzone, Jason (2003). «The waiver paradox». Northwestern University Law Review, 97.
McDonald, Aleecia M. y Lorrie Faith Cranor (2008). «The cost of reading privacy policies». I/S: A Journal of Law and Policy for the Information Society, 4.
Milne, George R. y Mary J. Culnan (2004). «Strategies for reducing online privacy risks: Why consumers read (or don’t read) online privacy notices». Journal of Interactive Marketing, 18.
Nissenbaum, Helen (2010). Privacy in context. Palo Alto: Stanford University Press.
Nussbaum, Emily (2004). «My so-called blog», New York Times, 11 de enero, sec. Magazine. Disponible en <http://www.nytimes.com/2004/01/11/magazine/11blog.html>.
Post, Robert C. (1989). «The social foundations of privacy: Community and self in the common law tort». California Law Review, 77.
Regan, Priscilla M. (1995). Legislating privacy: Technology, social values and public policy. Chapel Hill: The University of North Carolina Press.
Reidenberg, Joel R. (2003). «Privacy wrongs in search of remedies». Hastings Law Journal, 54.
Richards, Neil M. (2008). «Intellectual privacy». Texas Law Review, 87.
Richards, Neil M. (2013). «The dangers of surveillance». Harvard Law Review, 126.
Schwartz, Paul M. (1999). «Privacy and democracy in cyberspace». Vanderbilt Law Review, 52.
Schwartz, Paul M. (2005). «Privacy inalienability and the regulation of spyware». Berkeley Technology Law Journal, 20.
Schwartz, Paul M. (2013). «The EU–U.S. privacy collision: A turn to institutions and procedures». Harvard Law Review, 126.
Schwartz, Paul M. y Daniel J. Solove (2011). «The PII problem: Privacy and a new concept of personally identifiable information». New York University Law Review, 86.
Sherman, Erik (2008). «Privacy policies are great-for PhDs». CBS News, 4 de septiembre de 2008, sec. MoneyWatch. Disponible en <http://www.cbsnews.com/news/privacy-policies-are-great-for-phds/>.
Simitis, Spiros (1987). «Reviewing privacy in an information society». University of Pennsylvania Law Review, 135.
Solove, Daniel J. (2004). The digital person: Technology and privacy in the information age. Nueva York: New York University.
Solove, Daniel J. y Neil M. Richards (2009). «Rethinking free speech and civil liability». Columbia Law Review, 109.
Solove, Daniel J. y Paul M. Schwartz (2011). Information privacy law. 4.a ed. Nueva York: Aspen Publishers.
Strahilevitz, Lior Jacob (2013). «Toward a positive theory of privacy law». Harvard Law Review, 126.
Swire, Peter P. (2002). «The surprising virtues of the new financial privacy law». Minnesota Law Review, 86.
Thaler, Richard H. y Cass R. Sunstein (2008). Nudge. New Haven: Yale University Press.
Tene, Omer y Jules Polonetsky (2013). «Big data for all: Privacy and user control in the age of analytics». Northwestern Journal of Technology and Intellectual Property, 11.
Turow, Joseph, Lauren Feldman y Kimberly Meltzer (2005). Open to Exploitation: American Shoppers Online and Offline. Annenberg Public Policy Center of the University of Pennsylvania. Disponible en <http://www.annenbergpublicpolicycenter.org/downloads/information_and_society/turow_appc_report_web_final.pdf>.
Turow, Joseph y otros (2009). «Contrary to What Marketers Say, Americans Reject Tailored Advertising and Three Activities that Enable It». Social Science Research Network. Disponible en <http://ssrn.com/paper=1478214>. Manuscrito inédito.
Whittington, Jan y Chris Jay Hoofnagle (2012). «Unpacking privacy’s price». North Carolina Law Review, 90.
