The question long has confronted policymakers, advocates, scholars, technologists, and consumers. And it lies at the heart of a newly-minted Brookings paper by Ben and yours truly, which we presented yesterday at the quite fantastic 2014 Computers Freedom and Privacy Conference; and which addresses the obligations that data-ingesting companies should owe to their customers.
The gist: "privacy," for all its its durability and undeniable centrality in our liberal society, is nevertheless a vague and disputed concept---vague and disputed enough, anyway, to question its utility, in establishing rules for first-party data collection and use. Moreover, in its broadest conception, privacy rhetoric at times can overpromise, by suggest a greater measure of legal protection than our political system is likely to deliver.
With all this in mind, we argue for a somewhat narrower approach---by identifying, among the wide range of ideas often stuffed into privacy’s capacious shell, the values that actually represent something like a consensus. It turns out that the consensus group better describes the government's enforcement activities, and its legislative aspirations for the future, than broad-brush "privacy" rhetoric does.