On the flight back to D.C. from a recent trip to the IAPP headquarters, I found myself reflecting on a conversation that challenged my assumptions about the universality of privacy as a cultural concept.
I was back in snowy New Hampshire to join the IAPP Research and Insights team and my managing director counterparts for much-needed in-person time and planning sessions for the busy year ahead.
The R&I team is currently privileged to include many multilingual colleagues with roots around the world. Over taco bowls, we got to talking about the difference between privacy and data protection, and how these concepts are conveyed in other languages.
Multiple colleagues expressed their belief that the only words for "privacy" in their native tongues were borrowed words from English.
One stark example is the Russian language, which lacks a native word that maps onto our concept of privacy. This is perhaps most directly illustrated by the name of Russia's data protection law, which is somewhat dryly referred to simply as the federal law "on personal data," (О персональных данных).
Given the seemingly ever-widening set of meanings that we give privacy within our field, perhaps it is not a complete surprise that other languages do not reflect the same set of meanings within a single word. Yet, as language both reflects and influences culture, there is more to unpack in this disparity than a simple missing term of art.
In fact, others have previously reflected on the mismatch in cultural ideas of privacy between Russia and the U.S. The Russian political analyst Nikolai V. Zlobin flagged the American conception of privacy as one among many cultural curiosities in his book for a Russian audience titled, "America — What a Life!"
A New York Times reviewer of the book remarked that Zlobin devoted many pages to the idea of privacy, reflected as one example in Americans' desire for a larger bubble of personal space than Russians. "I suppose that in a typical Russian line, your average American would lose consciousness," Zlobin wrote. "Any touch to an American is taken as a violation of his personal space, so in the U.S., as a rule, people do not take each other by the elbow and do not tap each other on the shoulder if they want attention, they do not embrace each other like brothers."
Though personal space and digital privacy may not seem directly related, scholars draw direct connections between them. Social scientists have offered insights on the relativity of cultural norms for regulating personal privacy — and how these norms influence perceptions and behaviors in the digital world. For an approachable high level review of this multidisciplinary work, I recommend Yao Li's book chapter on Cross-Cultural Privacy Differences.
Cultural differences matter not because they question assumptions that privacy is a fundamental human value, but because they can inform the work of privacy professionals, especially when designing systems that may be used around the world. Privacy by design is only effective when it meets users where they are, including through linguistic and cultural ideas that resonate.
Of course, it is still possible to discuss data privacy in Russian. As a relevant post on a language blog explains, it is feasible to describe the concepts of privacy in Russian, including through phrases that mean "private life," "solitude," "intimacy" and "confidentiality."
Maybe communicating in a language without a word for privacy might force us to be more precise in how we discuss it. After all, data privacy protections perform many functions at once. They protect the sanctity of the digital trail we leave through our private lives. They empower individuals to preserve the most intimate and contextually determined elements of their identity. And, hopefully, they ensure that information about us only spreads within the zones of confidence that we allow.
As privacy professionals, we are constantly translating. We translate across these meanings of the word "privacy." We translate between technical, operational, and policy domains. And we translate data protection principles across thousands of languages. Even if we lacked a word for privacy, our task would remain the same.
Here's what else I'm thinking about:
- Accuracy remains an important privacy right, especially in the financial sector. IAPP Westin Fellow Luke Fischer and a legal extern from my office, Harrison Grant, published their takeaways from the Truthfinder and Instant Checkmate actions brought by the U.S. Federal Trade Commission and the Consumer Financial Protection Bureau. The cases are important reminders that inaccurate data can lead to real-world harms — and that regulators will not take a narrow view of obligations under the Fair Credit Reporting Act.
- The FTC joined a new enforcement network of global data protection authorities. The multilateral agreement, known as the Global Cooperation Arrangement for Cooperation Enforcement is the next step toward establishing the Global Cross-Border Privacy Rules system. It extends the voluntary enforcement cooperation component of the Asia Pacific Economic Cooperation CBPRs so that additional jurisdictions can join outside of the Asia-Pacific region.
- The FTC also continued its flurry of privacy and AI actions with another geolocation data settlement, this time against the data aggregator InMarket Media. The case presents similar takeaways for privacy professionals as the recent X-Mode settlement, which I analyzed here. The Future of Privacy Forum recently hosted an insightful discussion about the cases.
- Listening to the conversation shift on kids safety. The National Telecommunications and Information Administration hosted a listening session to "learn about current and future industry efforts to promote the health, safety and privacy of young people online." Input from industry perspectives shared during the session will supplement the more than 500 comments the agency received in response to its request for comments on protecting kids online. Meanwhile, Snap broke with other tech companies to vocally support the Kids Online Safety Act.
- The Future of Privacy Forum posted the selections of its annual Privacy Papers for Policymakers award. There's only one month to read the incredible scholarship from across the community before the awards ceremony on 27 Feb.
Upcoming happenings:
- 1 Feb., 11:30 ET: Join me for a LinkedIn Live discussion on the proposed amendments to the Children's Online Privacy Protection Act Rule, featuring Amelia Vance and Sara Kloek, CIPP/US.
- 1 Feb., 15:00 ET: The IAPP's Mid-Atlantic KnowledgeNet hosts an event titled 2024's Privacy Priorities and Perspectives (with Pinots, Pilsners and Pop) sponsored by Unit 42 by Palo Alto Networks (Hunton Andrews Kurth).
Please send feedback, updates and new words to cobun@iapp.org.