A Brief History of Privacy
Over the past two decades, the rapid growth of personal data collection has dramatically changed how individuals, organizations, and governments view privacy.
While privacy isn’t a new concept, technological advancements have given it new meaning. Public awareness has also grown in response to data breaches, surveillance, and the misuse of personal information becoming more widespread.
In this blog post, we’ll revisit key moments in the history of privacy to better understand the challenges we face today.
What is privacy?
Privacy is primarily about our ability to control what we reveal about ourselves and to whom.
The distinction between public and private has roots in ancient Greek philosophy. Aristotle, for instance, saw the public (polis) as a space of freedom and permanence, where individuals could distance themselves from the concerns of private life. Similarly, the Romans viewed the public sphere as a place where human potential could truly flourish.
Over time, the concept of privacy evolved from being secondary to public life into a vital aspect of individuality. Rousseau viewed privacy as a retreat from social pressures, both within the household and society at large. Hannah Arendt argued that privacy is essential for personal identity and the exercise of political rights, even though it is through interaction with others that we gain a sense of our own reality and the shared world around us.
George Orwell’s 1984 offered a dystopian vision of a world where privacy no longer existed and constant surveillance stripped away any sense of personal autonomy. Michel Foucault explored how power structures use surveillance to regulate and control behavior.
Most dictionaries define privacy as "a state of being alone and not watched or disturbed by other people" or "the state of being secret or concealed." But modern privacy goes beyond these definitions to include control over personal information and how it is used. Plus, there are more dimensions of privacy. Think about:
- Solitude in the digital age: What happens to our sense of solitude when we spend hours interacting with our phones? Time that was once used for introspection—perhaps staring at a wall in deep thought—is now often filled with an infinite stream of digital content. Are we ever truly alone with our thoughts anymore?
- Context collapse: Before the internet and social media, we naturally tailored how we presented ourselves to different audiences—friends, family, colleagues, etc. Social platforms erased many of these boundaries by merging once separate contexts into a single space. How do we present ourselves when all audiences converge, and what happens when the nuances of context are lost entirely?
Overall, privacy now encompasses psychological, social, and digital dimensions. It is about navigating a world where the boundaries between public and private are increasingly fluid.
What led us here?
pre-1970s: Privacy before the internet
Privacy concerns were initially tied to physical spaces and personal correspondence. Since the 14th century, people have gone to court for eavesdropping and opening personal letters. The opposition to the first US census in 1790 reflected fears that private family affairs could be exposed to neighbors.
By the end of the 19th century, the emphasis shifted toward controlling personal information. With the rise of journalism, individual privacy was increasingly exploited for commercial gain. The first complaints about intrusive interview techniques were recorded as early as 1873. The invention of instant photography and portable consumer cameras made matters worse by enabling journalists to capture and publicize private moments in unprecedented ways.
In response to this new reality, Samuel D. Warren and Louis Brandeis wrote the Harvard Law Review article “The Right to Privacy” in 1890. They argued that the rapid advancements in technology, particularly the rise of affordable cameras, demanded legal changes to protect a right that we previously took for granted: the right to be let alone. For the authors, this meant shielding private lives from public exposure in sensationalist newspapers and protecting individuals from the intrusion of flashing cameras.
Immediately following the Second World War, international recognition of privacy as a fundamental human right emerged as a response to the atrocities committed by fascist regimes. The “Universal Declaration of Human Rights,” adopted by the United Nations in 1948, addressed privacy at the international level. It was the first instrument to deal with the right to privacy, but as it was in the form of a resolution of the General Assembly, it was not legally binding.
By the mid-20th century, the growth in data collection tools further fueled the need for privacy. Concerns about government surveillance and the rise of psychological testing, lie detectors, and mass data collection led to debates on balancing utility with individual autonomy. In Privacy and Freedom (1967), Alan Westin defined privacy as the right to decide “when, how, and to what extent” personal information is shared. The book helped set the stage for modern debates about technology, privacy, and personal freedom and is one of the most influential works on privacy to this day.
1970s–2000s: a new era of awareness and privacy regulation
The widespread adoption of computers revolutionized data storage and processing, leading to the creation of electronic databases that could hold vast amounts of personal information. This sparked fears about potential misuse and large-scale privacy violations.
By the late 1970s, advancements in telecommunications added a new dimension to these concerns. The merging of computing and telecommunications, known as telematics, enabled innovations (such as tele-education and tele-medicine) but also heightened the risks, particularly the possibility of sensitive data being distributed to unknown recipients.
During this period, the foundations for privacy-enhancing technologies (PETs) were developed by researchers like Andrew Yao (multi-party computation) and David Chaum (blind signatures, etc.).
Simultaneously, we saw the emergence of privacy-focused movements. Starting in the late 1980s, the cypherpunk movement advocated for the widespread use of strong encryption and privacy-enhancing technologies to protect individual privacy and resist state or corporate surveillance (until then, encryption had been primarily used by governments.)
In 1991, Phil Zimmermann released Pretty Good Privacy (PGP), a groundbreaking encryption software that allowed individuals to protect their messages from unauthorized access. Although the US government initially contested PGP, it became a cornerstone of privacy advocacy and encryption, influencing a global shift in the adoption of secure communication technologies.
In the meantime, governments and organizations began to formalize privacy protections through legislation and international agreements. Key developments included:
- 1974: The US Privacy Act established rules for how federal agencies collect, store, use, and share personal information.
- 1977: Germany enacted the Federal Data Protection Act, one of the first comprehensive data privacy laws.
- 1980: The OECD introduced guidelines on the Protection of Privacy and Transborder Flows of Personal Data, establishing global privacy principles.
- 1995: The European Union's Data Protection Directive harmonized data protection laws across Europe, laying the foundation for the later General Data Protection Regulation (GDPR).
While these legal frameworks were necessary and important, critics argued that they focused too heavily on regulation and often overlooked societal and technological solutions to privacy challenges. This gap would eventually lead to the integration of privacy-enhancing technologies into certain legal strategies.
2000s–2010s: The security vs. privacy debate (continued)
The new millennium brought unprecedented challenges to privacy, particularly after the 9/11 attacks. Governments prioritized national security, leading to surveillance programs that often bypassed existing privacy regulations. This revealed the brittleness of legal protections, as political and security priorities could simply override them.
The rapid growth of the internet transformed how personal data was collected, stored, and used. Companies like Google and Facebook began offering free services in exchange for personal data, creating a "data economy" where user behavior was monetized. Targeted advertising and data-driven algorithms redefined the value of personal information.
In 2008, blockchain technology emerged, offering a decentralized approach to financial transactions and digital identity. The goal was to move away from centralized systems that had become vulnerable to surveillance and data breaches. Even though the relationship between blockchain and privacy is not straightforward (the inherent immutability of blockchain contradicts the GDPR’s “right to be forgotten”), technologies like zero-knowledge proofs are successfully used to reconcile privacy with the transparency blockchain provides.
2010–2020: A new era of awareness
Key events in the last two decades heightened global awareness of privacy issues:
In 2013, Edward Snowden leaked classified documents revealing extensive global surveillance programs run by the U.S. National Security Agency (NSA). These revelations exposed how governments were monitoring private communications, including phone calls, emails, and internet activity, on an unprecedented scale.
In 2018, the Cambridge Analytica scandal exposed the misuse of Facebook data for political manipulation, underscoring the risks of unregulated data sharing.
That same year, the EU's General Data Protection Regulation (GDPR) came into effect, setting a new global standard for data protection, requiring organizations to act with greater transparency and accountability in data handling. GDPR inspired similar legislation worldwide, including the California Consumer Privacy Act (CCPA), which granted new rights to California residents over their personal data, such as the right to opt out of data sales.
A path forward
During the early days of the internet, many saw the digital realm as a space of freedom—a place where people could escape the constraints of “real life” and reinvent themselves. Sadly, this vision has proven to be naive. The internet today is a repository of knowledge about our lives, accessible not only through our online activity but also through the data we unknowingly leave behind. The boundary between our online and offline lives is becoming ever more fluid, and personal information is often more readily available to governments and corporations than to ourselves.
As concerns about privacy continue to evolve, especially with the rise of AI, it is clear that privacy must be addressed through a holistic approach—one that integrates legal, societal, and technical changes. Until then, it might very well be the time to panic about privacy.
