Omer Tene writes:
… the two frameworks for privacy protection, information privacy and constitutional privacy are premised on diametrically opposed conceptions of a data controller as a hero (information privacy) or villain (constitutional privacy). This tension is manifest, for example, in the highly contentious “third party doctrine”, which has taken hold in US privacy law in the 1970s. From a constitutional privacy perspective, the third party doctrine makes sense – “if you are concerned about surveillance, keep your secrets to yourself”. From an information privacy perspective, it is deeply flawed. “What do you mean you’re disclosing my data to the government? I gave you these data in confidence!”
In a new article titled Hero or Villain: The Data Controller in Privacy Law and Technologies, which will be presented at the upcoming Ohio State Law Journal Symposium on The Second Wave of Global Privacy Protection, my colleagues Claudia Diaz, Seda Gürses and I argue that privacy enhancing technologies (PETs) can fill gaps between the constitutional and information privacy frameworks to help individuals exercise their freedom from surveillance. We claim that given the genesis of information privacy laws in fears about surveillance, policymakers should recognize and expand by appropriate regulatory measures the role of technologies that enable individuals to enforce their right to privacy as freedom from surveillance.