Understanding privacy

Understanding privacy

Understanding privacy

article précédent

article suivant

What is going on with American women’s right to abortion?

On June 24th, the American Supreme Court changed its understanding regarding women’s right to abortion, thus confirming an opinion draft that had leaked in May. The Court overruled the historical decision Roe v. Wade, by which it understood that women could not be forbidden to proceed to an abortion during the first trimester of pregnancy. It implied that State governments were not allowed to enact laws prohibiting the procedure, even though they could restrict it. This overruling caused a buzz among feminist activists, but also notably from privacy advocates.
But what does abortion have to do with privacy?

Informational privacy versus decisional privacy

In our current age, a topic that is highly debated is personal data protection. The massive amount of data that is processed at every scale by companies as well as governments turned the spotlight on the informational dimension of privacy. This concerns the right of an individual to be in control and to be informed about the access and processing of his or her personal data. However, concerns about privacy do not result only from the consequences of the data-centered economic model. Indeed, before this model, concerns revolved around the decisional dimension of privacy, that is, the right of an individual to make decisions about private life matters without undue interference, especially from a government. It is a right essentially connected to the idea of autonomy and self-determination^[For the concept of privacy and its different dimensions, see the chapter on Privacy and Data Protection in the book by Mireille Hildebrandt, Law for Computer Scientists and Other Folk. Oxford University Press [2020].].

The European understanding of privacy

European law has further developed the concept of informational privacy. Not surprisingly, the first modern comprehensive informational privacy law was enacted in Germany in 1970^[The Data Protection Act (the “Datenschutzgesetz”) was enacted by the Hessian State Parliament, followed later in 1977 by a federal law on the matter.], followed by the French legislation in 1978^[The “Informatique et libertés” Act.]. The latter established the conceptual bases to what later came to be the European regulation, most importantly the GDPR. It was the first law in the world with such an encompassing scope and protective nature, and it has influenced many other countries for their own legislation, such as Brazil, Thailand, India and China^[Not to mention the influence on companies established all over the world which found themselves under the obligation to comply with European law. We have written a few articles about obligations under the GDPR in our blog, such as this one.].
This does not mean that European law has not developed privacy in its decisional dimension. This dimension has been recognised as a human right, just like the right to personal data protection, under the European Convention of Human Rights. Article 8 establishes the right to have a private and family life free from unjustified and unreasonable governmental interference. However, European legal culture remains a reference when it comes to privacy in its informational dimension, as in protection of personal data.

The American understanding of privacy

In American legal culture, the right to privacy has been derived from an interpretation of the fourth amendment to the Constitution. This amendment established the right of any American citizen to not be submitted to unreasonable warrants and searches which violated their private property. In sum, it established the right to have one’s private property respected and consequently their right to be left alone. The scope of this protection was further expanded, so that the concept of privacy evolved into the protection of one’s decisions on private and family matters, that is, the decisional dimension of privacy.
This also does not mean that the informational dimension of privacy is not addressed by American law, it is just not a characteristic feature of its culture. This explains why to this date there is not a national comprehensive data protection law and also why transfer of data between the US and the EU has become a never-ending tale: whereas Americans seem to be more sensitive about protecting their life choices from government interference, the same does not apply to protecting their personal data from it. The failure to provide enough guarantees against government surveillance has put US privacy law on the European Commission’s black list of adequacy under the GDPR^[For a detailed explanation of this issue, see Marco Mastracci & Tommaso Alessio Salemme, The Evolution of the Right to Privacy Between Europe and the United States.].

The right to abortion as the right to decisional privacy

Where does women’s right to abortion enter in all of this? The conception of privacy derived from the fourth amendment was used as the legal ground of not only women’s right to terminate a pregnancy (in the famous decision Roe v. Wade from 1973), but to other civil rights based on decisions on private matters^[For instance, Griswold v. Connecticut (1965) regarding the purchase of birth control by non-married couples, Loving v. Virginia (1967) regarding interracial marriage and Lawrence v. Texas (2003) regarding homossexual relationships. Even though not directly based on the right to privacy derived from the fourth amendment, the second and third examples were based on the same interpretative principle (known as substantive due process), following the example set by Griswold v. Connecticut and Roe v. Wade.], such as choice of birth control, who one chooses to marry, one’s own sexuality etc. It’s important to understand, most of all, that this means that it s all about interpretation: in no passage the Constitution mentions the word privacy, much less the right to abortion. Indeed, since its first recognition by the Supreme Court, the right to terminate a pregnancy has largely evolved^[For example, it was further understood that if the State had no legitimate interest in the regulation of abortions in the first trimester, neither had the parents or spouses, who could not impose their authorisation as a condition for a woman to carry out an abortion. To understand further about the evolution after Roe v. Wade, see the article by Angela R. Kraus, Abortion and Privacy: A Woman’s Right to Self Determination, Southwestern University Law Review 10, no. 1 (1978): 173-194.] based on the sole interpretation change of the judges. The text remains the same.


One may tend to think of the protection of privacy as the protection from the unlawful collection of personal data by corporations and governments, due to the economic importance this activity holds in contemporary society. However, this concerns only one dimension of privacy, precisely a mostly European one. As James Q. Whitman has stated: “Privacy law is not the product of logic. But neither is it the product of ‘experience’ or of supposed ‘felt necessities’ that are shared in all modern societies. It is the product of local social anxieties and local ideals”^[For a thorough study on the subject, see the article by James Q. Whitman. Two western cultures of privacy: Dignity versus Liberty. The Yale Law Journal, Vol. 113, No. 6 (Apr., 2004), pp. 1151-1221, p. 1219.].
However, not only this change in understanding the right to privacy may affect civil liberties which depend on decisional autonomy (as said earlier, the text is always open for interpretation), it also poses a threat to individuals’ informational privacy. As the government’s interest to interfere in private matters becomes legit, surveillance may be enforced upon personal data concerning women’s decision-making process, such as those inserted in period-tracking apps or their browser history containing possible searches for abortion clinics. That is why American privacy experts advocate for the enactment of a federal data protection law in the US. Two legislation proposals have been filed since the leak in May: first, “My Body, My Data Act” filed by Senator Ron Wyden, and then, the Health Location Data Protection Act filed by Senator Elizabeth Warren. Whereas the former would create a new national standard to protect personal reproductive health data, the latter seems a lot more ambitious as it aims to ban altogether data brokers from selling or transferring location data and health data.
As in the wake of the decision overruling last friday 11 US States have already enforced abortion bans, while other 11 States’ bans are waiting to enter into effect, the rush to enact privacy protection laws regarding women’s data has begun. A final attempt to prevent that the violation of women’s right to decisional privacy opens the door to a violation of their right to informational privacy.

Bianca Kunrath

Bianca Kunrath

décembre 13, 2022

Ne ratez plus aucune actualité sur la conformité RGPD et ses bonnes pratiques

Inscrivez-vous à notre newsletter

Recevez notre newsletter à la pointe de la protection des données tout en étant pédagogue