Shutterstock/ Gajus. All rights reserved.Talking about confidentiality in medicine used to be easy. There was a patient; there was a doctor; there were other people. What the patient told the doctor in confidence could not be shared with other people, without either the permission of the patient or some clear legal obligation which overrode that patient’s wishes.
With the arrival of automatic data processing a new regime was overlaid on this traditional conception of medical confidentiality, ‘data protection’, but the model reinforced the central role of the consent of the ‘data subject’. Although consent could sometimes be inferred, or obtained in such a minimalist way that data subjects could almost consent unwittingly, in the case of sensitive data – such as medical information – explicit consent was necessary. There is a certain ritual element in the invocation of confidentiality and data protection and patient autonomy which barely reflects the reality.
The standard ethical argument for confidentiality and data protection via consent turns on personal autonomy. We start from the presumption that the person is an autonomous agent, with her own beliefs, wishes and interests. These are so central to the identity and dignity of the person that personal decision-making is at the heart of all regulation and governance.
Sometimes these concerns are articulated in slightly different language – the language of property (my personal data is mine) or the language of privacy (my autonomy is only protected when we recognize a zone of privacy which should not be trespassed upon). So strongly entrenched is this ethic of autonomy in our culture that when Onora O’Neill gave her BBC Reith Lectures in 2002, one of her central topics was the excessive attention paid to autonomy (in this particular version) in contrast with other, equally important, moral values, notably trust and cooperation. Since this time, she has consistently challenged what she sees as a mistaken and damaging understanding of data protection.
But look again. The idea of confidentiality between doctor and patient being inviolate was never strictly speaking adhered to: think of all those scenes in classic literature where the relatives are told things by the doctor about the patient which the patient never learns. Think of the sheer impracticality of modern healthcare in which the patient is surrounded by teams of doctors, nurses, administrators and other health professionals. And think of the complexity of modern health systems which involve whole networks of organisations processing and sharing data for clinical, public health, managerial and financial purposes. There is a certain ritual element in the invocation of confidentiality and data protection and patient autonomy which barely reflects the reality.
Backstage, thing of the past?
As for healthcare, so for much of modern life. The image of personal life as being like a stage, on which we perform public roles which are open to scrutiny and comment, but which has a backstage invisible to and protected from that public gaze is under increasing pressure. One version of this which seems resistant to such pressure is the idea of the mind as closed to external scrutiny. In a real and practical sense, you have no idea what I am thinking, even when we converse. Yet philosophically this idea of the private self as authentic, coherent and private has been systematically dismantled, at the very least since Wittgenstein in the second quarter of the twentieth century, and arguably since Hume’s Treatise of Human Nature in 1740. It is arguable that it is in our public performances that our true selves lie, and that our most important assets are our personae, our reputations, our sayings and doings. It is arguable that it is in our public performances that our true selves lie.
I am pressed to reflect on this by contemporary transformations in two areas: social media (from blogging to Facebook, Twitter, Instagram) and genomic medicine. The contemporary self seems to lie essentially in its projections in the world of social media, and in the traces we leave in it. The contemporary body seems to be becoming as real in the form of genomic sequence data, shared with researchers, health care institutions, pharmaceutical and life sciences companies and indeed with companies which offer genomic testing services for a range of uses from health screening to ancestry testing, linkages to a wealth of personal data-tracking applications (the machinery of the “quantified self”), for a small fee and the right to share data in various forms with other commercial and scientific organisations.
It is in this context in which we are really forced to ask whether our traditional concept of privacy is becoming redundant. Unlike the debates about surveillance and wire-tapping, where significant numbers of people remain angry that their data has been captured and monitored, mined and linked without any permission, and for motives they may not understand, or share, or trust, in health and in social media these concerns seem peculiarly old-fashioned.
Crudely put – most of the many million users of Facebook neither know nor care what Facebook does with their data. An environment which on its face at least is about intimacy, albeit a networked intimacy in virtual space rather than a physical intimacy of material proximity, rests very largely on ignoring traditional social distinctions about families and friendships and boundaries and different genres of communication for different purposes. Tact and reserve – intimate performances of privacy – seem to dissolve.
In this way we might feel that debates about data protection are themselves redundant – if I tell all my “500 closest friends” (think what that could mean!) or my 5000 Twitter contacts (“followers”) everything about my musical tastes, my reading, my political views, my sexual hangups and my emotional state – then why care if Facebook scrapes all this and aggregates it and processes it and shares or sells it in some form? And if that is my attitude to things which I have some deep emotional investment in – or think I do – then how do I feel about my genomic sequence data, something I have only the barest conception of, never mind actually caring about?
The poetry of Twitter
Yet it would be wrong to think that we are moving from a privacy to a no-privacy society. Think again about state surveillance. We do retain an interest in our privacy as democratic subjects (the secrecy of the ballot box, for example). And our attitudes to privacy are patchy and inconsistent – but they are not empty and we are not giving them up wholesale.
Instead what we are seeing is a transformation of our concepts of self, the domains of intimacy which we value, the kind of privacy we set store by. This is the central challenge for information governance, not only for privacy and democracy but also for privacy and sociability or intimacy.
One place to look for a greater understanding of what is emerging is in the ways people perform the self in social media and in healthcare and other institutional settings. Rather than assuming we know what privacy is, and that we know what the norms are we need to embed in regulatory and enforcement practices, we need to take an empirical turn and grasp the new forms of privacy, the new ways people shape and protect it, both what they want to keep as secret, tactfully avoid, or share with only a few trusted intimates, and what they treat as public, and perform as self-presentation.
Such investigation requires psychologists, sociologists, lawyers, ethicists, technologists and poets. From my own earliest days on Twitter I realised that if you want to understand what the medium can do, follow the poets: they are the people who best understand the performance of “speech” on Twitter. If we want to understand performance and emotional tone, I would start there.
 Onora O’Neill A Question of Trust: The BBC Reith Lectures 2002. Cambridge: Cambridge University Press, 2002
In greatest detail in Onora O’Neill and Neil C Manson, Rethinking Informed Consent in Bioethics Cambridge: Cambridge University Press, 2006
This article is published in association with the Criminal Justice Centre at the Department of Law, Queen Mary University of London. The CJC’s members are drawn from both the legal profession and academia, researching the impact of securitisation on human rights. The Centre is one of the coordinating institutions of the European Criminal Academic Network.