Roger Clarke's Web-Site


© Xamax Consultancy Pty Ltd,  1995-2017

Roger Clarke's 'Utility of a Privacy Typology'

An Instrumentalist's View of Koops et al.'s Typology of Privacy

Notes in Preparation for a Panel Session at CPDP on 27 January 2017
on Koops' et al. (2016)'s 'Types of Privacy'

Notes of 20 January 2017

Roger Clarke **

© Xamax Consultancy Pty Ltd, 2017

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at

The supporting slide-set is at


1. Introduction

These notes are based on readings of Koops et al. (2016), and consideration of the following questions, which were posed in advance of the panel session:

2. Classifications of Privacy

There are many different kinds of classification schemes. To be useful, a scheme needs to have a sufficient degree of grounding in reality, preferably empirically sound, but perhaps limited to anecdotal evidence.

A taxonomy intends to impose form on messy reality. It seeks to assign each real-world instance unequivocally to one location in the scheme. The complexities may be such, however, that many assignments are contestable or semi-arbitrary, and hence the taxonomy is in a permanent state of revision, even ferment. For example, the Linnaean taxonomy of species involves many re-namings and assignments among families and genera; and the definition of the underlying notion of 'a species' is challenged by the many dimensions over which similarities and differences exist, and by the diversity of speciation processes, including mutation and hybridisation.

A typology, on the other hand, operates at a more abstract level, deals in 'ideal types', and is unembarrassed by ambiguities and boundary-testing instances. Each of the privacy classification schemes considered in Koops et al. is a typology rather than aspiring to be a taxonomy. Their usefulness is firstly as a basis for intellectual sorting; but also as a tool for the analysis of privacy interests, threats, threatening events and protective mechanisms including laws. They also provide a means for both generating and evaluating policy alternatives.

The focus of Clarke (1997) is on privacy interests. The 'dimensions' are postulated pragmatically, on the basis of examples gathered through consultancy and advocacy experience, rather than empirically, based on a careful sampling of real-world populations.

A different approach was adopted by Solove (2006), who is concerned with harms, "activities that impinge upon privacy" (p.481), or "relief from a range of kinds of social friction" (p.484), rather than on privacy interests per se. Like Clarke's, Solove's taxonomy is based on informal examples rather than empirical research.

In Finn et al. (2013), it is argued that Clarke's (then 4, now 5) dimensions or types need to be augmented in order to cope with technological advances. Their analysis enriched the examples used in the earlier work with six mini-cases of particular technologies (including body scanners and drones).

A new typology has been proposed by Koops et al. (2016). Extracts are provided in the Appendix. The authors have developed the typology from a more formal empirical base than was the case with their predecessors. That base is, however, of a very particular kind, which is once-removed from the real-world phenomena that give rise to privacy harms: "we ... examine how the various constitutions and national literatures that we survey use privacy-related terms in each different cultural and legal context" (p.6).

The choice of countries' constitutions as the basis of the typology means that Koops et al.'s focus is on protections, as distinct from interests (cf. Clarke) and rights (cf. Finn et al.), and from harms (cf. Solove).

3. Strengths and Weaknesses of the Koops et al. Typology

(1) Beyond Data Privacy

Since the 1960s, there has been a very strong focus on 'data protection'. This has tended to 'crowd out' other aspects of privacy, and be harmful to them. Anything that opens out privacy discussions beyond data privacy is valuable, so that is a first important contribution of the Koops et al. typology.

(2) An Empirical Base

To date, the mainstream classifications of privacy have been pragmatically based, on collections of anecdotes rather than on carefully curated studies of people's concerns, interests, complaints or harm done to them. A classification that has an empirical base is very welcome.

(3) A Rich Empirical Base

Laws are a key means of protecting people's interests, and the analysis reflects a considerable breadth and depth of material, from a variety of legal, lingual and cultural settings. This should provide a firm basis for examining laws in other jurisdictions, and for undertaking comparisons between and among jurisdictions.

(4) The Risk of Constraining Public Policy Analysis

On the other hand, extant law embodies a variety of constraints, including its specificity to national and cultural contexts, its slow adaptation, and its origins in political compromise. The resulting conceptual framework is therefore constrained by the political dynamics within particular countries at various past times. This is likely to result in at least some degree of conflict with the needs of public policy analysis.

Moreover, because laws commonly fall short of fulfilling people's needs - and in some contexts fall a very long way short - a law-derived typology risks placing inappropriate constraints on public policy analysis.

4. Mapping Clarke's Dimensions to Koops et al.'s Types and Aspect

After listing my 5 dimensions and associated examples and mapping them against Koops et al.'s 8+1 types, I found that:

(a) Clarke's Privacy of the Person corresponds reasonably closely with Koops et al.'s Bodily Privacy Type

(b) Clarke's Privacy of Personal Data corresponds reasonably closely with Koops et al.'s Informational Privacy Aspect

(c) Clarke's Privacy of Personal Communications:

(d) both Clarke's Privacy of Personal Behaviour and Privacy of Personal and Experience:

One way of describing the relationship between the two is that Clarke's loose conceptualisation of 'privacy dimensions' has been rendered much more concrete. Important points on each dimension have been identified, using four 'Zones' (Solitude, Intimacy, Secrecy and Inconspicuousness) that are more or less established in privacy meta-discussions, and two forms of freedom that are well-established in human rights theory (freedom to, and freedom from).

It is useful to apply this 'types within dimensions' proposition to a particular context. A category of individual that is very important to a healthy science, economy, society, culture or polity is the contrarian or dissident, who challenges established views, and variously assists conservatives to appreciate the value of what they have, and points towards adaptation or revolution.

Contrarians need space to originate and develop ideas, and to bring them to the world's attention - a suite of 'Freedoms To', but also a collection of 'Freedoms From'. Table 1 suggests actions that contrarians need to be able to perform, and examples of constraints that they need to be protected against. For a deeper investigation of one element of this set, with a focus on political dissidents and the critical role of nymity, see Clarke (2008).

Table 1: Privacy Needs of a Contrarian

(Public) Behavioural
Fly a Kite
Receive Critique
Carefully Expose


on Family
Denial of Anonymous Reading, Viewing
On Family
Denial of Secure
Message Censorship
Denial of Secure

Contrarians are of course far from alone in having important privacy needs. Table 2 presents a summary of categories of 'persons-at-risk'.

Table 2: Categories of Persons-at-Risk

After Clarke (2001), GFW (2011), Clarke (2014)

5. A Test Against a Particular Kind of Jurisdiction

It would be instructive to apply Koops et al.'s 8+1 Types and Aspect against Australian law. Australia has a couple of key features that may create challenges for such an analysis:

Australian laws relevant to privacy are catalogued in APF (2016a) - federal and APF (2016b) - States and Territories.

There are only five explicit individual rights in the Constitution (AHRC 2006):

Additional rights may be necessarily implied by the language and structure of the Constitution. In 1992 the High Court determined that Australia's form of parliamentary democracy (dictated by the Constitution) necessarily requires a degree of freedom for individuals to discuss and debate political issues. However, that appears to be the only such additional right.

Together, these 6 fall far, far short of the set in the ICCPR, which Australia has ratified but failed to implement. Australian legislation that unjustifiably breaches human rights cannot be called to account before the judiciary, a capability that exists in many other countries and that is vital to the protection of democracy.

It would be instructive, in any country, but especially in Australia, to conduct an enumeration of the diverse array of privacy issues that exists (see, for example, Appendix 2: Issues and Topics within Koops' 'Typology of Privacy'), and then map laws against that set. The Appendix is not exhaustive, but the length of the list indicates the scale of such a task.

Appendix 1: Extracts from Koops' 'Typology of Privacy' Paper

In Koops et al. (2016), an analysis of privacy protections under countries' constitutions is used in order to develop a typology of privacy. This Appendix extracts key passages in order to provide a brief summary which is, as far as practicable, in the authors' own words. I have identified a few reservations as [Comments: ].

The Nature of the Classification

A typology is intended to be abstract and theoretical and is necessarily multi-dimensional. A typology is usefully distinguished from a taxonomy, which is intended to be concrete and operationally useful. "Typologies typically work with and through Weber's "ideal types," which are "formed through the one-sided accentuation of one or more points of view." ... ideal types are not purely hypothetical or imaginary constructs, as they can exist, but are extreme examples that demonstrate certain characteristics very clearly" (p.10).

The Purpose

The authors conduct "a comparative analysis of constitutional privacy law and theoretical literature across nine countries... [in order to develop] an analytic and evaluative tool to help assess the impact of new technologies, social practices, and legal measures on broader privacy interests" (p.5).

"Our aim is ... mainly descriptive - mapping types of privacy in a systematic manner - rather than normative (saying how privacy should be understood). This implies that we do not grapple substantially with the lengthy literatures on the value or function(s) of privacy, such as the individual versus social value of privacy, the social dimensions of privacy, or how individuals actually manage private information. The function of our typology is not to define privacy or to prescribe how privacy should be seen or what its relevance is; rather, it serves as an analytic tool that can assist in structuring and clarifying the privacy debate" (p.6).

The Empirical Basis for the Typology

Although the Koops et al. (2016) typology is developed from a more formal empirical base than previous classification schemes, that base if of a kind that is once-removed from the real-world phenomena that give rise to privacy harms: "we ... examine how the various constitutions and national literatures that we survey use privacy-related terms in each different cultural and legal context" (p.6).

The Process of Developing the Typology

"Within the comparative constitutional analysis, we [first] group privacy-related provisions into five broad clusters (based on similarities)" (p.7). "The clustering used the assumption that elements that are closer together in constitutional provisions are more closely connected, and thus more likely to form one type of the right to privacy, than elements that are further apart" (p.21). This gave rise to 5 clusters, in some cases encompassing sub-clusters:

The Skeleton of the Typology

Koops' Typology, depicted in Figure 1, distinguishes:

which are organised within:

The extracts below first explain the 3 dimensions, and then present the 8 Types and 1 Aspect.

Figure 1: Koops et al.'s Typology of Privacy

(A) The 3 Dimensions

1. Zones of Life (4)

See p.67. These are depicted on the horizontal axis.

2. Exclusion cf. Self-Determination (2)

See p.67. These are depicted on the vertical axis.

3. Restriction cf. Control

See pp.67-68. These are depicted flowing from upper left to lower right.

[Comment: The authors suggest that this represents a continuum from the right to exclude access to control over subsequent use. I have some doubts about that. It seems to me that. although the two are related, it isn't appropriate to treat them as being on the same dimension.]

(B) Eight Ideal Types of Privacy plus One Overarching Aspect

See pp.69-70.

Four Exclusion-Oriented Types:

Four Self-Determination-Oriented Types:

(C) One Overarching Aspect

See pp.70-71.

Appendix 2: Issues and Topics within Koops' 'Typology of Privacy'

A range of privacy issues and topics evident in APF (2006, 2017) are categorised below under Koops et al.'s 8 Types + 1 Aspect.

Four Exclusion-Oriented Types:

Four Self-Determination-Oriented Types:

(C) One Overarching Aspect


AHRC (2006) 'How are human rights protected in Australian law?' Australian Human Rights Commission, 2006, at

APF (2006) 'Issues' Australian Privacy Foundation, September 2006, at

APF (2016a) 'Privacy Laws - Commonwealth of Australia' Australian Privacy Foundation, 2016, at

APF (2016b) 'Privacy Laws - States and Territories of Australia' Australian Privacy Foundation, 2016, at

APF (2017) 'Policy Topics Index' Australian Privacy Foundation, January 2017, at

Clarke R. (1997) 'Introduction to Dataveillance and Information Privacy, and Definitions of Terms' Xamax Consultancy Pty Ltd, August 1997, at

Clarke R. (2001) 'Research Challenges in Emergent e-Health Technologies' Xamax Consultancy Pty Ltd, July 2001, at

Clarke R. (2008) 'Dissidentity: The Political Dimension of Identity and Privacy' Identity in the Information Society 1, 1 (December, 2008) 221-228, PrePrint at

Clarke R. (2014) 'Key Factors in the Limited Adoption of End-User PETs' Presentation to a Session of the Politics of Surveillance Workshop, University of Ottawa, May, 2014, at

Finn R. L., Wright D. & Friedewald M. (2013) 'Seven types of privacy' in Gutwith S. et al. (eds) 'European Data Protection: Coming of Age' , Springer, 2013, pp. 3-32, at

GFW (2011) 'Who is harmed by a "Real Names" policy?' Geek Feminism Wiki, undated, apparently of 2011, at

Koops B.J., Newell B.C., Timan T., Korvánek I., Chokrevski T. & Gali M. (2016) 'A Typology of Privacy' University of Pennsylvania Journal of International Law 38, 2 (2016), at

Solove D.J. (2006) 'A Taxonomy of Privacy' U. Pa. L. Rev. 154 (2006) 477, at

Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in Cyberspace Law & Policy at the University of N.S.W., and a Visiting Professor in the Computer Science at the Australian National University.

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.

Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 11 January 2017 - Last Amended: 20 January 2017 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2017   -    Privacy Policy