Although I usually couldn't care less about celebrity gossip, I was very interested to see this article (in the India Times, no less!), TomKat threaten to sue baby store over leaked shopping details.
Basically, these two celebs claim a right of privacy and a violation of their right of publicity because a store they shop at has been blabbing the details of their purchases.
I'm interested in this because back when I was writing one of the early articles about digital certificates, The Essential Role of Trusted Third Parties in Electronic Commerce, 75 Ore. L. Rev. 49 (1996), I had a heck of a time finding relevant law on the subject of the ownership of transaction information, a problem that persisted into the writing of The Death of Privacy?, 52 STAN L. REV. 1461 (2000). I finally concluded that for ordinary transactions, where there was no special duty of confidentiality (e.g. lawyer, doctor) or celebrity with a special right of publicity, the basic rule was that customer and merchant both own the facts and can do what they wish with them.
The right of publicity claim is a narrow one: the shop can't claim endorsement by the celebrity (e.g. by using their images in an ad), but that doesn't amount to a gag order. For example, the shopkeeper can certainly brag to customers so long as s/he doesn't imply or claim an endorsment.
But the privacy claim? Absent either a contractual or legal duty, it's just not there. Maybe it should be, but that will take a change in the law.
Michael, our recent report on Californians’ perceptions of privacy rules *offline* might be interesting with respect to TomKat. We’re finding that most consumers think that privacy is built in by default in consumer transactions. From the abstract:
“…We asked a representative sample of Californians about the default rules for protecting personal information in nine contexts. In six of those contexts (pizza delivery, donations to charities, product warranties, product rebates, phone numbers collected at the register, and catalog sales), a majority either didn’t know or falsely believed that opt-in rules protected their personal information from being sold to others.”
It’s online at http://ssrn.com/abstract=1133075
I presume it is also the case that you shouldn’t presume you can see the transaction data from the another party with whom you have an ongoing commercial relationship. For example the bank, google, amazon shares your account transaction data with you at their pleasure.
But yes, the gossip case where in the other party shares some or all the transaction with yet other parties is, or course, where it gets the most entertaining.
There was a case of transactional publicity that resulted in a new law: Clarence Thomas’ video rentals.
Right bill, wrong judge: that was Judge Bork’s (innocuous) video rental record. As I wrote in “The Death of Privacy?”,
It’s worrying to think how much data is gathered about us online and what’s done with it, some business models are built around user data as being one of the biggest assets such as Google.
There needs to be more regulations put in place governing the use and handling of this data, especially the deletion of online accounts after you terminate services. Mostly you have no clue what happens after you close an online account, is it deleted off the server, just your login removed and the full account remains, sold to the Russians? Who knows generally you can’t find out this information.