Communication privacy management theory, originally known as communication boundary management, is a communication theory first developed by Sandra Petronio.[1][2] Petronio’s conclusions are relevant to the study of communication because before Communication Boundary Management there was only one other theory that studied self-disclosure, Social Penetration Theory. While both communication privacy management theory and social penetration theory are based in self-disclosure the critical difference is that CPM focuses on understanding “the conceptual idea of disclosure [3] ” The theory evolved from boundary management to privacy management because Petronio believed that this name was more representative of the theory. This is because the theory explains how and why people regulate their privacy as opposed to their personal boundaries.
Communication Privacy Management theory describes the ways in which relational actors manage their privacy boundaries and the disclosure of private information. The theory focuses heavily on the processes that people employ to determine when and how they choose to conceal or reveal private information.[4] Through this theory Petronio describes the ever-present dialectic of privacy and openness within various relationship models, explains how relationships develop as public and private boundaries are negotiated and coordinated, and demonstrates how individuals regulate revealing and concealing information through communication.[5]
Dialectic of privacy versus disclosureEdit
Petronio's understanding and argument of privacy management rests on the idea that a dialectic exists wherever the decision is made to disclose or conceal private information. Thus, costs and benefits must be weighed and consideration must be given to how such information will be owned, used, and spread.[6] The definition of dialectic that Petronio borrows from can be found in Leslie Baxter and Barbara Montgomery's theory of Relational Dialectics, wherein various approaches to the contradictory impulses of relational life are discussed. The theory focuses on the idea that there are not only two contradictory stances within a relationship, but that at any given moment decisions are weighed using multiple viewpoints.[7] Ergo, Petronio's system for managing privacy through communication is based on a system of rules that include and weigh the assumptions of a complex approach to dealing with the supervision of private information.
Nature of information sharingEdit
To understand CPM theory it is important to follow the metaphor of the boundary that exists, dividing that which can be found in the private sphere from that which is available in the public sphere.[8] An individual’s private information is protected by the individual’s boundaries. The permeability of these boundaries are ever changing, and allow certain parts of the public, access to certain pieces of information belonging to the individual. The extent to which boundaries are permeable, characterized as thick or thin boundaries, "varies depending on the rules for access and protection,[9]" explains Petronio. CPM theory considers those rules for access and protection of information by examining the following about information sharing: the types of ownership of information, the circumstances under which sharing occurs, and the expectations of sharing.[10]
Since Sandra Petronio first published her research the world has changed significantly in the ways people need to manage their privacy. In 1991 the world was a very different place and did not have most of the technology that exists today. When Communication Privacy Management theory was first introduced Petronio studied how privacy is fared in face-to-face and telephone based communication. Now there is an array of ways to disclose private information through web based methods. This includes but is not limited to Facebook, Twitter, blogs, online shopping (e-commerce), and email. Although the medium of communication is different the same basic principles and boundaries apply. Just as in face-to-face relationships, relationships online have both risks and benefits to disclosure. For example benefits of an e-commerce relationship are “convenience, faster service, and lower prices [11] ”. Risks on the other hand include “vulnerability to spam, theft, and electronic surveillance [11]”. While technology has introduced some new threats to the privacy of an individual, it has also made communication easier than ever before.
Communication Privacy Management theory understands information (as well as boundaries) as something that is owned, and each owner must decide whether or not they are willing to have a confidant, a.k.a. a co-owner, to that information. With ownership comes the certainty of knowing the extent to which certain information is known, the control to do what is desired with that knowledge, but often also the added stress of carrying a weight alone.[6] In some cases it is preferable for the owner to have another person share the private information, though this may not be the case for the confidant. Co-ownership of information is characterized by heavy responsibility and a knowledge of the rules for a particular disclosure. Ownership can be felt to different degrees, however, and the understanding of disclosure rules can be different from owner to owner. Also, the act of sharing is coupled along with the realization that boundaries have expanded and that they may never return to their original state. It is the responsibility of co-owners to decide and make clear if, when, and how information can or should be shared with others.[12]
Petronio favored the term "private information" over the term "self disclosure" because there are many caveats inherent to private information disclosure that are not present with self disclosure.[4] Firstly, the motivations behind sharing are many, including but not limited to sharing a burden, righting a wrong, and influencing others.[1] Secondly, very often the private information that is shared is not about oneself but about others, thus negating the use of the term "self disclosure". Furthermore, "private information" carries a neutral implication to it, allowing such information to be considered both positive or negative, welcome or unwelcome, etc. Finally, the term focuses on the act of sharing, paying close attention to the content of the message and how this is received by others.[13] The decision to share, Petronio says, is ultimately left up to the process of the privacy rule management system which combine rules for coordination of information, characteristics of disclosure, and attributes of the nature of boundaries.
System for privacy rule managementEdit
Petronio views boundary management as a rule based process, not an individual decision. The processes for managing privacy rules were set out by Petronio[14] as three proposed principles that take into account the internal and external factors which shape our understanding of privacy and disclosure.
Primary principles of privacy management
First, individuals or collectives believe they own their private information.[15] Second, because of their belief in ownership, people feel they have the right to control the flow of private information to others.[15] Third, people use privacy rules to decide whether to open a privacy boundary so they can disclose or keep the boundary closed to conceal the information.[15] Fourth, once individuals reveal, they make others shareholders of the information and presume these co-owners will follow existing privacy rules or negotiate new ones. This process changes the nature of management practices from individually based choices to collective ones. Consequently, if mutually agreed upon privacy rules are developed and adopted, the co-owners of the information are able to coordinate successfully the regulation of the collectively held private information.[15] Fifth, because we do not live in a perfect world, management issues can become turbulent. Turbulence characteristically occurs when there is a disruption in the coordination of privacy rules or when someone’s privacy boundary is blatantly violated*for instance, when an identity is stolen. Boundary turbulence often results in mistrust, anger, suspicion, or uncertainty about sharing private information.[15] These five principles pave the way for us to understand the ingredients necessary to develop translatable systems of practice for privacy management.[15]
Privacy rule characteristics
The characteristics of privacy rules are divided into two sections, attributes and development. Privacy rule attributes refer to how people obtain rules of privacy and understand the properties of those rules.[1] This is normally done through social interactions where the boundaries for rules are put to the test. Rules are set in different social situations which dictate the type of disclosure that should be made, for example, the difference between disclosure at a family member's birthday party versus an office event at work. Petronio asserts that each situation will come with its own set of rules for managing privacy that are learned over time. The development of privacy rule characteristics has to do with the criteria implemented to decide if and how information will be shared.[13] Communication privacy management theory general lists those criteria as the following:
Gendered criteria; privacy boundaries are sculpted differently by men and women based on socialization, which leads to difference in how rules are understood and operated in.[16]
Contextual criteria; these criteria are shaped by issues of physical and social environments that factor in whether or not information will be shared.[4]
Cultural criteria; disclosure within this criteria is dependent of the culture in which an owner has grown to understand expectations and attributes for sharing.
Motivational criteria; owners of information can form certain bonds which will lead to disclosure, or conversely the express interest in forming bonds may cause private information to be shared. Likewise, motivations for sharing can include reciprocity or self-clarification.
Risk-benefit criteria; owners of private information consider risks against benefits of disclosure or maintaining information private. Risks to sharing can include shame, embarrassment, and vulnerability, among others. Likewise, benefits can be a shared burden of knowledge, a feeling of social acceptance, whereas a benefit of keeping quiet is greater control of information.[17]
With these five criteria, personal and group privacy rules are developed, but disclosure of private information necessitates the inclusion of others within the boundary of knowledge, which demands an understanding between parties for how to coordinate ownership of knowledge.
Boundary coordination
An individual’s private information is protected by the individual’s boundaries. The permeability of these boundaries are ever changing, and allow certain parts of the public, access to certain pieces of information belonging to the individual. Once private information is shared, co-owners must coordinate the boundaries of privacy and disclosure based on boundary permeability, boundary linkage, and boundary ownership.[1] Petronio describes this mutual boundary coordination by co-owners as drawing the same borders on a map around a shared piece of information.[13] By no means is this an easy process considering that each owner will approach the information from distinct viewpoints and referencing their personal criteria for privacy rule development.
Boundary permeability refers to the nature of the invisible divisions that keep private information from being known outside of an individual or particular group. When private information is kept with one owner, the boundaries are said to be thick because there is less possibility for information to make its way out into the public sphere. Once information is shared to one or more persons, the boundaries for that private information expand, become more permeable, and are considered thin.[12]
Boundary linkage has to do with how owners are connected when they build associations through a boundary. For example, doctors and patients are linked to each other in such a way that private information is passed within their boundaries constantly. These linkages can be strong or weak depending on how information was shared or whether a co-owner wanted to know or was prepared to learn a new piece of information. Case in point, the link between an organization and a spy meant to infiltrate the organization is weak because the two are not coordinated on how information will be maintained private or disclosed.[18]
Boundary ownership refers to the responsibilities and rights each person has over the control of the spread of information that they own. When working to mutually create the boundary of privacy it is key for all parties to have a clear understanding of whether information should be shared, who it should be shared with, and when it should be shared.[1] A simple example of this is the planning of a surprise birthday party; all those involved in planning must agree on how the information about the party will be spread so as not to ruin the surprise. As new guests are invited, they become an owner of the information and are bound to the rules of privacy maintenance, or else the surprise could be ruined.
Boundary turbulence
Unfortunately, often boundaries are not coordinated as well as they should be to maintain the level of privacy or exposure desired by owners – this leads to problems known as boundary turbulence. Turbulence among co-owners is caused when rules are not mutually understood by co-owners and when the management of private information comes into conflict with the expectations each owner had,[4] which can happen for a number of reasons. As mentioned previously, the coordination of shared boundaries is key to avoiding over-sharing, when the boundaries are unclear owners may come into conflict with one another. Boundary turbulence can also be caused by mistakes, such as an uninvited party overhearing private information (causing weak boundary linkage) or a disclosure an owner might make under the influence of alcohol or drugs. Disclosure to a new party was not the intent, but when it happens other co-owners can feel that their expectations of maintaining boundaries have been violated. Finally, boundary turbulence occurs when a co-owner intentionally breaks the coordinated boundary of privacy to disclose private information.[19] An example of such intentional disclosure would be a daughter revealing to a doctor that her father is indeed an active smoker when the father has told the doctor that he no longer smokes after his heart surgery. The daughter in this case must weigh the risks of breaking the family privacy boundary against the benefits of the doctor being better informed of her father's condition. In cases of boundary turbulence, co-owners of information can feel that their expectations have been violated and lose trust in other co-owners. In these cases, the goal of each party is to reduce turbulence by reestablishing and coordinating boundaries.[8][19]
Strengths and weaknessesEdit
Since Communication Privacy Management Theory has been developing over time, the theorist has had the opportunity to address critiques of the theory. One critique argues that CPM is not a dialectic theory at all when compared to the theory of Relational Dialectics(1996), but rather that it is based on dualistic thinking where privacy and disclosure exist together in equilibrium. Petronio responded to these critiques in her 2002 article arguing that "Instead, [CPM] argues for coordination with others that does not advocate an optimum balance between disclosure and privacy.[4]" As far as the strength of the CPM, it can be seen in the great number of research articles that have been written based firmly Privacy Management theory. The theory has been employed in understanding family dynamics, the gender gap in communication, the disclosure of HIV or AIDS statuses, as well as child sexual abuse.[16][17][19][20][21][22]
