Personal information is inherently about someone, is often shared unintentionally or involuntarily, flows via commercial communication infrastructure, and can be instrumental and often essential to building trust among members of a community. As a result, privacy commons governance may be ineffective, illegitimate, or both if it does not appropriately account for the interests of information subjects or if infrastructure is owned and designed by actors whose interests may be misaligned or in conflict with the interests of information subjects. Additional newly emerging themes include the importance of trust; the contestability of commons governance legitimacy; and the co-emergence of contributor communities and knowledge resources. The contributions in this volume also confirm and deepen insights into recurring themes identified in previous GKC studies, while the distinctive characteristics of personal information add nuance and uncover limitations. The studies in this volume move us significantly forward in our understanding of knowledge commons, while opening up important new directions for future research and policy development, as discussed in this concluding chapter.

This introduction to Governing Privacy in Knowledge Commons discusses how meta-analysis of past case studies has yielded additional questions to supplement the GKC framework, based on the specific governance challenges around personal information. Based on this renewed understanding, a series of new case studies are organized around the different roles that personal information play in commons arrangements. The knowledge commons perspective highlights the interdependence between knowledge flows aimed at creative production and personal information flows. Madelyn will discuss how those who systematically study knowledge commons governance with an eye toward knowledge production routinely encounter privacy concerns and values, along with rules in use that govern appropriate personal information flow.

This chapter begins where Simmel and many other social and legal scholars left off. In contrast to many traditional theories of privacy, we argue, as one of us has argued before, that privacy rules and norms are essential to social interaction and generativity. Through primary source research, we suggest that the rules and norms governing information privacy in three knowledge creation contexts – Chatham House, Gordon Research Conferences (“GRC”), and the Broadband Internet Technical Advisory Group (“BITAG”) – are necessary to develop the kind of trust that is essential for sharing ideas, secrets, and other information. More specifically, when it is part of institutional structures governing knowledge commons, privacy fosters knowledge through a systematic social process. Privacy rules have expressive effects that embed confidentiality norms in the background of institutional participation, which in turn create a sense of community among participants that can both bring in new members and threaten sanctions for misbehavior. Knowledge production, therefore, depends on privacy.

Conceptualizing privacy as information flow rules-in-use constructed within a commons governance arrangement, we adapt the Governing Knowledge Commons (GKC) framework to study the formal and informal governance of information flows. We incorporate Helen Nissenbaum's “privacy as contextual integrity” approach, defining privacy in terms of contextually appropriate flows of personal information. While Nissenbaum's framework treats contextual norms as largely exogenous and emphasizes their normative valence, the GKC framework provides a systematic method to excavate personal information rules-in-use that actually apply in specific situations and interrogate governance mechanisms that shape rules-in-use. After discussing how the GKC framework can enrich privacy research, we explore empirical evidence for contextual integrity as governance within the GKC framework through meta-analysis of previous knowledge commons case studies, revealing three governance patterns within the observed rules-in-use for personal information flow. Our theoretical analysis provides strong justification for a new research agenda using the GKC framework to explore privacy as governance.