Data Promiscuity: How the Public-Private Distinction Shaped Digital Data Infrastructures and Notions of Privacy

The paper examines how the public-private distinction shapes digital data infrastructures and notions of privacy in healthcare, arguing that the distinction is not merely descriptive but performative—providing both a model of and a model for reality. Against the backdrop of pervasive digitalisation and datafication, the study explores two key senses of the distinction: informational (secrecy vs. openness) and institutional (ownership and purpose, such as state-governed for the common good vs. profit-oriented private ownership). These senses intertwine in practice, influencing who accesses data and who operates and profits from infrastructures, as reflected in policies like the GDPR that simultaneously aim to foster a single market for data and enhance privacy rights. Introducing the concept of data promiscuity—data’s inherent potential to be repurposed across contexts and users—the paper focuses empirically on Denmark, a highly digitalised welfare state, to illuminate how public-private thinking has driven infrastructural transformations and to consider implications for privacy, governance, and the social sustainability of data-intensive health research.

The paper engages a body of social theory and legal scholarship on public/private, privacy, and secrecy. Weintraub (1997) frames the public-private distinction as unavoidable yet complex. Gal (2002) characterises it as a fractal distinction—continually reproduced across scales—and performative, creating moral zones and shaping behaviour. Classic privacy discourse is traced to Warren and Brandeis (1890), with Sennett’s The Fall of Public Man highlighting emergent expectations of anonymity in urban public spaces. Simmel (1950a, 1950b) is used to conceptualise the dialectic of the secret and the manifest and the impossibility of absolute secrecy. Contemporary data scholarship emphasising data multiplicity and relationality (Leonelli, 2016; Prainsack, 2019) and critiques of platform asymmetries and opacity (Crawford et al., 2015; Gehl, 2015; Pasquale, 2015; van Dijck, 2014; van Dijck et al., 2018) underpin the analysis. The review situates GDPR within a property-rights orientation that risks facilitating data exchange rather than protecting privacy, echoing Lyotard’s (1984) anticipation of knowledge commodification. This literature informs the essay’s argument that public/private categories are performative devices shaping infrastructures, access, accountability, and moral attributions.

The study is an essay grounded in qualitative, multi-sited fieldwork focused on Denmark’s digital data infrastructures. Methods include policy analysis; participation in more than 35 meetings, workshops, and conferences; and over 60 interviews with stakeholders in ministries, health data organisations, industry associations, infrastructure builders, data analysts, and activists. The author compiled an archive of materials (reports, news stories, policy papers, institutional homepages, and minutes) to trace institutional histories and ongoing transformations. The analysis is illustrative rather than exhaustive, presenting selected cases that exemplify general trends in informational and institutional shifts influenced by public-private logics and digitalisation.

• Public-private distinction as performative driver: Public/private categories have actively shaped Denmark’s digital infrastructures. New Public Management (from 1983) modelled public services on private-sector ideals (efficiency, competition), increasing demand for performance data and fostering outsourcing to commercial vendors (e.g., CSC/DXC, KMD, NETS, IBM).
• Deep infrastructural integration around unique identifiers: The Central Person Register (CPR, established 1968) assigns each citizen a unique identity number used across taxation, health, social services, and commercial sectors. Although commonly perceived as a public resource, operation has been outsourced (e.g., to CSC), and private actors leveraging CPR-based identity validation are not obliged to contribute data back to public research.
• Digitised public services via private platforms: National systems such as PBS (1968 billing), Dankort (1983), E-Boks (2000; made default for communication with citizens in 2012), and NemID (2003) emerged through state initiatives but are owned/operated by consortia and companies (NETS, IBM, CSC, KMD). Citizens thus access ‘public’ services through commercially delivered interfaces.
• Informational implications (privacy/secrecy): • E-health portal (Sundhed.dk) integrates records, labs, prescriptions; citizen access framed as empowerment (“data belong to citizens”). A “privacy” function was introduced allowing citizens to hide items—even from themselves—while remaining available for administration and research. This addresses coercive pressures from employers/insurers/family to disclose. • High-profile leak: Se og Hør case—an IBM employee working for NETS illicitly provided journalists with credit card/NemID-linked data to track celebrities’ activities (e.g., royal family travel, birth locations). • Everyday concerns: Patients reported discomfort with clinicians or officials referencing data deemed irrelevant to specific encounters, illustrating loss of control over the secret/manifest boundary. • Platform asymmetries: Social media and device ecosystems accumulate proprietary datasets; citizens ‘share’ while platform uses remain opaque, excluding public researchers and enabling unconsented profiling or scraping by third parties. • Loss is not absolute privacy but insight/control: Digital integration multiplies potential viewers and points of access; individuals face “oblivion” regarding who accesses what and when.
• Institutional implications (moral zones, profit/blame): • Unequal distribution of profit vs. responsibility: Revenues from state-sanctioned monopolies accrue to private firms. Example: NETS CEO Bo Nilsson reportedly received >620 million DKK (>€80M) in 2017 and more than double one year later amid equity transactions, with value ultimately funded by mandated citizen use of services. • Outsourcing consequences: CSC’s 2013 layoffs (~900 employees) preceded a leak of ~900,000 CPR numbers due to maintenance lapses; large-scale IT project failures (police system; tax authority system with estimated >100 billion DKK (€13B) lost revenue); 2019 marked by missing data due to failure to update the national patient register. Despite such failures, commercial entities faced limited accountability, while public authorities were blamed for oversight shortcomings.
• Data promiscuity as condition for health research: Data’s relational, repurposable nature undermines fixed subject-matter boundaries (e.g., any data can become health data), making promiscuity both productive for research and risky for individuals.
• GDPR’s dual agenda and property framing: GDPR seeks both market integration and privacy enhancement; portability and individual rights can paradoxically facilitate data exchange and responsibilise individuals, inadequately addressing structural risks.

The findings show that the public-private distinction, treated as a descriptive dichotomy, has performative effects on both informational (privacy) and institutional (ownership, profit, accountability) dimensions of digital infrastructures. In Denmark, modelling public services on private-sector ideals has intertwined public and private operations while reinforcing separate moral zones: profits are privatised, failures and blame are public. Informationally, digital integration expands potential data viewers, creating ‘data promiscuity’ that challenges individual control and traditional notions of privacy. This condition complicates health research’s social sustainability, as trust can erode when individuals experience loss of control or coercive disclosure pressures. The paper argues that GDPR’s property-centric, individual-rights approach is insufficient: treating data as discrete private property enables portability and exchange but does not align with data’s relational, multiple nature. Instead, collective governance mechanisms are needed—e.g., democratically mandated data custodians with clear responsibilities, harm mitigation funds, and prohibitions on harmful data markets (such as certain consumer reporting practices). Rethinking revenue distribution from state-sanctioned digital monopolies and fostering collaboration between critical data studies and data science can help design more socially robust, transparent infrastructures that better protect individuals while enabling research.

The paper contributes the concept of ‘data promiscuity’ to characterise data’s inherent multiplicity and repurposability within digitally integrated infrastructures, and shows how the public-private distinction has actively shaped Denmark’s data landscape—informationally by altering secrecy/control conditions and institutionally by structuring profit and blame. It demonstrates that privacy losses are best understood as losses of insight and control rather than absolute secrecy, and that individualised, property-based protections are inadequate. The author calls for collective, infrastructural governance solutions: democratically appointed data custodians, harm mitigation mechanisms, bans on harmful profiling markets, and fairer revenue distribution from state-sanctioned platforms. Future work should empirically co-develop and evaluate such governance models, integrate technical and social safeguards, and advance collaborations between data science and critical data studies to build socially robust, trustworthy health data ecosystems.

The analysis is illustrative rather than comprehensive, focusing on Denmark as a single national case and drawing on ongoing fieldwork. While based on >60 interviews, participation in 35+ events, and extensive document analysis, the study does not cover all transformations or actors. Access constraints and research ethics preclude sharing full interview transcripts. As an essayistic, qualitative account, findings may not be generalisable across contexts without further comparative research.