What is the right level of privacy we are entitled to expect on the web? The answer is expanding and contracting by the day, but not only because legislators in Europe are attacking cookies and newspaper stories, or that people are figuring out that “free” Facebook comes with a cost and are starting to pay attention to their privacy settings.

The very notion of what is supposed to be private and what isn’t is surprisingly subject to change across borders and even within countries over short periods of time. The right to privacy sounds good, but means nothing until you know what’s supposed to be off-limits.

Take your salary. How much you make at work is nobody’s business and the IRS can’t even share your information with other government agencies. Except as pointed out by Taxhistory.org, Congress has twice allowed the public to look at tax records – once during the Civil War, and then again for two years in the 1920s.

That would be unthinkable for many today, but why should it be? If you don’t want people to know how much money you have, why should they be able to look at a copy of the deed and mortgage for your house, to see that you paid $2.5 million and financed almost all of it? That’s standard procedure in the U.S. (and by the way is a great way to figure out what someone’s side company in Delaware is called: people often buy a house and then sell it to their new company).

Now skip on over to Norway, where everyone’s income tax records are a matter of public information. You can look them up here. Norwegians value their privacy, but just don’t define privacy as including the amount of money they earn.

Looking up old newspaper stories is a research tool many of us have enjoyed using for years. If you think a newspaper got it wrong, you have libel laws and can get the paper to run a correction. But now with Google comes a newly sought  “right to be forgotten.”  The Spanish Data Protection Authority is taking the side of a doctor who’s grown tired of seeing an old El Pais newspaper article about his alleged malpractice sticking around on the web all these years. 

Of course, taking something off Google doesn’t mean it will be forgotten. In the dark days before Google – prior to 1998 – we could still find out plenty of things about people’s pasts. This involved reading old newspaper articles and looking at courthouse records to see who had sued them, and then talking to relevant people to figure out what might have happened.

Since that’s what we do today in addition to looking at Google, the right to be forgotten is really just the right to kick bad stuff off Google.

Unless the right to be forgotten is just a first wedge toward real advances in privacy that cross the line into what many of us would call censorship. Would privacy advocates want the El Pais archives closed to the public? What about court records? We shred old traffic violations in many U.S. states after two years, but what if some of Bernard Madoff’s underlings were able to serve their time, get out of jail and have their court records and newspaper coverage made off-limits to new investors?

This is where Google’s global privacy counsel Peter Fleischer is going on his personal blog:

Privacy is the new black in censorship fashions. It used to be that people would invoke libel or defamation to justify censorship about things that hurt their reputations. But invoking libel or defamation requires that the speech not be true. Privacy is far more elastic, because privacy claims can be made on speech that is true.

No fewer than seven pieces of privacy-related legislation have either been introduced in the U.S. House or soon will be, says Bob Sullivan in a thoughtful privacy column at MSNBC.com.

Given that privacy can mean so many things to so many people, there may be a lot more heated debate over the contents – not to mention legal challenges — than is happening in Europe today.