Not every privacy breach is a form of surveillance. The rules and procedures regulating under which circumstances and to what extent intrusion is legitimate, are legally classified in concepts like observation, surveillance, oversight, right of intervention, identity verification, etc. They pose different levels of restriction of privacy rights. These definitory differences are important to discern democratically legitimated surveillance from illegitimate intrusion.
These differences matter to create nuance in the monopoly on violence of states and the way how states provide for societal security and stability.
These differences matter because democratic state actors are regulated differently than private actors. Public actors are regulated preventively: all tasks and powers of state actors have to be explicitly written. All the things that are not explicitly allowed by public law, are forbidden. Private actors are regulated ex post: prohibitions need to be explicitly written in law. In civil law all actions that are not explicitly prohibited are allowed. This is the core regulatory principle of a democracy -and an essential difference to an autocracy.
Now that the information interdependence between states and private actors is growing, differentiation is crucial to avoid the erosion of fundamental principles of the law dogmatic in a democracy. And old questions need to be discussed again in the face of new technologies: To what extent and intensity can be public space documented? Are there specific actors that should have higher restraints in what they document in the public space? What is surveillance in time of big data?