I tend to disagree with the common public expectation of “privacy”. I respectfully disagree with the privacy laws common in Europe that put limits on collecting and keeping data on people. Although professionally I greatly respect medical privacy rules, I personally wish we had a different set of rules that put the focus of protection elsewhere. When some court or civil rights organization in some country accuses Google of a privacy breach I tend to think that they bring an outdated, basically wrong, idea of privacy to the debate.
The reason I disagree with privacy is that there’s no such thing. It doesn’t actually exist.
When we think loosely about privacy, in fact, we think about three distinct things:
Discretion: As a matter of politeness, I expect people who are in the know to keep quiet about anything I do that might raise eyebrows. If I download porn, I expect to not hear about it. If I engage in some other vice like gambling, again I expect the people involved in offering the service to be discreet about it. I expect phone companies to not routinely record calls and IT staff to not read emails. I also think it would be right to fire your IT staff if they did. But all that is a matter of discretion. It is not privacy. Privacy would mean people not having access to the information, or your identity. That idea of privacy is an illusion. Many people know or have the power to know, but there’s a social and business norm to be discreet about it. In the end of the day you have to be able to live with breaches of discretion. If the consequences of being exposed are too great for you, don’t do that thing. Discretion is a matter of politeness, not life and death.
Civil rights: Rather than put our faith in dubious attempts to keep personal data out of the hands of anyone who might use it against us, I personally would much prefer having strong civil rights laws that prevent discrimination on the basis of actual or inferred personal information. Instead of preventing employers from finding out about someone’s religion, sexual orientation, etc. have strict anti-discrimination laws and a low presumption of guilt threshold making it counter-productive for employers to even appear to select based on this information. Instead of keeping medical records out of the hands of insurers, have policies such as ObamaCare that make it illegal for that information to adversely affect someone’s financial or health interests. Assume that the government is spying on you, because it is, but have strong civil liberties laws and organizations that ensure no actions can be taken on the basis of your political beliefs.
Security: When discretion and civil rights fail, and you need to be a whistle-blower or even a revolutionary under an oppressive regime, you need real informatics security. But security is not for the faint-hearted. Security means having computers that are free of technical vulnerabilities or intentional back doors that would reveal your secret communications. It means signing up to services without ever declaring or even revealing hints of your identity. It means storing encrypted information so that even those who own or can impound your hardware can have no access to the data. Real security means maintaining absolute personal discipline in terms of security hygiene: Never reusing a password, writing it down, or ever typing it into anything that might not be the real system you are accessing. It means never mixing the secret and the open parts of your communications, but behaving as if the secret you were a completely different person. Real security is extremely difficult to pull off, even for professionals. If your life depends on it, a casual attempt at security will likely get you arrested and tortured. If at all possible, do not bet on security.
So when I hear lay people express some “privacy” concern, I feel that they are actually after discretion, but they express it as an expectation of security: The service should not know my true name, my location, etc; it should be impossible to get information x out of the system; etc. This is just a mis-appreciation of what informatics technology does and how it is managed. At the same time, I despair at the total lack of a civil rights expectation, which should be first and foremost in protecting the individual.
As a practical example, I expect Google to be discreet about my street location unless I expressly mark it for sharing. This is simply to avoid social annoyances and pressures. I also consider it a civil right, usually violated, to not face discriminatory pricing or content selection based on the country from which I’m connecting to various services. If I wanted actual security I’d go out without my phone or I wouldn’t tell the US government my email address (and hence Google account) on the I-94 form.
In the long run, every social arms race has been settled with a law of principle, not a law of technicality. It is illegal to defraud people or steal their money, no matter how it’s done. The law is about not stealing; it’s not about having impenetrable vaults or crack-proof payment systems. By the same principle, the public good should be based on civil rights as the ultimate guardian of diversity and personal freedom. Some amount of security and discretion help, but the buck has to stop with human civil rights, not with technology.