There is no “privacy”

I tend to disagree with the common public expectation of “privacy”. I respectfully disagree with the privacy laws common in Europe that put limits on collecting and keeping data on people. Although professionally I greatly respect medical privacy rules, I personally wish we had a different set of rules that put the focus of protection elsewhere. When some court or civil rights organization in some country accuses Google of a privacy breach I tend to think that they bring an outdated, basically wrong, idea of privacy to the debate.

The reason I disagree with privacy is that there’s no such thing. It doesn’t actually exist.

When we think loosely about privacy, in fact, we think about three distinct things:

Discretion: As a matter of politeness, I expect people who are in the know to keep quiet about anything I do that might raise eyebrows. If I download porn, I expect to not hear about it. If I engage in some other vice like gambling, again I expect the people involved in offering the service to be discreet about it. I expect phone companies to not routinely record calls and IT staff to not read emails. I also think it would be right to fire your IT staff if they did. But all that is a matter of discretion. It is not privacy. Privacy would mean people not having access to the information, or your identity. That idea of privacy is an illusion. Many people know or have the power to know, but there’s a social and business norm to be discreet about it. In the end of the day you have to be able to live with breaches of discretion. If the consequences of being exposed are too great for you, don’t do that thing. Discretion is a matter of politeness, not life and death.

Civil rights: Rather than put our faith in dubious attempts to keep personal data out of the hands of anyone who might use it against us, I personally would much prefer having strong civil rights laws that prevent discrimination on the basis of actual or inferred personal information. Instead of preventing employers from finding out about someone’s religion, sexual orientation, etc. have strict anti-discrimination laws and a low presumption of guilt threshold making it counter-productive for employers to even appear to select based on this information. Instead of keeping medical records out of the hands of insurers, have policies such as ObamaCare that make it illegal for that information to adversely affect someone’s financial or health interests. Assume that the government is spying on you, because it is, but have strong civil liberties laws and organizations that ensure no actions can be taken on the basis of your political beliefs.

Security: When discretion and civil rights fail, and you need to be a whistle-blower or even a revolutionary under an oppressive regime, you need real informatics security. But security is not for the faint-hearted. Security means having computers that are free of technical vulnerabilities or intentional back doors that would reveal your secret communications. It means signing up to services without ever declaring or even revealing hints of your identity. It means storing encrypted information so that even those who own or can impound your hardware can have no access to the data. Real security means  maintaining absolute personal discipline in terms of security hygiene: Never reusing a password, writing it down, or ever typing it into anything that might not be the real system you are accessing. It means never mixing the secret and the open parts of your communications, but behaving as if the secret you were a completely different person. Real security is extremely difficult to pull off, even for professionals. If your life depends on it, a casual attempt at security will likely get you arrested and tortured. If at all possible, do not bet on security.

So when I hear lay people express some “privacy” concern, I feel that they are actually after discretion, but they express it as an expectation of security: The service should not know my true name, my location, etc; it should be impossible to get information x out of the system; etc. This is just a mis-appreciation of what informatics technology does and how it is managed. At the same time, I despair at the total lack of a civil rights expectation, which should be first and foremost in protecting the individual.

As a practical example, I expect Google to be discreet about my street location unless I expressly mark it for sharing. This is simply to avoid social annoyances and pressures. I also consider it a civil right, usually violated, to not face discriminatory pricing or content selection based on the country from which I’m connecting to various services. If I wanted actual security I’d go out without my phone or I wouldn’t tell the US government my email address (and hence Google account) on the I-94 form.

In the long run, every social arms race has been settled with a law of principle, not a law of technicality. It is illegal to defraud people or steal their money, no matter how it’s done. The law is about not stealing; it’s not about having impenetrable vaults or crack-proof payment systems. By the same principle, the public good should be based on civil rights as the ultimate guardian of diversity and personal freedom. Some amount of security and discretion help, but the buck has to stop with human civil rights, not with technology.

3 thoughts on “There is no “privacy”

  1. Well yes, Instead of having some of these privacy rules (that can not be completely applied anyway, and that in the same time hinders the availability of the information to legitimate askers), while real basic human rights are being hiden away using some fancy word play, it is better to play in the open for everyone. That is one basic part of a free society and a free economy.

  2. “I personally would much prefer having strong civil rights laws that prevent discrimination on the basis of actual or inferred personal information.”

    Yeah, but… if you are not allowed to discriminate (i.e. act differently) on the basis of some published fact, then it isn’t really information. Information is any difference that actually can make a difference, right?

    OK, so I’m pedantically fascinating on your phrasing, but there is an underlying issue here. Law that formally distinguishes different usage policies for information seems really difficult; isn’t it the sort of technical law that you seek to avoid? I don’t see how to express “strong” laws of obvious principle here.

    I advocate societal norms (“discretion”) here rather than law. If you can’t trust those enough, don’t publish; or in extreme cases, encode an agreement about what uses of guarded information are allowed in a contract, and use existing law to enforce such a signed agreement.

    I do agree that technical measures (“security”) to control the use of information are also very hard to make work. I always find it ironic that libertarian orgs typically make the pragmatic case against DRM very well but still believe maybe there can be clever protocols to enforce privacy intents.

  3. Privacy is certainly the wrong word to use for most ‘privacy’ issues. Really people are talking about abuses of power, interference with autonomy and security of the individual.

    Privacy can exist in networked system but only when privacy by design is implemented. Most commercial operations, however, do not like this model as it limits their options for monetizing. It basically leaves them with no choice but the paid subscription model.

    I suspect the word privacy is instinctively appealing mainly due to our evolutionary past. The outrages felt are similar in emotional content to those of physical privacy invasion which are much easier to intuit based on our biological heritage. Evolution tends to reuse preexisting neural features much like moral disgust hijacks same responses as disgusting smells and creepy insects.

    This is a massive problem though. A social one. We are more easily duped into trusting people we shouldn’t and most likely wouldn’t if we knew who was operating the strings for real. There is even no way to ensure informed consent. Consent sure, but never truly informed. Just consent to be duped.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s