Few would disagree that we live in an age of data exploitation, where blanket data harvesting without regard for privacy rights is the norm. In such a time, your privacy has never been more crucial, and yet many believe it is already a lost cause.
It is not.
Your privacy has been put on the back burner, and in order to keep it, you have to care about it. Privacy is about self-sovereignty and genuine individual agency. As such it is vital it ends up in the right hands.
At the bottom of privacy is human information and data, and this is important because we understand what this information confers about human beings. If our ability to be authentic, to reach our potential and to be fulfilled as free humans is important to us, we have to care about the rules that apply to information about us. In a modern society that is heavily structured around information and data, privacy could not be more central to a future where freedom reigns supreme.
When you shop online, read the news, watch a video, look something up, look for directions or anything, you are relying on infrastructure built on information. From a practical perspective, this information must be reliable. Therefore privacy matters.
What is privacy?
Often enough, people mix concepts of privacy, security and anonymity. You’ll hear criticisms about a product having ‘no privacy’, when what they really mean is that it doesn’t provide uncompromising anonymity. These three concepts must be understood in order to reach consensus on privacy rights.
Privacy is the guarantee that your data is only seen by the parties you agree can view it. The number can be zero, two, twenty, a hundred – provided mutual assurances are respected. In the context of a chat application, for example, end-to-end encryption provides privacy by ensuring that messages are only visible to yourself and the recipient.
Security is the ability to trust the application layer you use, and that all parties involved are who they say they are – keeping those applications safe. For example, when browsing online, security can be provided by HTTPS certificates. These certificates prove that you are speaking directly to the website you’re visiting, all the while keeping potential attacks on the network from reading or modifying the data packets sent back and forth through the website.
Anonymity is the ability to do things online without having an identifier tracking your every move. This can be mostly achieved using the Tor network, which allows users to browse the internet using randomised/scattered IP addresses instead of your own.
Pseudonymity falls within similar confines, but users have a persistent identifier without it being directly connected to your real identity. For example, if everyone knowns your internet persona (in-game for instance) as @xXxPussySlayerxXx, but none of them know your real name, then that is your pseudonym.
Privacy vs secrecy
“I have nothing to hide, so why should I care?”
Besides the questionable logic behind this statement, having “nothing to hide” misses the point entirely. Privacy is a precondition that underpins freedom of speech, association and assembly; all of which are mission critical to a free, democratic society. Privacy is not secrecy, but rather the power to selectively reveal oneself to others. It empowers self-sovereignty and individual agency.
It isn’t a coincidence that the phrase “if you have nothing to hide then you have nothing to fear” is often found in dystopian films, where nefarious agents intentionally misrepresent the issue for their own devious exploits.
Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.
– Edward Snowden
Is privacy about control?
A common definition of privacy is that it is the ability to control who has accesses to your data. This is a trap which sounds appealing, but doesn’t work in practice.
Take cookie consent forms, for example. You probably encounter dozens of these each day on various website, with a long list of checkboxes and pretty sliders which let you “curate” your preferences to your needs. Ultimately, most people just hit the “I agree” button and read the article or make the purchase. Nobody wants to complete a privacy audit for every single website.
This situation is not a coincidence, but the result of choice architecture, specifically designed to direct you towards the easy route instead of reading through a maze of configurations that have no reason to be there in the first place. The whole point is to create convolution so that you’re more likely to give up your data out of frustration of the cumbersome process.
In reality, privacy control in most applications or webpages is all a front. On the dashboard you’re presented with all kinds of options, but rarely do these choices mean what they say; such as “use my data for personal/relevant adverts”. This type of deliberate design is aimed at making you feel guilty about your choices; that you “had the choice” to make the applications you use more private and you chose not to.
Bear in mind, the vast majority of software and services use this method to operate by default. And in fact, most applications cannot be adapted to be private because privacy needs to be baked into the software at the base-layer by default, instead of an afterthought or something to pay lip-service to as it is today.
Privacy, freedom and censorship
Loss of privacy is a stepping stone to losing one’s freedom.
Specifically, free speech is threatened through blanket internet usage surveillance and monitoring, and the effects are widely on display today. For example, shadow-banning, algorithmic censorship through keyword selection and viewer throttling have their routes in an open disregard for first principles that are erroneously taken for granted. Sharing ideas and information publicly is a personal choice, but if privacy is not respected, then why should your ability to speak and be heard in public be respected?
The consequences of disregarding privacy at the base-layer of both public square infrastructure and private software is not only individual, but social too. In fact, the chilling effect that arises creates an increasingly mediocre public square, devoid of otherwise reasonable debate and rhetoric that is necessary in a functioning, healthy democracy.
Knowing that you are being watched and surveilled in private, and then being penalised for having the ‘wrong opinions’ in public makes you less likely to behave normally, and more likely to self censor. This is true on social media platforms such as Facebook or LinkedIn (and until recently Twitter), which were originally meant to be the public square. In recent years, growing efforts to replicate censorious protocols on private messaging apps by outlawing encryption have been tabled too, such as in Europe’s controversial Chat Control Bill. It’s all in an effort to ‘protect the children’, you see?
Facebook Messenger, and potentially even Whatsapp are already private in-name-only. If your private communications are under surveillance, then presumably nothing is off the table for governments and tech giants, including your biometric data and what you do in your living room. If misguided and arguably Machiavellian surveillance ideas to ‘protect a vulnerable group’ are accepted and baked into applications, then that obliges people into thinking they’re suspects of potential wrongdoing until proven otherwise.
This is an inversion of the rule of law, common decency and progress.
Similarly, if real time location data is required for applications to work, then your freedom of assembly is now threatened due to constant tracking of your phone. Can the public really afford to risk the benefits of free association, the social change brought by activists and campaigners, or the right to protest?
The elephant in the room is this: have we simply built public and private communications infrastructure the wrong way around?
Democratic freedoms are all interlinked and are under increasing stress, as unscrupulous public servants and untrustworthy companies say one thing and do another. More and more, surveillance applications rely on their addictive design to keep you going back and forgetting about the problematic long-term consequences if privacy is viewed as a thing of the past. The slippery slope is not sudden, but it is extensive, in particular because we rarely take into consideration the second and third-order effects that arise from disregarding privacy at the protocol layer.
As government administrations change, and next generations are led to believe deeply warped notions of human rights, the potential for collapse of freedom grows exponentially without pushback. Building surveillance into our systems will mean that freedoms we take for granted will cease to exist.
Privacy exists to the degree that you’re willing to defend it. So defend it. Start here.
Privacy is rarely lost in one fell swoop. It is usually eroded over time, little bits dissolving almost imperceptibly until we finally begin to notice how much is gone.
– Daniel J. Solove