Skip to main content

Privacy does not imply secrecy

The debate around surveillance, government overreach, NSA, Prism, XKeyScore has been split in two categories. Well, three actually. The first will be the government, which feels that all this is justified, because "think of the children." They justify the stripping away of the civil liberties of not just their own citizens, but those all across the world for the purpose of supposedly protecting their own. Cluck cluck.

The other two camps are the people who are subject to this surveillance. One camp argues that they have "nothing to hide." The other camp argues for increased encryption, and these are camps that will create PGP keys, hold keysigning parties, encrypt everything lest the government gets their data. I think both camps miss the point.

Privacy is not the same as secrecy. I know what you do in the toilet, that does not mean that you will leave the doors open, or let the toilet walls be made with glass. Humans have evolved to respect privacy, the confidence of knowing that we all have our own "private" spaces, which are free from any infiltration by others. So, if I write an email or a text message, I should not have to encrypt it in order to feel confident that my message will be read by the intended recipient and no one else. That's privacy. It means that in my house, I have a right to not be disturbed by anyone else, because my house is my private space.

However, privacy does not apply only to private places. Public places can also offer a reasonable degree of privacy. Let's consider a hypothetical scenario where I wish to avoid an inconvenient dinner with someone, and I use a little white lie to wiggle out of the appointment. Then, I go to another restaurant for dinner, and I have a reasonable expectation that the other person will not find out. My sense of privacy is limited to one person not finding out about this, and this sense of privacy is statistically guaranteed. If I don't go to a place frequented by the other person, or any of our mutual friends, I can get a "reasonable expectation of privacy."

Consider the impact of technology on this expectation. Foursquare places a public tweet that I was at a certain restaurant. The other person finds out. Disaster.

Now, consider a hypothetical human to represent technology. We would not mind being in this person's sights anywhere, until we find out that this person has an infinite memory and knows everyone. Worse, this person is always hovering above our shoulders, noting and remembering everything we do, everything we speak. Wouldn't any "reasonable person" freak out?

The trouble with technology is exactly this. Technology knows what we do at all times, and has in infinite amount of memory. It is this facet that freaks me out. Think about it --- Google knows where I have been at any time of the day. It searches for patterns in my behaviour, and tries to sell me advertising that's targeted to fit my patterns. Using credit cards gives away my identity to every store there is. My bank knows what I buy, and where. My cell phone company is tracking me through tower information. Further, given the extremely cheap storage, it's highly unlikely that this data will be deleted in the time-frames that I'm concerned about.

I realise that some basic information has to be sent in order for me to get the data I'm looking for. When I send an email, it goes through a number of servers over the world, and this is essential to the nature of email. Heck, I wouldn't mind sending plain-text email without any encryption if I were guaranteed that no one would snoop on the email on the way. Now that I know that people will snoop on my email, I'm uneasy about sending email in a plain-text form. So, I go ahead and create my PGP keys. The keys reside on my laptop, I did exchange them with exactly two people so far. Two of the hundreds that I interact with. And exactly zero of the two would like to receive encrypted emails by default.

I'm tightly integrated in the Google ecosystem. My university uses Google Apps, I use GMail as my primary personal account, and my phone is an Android, which means that I'm floundering in the Google moat around Google's ad castle. I have a smartphone because I need access to email on the go, my advisor has sent emails a few minutes before the meeting to let me know that the meeting has been cancelled or rescheduled. A traditional email setup would never work in this case. It just makes sense to send plain-text emails instead of encrypting them in this case. So, convenience prevents me from using the secrecy that has now become essential to privacy.

At the same time, the privacy of my communications is dictated by the privacy policies of the people I'm communicating with. This has always been the case, but it plays a new and important role now. Traditionally, I could write a letter with the expectation that the recipient would not allow anyone to read the letter without due reason, and in a way that respects my privacy. If the recipient decided to publish my letter in a book, my privacy would be violated because the recipient did not respect my privacy in the first place. The same thing holds true today. The privacy of any communication is dictated by the worst privacy practices of the parties involved. This means that if you use a secure email service like MyKolab, which guarantees very good privacy; but I use Google Apps, our communication will be as private as Google Apps allows. If I use encryption but you don't, our conversations cannot be encrypted.

The second factor responsible for "privacy is dead" is the "nothing to hide" camp. Now, I may be making an overly general statement here, but the "nothing to hide" camp believes that if they do start encrypting their email and other communication, they will appear as "outliers" who have something to hide, thereby increasing their chances of being under surveillance. Almost all my friends and contacts fall in this category. They agree that surveillance is bad, they want their privacy, but are too afraid to demand privacy by adopting basic practices. Now, these practices are repugnant to me, because they require secrecy, which happens to be a superset of privacy, and which requires much more care. A message can be sent in private, but a secret message has to be encrypted with keys that cannot be "left around" in multiple places. A great deal of care is required when writing "secret" messages because most of the algorithms for secrecy do not support forward secrecy. So, if any one message is compromised, all others may be.

The enhanced practices needed for secrecy mean that I need to carry my laptop around every where I go. I don't trust my phone to store my private keys, because Android is filled with backdoors that allow Google to access my phone, and which may or may not give Google access to my phone's contents. So, I find myself in a very uncomfortable place. I need to send email, but I cannot do so securely without

  1. The recipients using the same privacy practices I use.
  2. A lot of inconvenience to myself.

On the other hand, all existing services I use can assure me privacy without any inconvenience of secrecy. They just don't.

There's a great opportunity here. According to the capitalist philosophy, consumers can demand what they need. They can accomplish this using "dollar votes," by using services that respect their privacy. DuckDuckGo is a great search engine which promises to not record your search activity. MyKolab is a great service for private email and file storage --- because it is located in Switzerland, we can be reasonably certain that we'll be protected by Swiss privacy laws, which are the strongest in the world, and which are respected by the government. RedPhone and TextSecure by Open Whisper Systems are great apps for Android (iPhone versions coming soon) that encrypt calls and text messages respectively. Other people can fill in the niche that's left in terms of privacy apps and services.

Remember, we only ever get the rights we fight for, and forgo the rest. I cannot but insert an Orwell reference here. Do we want to go from "all animals are equal" to "all animals are equal, but some animals are more equal than others"?

Privacy does not require secrecy, but if secrecy is the only way to ensure privacy, then let's go with secrecy.

Software and services that respect your privacy

  • Duck Duck Go --- Search
  • MyKolab.com --- private email, calendar, file storage. Note that I have not used this service, as I find it costly, and because it's purpose is defeated by the insecure practices of my correspondents.
  • Open Whisper Systems --- RedPhone and TextSecure apps for Android (iOS versions coming)
  • DoNotTrackMe --- A browser extension that prevents companies from tracking you
  • HTTPS Everywhere --- Another browser plugin, which enables HTTPS wherever available. HTTPS is an encryption layer over HTTP, which prevents people from snooping on your web browsing.
  • GnuPG --- The GNU Privacy Guard, a suite of encryption software and software that's designed to protect your privacy. Available on all platforms, use GPG to encrypt email, files and more.

Comments

Popular posts from this blog

ERROR_SUCCESS

ERROR_SUCCESS. This macro would be familiar to all those who have done some programming in WIN32. It is the output of the GetLastError() function to check the thread's last error state when no error has occurred. Weird, isn't it? I mean, if it is a success, then why is it marked as an error in the macro? This is one example of a badly made API. APIs are considered bad when programming in them becomes non-intuitive. Software is said to be bad (or said to suck) when it seems counter-intuitive to the user. There is one very simple example of this. Start notepad. Type in any text. Click on close. The message that you see is: This makes no sense to me as a user. Of course, the programmer follows the approach that he creates a temporary file called Untitled , and in that file he allows the user to make all his changes. But how am I, as a user to understand that? A similar disconnect occurs even between two different programmers. That is why it takes a whole lot of effort to make

On Harry Potter and why I dislike the series

There could not be a better time for this post. There could not have been a worse time for this post. Now that the penultimate movie of the series is out, and my facebook wall filled with people who loved the movie. But this is something I really wanted to say, and I shall say it anyway. Harry Potter is pathetic literature. Now, you must be wondering why I say that. There are many reasons. Firstly, the storyline itself is flawed. When a writer sits down to write anything, he/she must set up some essential rules about what is happening. These rules must remain constant irrespective of how many times he/she changes his/her mind. This is so that the readers are allowed to have some sensibility in what they are reading. In the fourth book, Rowling goes ahead and kills Cedric. Then, at the end of the book, the horseless carriages are there again. Nothing special. We all knew that they are horseless. But then comes the fifth book, and BAM, the horses are actually winged beasts that only thos

An experiment

Experiment: the testing of an idea. This post follows from my post on stats and posting . I do observe a number of pageviews from countries other than my own, and often wonder, how many people are really that free to read up a seemingly random blog? How many actually end up reading more than the first few lines? I have decided to create a blog which I shall not publicise in any way. I shall put up seemingly random posts there, but not post the URL on Buzz, Facebook or Twitter, in other words, not thrust the blog upon my friends. What do I hope to see from this experiment. I suppose that it would give me some idea about the number of people who happen to visit my blog from various sources, those who do not have the blog thrust upon them. As to the question about how many people end up reading more than the first few lines, checking that would be much difficult. Can someone suggest a good method? Why do I wish to do this experiment? Because I am hopelessly jobless. Will I share my