I don’t have anything to hide, says the virtuous citizen, in sacrificing their privacy to companies and the state. They’re wrong.
Protecting privacy in the digital age is a chore. It may even be impossible. But it’s worth a valiant attempt.
People use unencrypted forms of communication even for highly sensitive and confidential information. People share their personal lives with platforms run by corporations that profit from selling personal data to advertisers. People store customer data in unprotected files, or cloud storage.
Everyone is always on their phones, and many have handed over the management of their lives to artificial intelligence systems that follow their movements, read their calendars, learn their habits, and plan their days.
Meanwhile, governments around the world (including in South Africa) engage in bulk surveillance of citizens, even if they are not suspected of having committed any crimes or posing any threat to national security.
One might well argue that privacy is dead, given how much of it has been sacrificed on the altars of either security or convenience.
It isn’t, however, and there are good reasons to continue the fight to preserve what privacy we can.
I have nothing to hide
The stock answer to concerns about privacy is something along the lines of, “Well, I don’t care, because I don’t have anything to hide, and those who do shouldn’t be able to hide.”
That answer is deeply mistaken, however.
If you think you have nothing to hide, may I impose upon you to install web cams in your bedroom and bathrooms? Would you please send your competitors your strategic business plans and contracts with vendors? Would you disclose your credit card number, with expiry date and the card verification code on the back, with a sample of your signature, by email? Would you care to let all your exes know your address, phone number and social media handles?
How about distributing transcripts of your therapy sessions to your neighbourhood friends, or sending your medical records to your work colleagues?
Oh, and do send nudes.
Everyone has things they would rather hide, and most people, though innocent of any crime, have things with which they can be blackmailed, entrapped or strong-armed.
As for crimes, there are so many crimes that even specialist lawyers have to look them up. It is unlikely that anyone can live a year, let alone a lifetime, without having broken some law, in some manner. All you need is a motivated prosecutor – motivated by bribery, vindictiveness, or politics – to construct a case out of the detritus of your private life.
It’s not about you
There’s a deeper problem with the “I have nothing to hide” argument, though. You’re essentially saying that because you have nothing to hide, the privacy of others doesn’t matter.
This also implies that the only things people would want to hide are unlawful things, or negative things.
That isn’t true, either. People have all sorts of reasons for wanting to keep information private. They might fear public ridicule over kinky preferences, or shame over present or past medical problems, like alcoholism or incontinence. They might fear discrimination over mental health issues. They might be semi-famous, and not want their private lives be judged by the media and the general public.
Journalists, doctors, bankers and lawyers, in particular, have reasons to keep information private. Exposing the confidential information they posses can severely prejudice the rights of others, and even threaten their lives.
…until it is
It isn’t about you, they’ll say. Your information – including your compromising but legal photos – will never even be seen by human eyes. It will be lost in the mass of data, and be picked out only when unlawful activity is detected by the system.
That’s also not true. It isn’t about you, until it is.
At any moment, you may become the subject of a targeted surveillance campaign. You might bid on a government contract, or apply for a government job. You might offend an authority figure with a letter to the editor. Your opinions might threaten the position of a powerful politician.
It’s one thing for a judge to authorise surveillance, if authorities provide sufficient cause. It is quite another for all that data to already be available for everyone, requiring merely a database search to unearth.
Corporate data collection
It is also important to retain some level of privacy with companies you do business with, especially online.
Back in the day, pharmacies and video stores sold our addresses to junk mail companies. That still happens, of course.
But there’s a more insidious thing going on. Companies are not only hyper-targeting you with advertising, promoting exactly what you might want, but they are subtly manipulating you.
This is most obvious with sites like YouTube or Google, where your viewing or search history can drive you relentlessly down an ever more extreme partisan path, feeling all along that you’re in good company.
This also happens with retail companies. They generate desires in potential customers, play on the fear of missing out, create and reinforce trends and fashions, and then pitch what you think you need at a price that’s as high as they think you’re prepared to pay, based on your historical retail behaviour.
Crime threat
A critical argument for privacy, and for not permitting governments to backdoor encryption systems, is that if anyone else can access your private data, then criminals will do so.
Even the largest companies and the most sophisticated governments have been breached, leaking sensitive private data to organised criminal networks.
If the government has access to your private data, then everyone does.
Once in criminal hands, they can use that data for any of a range of nefarious purposes. They can craft convincing phishing messages that trick you into revealing banking passwords or company information. They can steal your identity and drain your bank account, or take out loans for themselves against your name. They can extort you for money, threatening you with exposing personal photos or sensitive information such as mental health records.
(Ironically, while sextortion – in which criminals obtain embarrassing photographs and threaten to distribute them – is real, merely claiming that they have compromising photographs is also a common deception used to scam people.)
Bad actors in government can abuse government surveillance data to influence contracts, extort money, redirect social welfare payments, or pressure dissenters.
Personal information from data breaches is sold on the black market because it has value. The fact that such data has value to criminals means that you always have something to hide.
Cover yourself
Surrendering some privacy for security or convenience is inevitable. In some ways, privacy is already a myth.
But there are both reaons and ways to minimise your profile online, and secure your most sensitive information.
From using securely encrypted messaging platforms such as Signal, to installing advertising blockers and limiting your browser’s use of cookies, to installing a password manager that generates secure passwords, to using two-factor authentication for important logins, to using a virtual private network for sensitive work, to ensuring that your cloud storage is encrypted, it pays to invest a little time and effort into locking down your data.
Spend some time with Discover Privacy or Privacy 101, or, for in-depth (albeit US-focused) information, visit the Electronic Frontiers Foundation.
Unless you’re a counter-surveillance expert and you’re willing to give up a whole lot of convenience, you can’t keep all your data private anymore, but you can protect the most important stuff.
You can also resist attempts by governments to expand their surveillance powers, and support attempts to regulate the corporate use of private data.
Privacy matters, even if you think you have nothing to hide.
[Photo: privacyscreen.webp – Antique black-laquered Chinese privacy screen with multiple scenes of ladies in gardens, flowers and fu dogs (lions) made with stone and mother of pearl inlay. Photo by Silk Road Collection on Flickr, used under CC BY-NC-SA 2.0 licence.]
The views of the writer are not necessarily the views of the Daily Friend or the IRR.
If you like what you have just read, support the Daily Friend.