--- Subscription Options ----------------
Subscribe to this blog via RSS

Recent Posts

Monday, August 24, 2009

This post concludes a series on privacy, stemming from Cory Doctorow's book Little Brother (on the Libertarian Reading list).

A common response in support of trading privacy for security is "I have nothing to hide" or some variation to that regard. However, the "nothing to hide" argument assumes privacy is about secrecy/deception, or as Bruce Schneier puts it, "...they accept the premise that privacy is about hiding a wrong. It's not." Rather, privacy is most often an issue of accountability and trust.

Here's an extreme example of this point from Little Brother:

There's something really liberating about having some corner of your life that's yours, that no one gets to see except you....There's nothing shameful, deviant or weird about [getting naked or squatting on the toilet]. But what if I decreed that from now on, every time you went to evacuate some solid waste, you'd have to do it in a glass room perched in the middle of Times Square, and you'd be buck naked?
However, one of the handicaps in the battle against privacy invasion is the vague definition attributed to "privacy." Daniel J. Solove does not attempt to provide one standard definition, instead referring to privacy as a "web of related problems."

This web goes beyond the typical complaints of surveillance, including information processing and dissemination. Solove expanded, "The problems still exist regardless of whether we classify them as being 'privacy' problems."

Since "I have nothing to hide" is a poor argument, Solove rephrased it to make it stronger:
The NSA surveillance, data mining, or other government information-gathering programs will result in the disclosure of particular pieces of information to a few government officials, or perhaps only to government computers. This very limited disclosure of the particular information involved is not likely to be threatening to the privacy of law-abiding citizens. Only those who are engaged in illegal activities have a reason to hide this information. Although there may be some cases in which the information might be sensitive or embarrassing to law-abiding citizens, the limited disclosure lessens the threat to privacy. Moreover, the security interest in detecting, investigating, and preventing terrorist attacks is very high and outweighs whatever minimal or moderate privacy interests law-abiding citizens may have in these particular pieces of information.
While this argument is stronger, it is still flawed. First, the original assumption of "hiding a wrong" remains. Second, intense data mining, especially impersonally by computers, looks for irregular/nonstandard trends in collected data. Essentially, this data mining approach creates suspicion out of irregular/nonstandard behavior. This promotes conformity and discourages free expression, as the surveillance of even legal activities discourages their use.

Advocates of security over privacy will often justify their position on data mining by touting the technology as the solution to finding a needle in a haystack. However, the combination of surveillance and processing created the haystack in the first place. These techniques also create a problem known as the false positive paradox.

Wikipedia provides a good definition and example:
If there is a medical test that is accurate 99% of the time...about a disease that occurs in 1 out of 10,000 people, then the expected value of testing one million people would be the following:

Healthy and test indicates no disease (true negative)
1,000,000 * (9999 / 10,000) * .99 = 989901
Healthy and test indicates disease (false positive)
1,000,000 * (9999 / 10,000) * .01 = 9999
Unhealthy and test indicates disease (true positive)
1,000,000 * (1 / 10,000) * .99 = 99
Unhealthy and test indicates no disease (false negative)
1,000,000 * (1 / 10,000) * .01 = 1
However, as Doctorow points out in Little Brother:
Terrorists are really rare. In a city of twenty million like New York, there might be one or two terrorists. Maybe ten of them at the outside. 10/20,000,000 = 0.00005 percent. One twenty-thousandth of a percent.

Terrorism tests aren’t anywhere close to 99 percent accurate. More like 60 percent accurate. Even 40 percent accurate, sometimes.

What this all (means) is that the Department of Homeland Security (has) set itself up to fail badly. They (are) trying to spot incredibly rare events - a person is a terrorist - with inaccurate systems.
Let's assume that a terrorist test is 80 percent accurate. In New York City, the test would indicate false positives for over 4 million citizens. Instead of finding 10 terrorists, the test would label millions of citizens, who likely love their country, as enemies of the state.

Unfortunately, the U.S. judicial system has consistently ruled in favor of security over privacy. Solove concludes, "...the lack of Fourth Amendment protection of third party records results in the government’s ability to access an extensive amount of personal information with minimal limitation or oversight."

The courts ruled this way because plaintiffs were unable to meet the court's demand to prove harm caused by privacy invasion. However, like the environment, overtly harmful single events rarely occur. Rather, harm occurs as very small events compile over time.

The extent of harm caused in an individual case should not be the judicial litmus test for its legality. In Smith v. City of Artesia (1989), the court ruled, "Privacy is inherently personal. The right to privacy recognizes the sovereignty of the individual." Privacy holds a social value; it need not conflict with the interests of society as a whole.

I touched on this social value in a previous post:
Data from the World Values Survey has dispalyed a significant correlation between confidence in state institutions with effective democracy (Confidence in non-state institutions shows no correlation). If government security measures continue to intrude on privacy, the relationship between citizens and government institutions will continue to decline.
The courts risk further eroding institutional trust if they do not, at the very least, begin upholding the privacy clauses in contracts. One of the very few proper roles of government is upholding contracts, maintaining the trust necessary for the free market to work effectively.

Privacy is not all about secrecy and deception ("hiding a wrong") - although it can be used for such purposes. Privacy is, first and foremost, about trust and accountability.

Posted by Eleutherian

Submit to Reddit
Submit to Reddit
Digg This Post
This Post
Stumble This Post
Stumble This Post
Reading: 'I Have Nothing to Hide' Is a Poor Argument against PrivacyTweet This
This Post
Add To Delicious
Add to Del.icio.us
Fave on Technorati
Fave on Technorati


  1. b0ll0cks Says:
  2. nice post, more people really should be concerned about this type of thing. On top of all that, those in power have proven time and time again that they will abuse and manipulate the power and authority that they are given. Tyranny and despotism always starts small and effects few, and grows larger and larger and eventually will effect all.

  3. HMP Britain Says:
  4. Of course, 'bollocks' is right; the construction of the apparatus of surviellance is a danger to democracy as it creates an embryonic police state to be created that can be taken advantages of either now or in the future. The situation is certainly more benign in the States than Europe where we have a closer relationship with totalitarianism.

    Most significant is, as you point out above, is the effect on freedom of speech. Although an action might not be specifically outlawed, it can create a climate where citizens modify the expression of their views for fear of the surveillance they might be under.

    The apparatus--be it NSA wiretaps (or funnels) or CCTV or cellphone location data--acts as giant panopticon whereby we internalise the expectations of our masters and change our behaviours as a result.


Post a Comment