Tag Archives: Security

Thoughts on Privacy

Posted on by

Privacy has always been an important topic but has taken on increased attention in the last year. But first – what do we mean by privacy?  I think a good definition is that privacy is the ability to be free from being observed or bothered and to determine whether, if, and how information isto be revealed.  Privacy is a broad concept and ranges from the physical to information about us to our thoughts and ideas and can be related to both individuals and groups or organizations.

Our society sees privacy not just as a desirable state but as a basic human right.  The right to privacy, while actually not explicitly stated, is thought to be clearly implied in the Bill of Rights and later constitutional amendments via their protection of beliefs (1st), home (3rd), person (4th), information (5th) and basic liberties (14th).  Similar protections exist in other free countries.

Psychological research has shown what is intuitively obvious – privacy is a basic human need, perhaps not at the level of our physical or security needs but a strong need nonetheless. It is natural to want and to protect a private space.  We lower the blinds on our windows and seek out places in nature to be alone.  Young children have very little privacy, they gain more as they mature.  Privacy affirms our dignity and makes us feel respected.  The founders of our nation recognized this need and protected it. They also recognized the risk and tendency of government to overreach and drew a protective line.

The importance of this need and subsequent right to privacy leads to the tremendous anxiety we feel when this right is violated.  Learning that our online account is hacked is the modern day equivalent of the enemy tribe invading our territory or a robber entering our home.  It is not surprising that emotions run high when this happens as many women shared in this SheByShe survey.

Despite its importance, we willingly and frequently make compromises around privacy.  At a personal level, sharing private thoughts and feelings leads to intimacy – intimacy cannot be achieved without relinquishing some privacy – and our intimate relationships are precious.  We compromise privacy to enable others such as doctors to help us.  More commonly, we compromise privacy for convenience.  There are innumerable benefits we reap when we use modern technologies to manage our lives.  But we make those compromises based on the promises of the companies whose products we are using. And they are our compromises to specifically make.

When we give up some of our privacy to loved ones, professionals or organizations we are trusting them with something precious. When our government crosses the privacy line or the promises of a company we relied on were not kept, it is our human nature to react viscerally. We go beyond the intellectual and feel it in our gut.  It is a violation.  There is even more sensitivity to this topic in places where those violations were systematic in the past.  The Orwellian state so well depicted in “The Life of Others” actually happened.  It is no wonder that Europe has led the US in advocating for privacy protections.

Modern internet businesses have tremendous responsibility.  The most sensitive of information can be in our online accounts and too often those responsibilities have been breached.  To make matters worse, those breaches have often not been accompanied by adequate acknowledgement of or remorse for the breach. I am amazed by the lackadaisical and casual attitude from Facebook on their most recent “research” project.

Not surprisingly, I am in favor of stronger privacy protections from our government.  At the moment it seems as if we have the “fox watching the chicken coop” and both political parties are guilty (something about absolute power corrupting absolutely).  Stronger oversight and privacy advocacy is needed.  Stricter rules for company privacy and consequences for violations are important as well. If they care about this topic, consumers need to vote with their feet and patronize companies that better respect and value privacy.

In the case of services dominated by large near-monopolies such as Google and Facebook, however, that vote becomes impractical. The tremendous economies of scale in search have meant that solutions offering enhanced privacy such as DuckDuckGo are less robust and the tremendous network effects in social networking have made it incredibly difficult to create a real alternative to Facebook.

When facing difficult problems I often think of this phrase by John Sloan Dickey, which I first heard at Dartmouth.   “The world’s troubles are your troubles … and there is nothing wrong with the world that better human beings cannot fix.”  Humans created this problem so I’m optimistic that “better humans” can solve it. Technology is part of the problem but can also be the solution.

Brilliant humans have invented the many forms of modern cryptography and encryption and the public key architecture that makes it usable at scale.  There is still a tremendous gap, however. These secure encryption solution are not easy enough to use – there are simply too many usability hurdles.  For instance, TrueCrypt and its alternatives can be used in combination with public cloud solutions such as SugarSync and DropBox to ensure data privacy but this is not usable or practical for most people. Secure email solutions and private browsing options such as Tor also lack ease of use.

I’ve written previously to Beware of False Dichotomies.  I’m convinced that security v. usability is ultimately a false dichotomy and the person or company who proves this will enjoy tremendous business opportunity.  You should not need to be a hacker to be able to have confidence that your browsing or communication will remain private.  We can fix the privacy problems we face.