1. 64
  1.  

  2. 26

    That quote looks pretty much the same as this one from Edward Snowden:

    Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.

    You should attribute it to him.

    1. 8

      Good catch - I’ve updated the citation, thanks!

    2. 19

      A lack of privacy tends to lead to a lack of candidness. If there’s one person in the world I should be able to be candid with, it’s my fiancée, but I wouldn’t be able to be candid with her if I thought our conversations were not private.

      This is an argument that really struck me. I wouldn’t be surprised if just the thought of the possibility of some third-party reading conversations makes me behave differently. If we were to compare it to something in the real world, it’s like trying to have a sensitive conversation in a sparsely-populated public park.

      1. 3

        Exactly. I find it very concerning.

      2. 13

        Every time I have to explain why encryption is important for privacy and why we should care for privacy I go for “let’s say your employer monitor which websites you go to and flags you accordingly; as an example you may want information about maternity leave, workplace litigation or whatever. This could be used to flag you as fire immediately and the next day your are put on a performance improvement plan that will lead ultimately at firing you”. Works every time.

        1. 10

          Yeah, I feel like we could really use some of examples of why privacy violations like these may be undesirable, that non-tech people can easily understand and relate to. Stuff like:

          • Would you like to have a loan denied to you because your friends are poor and their existence lowers your credit rating?
          • Would you like for your flight tickets to suddenly get more expensive because some of your friends are already on that flight?
          • Would you like for your car insurance to go up because you recently started watching car racing videos?
          1. 3

            “No, that would never happen.”

            … is what I find most folks respond with when presented with similar scenarios. At this point, I think the only way to get the point across is for there to be a high-profile incident where something like this happens, and there is real, widespread loss as a result. Then, at least briefly, people might understand the point and, briefly, lobby for some action to be taken until they get distracted by <insert next trendy cause/topic here>.

          2. 5

            You should also mention more employers are looking at that stuff, too. Maybe also the possibility that Facebook and Google will sell profiles to them as a service to assess potential hires.

            1. 2

              Few years ago, Target found out this kind of information from their customers. I guess employers could do the same with browsing history…

              1. 1

                but why wouldn’t you want to improve your performance, that sounds great

              2. 10

                During discussions about privacy, if someone says that “I have nothing to hide”, I ask him/her to give me the password for their personal email. Until now, none has given me the password.

                I started asking this after I heard it from somewhere else but I don’t remember where. I will update this if I find out.

                1. 8

                  I believe it can be attributed to Glenn Greenwald:

                  Over the last 16 months, as I’ve debated this issue around the world, every single time somebody has said to me, “I don’t really worry about invasions of privacy because I don’t have anything to hide.” I always say the same thing to them. I get out a pen, I write down my email address. I say, “Here’s my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you’re doing online, read what I want to read and publish whatever I find interesting. After all, if you’re not a bad person, if you’re doing nothing wrong, you should have nothing to hide.”

                  (see 04:39).

                  1. 2

                    Every time this sort of rebuttal comes up to those with “nothing to hide” will justify their position by stating the difference between you snooping through their stuff and a data brokering company snooping through their stuff (with trust in said broker). Nothing will have changed after pulling this trick out of your sleeve and you will only look silly for even mentioning the P-word.

                  2. 7

                    Another thought experiment is asking them if they ever close their blinds/curtains at night. Even if I’m just sitting at my desk, I still like to close the curtains because I don’t like the idea of someone looking at me when I’m at home.

                    1. 6

                      Technically, this is a false dichotomy because you are asking for permission to impersonate them as well (ie, send email as them). Still a useful rhetorical device.

                      1. 5

                        It’s good you bring that up given it’s another important point. In digital world, companies that can spy on you can get secrets needed for they or their employees to impersonate you.

                        In computer security/privacy, I often give people Krebs’ value of a hacked PC so they understand all the ways attackers might wreck their lives. They start by thinking they’re unimportant to target. I tell them that’s true: most attacks are on random people to control their boxes to do stuff like commit crimes in their name. “Spam, attacks on websites, hosting child pornography… anything they don’t want FBI to trace back to them.” That quoted part gets more of a reaction out of people.

                    2. 8

                      One argument I like and want to make sharper: you might think you have nothing to hide, but you’re using your definition of “nothing”. Would you let your insurance company know how much junk food you eat?

                      1. 3

                        I’m not doing anything wrong now, but I don’t know what you’ll think is wrong next week.

                        There’s no limit on ex post facto prosecution in the real world.

                      2. 6

                        This sounds exactly like the arguments for self defense (your life and property are only yours to protect) and anything financial (I can pay for it, so I’m not against the system requiring people to pay for it).

                        It’s not just about you, but also about those less fortunate, those who might run for office in ten years, or actually about you in scenarios and places you never really imagined for yourself

                        1. 5

                          What’s the point? You can’t be truly private online!

                          This kind of argument comes from people who can only take an all or nothing approach. My opinion here is that we need to take this in a more nuanced way by being aware of what we want private and what we don’t. We get a similar discussions when tackling the world of free software and licenses, or even software methodologies.

                          My way of perceiving this is to visualize myself in the center and services all around asking for certain information which I choose to give access to or not, which is essentially what digital identity is about. This is in contrast with visualizing a platform with users swarming around it.

                          1. 3

                            “It’s not that I have something to hide. I have nothing I want you to see.” - The Girl, Anon (2018)

                            1. 3

                              I agree with this post so much. I think this will be a large difference between the millennial difference and whatever generation comes next. I predict there will be a large resistance to the default allowance of companies to vacuum all users data into their analytics. We will be asked in the future why we were so complacent with allowing this.

                              1. 4

                                I hope that’s the case. I fear the next generation will be even more reliant and compliant with big corp giants like Google, Facebook, Amazon, Microsoft, etc…

                              2. 3

                                Another great quote from Ben Franklin:

                                Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.

                                1. 2

                                  I remember in the pre social network era I run my blogs through text sentiment analysis software and the results were pretty accurate.

                                  They say from a couple of blog posts and some photos posted your full profile can be drawn.

                                  After 10 years, after the social networks era, today we no longer have to be worry about privacy issues. We’ve all lost this game. Big companies have your full profile and in the next 10 years even your neighbor will be able to buy it for a few bucks.

                                  Yes, we are done.

                                  1. 1

                                    Anyone tried /e/ OS?