Nothing to Hide, Everything to Lose.
Thoughts on the surveillance state.
One of the most common arguments I hear in the post-Snowden privacy debates is that we need not worry about a pervasive surveillance state if we’re not doing anything wrong.
The argument assumes that if you’re not doing anything illegal, you have no need for (or right to?) privacy. That’s simply not true — there are dozens of everyday examples where we desire privacy for the most mundane topics. Why do bathroom doors have locks? What we do in there isn’t a secret, but we give ourselves privacy with a visual barrier and a lock. Think about the reasons for everyday choices like having curtains on windows and you’ll realize that the majority of our desires for privacy have nothing to do with legality.
So even if you think anti-mass surveillance advocates are a bunch of paranoid hysterics, mindlessly repeating “you’ve nothing to fear if you’ve nothing to hide” reduces a nuanced discussion to an oversimplified soundbite, and you lower the standard of debate. It’s particularly galling and egregious if governments trot out the line.
The cornerstone of the nothing-to-hide argument is that criminals are the only people who stand to lose from mass surveillance. This isn’t true either. Companies have always been able to approximate your location and offer different prices based on that data, but they’re also developing algorithms to guess at your level of education or your income bracket. While researching for “Dragnet Surveillance: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance”, Julia Angwin conducted tests which found that Staples.com offered different prices based on how close they believed you were to a competitor’s store, or whether you lived in an area with a higher average income. It’s a real example of how information about you can translate into financial gain for savvy marketers and retailers. They benefit while you invariably lose. Such economic manipulation is also a reason perfectly law-abiding citizens might elect to install and use the TOR browser, contrary to the popular belief that the anonymizing browser bundle is used to commit crimes.
As technology improves and e-commerce grows, information becomes power in a way none of us could ever have imagined. As Hal Abelson notes in “Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion”, choosing not to participate in a grocery store loyalty program is really like paying a “privacy tax” — you give some of your personal information, and the store offers you discounts. In essence, you’re selling your personal data. What do they do with that data? Well, here’s what they could do:
“Sears Holding Corporation (SHC), the parent of Sears, Roebuck and Kmart, gave consumers an opportunity to join “My Sears Holding Community,” […] Deep in the terms was a detail: You were allowing Sears to install software on your PC that “monitors all of the Internet behavior that occurs on the computer … including … filling a shopping basket, completing an application form, or checking your … personal financial or health information.” So your computer might send your credit history and AIDS test results to SHC, and you said it was fine!” [2]
People who want to obfuscate their location while shopping online to avoid price discrimination or blatant privacy violation are hardly paranoid: they just want to get the best price possible. The argument is one of convenience versus privacy, and to what extent we’re willing to be screwed over because it’s useful that the online store remembers our password. Let’s not forget that you have to agree to the terms before Sears can access the “Internet behavior that occurs on the computer”, so it’s arguably legal. It’s just another example of how technology allows people and corporations unprecedented access to your personal information.
Part of the problem with the surveillance debate is the fact that we’re leaning on dead horses that have been beaten so much they’re not recognizable as arguments or animals. Calling every new encroachment “Orwellian” devalues the term, so much so that it has become a cliché. Thankfully, some writers have started bringing a new angle to the debate by comparing an Orwellian totalitarian future with the future posited by Aldous Huxley in Brave New World. Orwell’s view of the future is well-known: individualism is prosecuted, there is omnipresent government surveillance, and thinking socially unacceptable thoughts is tantamount to treason. Huxley approaches the same view of an oppressive future regime from the opposite angle. Where 1984 posits that the government would keep information from us, Brave New World’s world is one where we choose to distance ourselves from uncomfortable thoughts and experiences with mind-altering drugs. In short, people choose happiness over truth.
But truth is stranger than fiction, and the real future (or the present day, as the case may be) is too nuanced to be boiled down to adjectives like “Orwellian” or “Huxleyian”. Both authors were right to an extent — it’s a question of degrees.
One of the most insidious parts of Orwell’s prediction is that our technological devices would become information panopticons. Originally, a panopticon was a type of prison where guards could observe all inmates and the prisoners had to act as if they were always under constant surveillance because they were never sure whether or not they were. Nowadays, the term “information panopticon” refers to the idea of ubiquitous monitoring. As Orwell noted in Nineteen Eighty-Four, this constant surveillance leads to self-censorship:
“There was of course no way of knowing whether you were being watched at any given moment . . .You had to live —did live, from habit that became instinct— in the assumption that every sound you made was overheard, and except in darkness, every movement scrutinized.” [2]
Our cellphones act in very similar ways to panopticons. Whether it’s the news that Verizon is collaborating with the NSA to collect the location, duration, and length of all calls made on their network or AT&T giving the NSA a complete copy of the internet traffic it receives, our cellphones know where we are, what we’re searching, and who we’re talking to.
To me, the dragnet surveillance tactics the NSA uses represent info-gathering to create a context with which they can discredit or even prosecute you. We’ve already seen that the NSA are tracking the porn-viewing habits of Muslim clerics to uncover information that could be used to blacken their reputation, [3] The GCHQ is also exploring ways to manipulate individuals and companies:
“Among the core self-identified purposes of JTRIG [The GCHQ’s Joint Threat Research Intelligence Group] are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: “false flag operations” (posting material to the internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting “negative information” on various forums.” [4]
The government is overreaching because they can. We use the information on blogs and websites to make decisions about people and products, so the government is trying to take advantage of that. To an extent, a mass surveillance state was inevitable given the technological improvements of the last decades.
But such technological advances benefit both sides of the surveillance debate. The Afghan war logs, which consisted of 91,000 documents, were leaked by Chelsea Manning on one CD. It was unconscionable for one person to secretly transport 91,000 documents across the world 20 years ago. Also, since the information was leaked, it’s been copied so many times that the information will never be secret again. In decades past, it was (in theory at least) possible to track down each copy of a stolen document and destroy it. Now, there are innumerable perfect copies. Pandora’s Box has been opened, so we now have to frame the debate around the question of how we’re going to use the technology we now have. It’s no longer logistically prohibitive for governments today to create these huge invasive databases, and so they do.
We also have to be aware of the fact that digital versions of analog things aren’t always perfect copies. In “Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion”, Hal Abelson warns that just because your Microsoft Word document looks like a miniaturized piece of paper, the similarities end there. The US government found this out to their detriment when they found out that their digital version of redacting a document wasn’t permanent and other people were able to un-redact the digital document and read the sensitive material.
Similarly, you might be forgiven in thinking that the only difference between buying a physical book [5] and a Kindle version of the book from Amazon is that you don’t own a copy you can hold in your hand. That’s not true, as several Kindle owners discovered in 2009 when Amazon reached a digital hand into the hundreds of Kindles and deleted copies of (oh, the irony) Orwell’s Nineteen Eighty-Four and Animal Farm. According to Amazon, who credited the affected users for the price, there was some mistake with the licensing. The point is that they could only do this because of the eBook explosion — as a reader of David Pogue said, “it’s like Barnes & Noble sneaking into our homes in the middle of the night, taking some books that we’ve been reading off our nightstands, and leaving us a check on the coffee table”. [6]
(Also worth noting — you have to have an account with Amazon to buy books, so they know [at least] your name, e-mail address, and credit card number. With a physical bookseller, I can anonymously pay cash for a book and not part with any of this info.)
The Afghan war logs, redaction screw-up, and digital booksellers show us that digital objects are in no way mirrors of their analog counterparts, only on computer screens. The truth is that each digital jump comes with unintended consequences and side-effects that we couldn’t predict. I believe that the NSA has overstepped its brief and isn’t collecting data responsibility. This is the reason two friends and I launched studentsagainstsurveillance.com, an open letter protesting mass surveillance. The hope is that students from other universities will write similar letters and get the conversation going on their campus. This is, I believe, a debate that will be over one way or another in the next few years. Working with organizations like EFF.org and the Student Net Alliance allows me to be part of the conversation.
Tommy Collison writes tommycollison.com and studies at New York University. He’s @tommycollison on Twitter.
[1] Abelson, Hal; Ledeen, Ken; Lewis, Harry. Blown to Bits: Your Life, Liberty, and Happiness After the Digital Explosion. Pearson Education, 2008.
[2] Orwell, George. Nineteen Eighty-Four. New York: Harcourt, Brace, 1949. Print.
[3] “Radicalizers appear to be particularly vulnerable in the area of authority when their private and public behaviors are not consistent. Some of the vulnerabilities, if exposed, would likely call into question a radicalizer’s devotion to the jihadist cause, leading to the degradation or loss of his authority. Examples of some of these vulnerabilities include: Viewing sexually explicit material online or using sexually explicit persuasive language when communicating with inexperienced young girls.” https://www.eff.org/files/2013/11/27/20131126-huffpo-radicalizers_pornography.pdf.
[5] “Dead tree” is my adjective of choice.
