Security vs. Privacy
This article was originally spurred by the generally negative portrayal of the Electronic Frontier Foundation (EFF) in the novel Digital Fortress. As a long-standing fan and member of the EFF, I must admit that I was more than a little taken aback at some of the characterizations of the organization. The members of the NSA held a particular contempt, going so far as to impugn that the EFF was actively trying to sabotage national security. In the post-9/11 world, this debate becomes even more crucial. How do we balance the need for security with the right to privacy?
Security is essential to modern society. Without a reasonable assurance of security, members of the society will live in constant or near-constant fear, and in the extreme, society could easily devolve into a “survival of the fittest” regime, where the strong rule over the weak. Privacy is less essential to “society” in general, but perhaps even more crucial to the survival of a democratic society. Without a reasonable expectation of privacy, it would be impossible for the citizenry to plot against or overthrow a corrupt government that has lost touch with the populace.
Benjamin Franklin once wrote: “Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.” Adapting the phrase to this topic, it is clear that Franklin felt that it would be far more important to protect privacy than to ensure security. Yet the American populace is currently forsaking liberty and privacy for the sake of security, without really comprehending either what they are sacrificing or what they stand to gain.
For example, there is a new scanning technology that can perfectly display a scanned subject without their clothing, which could obviously prove useful in security checkpoints. The part I find confusing is that even though the scanning software can easily be changed to disregard the “naughty bits” on any given subject without loss of accuracy, a majority of people interviewed preferred to have the image display the fully nude image to the security team. There is also a new program that allows people to volunteer for extensive background checks in order to bypass some of the airport security. They give complete access to highly personal information in order to potentially (since they can still be subject to random searches) save a little time.
A more extreme example of sacrificing privacy for security can be found in Marshall Brain’s Manna short story. In Brain’s utopia, there is no privacy. Everyone has total access to all information: I could look up your deepest, darkest secrets in full-quality streaming-video as easily as I check my stock prices. The counterpoint is that you can just as easily find out that I’ve delved into your records, which arguably provides some deterrent. If I don’t want you to know that I know, then I’d obviously have to find some other means of finding the information. Yet if I (or anyone else) can get complete and total records of your entire life, and I don’t care if you know about it, I am capable of a potentially overwhelming invasion of your security. Can you even imagine the amount of psychological damage a stalker could inflict with this level of access? The only way to avoid this type of situation is to establish a set of rules to distinguish between “public” and “private” material, but who is to decide what is “public” and what is “private”? Presumably Brain would have his robot “refs” oversee the enforcement of these rules, but what happens when no one can agree on what the rules should be?
Another byproduct of sacrificing all this information to secure our future is that we must put a great degree of trust in a very small group of people. This brings us to the Latin proverb: Quis Custodiet Custodes Ipsos? (Who watches the watchers?) If I yield to a full background search by the government to shorten my airline security ordeal, how can I be certain that information will be handled appropriately? And who decides what “appropriate” means in this case? I might think it appropriate to eliminate the details of the background check after it is determined that I’m not a threat to national security, but I’ll almost guarantee that the Department of Homeland Security (or some sub-agency) will maintain those records, possibly until long after I have turned to dust. It’s also entirely possible that the information may be used for purposes far removed from their originally consented use.
Reduced to the basics, the privacy issue is entirely a matter of trust. I can sacrifice a little privacy by submitting to a background check so the government will trust me not to commit a terrorist act on an airplane. People prefer to sacrifice their privacy to the scanner described above because they place greater trust in the results when the “naughty bits” aren’t edited out. But what assurances of trust do we have from the government?
Rather than continue my rambling, I’d like to encourage a little user participation. How much privacy are you willing to trade for a little security or convenience? Would you make any of the trades suggested above? Would you sacrifice your privacy in order to save time in the airport? To get a job? To prevent a nuclear attack? To save a loved one?
June 5th, 2006 at 11:52 am
To a large degree, particularly in our information-centric world, privacy and security are somewhat exclusive of one another. In order to discover the identities of terrorists, for example, we must peek into the lives of a lot of people that are not. This isn’t in any way specifically to see what random folks are doing as a matter of record, but to match patterns we know with people we do not. For my part, I am perfectly content to surrender substantial parts of my privacy if I am getting security and convenience in exchange. Of course, I should note that I already work in the public sector and have had more background checks and am on more databases than the average citizen, so my one-time concession is comparatively small if, say, for quicker passage through airport security. For a person who lives in infinitely greater anonymity than I do, they may not be willing to make such a trade-off. In fact, such a person could well be engaged in regular criminal behavior, but covers it as matter of “privacyâ€, believing that such activity is beyond the ken of law.
I share a lot of the misgivings of trust, but for a wholly different reason. I am not afraid that someone will abuse the information that they have. Rather, I am afraid that the political winds will blow in such a way that “profiling†(a time-honored practice of categorizing by traits including but not limited to race and gender) will be completely disintegrated by someone’s interest in appearances. This disintegration will result in their tracking and clearances being weighted so that only a certain number of Caucasian males can be processed and cleared, meaning a certain minimum number must also be “bouncedâ€, to satisfy some “fairness quotaâ€. Security is the purest exercise in risk management, and I fear that some political motive will prevent the system from seeing Hallew Ima Hijacker because he/she is a “protected†race (and/or gender), and politics rather than managing risk factors has the system tied up with million-mile-per-year passengers under the microscope because they are not “protectedâ€.
As for Mr. Brain’s Manna, the first thing that struck me once the whole Australia thing was introduced was that such a situation would never work outside of such a self-selected group. Once a person undergoes the procedure described, there is no turning back and they no longer have any ability to assert their will on any issue, not just those exclusive to privacy. The reason is that the volunteers also give up exclusive access to their own nervous system, so the computer “refs†can simply lock-up your system or even march you right over a cliff. Oh, there are some benefits to be sure, but that is a supreme example of passing 100% of one’s privacy to some ambiguous body in trust. Of course, in Mr. Brain’s utopia, no external force could ever overcome or taint (read: hack) the omnipotent and completely benevolent (read: flawless) computer system that is the combining force of the magic continent in his story.