30 March 2017 0:11 AM (society)
Come muse, let us sing silently of secrets. I am not particularly devoted to privacy, digital or otherwise. This comes as a surprise to people because many of my actions and stances are those that privacy activists would take.
It is true, I do not care for centralized services. I like to disentangle myself from 10¹⁰⁰ whenever possible. I refuse to use Countenance nor do I ask the Summingbird's dam to carry messages to my friends.
The privacy advocate does these things because they do not want to be tracked and they do not want want people to see their communications. I do them because I have an extreme dislike for centralized architectures. If a system cannot be decentralized and either run complete peer-to-peer or federated I (unlike a certain Mr. Marlinspike, may all traffic to or from him be dropped) am not interested. Decentralized systems with multiple poles are more resiliant and they provide more variation. A decentralized system also insists on a certain level of transparency and openness of the protocol so that there will be more clients and more ways of presenting it. It also provides a barrier against one actor deciding to migrate a service or protocol in ways that incorporate customer control or illegitimate restrictions.
You might wonder then why I have set up HTTPS, why I am interested in cryptography, why I use OTR, and why I use GnuPG? While I may or may not have anything to hide, I know other people do. I view that and running a Tor node and other activities as a public service. The more encrypted traffic there is the less legitimate reason there is to zero in on any individual who encrypts something.
Also cryptography and the software associated with it is just plain fun and interesting to work on. I don't have any need for Darkgit (and seeing the SecuShare people make their project difficult to contribute to by trying to move development discussions out of the open has convinced me it's pretty bad idea), it's still entertaining to try and figure out how to do it and work out the details.
I am fairly lucky in that I don't have many secrets and the ones I have aren't particularly important. If they were all revealed it would cause me some awkwardness and a bit of embarrassment, but nothing that would last for very long. The only secrets that I must keep are the ‘trivial’ secrets of passwords, credit card numbers, private keys. They don't serve to give someone information about me, they just allow someone to impersonate me.
Now, I don't advocate any sort of encryption ban because that would be stupid and unenforcible. Nor do I advocate people giving up on encryption or anything like that, but I do have a very strong bias toward the idea of a world with no secrets at all. Jeremy Bentham (the founder of utilitarianism!) thought privacy was in fact a social ill. I don't necessarily agree with him, but I don't necessarily agree that privacy is a definite social good either.
So, the first obvious argument in favor of privacy is the research that people who know they are being surveilled behave differently. They become more risk averse and stressed. They become less creative, productive, and helpful. One might ask whether these effects are caused by the surveillance itself or the asymmetry. It's not beyond possibility that being watched by a black box that gives you no idea what it's doing with the information and over which you have no say is different from being watched by a transparent box that has to account to you for everything it looks at and what it does with the information. There has been, to my knowledge, no research done to decide which of these two is the case. David Brin's “The Transparent Society” comes down clearly on the second term of the disjunction and argues for sousveillance as the appropriate counterpart to surveillance in a democratic society.
There are of course people who have secrets whose revelation would cause much worse than awkwardness and embarrassment. The classic example is someone in a sexual minority whose regional or social group is religiously conservative. Their ‘outing’ could result in anything from their family disowning them to someone trying to kill them. There are also people like >this gentleman who was subjected to a campaign of harassment, discrimination, and finally expelled from a development community in which he made his livelihood over his participation in a Fantasy-inflected BDSM subculture. (This is an example of why I am so utterly contemptuous of ‘We must not tolerate intolerance!’ The people who ran the campaign of harassment doubtless did think he was misogynistic and intolerant and that they were protecting the vulnerable members of their community.)
There is a counterargument that is somewhat compelling in principle. We know from recent history that the wide acceptance and ongoing civil rights of gay and transgender people were the product of wide visibility and normalization. Of course having everyone of a minority coordinate to be ‘out’ at the same time is infeasible and some minorities may be too small to get the kind of wide-spread visibility required. At the start of any attempt at widespread normalization, consequences for those participating could be quite dire, even more so if there is a strong church in the area or government institutions of violent repression. One certainly cannot blame people for wanting to stay hidden. On the other hand, if everyone in a group hides, then things are especially bad for any who are revealed.
Some people may, also, be targets of harassment. They could, quite legitimately want to keep their personal contact information private. This seems to be a thing that happens to an unfortunate number of women online. A more trivial example might just be wanting to keep one's email address from getting out too broadly to avoid spam. I could imagine a world with no secrets where mapping software and online calendars makes it easy for people to waylay one on the street. This is not desirable.
I would also worry about the ability of children to keep non-trivial (and trivial) secrets from their parents. I think it's very important for children to be able to access material that their parents do not want them to have (to the point where I think any well-functioning state must provide a means for children to circumvent parental censorship). If the parents can just find out and punish them for it the whole point is rather lost. There might be similar arguments made for children being able to communicate with people without their parents' knowledge. I don't know if children generally have a legitimate need to go to physical places without their parents' knowledge, but I wouldn't rule it out without some thought. All of these examples are only necessary in the case of defective parents, however. There's no legitimate need for a parent to censor their child's access to information, for example.
Access to medical records or personal history could lead to employment or other forms of discrimination or differential pricing, though the Affordable Care Act already disallows some of that for institutions that have all medical information, so secrecy may not be necessary. Similarly, I would like to see criminal convictions removed from the record after a sentence is served with a prosecutor required to prove a strong need to retain them for them to remain. Sealing or removing records rather goes against the whole idea of removing secrecy. This removal may not be useful. Ban the Box (the campaign to remove the checkbox on the front page of employment applications asking about past convictions) resulted in more black applicants simply not being called back. Similarly, a law in Washington banning employers from making credit checks penalized black and young applicants. Sealing records of convictions may have the effect of simply penalizing demographic groups that have higher rates of criminal conviction.
There is also, of course, the secret ballot. Someone who is a political minority in their community might not vote their conscience if they feared reprisal.
I don't consider financial secrecy to be of any social utility. Being unable to trace ownership of resources is starting to cause serious political and financial problems. Trade secrets serve no legitimate purpose and legal protection for them should be scrapped.
Now, as I said, I don't propose that we go out and end secrecy for everyone forever right now. However, all of these examples of legitimate, non-trivial secrets are legitimized only by serious problems in society, mostly discrimination. Obviously we should fight against that, try to find ways to combat and lessen the impact of harassment. On a personal level, any time we find ourselves thinking of some trait that, if we were to find someone possessed it, we would be tempted to try to push them out of a community or keep them from some position, we really ought to fix that. Even if we still keep secrets, a world where we don't have to cannot help but be better than one where we do.