“I’ve Got Nothing to Hide” and Other Misunderstandings of Privacy
Daniel J. Solove 2007.
Associate Professor, George Washington University Law School; J.D., Yale Law School.
“If you have nothing to hide, you have nothing to fear.”
Solove’s paper makes a wonderful summary of all arguments that are based upon the fallacious proposition that, in the event of the Government / some entity wanting it, information about you is either embarrassing (in which case it should remain hidden) or it is neutral (in which case it may be shared without restriction) – and the fallacious argument that has sprung up from these premises to coerce the fearful into surrendering data.
But it’s curious that much of the discourse contrasts the “value of privacy” with the “value of security”, yet misses a critical point. As I have discussed elsewhere, privacy and security are abstract qualities rather than substances, and as such they are concepts which are truly hard to price — but if value (and thus price) is under such broad discussion in the paper, then why has no-one hit upon considering the positive value of personal information?
For me the exchange should go thusly:
QUESTION: If you have nothing to hide, what have you got to fear? (in losing your privacy)
ANSWER: Fear is bunk. Information about me is valuable. I shaln’t share it to third parties without payment; moreover I wouldn’t trust you to keep it safe, nor do I trust you to infer from it wisely. However: gimme $1000 and I’ll license a feed to you, with updates, for specific purposes, for up to a year.
Any attempt to get data without payment is thusly extortion or theft. More cynical readers are invited to flail their hands around and say “but it doesn’t work like that!” – to which my answer is: “why not, at least some of the time?” Check some of the examples in the latter section of Solove’s paper – if the personal information were considered an asset which was diluted by being shared, rather than in terms of “loss leading to minimal harm to the individual”, I believe it would improve the positions of the plaintiffs considerably.
Solove is halfway there when he writes:
The deeper problem with the nothing to hide argument is that it myopically views privacy as a form of concealment or secrecy. But understanding privacy as a plurality of related problems demonstrates that concealment of bad things is just one among many problems caused by government programs such as the NSA surveillance and data mining.
…which is cool in that it attacks the eavesdropper; but it still fails to recognise personal value in information.
If there is one thing #TheMineProject has taught me it is that the information I have about me has real, fiscal value; what we lack to date are both individual awareness and tools to keep and broker both data and the value inherent in it.
Our laws (and expectation) aren’t based on the notion that the individual can broker information about themselves; but then we and our laws are only now getting to grips with the concept of any individual having the ability to publish to a global audience without censorship – so change only takes a decade or so.
In the above I am channeling Adriana Lukas‘ theory of identity [UPDATE: LINK ADDED] quite considerably, but that’s not surprising given whom it was that started TheMineProject; I suspect some enterprising individuals in the VRM and Identity communities will leap onto my above observation and try to claim it as their own or leverage it to support their projects; but since so many of them are involved in projects to create services to re-intermediate users – ie: that will aggregate information on the user’s behalf, in one or more silos away from the user’s control – then I see them being in no way preferable to Google, ChoicePoint, Experian or the Government in this matter.
The point – and the benefit – is to do it yourself, as much as you can.
To make a side observation: when physical money is stolen you lose it doubly – you lose the opportunity to exercise it, plus you lose the money itself, because in the physical world both are as one; but in contrast if someone “steals” information then you still have the original copy left behind; you still have the use of it whilst you can equally attempt redress against the person who copied it.
Because of this difference a “money” bank generally has to be an imposing building with a big safe and a big door with a big lock; they are expensive to build, easy to (attempt to) rob, and uneconomic to replicate to an adequate standard in every household. In contrast, a “data” bank can look like an SD-card, fit in your phone, and can have stronger crypto-locks on it than any bank door would provide you.
So – cutting a long story short: if you could broker your information your self – as easily as you can blog – and if you could keep it safe enough, and if you could receive some kind of value or benefit when you do choose to share it … then why would you require an intermediary to do it for you?
TheMineProject is a first step towards that goal.
Hat Tip: Glyn Moody, What “Nothing to Hide” is Hiding