Header_Ad

Monday, March 14, 2022

You absolutely need privacy even if you are absolutely “clean”

Ever since Edward Snowden blew the whistle on how much our government and corporations spied on us, and just how much data they have on each person, privacy has become a critically important topic. Yet, surveys show that average Americans are concerned, but not enough to take action. In other words, a lack of privacy worries them, but it depends on the situation.

Unfortunately, the surveys show that a lot of people don’t understand why privacy is important. Some don’t even care about their own privacy. Even former Google CEO Eric Schmidt showed his lack of understanding when he made this surprisingly tone-deaf comment, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place.”

This is popular thinking that, in my opinion, is dangerous and wrong. For someone of his stature to make such a careless comment is bewildering. It shows even someone like him didn’t think through the critical importance of privacy.

Privacy is not just about whether your activities are problematic morally or legally. If Mr. Schmidt really has nothing to hide, how about telling me his e-mail password? This question is a very good test for those who think that privacy is not important. Almost everyone will balk at such a request.

It is my hope that this article helps people understand the importance of privacy and not be so complacent at what governments, corporations and other entities hold over us. Here are the reasons why you still need privacy even though you believe  you are absolutely “clean” with nothing to hide.

Privacy protects you from malice and malevolence

Many people believe that if you have done nothing wrong, then you don’t need to worry about privacy. This thinking assumes there are no malicious and evil people in the world (a very naive assumption, obviously). It also trusts that present and future institutions, corporations, businesses, governments and the people within will always be benevolent and incorruptible. Privacy is important because it protects you from people, institutions, businesses and governments who have less than honorable intentions.

Some may argue they trust the institutions, corporations and governments, but they should not. I have three counter-arguments against that.

Can entities can be trusted in the future, for example, when the current cohort of people running them is long gone (e.g. retired, replaced or supplanted)? Remember, electronic information lingers indefinitely in cyberspace and on servers. The bits and pieces of information that we regularly hemorrhage is for all intents and purposes, indelible. Obviously, that means entities will have access to the information in the future. Even if your current institutions are well-intentioned, they will always control your information. To illustrate this point further, consider this (hopefully) extreme case in the Netherlands, during World War II:

Because the Dutch civil records were so complete and full of data on its citizens, the Nazi’s had an easy time finding Jews (and other “undesirables”). There was no easy way to hide. The data on every Dutch national was collected with good intentions but didn’t stay that way. Of the 140,000 Jews that lived in the Netherlands prior to 1940, only 30,000 survived the war. The Nazi regime could easily determine who was Jewish (whether fully or partly of Jewish ancestry) simply by accessing the data.

Can they guarantee that no rogue elements will ever exist within these entities? For example, organized crime has already infiltrated parts of the Mexican government. Or in China, corrupt officials are reported to have worked in cahoots with untrustworthy elements of society. Recently, Google had to fire an employee for breaching the privacy of a teenager. The NSA has even fired employees for spying on citizens outside their legal purview. The civil servants spied on spouses, ex-lovers and journalists, among others.

These days, companies outsource their call-center operations to countries where wages are relatively much lower. Many of these call-center operators have access to personal (and even private) customer information. Who can guarantee that criminals will not eventually target these operators?

Even if you can trust that these entities will always behave ethically, can you trust them not to be careless with your personal and private information? Consider the ubiquitous (almost daily) stories of data breaches. In fact, 2021 was a record year for data breaches.

According to the Identity Theft Resource Center’s 2021 Data Breach Report, there were 1,862 data breaches last year, surpassing both 2020’s total of 1,108 and the previous record of 1,506 set in 2017. The numbers reflect a year of high-profile cyberattacks that targeted everything from the country’s largest oil pipelines to companies entrusted with the personal information of millions of American consumers.

By now, we all know criminals and perhaps foreign governments are constantly on the lookout for ways to steal information from corporations and institutions. Therefore, the more personal and private information you deposit into the hands of third-party entities, the greater your risk.

You may have nothing to hide from good and honorable people and entities, but you certainly have much to hide from those who are evil, malicious and dishonorable.

Privacy protects you from suspicion and wrongful accusations

Without the protection of privacy, your chances of being suspected, misunderstood, judged incorrectly, taken out of context and treated unfairly increases substantially.

A person is far more complex than the bits and pieces of information that describes him/her. Even if the government has information about you, it can never really know you (like friends, family or spouses). The reason is that bits and pieces of information about you often lack context. Without privacy, at some point you will almost certainly be pigeon-holed, put in a box, misunderstood or misrepresented. To help you understand this, let’s consider some overly-simplified examples that, with a little imagination, can easily be taken out of context and used against you:

  • Imagine that you have the web surfing data of Tom. In this data, you notice that he has been frequenting the underground membership web site of a child-pornography ring. Is Tom a pedophile? Well, the answer is no! He is actually an undercover cop trying to infiltrate the child-pornography ring.
  • Dick’s library records indicate that he has been reading a lot of books about communism lately. Is he turning communist? No! He is reading them because he is researching communism for his school term paper.
  • In 2020, Jenny replied with the words “all lives matter” in a response to a friend in a conversation on Facebook about the many aspects, opposing sides and rallying cries on each side of the George Floyd riots. Someone unknown to Jenny, but connected to her friend on social media, took that one piece of the discussion and forwarded it to Jenny’s employer (listed on her LinkedIn page) accusing her of White Supremacy. Jenny was fired.

In the hands of a very clever schemer, your private information can be easily misconstrued and twisted out of a context to spin you into whatever he wants you to be.

We are living in an era where lots information about you are turned into detailed sets of searchable electronic data. This mass data, no matter how detailed it is, promotes a false belief it illustrates you accurately. This is not true and, unfortunately, many of those in authority believe otherwise.

You can never be absolutely “clean” legally

Let’s say that you are absolutely upright morally and your conscience is crystal clear. Does that also mean that you are also absolutely clean legally?

Nowadays, laws and regulations are insanely complex. Legislation often runs thousands of pages. Some laws antiquated and may even contradict each other. On top of that, for each piece of legislation, there can be many ways for an average individual to interpret it.

Also, there is no way anybody can be absolutely faultless legally. In other words, while you are trying to live the most perfect, law-abiding life, someone somewhere can accurately accuse you of breaking a law at any given time.

For example, do you know that in the United States, at least, it is a felony to violate a website’s terms of service? How many of us have read all the terms of service of every website we use? Can you be absolutely sure that you have not violated any of them?

So, what keeps us from going to jail? Common sense, goodwill and most importantly, privacy.

Privacy is our last line of defense against getting wrongfully convicted. As Leo Laporte said in a Security Now! podcast (emphasis mine),

So, the point being that I think, if [the government] have enough data about what you do, they can find stuff. They could build – they could build a case against you. So, it’s really a question of do they want to build a case against you or not. And one of the reasons they say, they explicitly say, the reason we save this data is so we could build a case against you should we want to go get you someday. So, you just really have to trust them.

Maybe we each should strongly consider what we put online about ourselves.

– Peak Prosperity –

 

About the Author: This article was written by Terence Kam, founder and cybersecurity consultant at iSecurityGuru.com. You can follow his company on LinkedIn. Or subscribe to his writings on Medium, where he writes on a wider variety of topics.



from Peak Prosperity https://ift.tt/w3A5ov4