What are you hiding? Insider trading? Top secret evidence of alien life? Your secret identity as an anarchist hacker bent on throwing the world into chaos? No? Well, okay then — why worry about online surveillance if you’re not a criminal. “If you have nothing to hide, you have nothing to fear,” right?
Well, given that most Americans unwittingly commit potential felonies on the regular, you probably are a criminal. Even if you weren’t, though, you’d still have something to hide — and you should have the right to do that if you want to. How would you feel about having security cameras in a store’s changing room? What if someone posted all your financial information on Facebook? What if someone released a list of every single online account you’ve ever had?
Odds are you wouldn’t be thrilled about those things. but even if you’re not particularly bothered about your own privacy, consider how governments and corporations can use data against individuals and groups they don’t like. The more you know about someone, the better you can manipulate and control them, and that generally doesn’t tend to be in the best interests of the target.
The “If you have nothing to fear, you have nothing to hide” argument falls apart under examination, mostly because “Yes, you do.” Being able to hide stuff is important for a lot of basic social and technical functions, regardless of how much it matters to individuals.
Edward Snowden summed up the basic need for privacy quite well in a post on Reddit: “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.”
Point 1: Everyone has things to hide, and that’s okay
Criminals aren’t the only people looking to keep certain pieces of information out of the public eye. Most people, for example, probably wouldn’t be okay with unlocking their phone and letting government or corporate agents poke around for a while, just like you’d be a bit creeped out if they showed up at your house and started digging through your stuff. They can’t arrest you for your angsty teen poetry, true, but are you okay with it ending up in a database somewhere or being used to augment your advertising profile?
Your personal data doesn’t have to be incriminating to be damaging. Depending on who gets their hands on your messages, photos, or analytics data, you could suffer everything from embarrassment to dramatic social consequences. You might have some perfectly ethical habits that, if revealed, could damage some of your relationships or even lead to legal consequences depending on your situation. Given that your identity, gender, political views, sexual orientation, health, spending habits, and dozens of other features of your life can be and are reliably predicted with sufficient data, having massive files on people seems a bit invasive at best and risky at worst.
Everyone is hiding a few minor things at any given time, but we’ve collectively decided that concealing that stuff is normal. Some people have more to hide than others, though, and the only way to guarantee their privacy, and possibly safety, is to ensure that everyone has the same level of protection by default.
Point 2: Lack of privacy causes real problems
Information is power. After all, it’s what James Bond is supposed to be getting most of the time, when he’s not up to more filmable things. On the individual level, someone with information about you can construct phishing attacks, steal your identity, leak damaging information, discriminate against you, or otherwise mess with your life.
You want your credit card information and Social Security number encrypted whenever you enter them on a site because those things can help someone take advantage of you. Your other personal information, from your birthday to your browsing history, though, can also be used against you — so maybe we should have a slightly privacy bar for what we allow to be collected and stored.
On a broader social level, institutions that amass huge amounts of data can do real damage. Scandals like Cambridge Analytica show how misappropriated personal information can be used to alter political outcomes, and the cascade of data breaches occurring in the corporate world is a privacy/security issue that could end up having a very real impact on your finances and future.
Ad targeting may actually be one of the more benign uses of all this data. Seeing relevant ads, even if they’re a bit manipulative, isn’t the problem—it’s the troves of information used to generate them and the potential for all that tracking data to be used in potentially damaging ways.
Point 3: It’s a basic right; societies need privacy to function
In general, humans should be allowed to choose what they reveal about themselves and their lives. That’s something that most democracy-leaning people and nations tend to agree on, much like the right to free speech and the right to assembly. You don’t need to accept any sort of moral or philosophical argument to see how closely connected privacy and freedom are, though.
Imagine a society where everything you do is monitored by some central entity. Now, which piece of dystopian literature popped into your head? Or was it a mish-mash of a few different universes? There’s a reason the lack of privacy is a core element in the darker visions of humanity’s future: intrusive surveillance is both a symptom and a cause of an unfree society. Given the opportunity, most governments, law enforcement agencies, and corporations will opt to watch what people are doing, and that’s proven true everywhere from totalitarian regimes to fairly functional democracies.
The obvious threat to freedom here is the active use of data to suppress dissent by tracking and impeding activists, journalists, political opposition groups, and other problematic categories of people. The less obvious one is self-censorship, which security expert Bruce Schneier sees as the real threat. “The idea is that if you don’t know where the line is, and the penalty for crossing it is severe, you will stay far away from it,” he says.
This is a real phenomenon, and it’s not just happening in places like North Korea and China. Jon Penney of Harvard Law School, for example, discovered a marked decline in U.S Wikipedia searches for terms that might be flagged as “terrorist-related” after the Snowden revelations. If you’ve ever thought twice before you googled something, your expectation of privacy was low enough that you automatically self-censored — at least until you turned on a VPN and went to DuckDuckGo. Humans change our behavior when we’re being observed, and it’s hard to imagine controversial social and political movements getting very far without at least some expectation that they could remain private until they were ready.
If you have nothing to hide, yes you do
The big takeaway here is this: everyone has something to hide and depriving them of their ability to do that has a lot of negative effects. Privacy is an abstract good, though, which means we’re probably undervaluing it. Much like climate change, it’s something we’re vaguely worried about, but not something that kicks our fight-or-flight reflex into immediate gear.
Getting paranoid about it is a reasonable reaction, but it’ll probably make your life measurably less convenient and might not actually preserve your privacy as much as you hope. Short of taking some pretty drastic measures, it’s hard to be truly private. Being aware and vocal is the best way to promote the systemic changes we need to solve the problem.
Use and support privacy-based software (PrivacyTools.io maintains a good list), keep a VPN running if it doesn’t slow you down too much, and if you hear someone say they’re not worried because they have nothing to hide, just ask them to hand you their unlocked phone and write down their account logins for you while you peruse their photos and browser history.