Be warned, this post might as well offend you — it’s actually the same topic, and mostly the same post, as I was trying to write months ago and the last of a series of drafts that Typo made me lose and for which I was actually quite pissed off at it.
A premise, considering my current employer, you could expect that I’m biased. People who have known me for a while should know that this has always been my point of view and a payslip is not enough for buying my ideals. A second premise is that what I’m writing here is my personal opinion and has nothing to do with my employer.
Before getting into the details of my personal view on privacy, I’ll have to at least categorize who I am. I’m most definitely not a public figure, but I’m also not a complete nobody. I’m not sure if I’m notable, I’m not an activist as Jürgen is, but with being a Gentoo developer, I end up in a more visible spot than your average person. Even so, I’m not an A-list or even a B-list blogger.. maybe a D-list, for Diego, would be okay. It is obvious too when you consider that my blog has unmoderated, unlimited, non-captcha comments and yet I receive only a handful of them per post.
It is not something I care to think about too much, but I have noticed when I started working here in Dublin, that there were people that already knew me, even when I did not know them before, if not by a name passing on my blog’s comments. It does not mean much, of course, as my contribution to the world is still negligible. But it does mean that what I write on my blog, on my (public) Twitter, Facebook, Google+ profiles, is seriously public. My blog, my mailing list posts, even my IRC history is something that not only employers can look into, but also something that an enemy, if there are still some out there that didn’t grow bored of making my life miserable, would be able to leverage.
So with this premise, what is my idea of privacy? Well, as you probably remember, I have no problem with relatively-big corporation knowing what I buy and given how I use both FourSquare and Ingress, I have no problem with them knowing where I am in most cases. I also have no problem with most of my friends to know where I am, sure, it takes away from me the option of lying to people if I don’t want to go out with them — I count that as a positive note though, as my friends can count on the fact that I’m not doing that. Myself, if I was to do that, I would probably just not count them as friends, and thus would not have a problem with telling them that I don’t want to see them.
Is there anything I don’t want to broadcast? Sure, plenty. And I don’t do that by default. My opinion of people, for instance, is not something I tend to talk about, well, depends on the people of course. And there are habits of my own that I’d rather not talk about. And embarrassing personal problems too, but these do not include, for instance, my diabetes or my pancreatic problems, even though, as medical records, they are among the most protected data about me that is to be found out there.
Let me try to make a practical example of what my concerns of privacy actually are. It’s not a mystery that I’m no good with relationships – surprise, surprise, for a geek – and I’m pretty sure I admitted before to being a virgin as of 28 years of age (and counting). If I was to meet a gal with whom there could be a reciprocal attraction (unlikelier by the day), that would be one thing that I wouldn’t want to be known right away by everyone on earth. If nothing else, because I would probably not believe in the situation myself.
But more importantly, both details and general gists would have different circles of people who would get to know them at different times. My mother would, most definitely, be the last one to know — I originally wrote “my family” (which is basically me, my mother and my sister and her husband), then I realized that something that I similarly wanted to keep from them happened recently, when I got almost mugged. My sister got to know about that episode the week after it happened, when I had to go to the dentist and get the tooth extracted — the punch caused me an abscess that was quite painful and dangerous. I was broadcasting the event to the public and keeping it from my family because I did not want to worry them until the whole thing was completed. My mother still does not know that happened. Helps that neither speak or read English.
So going back to the example above, it’s a certainty that my colleagues would probably find out almost first, as I’m a person of routine and anything that breaks said routine is going to be pretty visible. I could make an excuse, but why? So it’s just going to be noticed. But unless I broadcast it, my sister and mother will not get to know it until I tell them. Sure, FourSquare could possibly deduce a change in behaviour, or notice that I’m checking in with a different set of friends; a government agency tracking my phone and hers could possibly find that I’m taking long walks with a new person (and that could be easily mixed in with my phone often taking long walks with other people as I play Ingress), but what would they care about it? It’s not illegal here.
And here’s the first tenet of my personal privacy policy: the fact that I can afford not to hide from governments is a privilege, and so is my ability to broadcast my position and my habits. I live and lived in countries that are relatively civil, I’m not, say, a gay person in Russia, and, sorry to say this so bluntly, I’m not female, which makes showing people that I’m somewhere alone not that much of a concern. This is the same concept of threat model that applies to computer security and other security areas; in my threat model, what I’m concerned about are not state actors or corporations, but rather criminals and personal enemies.
Back again at the example, if actually going out with somebody would break my routine enough to be noticeable, becoming sexually active I’d expect not to – just a guess, given that I’m not able to tell at this point – and that does change a few more things. Given it would be something private between me and this hypothetical significant other, I wouldn’t be talking about it in the open, which means even my colleagues would not know about it. Somebody would probably know that basically right away: my doctor for sure, and possibly my pharmacist (yes, I do have a local pharmacy, the one where I go buy my insulin and the other prescription drugs I have to take). The former would know when I ask him a new set of blood tests to be safe, the latter would know when I’d be asking for condoms for the first time. Alternatively, Tesco would know when I’d order them from the website, and the delivery guy would know as well, when he comes delivering. I’m pretty sure between the two options I’d go with the pharmacy, as I’ve already given up with being embarrassed when talking with them.
To close this, I would like to note that even though I live in what is mostly a glass house, I don’t expect everybody else to do so too. I’m just writing this to signify that I don’t think that there are many threat models that apply to me, for which I would start wearing a tinfoil hat in light of the “NSA revelations” that last year brought us. Maybe for some of you there are, but I doubt that all the people that have been fretting about tor attacks and the like have good reason to do so.
I’m sure that there are people out there that, under oppressive governments, that entrust their life to Tor and similar tools, so identifying and resolving its vulnerabilities is something that I can’t disagree with. On the other hand, as I said before most of the self-defined privacy advocates out there tend to not consider that this also helps also people like the SilkRoad users. While I’m definitely okay with legalization of marijuana, I’m of that opinion because it would avoid the existence of things like SilkRoad.
On the other hand, the NSA revelations do concern me, not because I’m scared of the NSA, but because if they can do it now, others will be able to do so in the future, and if those others are criminals, then I’d be scared of them. So please let’s all try to make things better, encrypt everything, research and find way around browser fingerprinting and help the EFF (I’m a donor too). Just keep in mind what your threat models are, rather than just blindly follow the blogosphere’s hysteria.