On the Nature of Privacy

(De rerum secretum)


Whilst computer security is generally a highly mature field with a variety of exceptionally well designed and tested practices, protocols, and standards in place — the privacy space leaves a lot to be desired. We can separate privacy into two conceptual camps of identity dependency and independency. I feel that this framework can be very useful when making decisions about one’s personal privacy.

During the Age of Enlightenment, Social Contract theorists explored ideas concerning the relationship between the individual and the state/political order. It is generally assumed that the latter exists in order to protect the liberties of the former. One might suggest that, on the whole, this objective has been fulfilled more often than not over the last several hundred years. Unfortunately a new contender has entered the ring. Historically, there would be few enemies of inidivdual freedoms that the relevant state would have been unable to easily protect from. Now however, the technological gulf that separates those that threaten and those that seek to regulate is not insignificant. It seems, so far, that the relevant incumbents intend to cooperate. But as Congress and Parliament begin to ask the right questions, we must be mindful that they don’t get too many ideas themselves.

Of course, there are some identity-dependent digital services that governments provide for their citizens, and this is unlikely to change. The manner in which we exchange this information on the other hand, can. The magic of modern cryptography is rarely appreciated by most. We have come a long way from the Caesar cipher of Ancient Rome, so far in fact, that we can now validate information without revealing what it is. Zero-knowledge proofs are the types of technology that we should begin to consider when asking questions about what we want privacy to look like in a world of yottabytes.

Outside of governmental identity-dependent digital services, it is impossible, under any circumstance, to justify the level of snooping that most online services require. It is no secret anymore that large data sets are a gold mine. We must minimise our footprint everywhere possible. Geolocation 24/7/365, social media that maps cognitive structures for homogenous character profiling, ad trackers embedded across the entire web, pixel trackers hidden in emails — these should not be part of our experience of the web. Where possible, we should use pseudonymous data so that the trails do not lead directly to us. Our objective should be to reveal the least amount of real data possible without destroying the browsing experience. The reality is that none of our data footprints are the ephemeral, immaterial things we understand them to be. They are enduring fixtures in the modern world. The future is uncertain, but data permanence is not.

What can be done without going overkill?

  • Use a VPN that doesn’t store logs
  • Use DuckDuckGo as your default search engine
  • Use uBlock Origin on your browser
  • Use Firefox Quantum with DNT enabled and 3rd-party cookies disabled
  • Disable GPS functionality when not in use on mobile
  • Block pixel tracking in emails
  • Disable all Google Tracking Services
  • Disable Google Ads
  • Disable Facebook location services on mobile
  • Disable Facebook Ads
  • Disable access from non-critical apps
  • Download a data dump and ask for deletion
  • Set up a pseudonymous email with fake information for everything that does not require ID verification on the web
  • Use throw away emails as much as possible

Where is the Life we have lost in living?
Where is the wisdom we have lost in knowledge?
Where is the knowledge we have lost in information?

— T.S. Elliot

On the Nature of Privacy was originally published in Hacker Noon on Medium, where people are continuing the conversation by highlighting and responding to this story.