Debunking 'nothing to hide'

'No secrets' doesn't mean 'no problem'


Apart from the fact that you do have things to hide — or wasn’t it you who posted nudie pics of yourself and your beloved online? (and was it really for the sake of living a transparent life?) — the claim that people have “nothing to hide” and that, therefore, government surveillance must be okay, is torn to pieces by George Washington University law professor Daniel Solove’s 2011 book Nothing to Hide: The False Tradeoff Between Privacy and Security (Yale University Press).

Solove argues that the problems of government surveillance go well beyond the watching and collecting. While most debate about privacy centers on themes along the lines of the all-seeing telescreens in George Orwell’s 1984, Solove says a better example is Franz Kafka’s The Trial, a chillingly prescient early 19th-century novel about a man arrested but not told why, and whose attempts to find explanation only result in vague information that he is being investigated by some authority for some unknown transgression.

“Government information-gathering programs are problematic even if no information that people want to hide is uncovered,” Solove writes. “In The Trial, the problem is not inhibited behavior but rather a suffocating powerlessness and vulnerability created by the court system’s use of personal data and its denial to the protagonist of any knowledge of or participation in the process. The harms are bureaucratic ones — indifference, error, abuse, frustration, and lack of transparency and accountability.”

Beyond that, claiming “nothing to hide,” Solove points out, suggests that what’s hidden is bad, wrong, or illegal. But “Surveillance . . . can inhibit such lawful activities as free speech, free association, and other First Amendment rights essential for democracy,” he writes.

There is also the key question of whether people own their own data. “Many government national-security measures involve maintaining a huge database of information that individuals cannot access,” Solove writes. “Indeed, because they involve national security, the very existence of these programs is often kept secret.” Calling this collection a “due-process problem,” in which citizens are denied power over themselves and their information, Solove says this creates “a power imbalance between people and the government. . . . This issue isn’t about what information people want to hide but about the power and the structure of government.”

Solove also notes a key vulnerability that even law-abiding citizens have to government misinterpretation. “For example, suppose government officials learn that a person has bought a number of books on how to manufacture methamphetamine. That information makes them suspect that he’s building a meth lab. What is missing from the records is the full story: The person is writing a novel about a character who makes meth. . . . Should he have to worry about government scrutiny of all his purchases and actions? He might not want to have to worry about how everything he does will be perceived by officials nervously monitoring for criminal activity. He might not want to have a computer flag him as suspicious because he has an unusual pattern of behavior.”

So it’s not that you have nothing to hide. It’s that revealing all would leave you naked and powerless before the fearsome strength of the government — which is the very opposite of freedom.

_Jeff Inglis


‘Metadata’ matters: Four calls or texts can ID you

If your concern is focused on whether the government is listening to your phone conversations, you’re worrying about the wrong thing. Cellphone “metadata” — whom you call, when, from where, and how often — is much more interesting, and much more invasive than whether someone hears you say, “Hi. It’s me. Can you please get milk?”

A study published in the online academic journal Scientific Reports in March details exactly how just four pieces of “spatio-temporal” data can “uniquely identify 95 percent of . . . individuals” without hearing any phone conversations or reading any text messages.

Researchers at the Massachusetts Institute of Technology, Harvard University, Catholic University in Belgium, and the Complex Systems Institute in Chile studied cellphone company data covering 1.5 million people’s calls over 15 months. The data provided did not contain callers’ names or addresses; it included only the time and location of the connecting cellular antenna each time a phone received or sent a call or text message.

By charting the series of antenna connections over time, the researchers were able to construct a map of each phone’s movement, which they called a “mobility trace.” In 95 percent of the traces, just four points of time-location data were needed to tell that trace uniquely apart from the others in the large dataset. (The most difficult traces to focus in on needed only 11 locations before becoming unique.)

While the study does admit that additional, outside, data would be needed to connect a mobility trace to a person’s name, the researchers observe that many pieces of location information are a matter of public record (such as property ownership files), are disclosed voluntarily through online check-ins (Facebook, Foursquare), or are easily searchable (business addresses).

In an example offered on Democracy Now on June 12, cybersecurity expert Susan Landau said this: “When Sun Microsystems was bought by Oracle, there were a number of calls that weekend before. One can imagine just the trail of calls. First the CEO of Sun and the CEO of Oracle talk to each other. Then probably they both talk to their chief counsels. Then maybe they talk to each other again, then to other people in charge. And the calls go back and forth very quickly, very tightly. You know what’s going to happen. You know what the announcement is going to be on Monday morning, even though you haven’t heard the content of the calls.”

And even without a name attached, drawing a picture of events is simple, Landau said: “The metadata of a phone call tells what you do as opposed to what you say. If you call from the hospital . . . and then later in the day the doctor calls you, and then you call the surgeon, and then when you’re at the surgeon’s office you call your family, it’s pretty clear, just looking at that pattern of calls, that there’s been some bad news.”

Bad news is right.

_Jeff Inglis


1  |  2  |   next >
| More

Most Popular
Share this entry with Delicious
  •   DEBUNKING 'NOTHING TO HIDE'  |  July 02, 2013
    Plus, 'Metadata' matters, a PRISM primer, and Counterveillance 101
  •   TAKE BACK BARACK  |  December 19, 2008
    It's time to reclaim the man we put in the White House

 See all articles by: JEFF INGLIS + DEIRDRE FULTON