Skip to main content

Trust, Security, and Privacy

If you want to think about moral concepts that ground debates about privacy, you can't help but think about trust. The basis of a community is the trust that the members extend to one another: the trust that we will leave each other in peace, respect one another as human beings, and (hopefully) look out for one another's welfare. Democratic political institutions rely on citizens' trust that fair and open procedures create just societies. Without the possibility of trust, we lose all society, and all social philosophy.

Trust is also an important concept in security. We employ security out of a lack of trust. We trust the designers of our security and encryption systems. Citizens encrypt their data or web traffic because they do not trust the government. The government resists citizen use of strong encryption because they do not trust the citizens.

It might be easy to conclude that with sufficient trust, we would have no need for security or encryption. I think there are independent reasons to value privacy, so let's no go quite that far. Instead, we might understand the practice of exchanging security credentials as demonstrations of trust. When I present my username paired with my password, I demonstrate that I have trusted access to the account. When a firm hires a new employee and creates security keys and access codes, the new employee is being initiated into a web of trust.

In many cases, we connect trust to identity. A security key demonstrates the identity of the holder, for instance. Certainly, the sense of trust that grounds a community seems connected to recognizing one another as neighbors. Nevertheless, we have a large anonymous community organized around activism, not to mention the mostly anonymous BBS and Usenet communities that formed in the early days of the online world.

The information economy also runs on trust. If users can trust information vendors to protect their private data, users are more likely to enter into the information market. In the US, information vendors have to rely on reputation and user-friendly privacy policies. The results are somewhat mixed, even more so since the PRISM leak. Some users just don't trust Big Data, and established trust can wane due to current events or changing attitudes.

So what do we do about this? Well, stay tuned...

Comments

Popular posts from this blog

Justifications for Intellectual Property Part 1: Utilitarianism

There is no way this tutorial series would be complete without some discussion of justifications for intellectual property. While not necessarily a matter of law, some knowledge of the philosophical foundations will provide a better sense of the values at stake in intellectual property debates. Notice, for instance, that the tutorials on fair use were punctuated with appeals to values, social goods, and individual rights. Without an understanding of the moral and political framework against which the law stands, one can very easily find oneself in a stalemate, with one value pitted against another and no way of deciding which should prevail. To understand the jurisprudence around intellectual property rights, one has to have some idea of the justifying theories to which attorneys and judges appeal in their arguments and decisions. So, without further ado, let's get to the tutorial.
There are three main ways of justifying intellectual property rights: the Utilitarian theory, the Lab…

Fair Use Part 2: Subtleties

Now that you've had the time to digest the basics of fair use, it's time to talk about some common misunderstandings and problems that arise with regard to this aspect of copyright law. As you might have noticed from last time, fair use a complex issue, one in which various concerns must be weighed with no guiding standard as to how much impact each factor should have. Even more problematically, US courts have stayed away from fair use cases for the most part. Very few actually reach a judge, and only four fair use cases have been heard by the Supreme Court. As such, there is very little jurisprudence to clarify the law. As such, fair use is a ripe subject for confusion and debate. Let's begin with the most crucial clarification.
Fair Use is not a right While one might hear talk about “fair use rights,” there really is no such thing. The National Information Infrastructure White Paper on Intellectual Property (released Sept 1995; for more information see: http://www.uspto.g…

History and Identity

Yesterday the European Court of Justice issued an important ruling that has the tech policy world buzzing about privacy, search engines and personal history. In short, the court ruled that the EU Data Protection Directive gives a person the right to demand that old information be purged from search results. The particular case involves an attorney seeking removal of links to announcements about a real-estate auction connected with a debt settlement in 1998. While the ECJ made a number of interesting moves in the case (including a welcome argument that the distinction between data processors and data controllers does not make as much sense today as it did in 1995 when the Directive went into effect), the big consequence everyone is talking is the right to be forgotten.

The long memory of the Internet is a feature it's hard not to love and fear at the same time. Whether you have something to hide or not, if it's on the Internet, it stays on the Internet (most of the time, at lea…