First, you have things to hide. Your bank account number, at a minimum. I'm pretty sure that everyone understands that one as soon as you say it. You don't want your bank account access information to be general knowledge.
Second, if you have a window that someone can look through (the feds, say), someone else can also look through it (criminals, say). What one can do, someone else can do.
I think most people can grasp those two points. (For the second, you may need to give some examples of NSA-only stuff that became generally available.) But the combination of those two points leads them to "I have things I need to hide, and I can't let even the government peek."
This is wrong, and has in fact always been wrong (even in the old system you could use a bank acc number, an address and a name to take money from an account). You can take money out of bank accounts with just IBAN and a name (though even the requirement for a name is spurious). Of course there are legal repercussions and usually the bank refunds your money - but that's when it is already too late.
The banking system you are talking about is built entirely on trust.
Interesting, do you have any source for that? How would do that using only IBAN and a name (i.e. without faking a signature, having the PIN number, a compromised device etc.)
At least with the bank I use (bunq) I get notifications for such transfers and I need to manually approve them for the transfers to take place. If it's a recurring payment I can set it up so it automatically allows transfers up to a specified amount monthly.
"Then why don't you live stream yourself pooping? Why don't you let people walk into your house and look around, just out of curiosity?" Tell them their privacy belongs to them. When they let someone shift the question from "what do I want you to see" to "what have I got to hide", they cede power to that someone. They might not care about that power now, but when they end up caring, it will be too late.
Ask them to unlock their phone and hand it over. Reassure them they can watch everything you do with it and that you won't use it to impersonate them, and if they want you to stop, the safe word is "I have something to hide."
This. Throwing facts and figures at them won't work. You have to make them feel it. I usually ask them if they have any problem with revenge porn sites.
Maybe they are just saying "I have nothing to hide from the government"? This might be true for most law-abiding citizens in the US atleast where there is a reasonable rule of law (as compared to many other parts of the world!).
That's what that phrase means, people saying "hand over your phone" or "leave the door unlocked" or "livestream your life" completely missed the point, which doesn't even resonate with what the article was referring to.
The articles talked about trading privacy for convenience and comfort. All the "counter arguments" people listed have nothing to do with those two.
They usually have something to hide, so make a jokenthat proofs this (ask them to let you scroll through their picture gallery etc). And then when they feel uncomfortable change to a more serious tone and tell them how information translates to power. It is not the other person that is the problem — it is a problem when this information is abused by megacorps and governments.
So in a very old school way privacy for citizens is about division of power and restoring symmetry. If your government or a company knoes everything about you while you are only allowed to know the glossy salespicture version of things, something is off.
Well, one thing is that people don't know the things they might have to hide. Many of the jews murdered in the Holocaust were basically unaware they were even jews, before they started to be persecuted for it. Hannah Arendt was one such case.
Unfortunately, this is very common in history. You would never have known that buying a noble title in Bourbon france would lead to the guilotine, nor that being a committed communist would probably get you shot under Stalin. These things are very unpredictable. Being German in early-20th century Montana was dangerous. Being black in 1700's Haiti was, so long as you were free, absolutely not a problem - until it suddenly was.
There are countless examples like this. Nobody knows what's coming next.
You don't, that's a waste of time for anyone actually proficient in OPSEC.
After years of advocating for privacy on multiple fronts (amateur-enthusiast to professional) I realize that most people are not capable of being trusted to protect themselves from even the most basic threat vectors, and that convenience is the biggest priority in their calculus, thus it will never occur to them why things like PgP encryption and cryptocurency is necessary until its too late.
At which point they're a potential customer, so why am I going to reduce my Market share?
In what context is the question of whether somebody has anything to hide even relevant? It's like asking how to convince somebody that unicorns aren't real. Very few people believe unicorns are real and the fact that those few people believe unicorns are real is of little consequence. The real question is do you trust the law to keep the things you want hidden hidden and to make the secrets of criminals that you don't want hidden available to law enforcement officials. For most people in the United States, that's a "Yes."
We all have something that we don't want other people to know or see. Ask them why they wear clothing every day. And close the door when they are in the restroom.
Also, point them to all the damage the Sony hack did. There was nothing illegal in the emails and I'm sure many thought they had nothing to hide. But the hacking of the email sure made their lives hell.
Lastly, talk to them about all the identity theft fraud that's constantly in the news.
You may be able to trust some people with some of your info. but you can't trust anyone but yourself with all your info.
1. If you called a lawyer, would you expect privacy?
2. Do you want naked fotos of your family on the Internet?
3. Did you tell your co-workers/boss who you voted for?
The real zinger is:
Do you know the police track your vehicle from home to work and back? (It's been reported the US government flies privately-registered surveillance aircraft over large US cities in a racetrack-pattern and use time-lapse photos to track vehicles.)
You could frame the right of privacy in different terms such as encryption is a type of munition to protect your information from a tyrannical government. This closely matches the typical argument people use for second amendment rights.
There are also other ways to frame the premise:
If you have nothing to say, then why do you need the freedom of speech?
If you have nothing to defend, then why do you need the right to bear arms?
There's two facets to this: one is about privacy and the other is a naïveté about the nature of people with power and how the weak fail to anticipate the powerful's capabilities.
First: Okay, they give me all of your passwords, banking PINs, a list of all of your sexual proclivities, all of your browser histories including porn, and agree to live in a glass house that's live-streamed 24x7 to the internet.
Second: The weak rarely realize the scope of capabilities the powerful can lord over them. One obvious capability is powerful can direct district attorneys/crown prosecutors to look for evidence that a target has committed a crime. One common attack is over-prosecution for technical infractions that the weak volunteer; that this, giving too much information combined with tens of thousands of arcane laws setup the victim for attack. For more on this topic, there's a good book called Three Felonies a Day. Furthermore, sometimes the powerful just make up "crimes" to justify harsh punishments: Julian Assange, Chelsea Manning, Fred Hampton and Leonard Peltier are just a few that come to mind. (Daniel Ellsberg's freedom is a miracle.) Furthermore, powerful people have powerful friends who have even more capabilities at their disposal. It's not some sort of grand, organized conspiracy theory, it's human nature that people of similar interests help others in a similar station and those at the top have many more sacrificial Random Jobs.
Saying you have nothing to hide is not acceptable, it's (for the most part) a submissive declaration. If you accept open and unsupervised scrutiny on things that are private by nature, you not only give up parts of your basic freedom, you also give out something extremely valuable, for free. This is totally unacceptable in a capitalist system. You should be ashamed, you commies.
I say that's fine, you don't have to hide anything. Most people have things they would like to keep private however.
Some older folks may not have nudes on thier phone or porn habits to hide.. but most younger folks have nudes of themselves and people they know or have known , or at least something 'incriminating' - almost nude, drinking, whatever..
and I go to explain how hundreds or thousands of engineer-nerds have access to their daughter's pics and videos, chat logs and history of wives and husbands..
we're given permission by them to collate this info and combine it shopping habits, cc and debit purchases. We can know when they are pregnant before anyone else. We have systems that auto-copy their pics if they are 80% or more nude and saved on a one-drive system (do all win 10 systems have that?) and sends those nudes and nearly nudes for humans to inspect them,
call your bank in the morning and ask them if they auto-opted-you-in for sharing all the purchasing data from your debit card.
Last I checked if you wanted to buy pics of their daughter they were around $10 for license and commercial use.
See you may not have anything to hide.. but because you use these privacy destroying services the network effects of family / friends also use that.. you are creating this problem for others.
So just grab a few phones from girls in your family and copy all the pics and browser history from all their apps - and give copies to the neighbors.. cuz the girls in your fam are already sharing them with thousands of other people they don't know.. it's just they likely did not read of understand the permissions they gave, so they have no idea how many engineer-nerds are looking at their pics, videos, and purchase history.
Think I'm missing a few things on this rant, need to dig up my old comments on this and blog it or something I guess.
I tell them that they will pay more for a plane ticket than others if they don't hide their Apple products or their profession. Suddenly they understand that there IS something to hide...
29 comments
[ 3.4 ms ] story [ 68.6 ms ] threadIf they aren't serious or don't care about the answer, I ask them to leave the door open next time they poop.
Second, if you have a window that someone can look through (the feds, say), someone else can also look through it (criminals, say). What one can do, someone else can do.
I think most people can grasp those two points. (For the second, you may need to give some examples of NSA-only stuff that became generally available.) But the combination of those two points leads them to "I have things I need to hide, and I can't let even the government peek."
The banking system you are talking about is built entirely on trust.
I'm not comfortable sharing what I see as an easy way to exploit trust online.
The articles talked about trading privacy for convenience and comfort. All the "counter arguments" people listed have nothing to do with those two.
~h.t. Cory Doctorow
So in a very old school way privacy for citizens is about division of power and restoring symmetry. If your government or a company knoes everything about you while you are only allowed to know the glossy salespicture version of things, something is off.
Unfortunately, this is very common in history. You would never have known that buying a noble title in Bourbon france would lead to the guilotine, nor that being a committed communist would probably get you shot under Stalin. These things are very unpredictable. Being German in early-20th century Montana was dangerous. Being black in 1700's Haiti was, so long as you were free, absolutely not a problem - until it suddenly was.
There are countless examples like this. Nobody knows what's coming next.
After years of advocating for privacy on multiple fronts (amateur-enthusiast to professional) I realize that most people are not capable of being trusted to protect themselves from even the most basic threat vectors, and that convenience is the biggest priority in their calculus, thus it will never occur to them why things like PgP encryption and cryptocurency is necessary until its too late.
At which point they're a potential customer, so why am I going to reduce my Market share?
Also, point them to all the damage the Sony hack did. There was nothing illegal in the emails and I'm sure many thought they had nothing to hide. But the hacking of the email sure made their lives hell.
Lastly, talk to them about all the identity theft fraud that's constantly in the news.
You may be able to trust some people with some of your info. but you can't trust anyone but yourself with all your info.
1. If you called a lawyer, would you expect privacy?
2. Do you want naked fotos of your family on the Internet?
3. Did you tell your co-workers/boss who you voted for?
The real zinger is:
Do you know the police track your vehicle from home to work and back? (It's been reported the US government flies privately-registered surveillance aircraft over large US cities in a racetrack-pattern and use time-lapse photos to track vehicles.)
There are also other ways to frame the premise:
If you have nothing to say, then why do you need the freedom of speech?
If you have nothing to defend, then why do you need the right to bear arms?
First: Okay, they give me all of your passwords, banking PINs, a list of all of your sexual proclivities, all of your browser histories including porn, and agree to live in a glass house that's live-streamed 24x7 to the internet.
Second: The weak rarely realize the scope of capabilities the powerful can lord over them. One obvious capability is powerful can direct district attorneys/crown prosecutors to look for evidence that a target has committed a crime. One common attack is over-prosecution for technical infractions that the weak volunteer; that this, giving too much information combined with tens of thousands of arcane laws setup the victim for attack. For more on this topic, there's a good book called Three Felonies a Day. Furthermore, sometimes the powerful just make up "crimes" to justify harsh punishments: Julian Assange, Chelsea Manning, Fred Hampton and Leonard Peltier are just a few that come to mind. (Daniel Ellsberg's freedom is a miracle.) Furthermore, powerful people have powerful friends who have even more capabilities at their disposal. It's not some sort of grand, organized conspiracy theory, it's human nature that people of similar interests help others in a similar station and those at the top have many more sacrificial Random Jobs.
Some older folks may not have nudes on thier phone or porn habits to hide.. but most younger folks have nudes of themselves and people they know or have known , or at least something 'incriminating' - almost nude, drinking, whatever..
and I go to explain how hundreds or thousands of engineer-nerds have access to their daughter's pics and videos, chat logs and history of wives and husbands..
we're given permission by them to collate this info and combine it shopping habits, cc and debit purchases. We can know when they are pregnant before anyone else. We have systems that auto-copy their pics if they are 80% or more nude and saved on a one-drive system (do all win 10 systems have that?) and sends those nudes and nearly nudes for humans to inspect them,
call your bank in the morning and ask them if they auto-opted-you-in for sharing all the purchasing data from your debit card.
Last I checked if you wanted to buy pics of their daughter they were around $10 for license and commercial use.
See you may not have anything to hide.. but because you use these privacy destroying services the network effects of family / friends also use that.. you are creating this problem for others.
So just grab a few phones from girls in your family and copy all the pics and browser history from all their apps - and give copies to the neighbors.. cuz the girls in your fam are already sharing them with thousands of other people they don't know.. it's just they likely did not read of understand the permissions they gave, so they have no idea how many engineer-nerds are looking at their pics, videos, and purchase history.
Think I'm missing a few things on this rant, need to dig up my old comments on this and blog it or something I guess.