Steve Gets A Life

privacy

well it looks like today is a good day for blogging. here is another good post from Chrisopher Allen. this guy's blog is great, go read it, add it to your RSS feed, whatever.

The term privacy seems to be so overused and poorly defined. my undergraduate security course (which i later TA'd) simply defined it as such:

privacy: confidentiality with regards to personal information

if that helps at all.
allen, on the other hand, breaks it down into 4 types: defensive privacy, human-rights privacy, personal privacy, and contextual privacy.
while these might not be all types of privacy concerning people, they are the big ones. in fact, i hadn't even considered breaking down privacy into types like this, but it really does make a difference. for example, my SSN is private in a very different sense than my ethnicity or religion. one i would like to keep secret from nefarious people trying to make a buck, and the other i would like to keep from any kind of evil nation-state or large hate group. while this might seem a bit over the top, take Allen's example:

This comes from their [Europeans'] history: the Netherlands in the 1930s had a very comprehensive administrative census and registration of their own population, and this information was captured by the Nazis within the first three days of occupation. Thus Dutch Jews had the highest death rate (73 percent) of Jews residing in any occupied western European country -- far higher than the death rate among the Jewish population of Belgium (40 percent) and France (25 percent). Even the death rate in Germany was less then the Netherlands because the Jews there had avoided registration. (source: The Dark Side of Numbers).

now its time for the tin-foil hat. if you have never thought much about privacy, consider the current trend of identity theft crimes. now consider that the people doing this are at best, organized criminals. now consider how easy it would be for large governments (there are more than one) with massive budgets, computing power, and political leverage, to compile similar amounts of data on a much larger set of people in this age of automation and full-text search. in fact, its already being done. people are being stopped in airports due to terrorist watch-lists all the time. and that could be just the beginning. the scary idea is more in line with the example above. sure, you trust your government to keep that giant list of theirs and use if for the Powers of Good, but what about the day that list is leaked by a spy? it can happen. its just a file.
that is why people spend this much time thinking about the word privacy.
Posted by Steve on April 22, 2004 11:16 AM