Taylor

@T2

A privacy and open source advocate. Always looking generate discussion about digital privacy to help better define it and spread the word.

8,919 words

Guestbook
You'll only receive email when Taylor publishes a new post

Is Stallman Wrong About Proprietary Software?

"With software there are only two possibilities: either the users control the program or the program controls the users. If the program controls the users, and the developer controls the program, then the program is an instrument of unjust power." - Richard Stallman

This quote is likely the most famous from Richard Stallman and encompasses well the primary argument made for 'free software,' which is more of a political philosophy regarding the treatment of software users rather than a philosophy regarding its development. Stallman draws a line between software that is 'open source' and 'free as in freedom' or 'libre,' meaning software that people are free to use, study, change and redistribute as they see fit. This distinction makes sense, because open source software could have its code be publicly auditible, but not allow the modification, private use or redistribution of it. Stallman fears that open source could be used purely as a marketing bullet point with little consideration for the ethical principles behind free software. While getting behind 'open source' software is a good start, it does not automatically entail the further ethical principles behind 'free/libre' software.

Stallman has helped build a community based around these ideals regarding free software, and I find myself in agreement with his ethical goals in principle. Although, the argument Stallman and many free software advocates make does not sit well with me. This is mostly due to the the incredibly hard and fast claims that are made regarding the nature of freedom and proprietary software.

The argument Stallman makes rests on the idea that proprietary software necessarily leads to the abuse of its users' freedoms. Though what is meant by this? Is it true? Of course, if software is proprietary it necessarily means that users cannot audit the code and there are clear limtis to its distribution. But, couldn't we have proprietary software that does respect the freedom of the user? Additionally, what sort of assumptions are we making about the user's desires when using such software?

The definition of 'freedom' here is very particular, and seems to assume that freedom necessarily requires complete control. I believe this is where the argument breaks down, as such control is likely too extreme a standard to reasonably operate with and claim as a necessity. There is a lot to be said here philosophically, in terms of freedom of the will, but lets keep this reasonably focused.

A Strict Definition of Freedom

What do we mean when we say 'freedom'?

By normative standards, it means we are able to and are free to act in accordance with our desires, and that we are free from both force or coercion when we act. The question is then, are we forced or coerced by proprietary software when we use it? Does it force us to use it in particular ways?

We tread into some heavily opinionated territory asking these sorts of questions, because the answers will likely vary hugely depending on who you ask. So, I want to illustrate the perspectives of two likely responses to the questions above; (1) from the perspective of an ordinary person, and (2), from the perspective of a technically savvy person or maybe more specifically a computer programmer.

First the ordinary person, who we can assume has a low technical understanding of computer hardware and software. This is your everyday person who uses technology because it makes their lives easier, they think little about the software and hardware they use, so long as it does its job. This person does not have the ability to modify software and knows little of how it actually works, just that it helps them do the things they would like to achieve.

Let's say this person uses a proprietary word processing program made and distributed by a large private corporation. This program does everything that they need it to do to get their desired work done; it does not force the user to use features they do not desire to have and is not missing any features that this person needs. Not much needs to be said, there is clearly no threat to freedom here from their perspective and the software itself does not force the user to use it (though maybe you could argue that their occupation or circumstances requires them, but this raises further questions and issues outside the scope of this discussion). This person would respond with a shrug, they feel the program adequately respects their freedoms, they can use the program to the extent they require and that it is not manipulating them in the way in which they may use it (e.g. refusing to save certain documents, restricting access to basic program features after already paying for a license, etc.).

Next is the tech-savvy user/programmer, who has a high degree of technical knowledge of computer hardware and software. This person also uses technology because it is a useful tool to achieve desired goals, although they have a deeper relationship with technology and thus require more fine-grain control over it.  They have the ability to modify and/or redistribute software and know how to most effectively use it to their advantage.

This person uses the same proprietary word processing program by the same company as the ordinary person. However, they require features that do not exist in this word processing program, and since they have no access to the source code, or do not have the rights to modify it, they cannot achieve their desired goals with that piece of software and can be said to be forced to use that program against their will or desire. The program itself is restrictive in this case and is forcing the user to use it in a particular way. Furthermore, this person could not share any changes or modifications they could potentially make to other users without exposing themselves as violating the terms of use of the program license. This is true even if the users who they shared the program with owned legitimate licenses for the program, as they all still violate some terms of service. This user responds in saying their desires to act in certain ways within the program are being restricted, and are subject to the company responsible for the source code to update the program accordingly. 

This problem exists primarily for the technically savvy and not the ordinary user, but could we argue that the ordinary user only has the illusion of freedom? Not really, since their needs are in fact being met by the program entirely, it seems difficult to argue that the program itself is exerting any sort of coercion or force on the user regarding its use. Saying otherwise is like arguing that a hammer forces/coerces users using it for hammering because it can't be made into a screwdriver. You could argue that some proprietary software coerces users into using it (e.g. 'hacking' their brains, invading privacy), but once again this doesn't seem like a necessary feature of proprietary software.

Freedom in this case is too strictly defined, and involves being able to do more than what any user could potentially desire of a program and shedding any potential restrictions that could even theoretically come about. 

Is it more likely that harm could be done to users through proprietary software? Objectively I believe the answer is yes, though, is it necessarily true that this harm is done? Absolutely not, and to make this claim is to make a circular argument about proprietary software. (i.e. proprietary software is bad because it is proprietary)

A More Charitable Example - Proprietary Software Liscences (DRM)

It is possible that I may be focusing too much on simple user-program interactions and reducing the argument to absurd levels, so lets refocus on the strongest aspect of the position; software licenses. 

One of the more effective arguments for free software comes from a short article from Stallman called, The Right to Read and gives a non-technical example of why free software is so important. 

The central dilemma of this example includes a person named Dan, who wants to lend his computer to his friend, Lissa. The example is set in what seems to be an authoritarian near-future type of scenario, where a 'software protection authority' is able to discern whether someone other than the owner of a book reads it. Dan wants to lend Lissa his computer to help her complete her midterm, but is torn because it is likely that she may read the books off of his computer, which she does not own the license for and may get him in trouble. There are many ways around this dilemma, but they are unsavoury options which include; Dan getting expelled for sharing his computer password, getting his friend to 'crack' the DRM to allow her to freely read it (and risk jail time) or letting her use the laptop and go to jail for infringing on the license terms.

This short story is more of an argument against Digital Restrictions Management or 'DRM' for short. Although, DRM is commonly included in proprietary software and ensures that only the person who paid to use the software or media is the one who uses it. Assuming that one day DRM is taken this seriously, and users could risk jail time for copyright infringement, this is a very serious concern. Also, we have seen many times how companies themselves exert control over the type of media people can consume on their software platforms, in some cases directly removing disagreeable files from users' devices. 

Why Not Both?

I often find the answer to such issues are best found in compromises, so it may be best to try and find some middle-ground here.

It would appear we would have no problem at all if, for example, companies like Amazon never exercised (or never had) their power to remove media off of user devices. Additionally, deeper beneath Stallman's story there is the idea that people should be able to freely distribute and modify the copyrighted intellectual property of others, but this is a separate issue about the nature of private property and capitalism, which needs a separate discussion. (It further seems like Stallman may have further issue with people being able to own things, and in order to support free software in totality, it may involve a commitment to abolishing private ownership in some sense)

The question remains, is there an issue with proprietary software itself or is there an issue with proprietary software licensing and the companies behind them?

Companies like Amazon, Facebook, Microsoft, Google, etc. all remain justified in their actions because of the sole ownership of their software, they get to decide the boundaries of what people can do with it. Further issues regarding their ability to inject code to restrict user freedoms is not something unique to proprietary software and Stallman himself seems to be aware of this. Open source software is not necessarily free software, but does this necessarily mean proprietary software cannot be? Free software is quite clearly an ethical commitment, but it seems to me that free software itself does not exclude proprietary software. As long as the user is not unreasonably restricted in the way they use the software, what issues regarding freedom truly remain? There may be issues with trust, but ideally this could be dealt with in adequate user protections in case of violations.

Stallman attempts to argue that proprietary software is necessarily harmful to users, but this seems like a poorly founded argument. In order to argue that proprietary software cannot be free software, you must also argue that proprietary software is necessarily harmful, which is not the case. It is a stretch to claim that a program exerts control over a user, especially when you consider the nature of computer programs as useful tools. I believe this is why the average person does not care for free software, because most people would agree that they are perfectly free in the current use of their proprietary software. Sure, they may not be strictly speaking 'free' in the most libertarian and perfect sense, but it is likely more than adequate.

Instead, it may be more important to focus on more generally protecting user freedoms with ethical software licenses. This means that Dan would not go to jail for sharing his book with Lissa (or even giving it away), and rather he would only see trouble if he actually 'gave away' multiple free copies of his books to many people without a license. Users could use proprietary software/hardware such as on Amazon's Kindle e-readers and be protected from Amazon potentially removing the files they put on the devices. It is not totally necessary for a user to be able to modify the program as they see fit, as seen in the case of the everyday person, this is not even a consideration. In order to be free they must be free from force or coercion, so the focus should be rather on mass redistribution and not exerting control over content once users have purchased it. Avoiding problems such as the Amazon one are primarily licensing issues, people did not own the books they bought, and this is something that could reasonably change. 

I would even go as far to say that proprietary software need not even restrict modification, and that users could modify their programs so long as they respect the terms of the license agreement (not reverse engineering code and reselling/distributing the program).This way, we could have peoples' intellectual property remain protected and paid for while still defending the users right to its use it, barring only the most egregious offenses (e.g. mass redistribution/reselling). 

None of this is to say we don't need open source or free software, it would absolutely remain the most appealing form of software due to its superior security, learning, trust and modification qualities. Not to mention the 'freedom' it can offer, in the strongest sense of the word.

The purpose of this discussion was primarily to promote caution in the hard and fast claims of such arguments and point out some potential flaws in their reasoning. It's these sorts of flaws that keep such arguments ineffective in practice because they too quickly dismiss the opposition, rather than attempting to find a more practical solution. I love open source, free software and what it stands for, but arguments like Stallman's rub me the wrong way.

I make these articles to get people thinking about these issues and to get people thinking twice about arguments that make these strong and extraordinary claims, which influence people to take some pretty strong positions online and in life. I feel that particularly in the space of open source and free software, the discussion is too often crowded with IT professionals, who are naturally biased in their judgements here. It is pretty difficult to find contrary arguments on the internet on such topics, but here I am attempting to provide one despite my own biases. 

Pluralistic Privacy - Why I Love Firefox Container Tabs

Relative Privacy

In a previous, more lengthy article of mine, I explored in depth why privacy cannot be understood merely as something with a singular essence.  This is an idea which Daniel J. Solove develops extensively, but the difficulties in coherently defining privacy boils down to two main points:

  1. A definition which includes only information you consider 'intimate' can be either too narrow or broad and varies greatly depending on who you ask
  2. A definition which includes 'the right to be left alone' is too broad, and can be extended to an extreme degree where anything and everything is intrusive

In either case our conception is either too broad and vague, or too restrictive. As a result, it is more effective to define privacy as a set of issues with a "family resemblance," meaning that while there are a broad range of definitions for privacy, they are all interconnected with one another. 

For example, you may be ok with the government collecting the individual phone numbers you call, but the way that data is processed and aggregated reveals information about your race, religion or political ideals, which further gets sold (disseminated) to third-parties to target you or others (see: Cambridge Analytica and Facebook) for their own gain. 

You may not find yourself at issue with the collection or even its processing ("I have nothing to hide!"), but many people seem to draw the line at the dissemination of their aggregated data, especially when done without their consent.

Separate Your Online Lives

In comes Firefox Multi-Account Containers, my favourite browser extension for browsing online and enhancing my privacy. On top of other fundamental privacy enhancing browser extensions, these containers help you better lockdown your browser. While a bit more of a hassle to set up, especially due to the fact that it does not sync with your other devices, I find it actually enhances my browsing experience while also being able to remain decently private. 

I can separate my online lives from one another, meaning I can still save the cookies from Amazon for easy login and shopping, but not risk them tracking me away from their site. The cookies for Amazon in this case only exist in the "shopping" category of my browser, and cannot touch my "banking" section or even skim any of my general searches done through DuckDuckGo.

Since everyone can feel so different about what they'd like to keep private, it is important to be flexible to a multitude of needs, and these containers do exactly that. Most people could agree that Amazon has no business in knowing what I search for outside of their website, even though they may claim it is for my benefit to give me better recommendations. 

This is even more true of social media sites such as LinkedIn, that likely track your social media email contacts when you allow their cookies to sit within your browser. Of course, this is all in the name of better connecting you with people you know. Unfortunately, these social media sites likely share and connect data regardless of whether you allow cookies, quarantine them or not. Though, it doesn't hurt to at least make it harder for them.

Separate All The Things - Achieving Privacy and Lockdown Security

On a closing note, to take it to the next level, Qubes OS is likely the next stop for those looking to truly keep online lives separate from one another. It is a linux-based operating system that is free to use and open source.

Qubes allows you to completely separate and compartmentalize the applications and functions of your computer. That means you can quite literally have an application installed multiple times and have each of them used strictly for different purposes. 'Qubes' are like opening separate application windows, except each window is an isolated instance of the whole operating system for your programs to run in, like having a different computer for your work, social and banking (called virtual machines). An overly simplistic explanation, but you get the picture.

This way, if a virus compromises your system, it is really only taking hold of that single qube and not the entire system. You can do your banking and keep it completely separate from your social qube or your work qube and never fear that you are leaking information between them.

The icing on the cake is that it features disposable qubes that completely erase themselves after you close them, so if you're not so sure about an email attachment you have received, you can open it safely in an isolated digital environment.

Convenient? No, but...

The biggest downside of these two things is that they are a bit cumbersome, but they both represent well what privacy is all about, and that is that is the ability to better control your information. 

Technology has quickly crept up on us and provided us with some incredibly convenient services, but it has also made us forget that we all do in fact value our privacy to some degree. The crux of the issue is just that, and while some would like total separation between different parts of their lives, many can agree that at the very least that they value consent and the ability to decide whether they would like to share their information. 

This has increasingly not been the case with convenient technology, consent is not longer required, and many digital services have free reign over aggregating and analyzing our digital lives.

An Easy Guide to Privacy Basics for Browsing Online - Part II

Welcome to Part II of this guide, if you missed Part I, you should check that out first.

Okay, So Some Assembly is Required

The following suggestions require some effort, although minimal, and require no upkeep once you get them going. As a result, these tools are a bit more powerful in locking things down.

Firefox Profile Maker

If you are using Firefox (you should), then the FF profile maker allows you to easily adjust your browser's about:config file with pre-set privacy oriented settings and explains what each of them do. These settings include; disabling webRTC, disabling malware scans, disabling browser pings, and even installing many of the extensions mentioned here and in Part I.

Firefox Multi-Account Containers

Probably my favourite extension of the bunch because of the power it puts into your hands, though it is often overlooked and underrated. This extension allows you to carve out a separate 'box' for each of your online lives, meaning you can effectively quarantine certain sites into their own separate instances. It's like opening a new browser for particular sites (while only having one browser open), this way you don't need to worry about Google or Facebook taking a look at your activity and track you in other tabs.

(In fact, Mozilla released a version of this set up just to quarantine Facebook. If you really do not want to take the time to set up categories for all of your frequent sites. Or if you're still using Chrome...)

It requires some setup, and how tedious it is depends on how much you want to separate things. For example, I have separate categories for every website I frequent (i.e. Google, Facebook, Shopping, Reddit/Twitter/news, banking, etc.) I keep all of my shopping sites together in their own container, because I don't really care if Amazon knows if I'm on Ebay or to Newegg, but it sure as hell does not need to know what's going on with my financial windows. I keep LinkedIn away from my email and social accounts (even though it is a bit futile), and much more.

The worst part of this extension though is that your settings don't sync between devices! (Mozilla please change this!) So you'll need to set it up for each one.

Cookie Auto-Delete

My second favourite extension. A perfect match with Firefox containers, this extension does exactly what it says on the box.You can protect yourself from cookies by having them automatically removed, and only save the cookies you want for the sites you would like to stay logged into (they are useful for something!). It comes with the ability to only save cookies for particular Firefox containers, meaning you can save your login cookies for Google, while also keeping Google quarantined in its own container away from any other sites you visit!

(Although this extension also suffers from the Firefox containers sync problem!)

Obviously requires some setup, as you need to pick each and every site you want to save cookies on (if any), which is important if you'd like to stay logged in anywhere.

A VPN

There are an overwhelming amount of VPN's to pick from, but I'm not here to make a particular recommendation. What I do recommend is checking out ThatOnePrivacySite to make your own choice on a VPN that's right for you. It has an extensive catalogue of VPN services and ratings on various aspects of them. 

VPN's allow you to route your internet traffic through encrypted channels, which is especially important if you ever connect to public wifi networks. VPN's are not free, and many of their advertising strategies are sketchy to say the least (be wary of online recommendations from web publications, they are mostly paid for). Remember, with a VPN you are routing your internet traffic through someone else's server, so be sure to find a VPN service that claims not to keep logs of users browsing history.

VPNs are easy to use, but are not free and do not guarantee privacy, so you should do your own research here

(WARNING: NEVER use a free VPN service, please! You are routing your traffic through someone else's machine, they are likely profiting from your data and/or keeping logs of your internet traffic.)

-- free trials of paid services are fine though

DuckDuckGoSearX and many others

Although these search engine recommendations here don't require any 'assembly,' they are no doubt larger undertakings for some people and sacrifice some of the supreme convenience of Google. DuckDuckGo (DDG) claims not to collect any data on you or your searches or save your search history. They use no cookies on their sites, except when you make settings changes and want to save them (not used to identify you). They do not target ads towards you based on your search history, like Google is so famous for. Instead, they feed you ads (if you allow them) only based on what you search (e.g. if you search for 'car' you will likely see a car ad)

(I emphasize 'claim' because that is frankly all they can offer us, and for some that won't be enough, though there are some tradeoffs to be made when it comes to search engines and their features.)

DuckDuckGo has a fantastic feature called 'bangs,' which allows you to turn your Firefox search bar into the ultimate search tool. It allows you to search hundreds of websites in a single place with simple prefixes such as !g (for Google search, if you dare), !maps (Google Maps), !w (Wikipedia), !a (for Amazon) and much more. You can make DDG your default search in Firefox by going into hamburger menu (top right of browser) > Options > Search > Default Search Engine.

SearX is unlike DDG in that it actually mixes your search queries on other search platforms without storing the data, meaning there are no logs on their end or in your browser. Despite being best option for privacy of my two recommendations, I am personally not a fan due to its severe lack of features.

Beyond Privacy

For most people, it is more than reasonable to take it upon themselves to at least install the basic 'out-of-the-box' extensions from Part I. There really is no good reason not to, they do not slow your browsers performance (and in fact actually reduce loading times of sites) and protect you from data harvesting advertisers, websites, cookies and even your own Internet Service Provider (ISP).

The extensions here in Part II require a little fiddling around with, so they don't warrant the same 'no excuses' attitude. Though more savvy users will notice I have left out some crucial things. This is on purpose, mostly because this was meant to be a simple, comprehensive look into basic and convenient privacy

I'll finish this off with a mention of some of the more advanced tools. I admit I do not use the following extensions and tools, mostly because I also value convenience and ease-of-use. These following extensions will break some websites, though they are the undisputed champions of protecting your online privacy (in conjunction with the extensions in this guide), security and even granting anonymity (e.g. Tor Browser). 

NoScript

Completely cuts out the use of Javascript from websites, which can leak your information. This breaks most websites functionality, since many rely on JS for many of their features. You can add exceptions to sites you trust, though this is requires more fiddling than many people like to do. 

DuckDuckGo has a non-JS version of their site, though you lose some features.

uMatrix

This extension gives you a crazy amount of control over your browser, from where it is allowed to connect, what type of data is allowed to download, and what kinds of tasks it is allowed to execute. By default this extension operates like NoScript and blocks all 3rd party scripts, and you must create exceptions to allow sites to use them. 

Tor Browser

A fork of the Firefox browser that protects you by bouncing your communications to the internet around a distributed network of 'relays' all around the world. This stops sites from learning your physical location and stops anyone from watching your connection to the internet, as it hides you among the other users who use the network. Unfortunately, some sites do block access to them if you use Tor, and it is markedly slower than your average browser due to how it functions. This browser achieves a degree of anonymity, but still is not perfect.

An Easy Guide to Privacy Basics for Browsing Online - Part I

It used to be the case that you had to sacrifice quite a bit of your time in order to properly consider your privacy online. Once Google Chrome took the internet browser scene by storm, it was hard to justify using anything else to browse the web considering the performance and convenience that you had to give up in order to use an alternative.

Today, many people are wary about just how much Google and Facebook know about you and how much they track you, most recently with the Cambridge Analytica scandal and  the discovery of Google Chrome scanning your computers files for viruses, taking analytics from the results. The problem in both these cases is a lack of user control and consent, neither Google or Facebook do well to notify their users that their data is being scraped (especially egregious in the case of Facebook). 

The problem is, too many people don't know where to start with protecting themselves, as there exist a lot of options for doing so, it can be overwhelming and difficult to understand for the casual user.

Until recently, alternatives such as Firefox paled in comparison to Chrome's speed and feature set, which included integration with their omnipresent Google services (search, maps, etc.) which have become an increasingly essential tool in our lives. Though with the latest release of Firefox Quantum, you no longer have to sacrifice having a fast browser to have one that does not scrape your data without your consent.

I won't spend any more time on what has already been beaten to death online already regarding these privacy issues, and even though there are a plethora of resources regarding how to defend yourself, many do not stress just how easy and convenient this is to do. 

There are no more excuses. Taking at least a minimal amount of consideration for your privacy (and security) is now easy, as the majority of these tools are free, open source (auditable by the public), and work 'out-of-the-box.' Download Firefox and get started.

No Assembly Required

The following set of suggestions require zero set-up and low technical knowledge. Still, many of them are feature rich and can be tooled with to give you even better protections. Seriously, all you need to do is download them through your browser's add-on store (just click the links below if on Firefox).

HTTPS Everywhere

To be fair, most major websites default to HTTPS today, but it still doesn't hurt to have this extension. It ensures you are always using a secure and encrypted connection to websites by rewriting the request when you access it, so even if you intentionally typed http://, it would still direct you to https://. Though this does not protect you from third-party or external content which websites may use and implement (e.g. externally hosted images, advertisements and the like - leave that to our next extension).

uBlock Origin

Although this adblocker works as intended straight out of the box, there is more than meets the eye here. It allows you to block 3rd-party scripts, add additional filters for certain domains, and whitelist sites you wish to support by viewing  their ads (e.g. specific Youtube channels). It is quite powerful, but is a great low-profile ad and tracker blocker with no setup needed.

Privacy Badger

Plain and simple, the extension Automatically sends the 'Do Not Track' header with each website request and evaluates the likelihood that you are still being tracked afterwards. If it determines you may still be being tracked by certain aspects of a site, it will automatically block them. I have yet to see this break any sites I use.

Decentraleyes

Blocking 3rd party content delivery has been a theme here so far, though actually blocking the content and stopping sites from making you load files through large third-party services like Google Hosted Libraries can be difficult and break sites. Websites rely on 3rd-party content hosts to lower upkeep costs of their sites, so they do not need to locally store the content themselves.

This extension comes bundled with a bunch of commonly used files and serves them locally (from your computers storage), stopping sites whenever they try to fetch them from somewhere else. It stops you from potentially being tracked by making such requests to networks for these files.

Don't touch my tabs! (rel=noopener)

In short, this extension adds the attribute rel=noopener to hyperlinks which open a new window or tab. In English, this means that it prevents any new windows/tabs from accessing the previous window. This stops advertisers from accessing information from other tabs and from potential hackers producing fake login page from the service you navigate away from.

(e.g. say you clicked a link on Twitter and it opens a new tab, the site you opened won't be able to touch the old Twitter tab in any way)

CanvasBlocker

This extension prevents website from using the Javascript canvas API to 'fingerprint' (identify your computer, OS, browser) you and be used for further tracking purposes. Many sites use Javascript to display content and images, though every computer generates this content differently, so you may be tracked and identified this way. By default, it is set to fake the readout of the API, meaning a different readout is given every time, so a site can't assign one unique fingerprint to you.

There's More to Be Said

With these extensions you can be reasonably private, as you will halt many trackers and stifle fingerprinting. Though there are other ways in which you can be tracked and profiled, namely your IP address/internet traffic, search engine (Google) and cookies.

It is also important to note that none of these extensions grant anonymity, these extensions just make it a little harder than usual to identify you and 'connect the dots' with your activity.

If you'd like to find out how to enjoy even more privacy, and get a sense of what it takes to become anonymous, then continue on to Part II.

Pitting Privacy Against Security: Do You Have Something to Hide?

Seeing Both Sides

The internet is a place ripe with extreme reactions to just about anything. A short browse on almost any social space will be full of vitriol regarding some topic or another. It is a hotbed for extremism, and too often people do not practice critical thinking, which is incredibly dangerous in a place that is such a firehose of information that can be easily manipulated, poorly reasoned or sourced. 

A majority of the arguments you see on the internet involve the act of both sides 'talking past each other,' with neither side really coming to any sound resolution. This is also in part due to neither side presenting arguments which engage with one another, merely using the large talking points of their position to 'talk down' or patronize the other.

This also sums up partially how I regard the 'debate' of digital privacy and security online. For many of those who are tech enthusiasts, especially in the realm of the Free/Libre and Open Source community (FLOSS), the 'other side of the coin' in the debate about privacy is not a debate at all, merely dogma. While I find myself in strong agreement with most of the community about the importance of digital privacy and security, I am extremely wary of echo-chambers and always remain open-minded and cautious of opposing thoughts and arguments. In fact, I enjoy seeking out such opposition, if only to stir the pot an get people thinking critically about their values.

In this article my aim is to examine a counterargument for privacy, and an interesting one at that. What I hope to achieve here is to actually strengthen the argument for privacy by giving a charitable look at such an alternative. Also, to get people thinking about these alternatives in order to stir up more enriching discussions.

An Argument to Expand State Surveillance Powers

Philosopher James Stacey Taylor in his paper, In Praise of Big Brother: Why We Should Learn to Stop Worrying and Love Government Surveillance, pits privacy against security. His argument will make every privacy advocate recoil, as he argues that we should encourage the expansion of surveillance powers in the public and private domain.

Any worries about this alarming proposal can be quickly dispelled by Taylor when we consider the widely held view that, in certain circumstances, it is morally permissible for the State to secure information about past events. For example, it is morally permissible for the State to acquire information by compelling witnesses to testify on past events in criminal trials (i.e. subpoenaing witness to disclose info, installing surveillance devices to monitor those suspected of crimes, etc.). Though, the State may only use hindsight to determine what info is morally permissible to have access to (determining what info is relevant to collect for a case). Given this, the state is in principle morally permitted to place citizens under constant surveillance. (!)

It doesn't stop here, Taylor also wants to argue that a State using such surveillance would actually be morally preferable to one where it did not. As such a State would have reduced crime, justice would be better served, and fewer costs would be imposed on witnesses. If we can accept that the state may perform surveillance if they have sufficient suspicions of criminal activity, then there should be no moral bar to their gaining records of past events that may have been generated via pre-existing surveillance devices.

Again, it is important to note that the State would be restricted on their ability to access the data on pre-existing surveillance devices and would also need subpoenas to review it. Thus agents of the State may only use hindsight to determine if it is appropriate to access such data. This means that the State does not have easy access to all the data that it collects, only what it may determine is morally justified to access. Furthermore, that the State may only secure the minimum amount of information that it needs for its legitimate purposes (i.e. only enough to provide sufficient evidence).

This argument supports the notion that the State may find justifiable reasons to place surveillance devices inside someone's home, though it does not support doing so without their consent (unless they have probable cause to do so). The idea is that it could be beneficial to your own safety and that your privacy would be respected (no one is unnecessarily watching). It attempts to place reasonable limits on surveillance when it ceases to be morally justifiable.

The advantages of such surveillance are plenty, witnesses would no longer be required for cases, and better justice could be served by eliminating the need to rely on potentially unreliable human witnesses. Judges would not need to further make judgements on the reliability of witness testimony, as the facts of events could be laid out and taken at face value, free from the potential biases of the judges themselves or the influence of a lawyers cross-examination.

Unlike in Orwell's 1984, people would not be under constant surveillance, because no one would be actively watching. So crime would not be deterred by the fact that they may be caught while in the act, but rather by the likelihood of being identified for committing the crime because it was previously recorded. This would be beneficial because it would also deter police officers from extending the limits of their authority to catch criminals or suspects.

The Human Variable - The Abuse of Power and Information

Taylor is well aware of this objection and addresses it in this same paper. As has been stated, the State would be restricted from abusing state surveillance to actively watch people. Though he claims that what we object to is the abuse of state surveillance, which is quite different from objecting to State surveillance itself. He believes that the risk for abuse is outweighed by the potential benefits of such a system to society.

Importantly, he notes that if the state were prone to abuse its citizens in this way prior to the installations of such a system, then there is cause for concern for the consequentialist who weighs these pros and cons. It is equally important, that the consequentialist must also realize that the state does not even require such a surveillance system of surveillance to persecute and oppress its citizens.

Do You Have Something to Hide?

The final two objections are that such a system of surveillance would violate the privacy of the people subjected to it and that it would compromise their freedom and autonomy.

Neither of these are sound objections according to Taylor.

The first objection misunderstands the limits of this surveillance, since the State would only have access to the information surveillance devices gather when it is morally permissible to do so. Also, that the argument rests upon the fact that there are no new introductions of privacy violations that do not already exist.

He also argues that privacy is a relative notion, that things are private relative to certain people. Crucially, That there are times when private information must legitimately be disclosed.

(e.g. the chequing account you have with your significant other is not private relative to them, but is private from your colleagues) 

Furthermore, it would not threaten the autonomy of citizens because they are not being constantly watched or judged. If they are law-abiding, then they should recognize that the State has no cause for access to such surveillance. Therefore there is nothing to hide, especially if you are not breaking the law.

Why it Doesn't Matter Whether 'You Have Something to Hide' - Pinning Down What Privacy Means

The argument that 'you have nothing to hide' is a common one, and frequently made in defence of such arguments for government surveillance. Of course, 'I have nothing to hide' because I have done nothing illegal, but this really only tackles a small aspect of privacy. Much of Taylor's argument still rests on this notion. We should have nothing to fear if we do nothing illegal, especially if no one is really watching.

There is an endless amount of variations to such arguments, many of which can be found in detail in Daniel J. Solove's paper "I've Got Nothing to Hide" and Other Misunderstandings of Privacy. 

One of the most important points from Solove's article is that arguments such as those made by Taylor mischaracterize privacy. Namely, claiming that privacy is something which is only important to people if the information kept secret would somehow be detrimental to the person if revealed. 

A major part of the defence of privacy comes with its definition, which as Taylor noted, can be highly relative. What we consider strictly 'intimate' information can change from person to person, so this can be either too narrow or broad a definition. Conversely, we cannot conceptualize privacy as 'the right to be left alone,' because what that may entail is far too broad. We are once again thwarted by relativity. 

But there is a solution, Solove points out, that we should accept that privacy is not reducible to some singular essence; but rather a plurality of different things that do not share one element in common, but bear a 'family resemblance' from one another. 

(i.e. the differences between, but very connected nature of: information collection, processing, dissemination and privacy invasions)

For example, you may be ok with the government collecting the individual phone numbers you call, but the way that data is processed and aggregated reveals information about your race, religion or political ideals, which further gets sold (disseminated) to third-parties to target you or others (see: Cambridge Analytica and Facebook) for their own gain. You may not have anything to hide about your likes on Facebook, or even how those like can be aggregated to identify you, but how that data is further spread to profile you could be where you draw the line (and many have, with Facebook).

Taylor is assuming in his article that privacy is for hiding bad things. This is a misconception about privacy, as privacy is rather a plurality of related problems. These problems are so widespread that it doesn't even matter if no information people want to hide is uncovered. Solove notes that surveillance produces a suffocating powerlessness and vulnerability, and even though the examples I have given do not involve the State, it is easy to simply swap 'Facebook' for any government agency collecting large swaths of data. Information can be processed in a number of ways which can in fact reveal things about a person which they may have preferred stayed hidden.

Privacy is Relative

The takeaway here is that it doesn't really matter whether or not you do have something illegal to hide, rather, that there is likely some area of your life which you likely rather not have unnecessarily revealed, taken out of context, or collected at all. Each of these issues is unique, as some people haven no issue with a bank collecting their info, for example, but will change their attitude if the bank spreads that info that had is separate from the initial collection. These kinds of examples can be given endlessly. 

Further, with no limit on government surveillance and the willingness of many people to simply concede that they 'have noting to hide,' they leave themselves without any reasonable expectation of privacy from their government. Meaning that anything you say or do will likely be used against you, leaving you overwhelming vulnerable to the State's will.

The potential effects on free speech and free association are plentiful and chilling to consider. Though, one of the more powerful points to consider is that you having 'nothing to hide' also assumes that everything you have done (since you may be being watched) or will do will always be 'kosher' with your government. With such a concession you admit that you are sufficiently boring to be left alone, and there's nothing wrong with that, but realize that that point alone reveals that our actions, words and associations should always fall in line with those in power.

Privacy being as relative as it is highlights the need for varied discussion on the topic. However, notice that in this discussion so far, I have not properly refuted Taylor's point regarding the fact that surveillance could be morally permissible if the State only ever had 'hindsight' access to it. In order to refute this point, we also must raise issue with the State's ability to obtain information for cases, which is problematic, as I imagine this only obstructs justice and makes it more difficult to carry out the law. It is at this point that some bite the libertarian bullet and advocate for total freedom from the State, though I will not touch on that here, as it brings forth a multitude of further political baggage that needs airing out.

The primary retort to this point would likely be that even if no one is really watching, people would still be wary of their behaviour generally. Since privacy is so pluralistic in nature, it would be difficult to justify the extension of surveillance powers because we would never have any reasonable grounds for privacy in a court of law. The aggregation of even innocuous data can be revealing and used in potentially misleading and damaging ways. Though if the restriction to the access of this data were strong enough, it definitely seems like pro-surveillance drives a hard bargain, despite the disbelief we may have in the ability for such a system to be realistically applied.

With all these difficulties set before us, it potentially brings to light the need for a reasonable degree of privacy to be the default stance, meaning that unless we give explicit consent, there must be the expectation that what we do is private unless clearly stated otherwise. Without such a stance we are left too vulnerable, and granting the State so much power may be setting our expectations impossibly high for their ability to always act with the best interests of the people in mind.

I hope this discussion gets people thinking. Privacy is a much more complicated and varied issue than it seems, there needs to be a pluralism in the discussion itself, rather than strict dogma.


I encourage people to give a read to the two papers referenced here: James Taylor (free, but need a JSTOR account, not downloadable) and Daniel J. Solove (free download access). Also, this TED talk by Glenn Greenwald, which some of my own response is inspired by.