Privacy and Security: Comforting Myths or Rockwellian Nightmare?
Yesterday, as I sat in my home office, glazed eyes misting over, I caught sight of a young man, clipboard in hand, jauntily climbing the stairs to my front door. I sighed. Another one, I thought. Election season.
But this man had something new: he was selling (well, kinda selling) a security monitoring system. This young man (we'll call him Chad) queried, "Did you hear about the recent happenings in the neighborhood?" Apparently there had been some break-ins over the summer. "Sure," I lied. "Well, luckily, no one was hurt, but it could have been much worse," he opined, a concerned crease marring his smooth brow. I was touched by Chad's concern for my safety, particularly as he kept emphasizing how dangerous it was for me. Really appreciated that. But Chad seemed hurt as I handed back the brochure, a polite no-thanks attached. "But it's free if you let us install the system," he whined, beads of Southern humidity now dimpling his brow.
My brother-in-law glared at him from the background. My teenage niece managed a bored glance before returning to Facebook. My sister swept the same spot four times. It was dinnertime.
I glanced behind the young man, expecting to catch sight of the Eastern European gang that had kidnapped him and forced him to tout "free" security monitoring systems in Charlottesville. Hard-knock life, indeed.
But Chad's visit, far from comical, left me thinking about security and privacy. I have been frustrated and nearly enraged by the flood of emails I get immediately after a new worm, virus, or cyber attack hits. They all say the same thing…"our product/device/service/expert/thingie will help you stay more secure." Really? I don't think so. And to paraphrase a somewhat trite saying, perhaps the emphasis is on the wrong syllable.
What if we really questioned what we mean when we use terms such as "secure" and "private." First, given that most of us use a variety of social media tools that display for all the world information that we typically consider private–date of birth, address, phone numbers, resume details, photos, documents, etc.–and share that information with, essentially, the world (most of us, after all, rarely use privacy settings that the services provide), what is our expectation and understanding of "privacy"? Second, if we are to rethink privacy, then how do we begin to understand or articulate what it means to be secure? Or do we simply retreat into a Rockwellian world of paranoia and tacky decor?
Given that we volunteer so much of ourselves through images, conversation threads, status updates, wall posts, YouTube videos, Blip.fm playlists, blog posts, and a host of other means, are we really private citizens? What do we mean by "safe" and what are the challenges for security experts (like Chad) who want to keep us secure? What are the challenges in keeping ourselves "safe?" Is this even possible? Are privacy and security only comforting myths?
What questions should we really be asking? Is privacy/security an either/or proposition or is there a third (fourth or fifth way)?
Check Out:
Michael A. Caloyannides, "Is Privacy Really Constraining Security or Is this a Red Herring?," IEEE Security and Privacy, vol. 2, no. 4, pp. 86-87, July 2004, doi:10.1109/MSP.2004.50
Let me know if you have additional readings to suggest…
