Thursday, March 19, 2015

Just because you've got nothing to hide, doesn't mean you've got nothing to lose...

Trust us, we're the good guys ... and there are bad guys, so we need your metadata. ASIO Chief David Irvine and Australian Federal Police Deputy Commissioner at a press conference supporting metadata retention laws. Source: News Corp 

This week, the Australian House of Representatives passed new laws which extend the Government’s surveillance powers, by requiring telecommunications companies to store our metadata for two years, and to make this metadata available to government security agencies without a warrant. (Unless you’re a  journalist, in which case an amendment has been proposed to require a warrant.)

While much of the political debate has focused on the important question of whether journalists will be in a position to protect their sources if the legislation passes, there are broader issues at stake.
In defending the legislation, people like the AFP Commissioner and Attorney-General have frequently invoked the ‘nothing to hide’ argument. Any argument against the Bill is met with the assertion that if you’ve got nothing to hide, then you have nothing to fear from governance agencies having access to your metadata. By extension, advocates of the Bill suggest that the only people who have something to fear from increased government access to their metadata are the anti-social, the criminal, and the terrorist.

The forced storage and sharing of metadata is but the latest incidence of surveillance creep in Australian society. Just as our movements and connections in cyberspace are tracked, so too are our movements through physical space – by CCTV cameras, licence plate recognition systems, commercial wi-fi providers, transport smart card systems, and many more technologies besides. As with the metadata laws, the ‘nothing to hide’ argument is frequently invoked to sure up support for all of these technologies.  

The ‘nothing to hide’ argument is mobilised so often by surveillance advocates because it does have traction in the wider community. When I discuss this issue with university students, for instance, the ‘nothing to hide’ argument is frequently used as a way of rationalising everything from participation in social media to support for (or at least indifference towards) increased surveillance by both corporations and state authorities.

When the issue of privacy is put this way, it is probably no surprise that many people choose to identify with the ‘nothing to hide’ argument. After all, if your choice is between having ‘nothing to hide’ and being a criminal or a terrorist, that’s not much of a choice at all for most people. And besides (so the argument goes), any loss of individual privacy is a small price to pay for the convenience and security provided by new communications and surveillance technologies. Indeed, as Prime Minister Abbott has put it, the good citizen may have to give up some personal privacy for the collective good of national security in these ‘troubled times’.

If pushed, many who support the ‘nothing to hide’ argument will likely concede that they are not prepared to share every nook and cranny of their bodies and their lives with others. But the ‘nothing to hide’ argument is rarely made in such extreme form. We are not being asked to strip naked before our peers, or to reveal the intimate content of our phone conversations and email. In the legislation before Parliament, we are being asked to share the phone numbers we dial and the places and websites we visit with law enforcements agencies. 

But even if you’re someone who thinks you’ve got ‘nothing to hide’ in relation to the measures before Parliament, this doesn’t mean you’ve got nothing to lose if the legislation is eventually passed into law by the Senate. As privacy thinker Daniel Solove argues, certain forms of privacy have a social value, not just a value to individuals. In other words, making good assessments of legislative changes such as the one before the Parliament should not be viewed as simply a matter of weighing up ‘individual privacy’ against the ‘national interest’, as though there is a simple trade-off between the two. As he puts it, “privacy issues involve balancing social interests on both sides of the scale.”

The point is that each proposal to collect, store and share any data about us should be debated on its social implications – what collective goods are secured by reduced privacy in a given domain, and what collective goods might be undermined? Here, just as knee-jerk defence of a vaguely-defined and inalienable individual privacy should not carry much weight, neither should the ‘nothing to hide’ argument be accepted without scrutiny. We all have something to hide. Not everything that we want to hide is wrong or evil, and it is good that we are able to hide some things in our society. So, what things should remain ‘private things’? Who should they be private from, and what kinds of protections should be put in place when some ‘private things’ become ‘public things’?

Only a serious political debate can answer these questions democratically. And democratic debate is stymied when any opposition is equated with criminality and evil intentions. Far from ‘turning a blind eye’ to crime and terror, most critics are simply trying to make space for clear assessment and serious debated on the benefits and harms of the particular legislation before us.

The potential harms are real. Not only journalism, but activism, scholarship, pluralism and more collective goods besides depend on our ability to keep some things to ourselves in some circumstances.

And as Solove notes, data collection and sharing are not only potentially harmful because they reveal individual secrets. They are also potentially harmful when the citizens who are surveilled have no means to identify and correct indifference, errors, and abuses that are bound to occur from time to time when large volumes of data are collected and analysed by large state agencies. He is as worried about Kafka’s bureaucrats as he is about Orwell’s Big Brother. From this perspective, the lack of oversight, and lack of citizen access to our own data and how it is used, is deeply problematic.

Law enforcement agencies reply that imposing burdens such as warrants and disclosure on their use of data would be time-consuming and costly. But they provide no evidence that it would put their investigations at risk. And just as we citizens are urged to accept the notion that the curtailment of some of our freedoms is necessary for the collective good, surely the same argument applies to the law enforcement agencies? Some curtailment of their freedom to access and use our data as they see fit, without adequate oversight, is most certainly a matter of public good in a democratic society.

Commenting on the data retention debates in the US, Solove observes that “Far too often, the balancing of privacy interests against security interests takes place in a manner that severely shortchanges the privacy interest while inflating the security interests. Such is the logic of the nothing to hide argument.” The same will happen here if we let it.