Law in the Internet Society

A Threat Too Small and Too Big

-- By VinayPatel - 11 Oct 2019

Online privacy and security seem to be matters of growing public concern, or at least growing public awareness. There have been major news stories in recent years about government mass surveillance, severe data breaches, and challenges to tech giants who have collected more data than they care to protect. This makes it easier to be suspicious of the government and tech companies and to find audiences to join in suspicion. However, translating that suspicion into action to actually promote online privacy and security is still difficult. The gap between our feelings of concern and our ability to act comes from the sense that surveillance is a threat both too small and too big.

A Barrage of Threats

Between 9/11, the Great Recession, climate change, the current President, and much more, I interpret the world to be in constant crisis. Various media regularly inform us of the many ways we are each going to die, and there are existential threats like nuclear weapons and environmental destruction, as well as large asteroid collisions for which we are overdue. In this context, any threat that does not imply our demise is not a priority and does not require our attention, unless or until it becomes a crisis. However, large problems are, at the same time, harder for us to comprehend because its effects are not usually personal. Most people’s day-to-day experiences are not apparently or identifiably affected by issues like North Korean proliferation. Big threats command our attention and create anxiety, then leave us with nothing to do about them.

Online privacy is in a different threat category. Surveillance does not in itself present a threat of personal harm; it has to be paired with an actor using data for malicious purposes to go from potential threat to a crisis. Corporations selling our data for ad revenue for profit makes us uneasy, but it is not enough of a threat to command attention. Other countries are dealing with more explicitly authoritarian regimes which use the same technology to target its citizens, but because we do not see that here, we can ignore the problem. However, this problem is fully integrated into our daily lives. We are constantly interacting with devices which take our data. We have the power to limit and diversity our technology use. We can make the switch to free software. Yet, we cannot give the issue enough attention to motivate those changes. Our attention is reserved for the problems we cannot change and expect to destroy us. And if we are going to be destroyed anyway, it is hard to care about who has our data.

A Lack of Power

If we do start to care and understand the extent of the privacy problem, it quickly becomes unwieldly. There are global corporations which dominate communications infrastructure throughout the world. They have so much control over what we see that they can effectively manipulate us with self-promoting propaganda. There are also sophisticated surveillance states unwilling to release the power to control their populations. They inspire fear about major security threats then claim they can only solve them with surveillance so that we willingly sacrifice our freedom for safety. For the vast majority of people who do not know how software works and are not literate in code, they have no choice but to trust these actors whom they perceive to be the greatest experts. There are also practical concerns people have about radically restructuring the technological environment. They would have to give up their current technologies and miss out on the various features they offer which people now rely on. There is a lot of work to do.

While we each have the ability to create more privacy and security for ourselves, we can only go so far by making surveillance more difficult for those who surveil us. There has to be a bigger, structural change. Companies have to change their cultures to place an emphasis on freedom rather than control, or they must be supplanted by companies that do. Regulation from governments would probably play a big role in that. Breaking up tech companies so that there is less centralized control of the internet would be potentially useful. However, a government which benefits from the massive surveillance tools these companies provide would have little incentive to crack down on them. There must also be a change within the government to value the privacy and freedom of its citizens and find better ways to address real threats. The power to change those companies and those governments remains with them, not us. Arguably, this is where massive, direct democratic participation is supposed to play a role so that we embrace the power we did not realize we had and work together to solve our collective problems. That does not sound like it is going to happen soon, at least without a lot of work, so instead, the size of the problem has knocked us into submission.

Embracing Doom

People are ready to admit that the state of their digital privacy and security is significantly flawed and that changes would be good. However, they might also find that change is unlikely to come and their efforts to produce it would be in vain or that they have other things they would rather worry about. At that point, the easiest thing to do is ignore the problem and accept surveillance as an unfortunate, but permanent condition. If resistance seems futile, there is no reason to try, and if we have the energy to try, that energy seems like it should go toward the deadliest threats. In either case, the concerns we have about technology do not translate into action.


Webs Webs

r1 - 11 Oct 2019 - 07:04:56 - VinayPatel
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM