I’ve Nothing to Hide

As someone who has been responsible for the care and feeding of a number of computer systems, I’ve had to get involved fairly deeply in security policies and their implementations.  One aspect of security is protecting confidential or sensitive information from unauthorized access.   This can include not only obvious secrets (e.g., the formula for Coca-Cola, how to make a hydrogen bomb), but also more mudane personal data (e.g., medical and financial information).  One obstacle to security implemenation is the attitude of people who don’t see why it’s necessary (it’s more or less a truism that anything that increases security will also decrease convenience for someone). Sometimes one gets a response like, “Why do we need this?  I have nothing to hide !”

I don’t know whether Supreme Court justice Antonin Scalia has ever spoken those words, but he is on record as having said that he is not worried about digital privacy.  So I found it amusing that the Reliable Source blog in the Washington Post reported a spat between Justice Scalia and a professor at Fordham University Law School:

Last year, law professor Joel Reidenberg told his students to find his personal data on the Internet to teach them privacy laws. This year, the professor assigned the same project about Scalia after the justice said he wasn’t that worried about digital privacy. The class turned in a 15-page report with Scalia’s home address, phone number, house value, favorite foods and movies, wife’s personal e-mail and photos of his grandchildren, reports the legal tabloid Above the Law.

Apparently Justice Scalia was Not Amused.  Apart from obvious remarks about whose ox is being gored, this incident illustrates, I think, something important about how we think about privacy.

At the root of many traditional methods for verifying a person’s identity is the notion that the only person likely to know a large number of disparate facts about a particular individual is the individual himself.  Even though there was a good deal of information that was legally a matter of public record (e.g., birth and death certificates, land records, wills), historically that information only existed on paper, probably tucked away in some dusty old courthouse annex.  With the advent of the Internet, and a rush to make data available on-line that has sometimes been more notable for enthusiasm than sense, it’s now possible to gather and correlate a lot of this information without leaving one’s chair — as the Fordham law students did.

There is a parallel here, too, with the more general issue of security and privacy in relation to databases.  But I’ll leave that for a future post.