The idea that an individual can live in a surveillance society with nothing to fear so long as they have nothing to hide may, on the face of it, appear attractive. For those of us who think of ourselves as 'honest' - we pay our taxes, don't commit murders and are loyal to our partners - why indeed should we fear surveillance?
"Nothing to hide, nothing to fear" (NTHNTF) is a myth that is built on certain false assumptions, and these assumptions are never questioned when it is wheeled out as an argument to support whatever draconian surveillance measure is being pushed out in the face of citizen opposition (commercial organisations rarely try such an approach, since it dooms them to failure from the very beginning). These assumptions include:
- Continuity: When a large data gathering exercise is started, the lifespan of the system will almost always be greater than that of its instigators. The most benign and caring government, authority or private company is inevitably subject to a change of management, and if the new executive does not share their moral stance, then data can be reused for very dangerous purposes. Those who provided data believing they had nothing to fear may find that data is misused in the future.
- Context: Those who use the NTHNTF argument most commonly use it in the context of government collecting information about individuals. In the information age, the idea of a single entity holding that information does not hold true. The massive pressures to share information within and beyond government mean that information is constantly on the move. Sooner or later, information held by the government will be shared across the government and with the private sector.
- Control: Whether through a sharing agreement, aggregation of databases or simply leaving a memory stick in a pub car park, information is always shared sooner or later. Information security professionals always assume a system to be insecure, and plan for when - not if - data is lost or corrupted.
- Consistency: The most important issue is that of consistent use of accurate information across all authorities and all individuals.
Let's consider consistency in more detail. When databases work from 100% accurate information; when that information is used in accordance with the original consent purpose; when processes work correctly; when outcomes are as expected for every subject in the database; then, arguably, individuals have nothing to fear. Unfortunately, this is a Utopian state that is never achieved in a real world system. We see numerous examples of this problem:
- Take the extreme example of Khalid El-Masri. This German national was kidnapped, flown to Afghanistan, tortured and then eventually released when it was realised that his was a case of mistaken identity, and he was not in fact an alleged terrorist with a similar name.
- In 2007, junior doctors found their personal information - including sexual orientation - published on the Internet in a web security breach. How many of those individuals were 'outed' as a result of that breach? Those who had kept their orientation secret from their families or colleagues were perfectly at rights to do so, but found it released anyway.
- In 2006 a student was wrongfully arrested for stealing mail when a batch of letters were recovered. His fingerprints - which had been taken a year previously when he was accused of criminal damage but released without charge after the real culprit confessed - matched those on some of the letters. After his arrest it was discovered that the letters bearing his fingerprints were posted by him. He was released, and then had to campaign to have his DNA data removed from the National DNA Database.
- Time and again individuals have been fired from jobs, or failed to get jobs, because of errors in the Criminal Records Bureau database. They have been stigmatised as criminals, even to the extent of being falsely branded as sex offenders, because of database failings.
This sort of mistake might seem rare, but it is going to become increasingly common. Police cars are being fitted with fingerprint scanners, and it seems to be only a matter of time before they can even check DNA on the spot. Systems will make mistakes, and procedures will go wrong. The victims of the benign database state are those who aren't treated in accordance with the intended rules, but are at the wrong end of breakdowns in data accuracy, procedural rules or system errors. Under a benign government, it's not the intended surveillance that makes victims of innocent people, but the errors.
So why do I fear the idea of a database state, even when I have "nothing to hide"? Well, I do have things to hide. Everyone has things to hide. If I have a serious health concern, I want to be able to consult my GP without worrying my wife. If I'm looking for a new job, there is no reason why I should have to reveal that to my employer. In fact, if even I've committed a serious crime, been convicted, rehabilitated and paid my debt to society, why should I be obliged to reveal that history to my neighbours if I pose no threat to them? Should my friends know if I've got an unauthorised overdraft, or if I've downloaded perfectly legal adult content from the Internet? I've done none of these things, and am in no particular rush to, but I demand the right to privacy if those situations arise.
"Nothing to hide, nothing to fear" is a myth, a fallacy, a trojan horse wheeled out by those who can't justify their surveillance schemes, databases and privacy invasions. It is an argument that insults intelligent individuals and disregards the reality of building and operating an IT system, a business or even a government. If ever you hear someone at a dinner party crank out this old chestnut, grab your coat, make your apologies, run fast and run far. And as William has said before, I wouldn't want to be stuck at a dinner party next to someone who has nothing to hide - imagine how dull that would be.