What is privacy and why does it matter?
Privacy, Security, and Anonymity are three important—but distinct!—concepts you should know about.
In the modern age of digital data exploitation, your privacy has never been more critical, and yet many believe it is already a lost cause. It is not. Your privacy is up for grabs, and you need to care about it. Privacy is about power, and it is so important that this power ends up in the right hands.
Privacy is ultimately about human information, and this is important because we know that human information confers power over human beings. If we care about our ability to be authentic, fulfilled, and free humans, we have to care about the rules that apply to information about us. So much of our modern society is structured around information. When you shop online, read the news, look something up, vote, seek directions, or really anything else, you are relying on information. If we live in an information society, our information matters, and therefore privacy matters.
What is Privacy?
Many people get the concepts of privacy, security, and anonymity confused. You'll see people criticize various products as "not private" when really they mean it doesn't provide anonymity, for example. On Privacy Guides we cover all three of these topics, but it is important you understand the difference between them, and when each one comes into play.
Privacy is the assurance that your data is only seen by the parties you intend to view it. In the context of an instant messenger, for example, end-to-end encryption provides privacy by keeping your message visible only to yourself and the recipient.
Security is the ability to trust the applications you use—that the parties involved are who they say they are—and keep those applications safe. In the context of browsing the web, for example, security can be provided by HTTPS certificates.
Certificates prove you are talking directly to the website you're visiting, and keep attackers on your network from reading or modifying the data sent to or from the website.
Anonymity is the ability to act without a persistent identifier. You might achieve this online with Tor, which allows you to browse the internet with a random IP address and network connection instead of your own.
(Pseudonymity is a similar concept, but it allows you to have a persistent identifier without it being tied to your real identity. If everybody knows you as
@GamerGuy12 online, but nobody knows your real name, that is your pseudonym.)
All of these concepts overlap, but it is possible to have any combination of these. The sweet spot for most people is when all three of these concepts overlap. However, it's tricker to achieve than many initially believe. Sometimes, you have to compromise on some of these, and that's okay too. This is where threat modeling comes into play, allowing you to make informed decisions about the software and services you use.
Privacy vs. Secrecy
A common counter-argument to pro-privacy movements is the notion that one doesn't need privacy if they have "nothing to hide." This is a dangerous misconception, because it creates a sense that people who demand privacy must be deviant, criminal, or wrong.
You shouldn't confuse privacy with secrecy. We know what happens in the bathroom, but you still close the door. That's because you want privacy, not secrecy. There are always certain facts about us—say, personal health information, or sexual behavior—that we wouldn't want the whole world to know, and that's okay. The need for privacy is legitimate, and that's what makes us human. Privacy is about empowering your rights over your own information, not about hiding secrets.
Is Privacy About Control?
A common definition of privacy is that it is the ability to control who has access to your data. This is an easy trap to fall into: It sounds nice, and it appeals to many people, but in practice it just doesn't work.
Take cookie consent forms, for example. You may encounter these dozens of times per day on the various websites you visit, with a nice array of checkboxes and sliders which allow you to "curate" your preferences to exactly fit your needs. In the end, we just hit the "I Agree" button, because we just want to read the article or make a purchase. Nobody wants to complete a personal privacy audit on every single website they visit. This is an exercise in choice architecture, designed to make you take the easy route out instead of delving into a maze of configuration options that don't need to exist in the first place.
Control over your privacy inside most apps is an illusion. It's a shiny dashboard with all sorts of choices you can make about your data, but rarely the choices you're looking for, like "only use my data to help me." This type of control is meant to make you feel guilty about your choices, that you "had the choice" to make the apps you use more private, and you chose not to.
Privacy is something we need to have baked into the software and services we use by default, you can't bend most apps into being private on your own.
This post was written by me, and originally published on Privacy Guides on May 7, 2023. If you liked this post, consider joining my newsletter for future updates.
Why Privacy Matters (2021) by Neil Richards