For the vast majority of people, their right to privacy has nothing to do with trying to hide illegal actions. It simply is about making sure that their personal information (habits, likes/dislikes, etc.) are kept from people with whom they do not want to share. For some, they think of this in terms of “if you are not doing anything wrong, why are you worried?” This mentality is so far off track it is dangerous. Just because you do not want something shared with the world does not make the act illegal. Walking around your house in your underwear with your curtains open is not illegal, but most people do not want their neighbors seeing them doing it.
However, this mentality is the one that is used time and again by the people whispering into lawmakers’ ears when it comes time to discuss privacy for individuals. They lump privacy advocates into the “bad guy” group and claim they are helping pedophiles, terrorists and other criminals through their actions. They play on the paranoia, ignorance and greed of lawmakers to get them to change laws to erode the individual right to privacy. We have watched this over the years as law enforcement agencies have been granted more and more authority to monitor people’s communication and information.
Of course all of this came about with the introduction of electronic communication. Without digital communication, most existing laws would protect people from the sorts of intrusions that we see now. As we have previously stated digital communication is about ownership, rights and reasonable expectations. When you ship something, it is in a sealed package. The laws provide you with protection from unreasonable search. Having a dog sniff that package for bombs/drugs is reasonable. Swabbing it for chemicals is reasonable. Opening it and digging through it is not. The same is true with your house and storage. In order for someone to search your house or storage unit they need proof or reasonable suspicion of wrongdoing. From there they have to prove the merit of their search to a judge who issues the warrant for a physical search. They cannot just peak in the windows or go through your stuff without that. This is not so in the digital world.
In the digital world, the perception is that since the information is not physical it is not covered by the same laws that protect you in the regular world. This is the lie that has been told over and over again by corporations and other groups that see the internet and all of this digital information/communication as a gold mine. They want access and have carefully acquired almost unlimited access to information about all of us. Matters become even more complicated when you start talking about your data stored or communicated using a cloud service. The current laws and company policies state that you do not truly have ownership of that data. The company that transmits or stores it does. This means that law enforcement does not even need to notify you when they want to see your stuff. They simply go to the company that stores it, or has been transmitting it, and get it from them. All of your normal rights to privacy are out the window.
This type of access should not be allowed at all, but in an effort to loosen up laws about your information some corporations sold their souls (figuratively) and agreed to this. They saw the money in being able to sort through your digital stuff and see what you like. They can offer you more products or sell that information to others for a lot of money. It is the digital equivalent of letting a marketing company go through your house and rifle through your drawers and closet. It is creepy in the real world and it’s creepy in the digital world.
Too add a little more chaos to the mix, companies that use cloud services get the option to sign NDAs (Non-Disclosure Agreements) that prevent the hosting company from accessing, reading or disclosing information that is stored or transmitted through the hosting companies’ servers. This is often for HIPPA, SOX, or PCI compliance. Why is there no option for individuals? What make an individual’s data less important than a company’s (other than money and politics)?
We have to change the tone of the conversation. We, as users of the internet, have to establish ownership rights to the items we send and store online. Just because I send an email through a server does not remove my rights to it (just like when I send physical mail). It does not give unlimited rights to others to read or intercept that information with our reasonable suspicion (and authorization). The same can be said for any information that is stored in a cloud service. It still belongs to the person that created it and not the company that is storing it.
Privacy needs to return to its original meaning: “freedom from unauthorized intrusion”. There should never be an instance where it is okay for a company to read, parse or disclose personal information (files, email, etc.) without the explicit permission of that person with the notable exception of law enforcement obtaining an authorized warrant as part of an investigation. Until we get back to this state the term “privacy” will not mean what we all think it means. It will just be another term used to explain how and why a company, law enforcement agency or government can use our data without our express permission.