50 Shades of Privacy
We speak a lot about privacy. It’s a key feature of what we’re building, a necessity to facilitate meaningful adoption, and, we believe, a human right.
Privacy can be one of those concepts that we feel we know very well, but upon closer examination we find it’s more nuanced and less clear cut than we initially imagined. While in everyday conversation it might not matter so much, when it comes to finance, technology, and regulation, the subtleties are important.
So, let’s have a look at the spectrum of privacy, disentangle anonymity from privacy, and look at the idea of selective disclosure.
What vs Who
The first thing to consider is what is being kept private? There are 2 key pieces to this equation: the what and the who.
The what is the information, the who is to whom it pertains, and the link (or lack thereof) between the information and the identity is key.
Imagine a journalist with an information source…
They may reveal what the information was, but not the identity of the source. This would be anonymous. The information is public, but the person who said it is not.
They might reveal who their source is but not what they said. This would be confidential.
They might reveal both, with the source going on the record with what they said, which would be making the information and identity public.
Or, the journalist might not be able to reveal either the information nor the identity of the person, in which case we could say this is a secret.
It’s worth considering these combinations when speaking about privacy as they have important implications. Right now most blockchains transactions take place in a pseudonymous way, as the transaction data is public and linked to a wallet where the identity of the owner is unknown but the address or username (ie 0x or something.eth) is known.
Private, but from whom
The next thing to consider is who information is being kept private from. There is a huge spectrum between “No one can see this information. Ever” and “Everyone can see this information. All the time”.
Banking transactions, for example, are not public information but are viewable by the bank, who themselves will be bound by non-disclosure agreements to not reveal this information.
One of the most interesting things for me from the talk with HOPR was the point that was made around how we might be OK revealing something to one person, but not to everyone.
Much like consent, just because you’re good to do something with one specific person doesn’t mean you want to do it with everyone!
This is important not only when we think about blockchain, but data in general. If you have a bad day at work, you might tell your spouse exactly what happened, your friend some details, your acquaintance very little, and your boss nothing.
In daily life we choose what information we reveal, but when it comes to our online data we are not able to show so much discretion.
But if you have nothing to hide…
The argument that is made against privacy is that you shouldn’t mind if you have nothing to hide.
First of all, no.
Second of all, to me this idea almost becomes a question of consent, and with whom you consent to share certain information. You might be ok with your bank account being able to see what transactions you’ve made, but not with your colleagues seeing how you spend your money.
Many banks, for example, rely on this, and will check with you about previous transactions to verify your identity. This would be meaningless if your transactions were public.
As Emanuele pointed out on the Twitter Space, privacy and ownership go hand-in-hand in the digital age, with knowing private information (a pin number, a password, a last transaction amount) being what grants access to an account and proves ownership.
Much like private keys or a password, knowing the answer to the secret question grants you access to the account. This is obviously not a perfect solution as identity thieves and identity fraud does exist, but it has proven itself to be robust enough. Other things like 2 Factor Authentication help as well.
Privacy and consent
We recently had a Twitter space with HOPR Network on privacy, and something that came up was the idea of who you’re sharing something with. You might be perfectly comfortable sharing something with your spouse, but not want to share that with your parents. What you tell your best friend is likely to be different to what you tell an acquaintance.
It is simply not appropriate to tell everybody everything. Yet, the companies that provide the services we use are consistently found to have more access than most people would like, and to do things with the data that seems wrong.
It’s also not like anyone has a choice. Of course you agreed to the terms and conditions, but is anyone really going to not to use any social media, messaging apps, email providers, and so on. I know for me, for example, to not use any would be the same as being unemployed! Is that really a choice?
Not everything should be public
Another thing to consider is that making too much information public can have negative consequences.
Consider for example if you found a vulnerability in a smart contract. You would want to tell the protocol (being the good, white hat that you are), but to just post in their Discord on Twitter “Hey there’s X mistake in this part of your code” would not be a good idea!
Something like an exploit disclosure must be made privately or the reporting of the vulnerability becomes a guide to exploiting it.
The internet vs real life
One of the challenges is how the internet differs from “real life”. In real life you can choose what you say and to whom, without a record being kept. You can talk to someone face-to-face without the need to use a messaging service. The internet, including blockchain, is different.
Everything that happens on the internet happens as part of a provided service, be it a messaging app, a banking website, or a blockchain wallet. This means that someone has to provide the infrastructure for the information, and in many cases that the data will be used and sold. The classic “if you’re not paying for a service then you’re the product”.
It also means that data starts to become an asset, and as is our philosophy, we would like to see individuals be empowered to have custody of their own assets, including their data.