(Greek: κρυπτεία / krupteía, from κρυπτός / kruptós, “hidden, secret things”)

Archive for March 29th, 2009

Schneier: It’s Time to Drop the ‘Expectation of Privacy’ Test

leave a comment »

In the United States, the concept of “expectation of privacy” matters because it’s the constitutional test, based on the Fourth Amendment, that governs when and how the government can invade your privacy.

Based on the 1967 Katz v. United States Supreme Court decision, this test actually has two parts. First, the government’s action can’t contravene an individual’s subjective expectation of privacy; and second, that expectation of privacy must be one that society in general recognizes as reasonable. That second part isn’t based on anything like polling data; it is more of a normative idea of what level of privacy people should be allowed to expect, given the competing importance of personal privacy on one hand and the government’s interest in public safety on the other.

Full article HERE

The problem is, in today’s information society, that definition test will rapidly leave us with no privacy at all.

Never mind the “definition” of privacy, it is, as Schneier points out, an illusion at this point in time. The technologies that we all love to use also have made that privacy that one might have had eariler a moot point. Face it, Facebook, Twitter, all the social networking that we willingly put out into the internet pretty much nullifies privacy.

I also hasten to add that even if one were trying to keep things private, the internet is not necessarily the place to “keep” them as all systems can be compromised and or turned over to the government after a federal warrant. Of course much of this article also deals with the warrantless wiretapping of not only calls, but also all internet traffic post the Bush administration and the NSA’s back dooring of the Mae’s out there. All your data that you pass through the internet is subject to capture through the NARUS STA 6400 kids. So, there is no privacy there especially if you don’t use any kind of encryption or obfuscation.

I have said it before in other places and I will say it again here:

“There is no privacy whether expected or implied other than that which you make yourself”

In other words,

  • Use encryption that is not easily broken like one time pads.
  • Use obfuscation techniques in language and communications
  • Generally assume that all your comms are being monitored
  • Expect that at any time the government could claim “Exigent Cirucmstances” and seize your equipment
  • Also expect with a recent court decision, that the 5th amendment will no longer protect you

The recent case of a US citizen coming over the border from Canada being forced to provide his hard drive encryption password (which I believe he still has not even with the court order) also shows the erosion of any idea that we have any kind of privacy any more in the world.

So, I say that no matter what the legal eagles say, the power exists for those with the technology, to erase your privacy at any time they wish it. They can do so, as we found out in the Bush administration, at their will and against the laws of the land without any real repurcussions. The electronic genie is out of the bottle.

In the end, you want privacy? Make it yourself.

Written by Krypt3ia

2009/03/29 at 01:40