Google and privacy are two words that hardly are mentioned in the same sentence without some sort of negation in between these days. And indeed Eric Schmidt, Google’s CEO, has recently contributed significantly to the general opinion that Google does not care about privacy. In an interview with CNBC’s Maria Bartiromo, he remarked “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”. This remark did not go by unnoticed. At the time of writing this blog, it generated 33900 hits on his own search engine. This does not surprise me.
Whether the remark shows Schmidt’s ignorance regarding the need for and nature of privacy, or whether it shows sheer malice, I don’t know, but what I do know is that I’m not sure which is worse.
Why is the quote disturbing? After all, Schmidt only confirms a fairly generally held belief that if you have got nothing to hide, you have nothing to fear. Let me use this blog post to contribute to the debate about why this notion is wrong or at least naive. The arguments are not new, and I invite the reader to get Daniel Solove’s excellent essay on this topic.
Judging from Schmidt’s quote (and more he says in the interview), he seems to believe that people have a significant amount of control over what they do. This liberal notion goes well with a specific opinion about informational privacy that was phrased concisely by long time privacy scholar Alan Westin “privacy is the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others.” Autonomy and informational privacy go hand in hand and can enforce each other.
The trouble is that we seem to be losing informational self control in a disturbingly rapid pace. Not in the least thanks to Schmidt’s Google, as he experienced himself in 2005. CNet on 14 July 2005 ran a story about privacy concerns stemming from Google amassing such enormous amounts of data about people. It reported that some analysts fear it is becoming a great risk to privacy, because it would be a tempting target for hackers, “zealous government investigators, or even a Google insider who falls short of the company’s ethics,” the article said.
“To underscore its point about how much personal information is available, the CNET report published some personal information about Google’s CEO Eric Schmidt — his salary; his neighborhood, some of his hobbies and political donations — all obtained through Google searches.”
How does this relate to Schmidt’s privacy attitude? Well, it shows that he at least can exercise control (a posteriori) over who can access his personal information (he also got the data deleted from Google’s records. If he thinks everyone has this amount of power, he is of course slightly wrong. Jane and John Doe have significantly less power than Eric Schmidt.
But that is not the main point I want to make. The information disclosed in the CNet article does not reflect ‘things Schmidt should not have done in the first place’. The information disclosed represent relatively innocent ‘facts’. Yet, mr. Schmidt does not approve of his salary, hobbies, political donations etc to be published in an article. What has he got to hide? Everything and nothing.
And this is precisely one of the reasons why the ‘nothing to hide’ attitude fails. It is not about illegal or even improper behaviour. It is about the judgement of others that is the real issue. We have little control over the way people judge us on the basis of information that is out there on the internet and therefore it might not be a bad idea to limit the information that can be found.
Let’s dwell a little more on appropriate behaviour, which to some people apparently is why they think they have nothing to hide. How can we tell what appropriate behaviour is? In a constitutional democratic state such as the Netherlands citizens in principle should be aware of the common norms. Stealing, drunk driving, murder, rape, etc are clearly inappropriate, illegal even, activities. But further down the road thing become murkier. What is perfectly legally and socially acceptable behaviour (such as watching certain movies) in one context (like a country) is not in another.
The internet decontextualises information on an enormous scale. Pictures of a man wearing a Catholic girl school outfit (use Google to find the picture I’m referring to) are perfectly suitable for those attending the party, but may not appeal to a (future) employer, unaware of the context. Audience segregation (a term coined by Irving Goffman in the late 1950’s), the capability to show different faces of ourselves for different audiences depending on the roles we play and the context in which we play, rapidly erodes on the internet. What I teach my classes is no longer confined to the classroom setting. Students Twitter quotes, lecture slides circulate online, discussions take place on Facebook (talk about another privacy challenge). Information intended for one audience permeates the boundaries of time and space to (future) audiences of which the speaker is unaware.
Google and the likes play an important role in tearing down contexts and making individuals transparent thereby (the nothing to hide argument) ultimately forcing them to conform to impossible and unknown norms.
So, where do we stand. We can’t not control everything we do, we can not control how others judge us, we can hardly control how information about us and our online behaviour is collected and disseminated. And then Eric Schmidt tells us that we should behave in a way that no compromising information will be generated. What then to make of Google’s philosophy “Don’t be evil”. Is this a call that we, Google users, should make no misuse of the data available at Google’s data warehouses? Guns don’t kill, people do, right.
Maybe it is time for Google to take responsibility and start taking privacy seriously.