Six Lines

Rubin’s Privacy Fallacies

Posted by Aaron Massey on 12 Sep 2010.

Paul Rubin wrote an article titled “Ten Fallacies About Web Privacy” for the Wall Street Journal a couple weeks ago that is worth reading because it does highlight some often neglected problems in the perception of digital privacy. However, I would encourage the reader to apply some reductio ad absurdum arguments while reading it because some of his points are misleading. For example, consider this:

8. Increasing privacy leads to greater safety and less risk. The opposite is true. Firms can use information to verify identity and reduce Internet crime and identity theft. Think of being called by a credit-card provider and asked a series of questions when using your card in an unfamiliar location, such as on a vacation. If this information is not available, then less verification can occur and risk may actually increase.

The original statement is a myth because the opposite is sometimes true, not because it is always true. Privacy is a tradeoff. Sometimes more privacy does hurt your ability to be safe as the example he provides demonstrates. However, sometimes more privacy does actually make you safer.

Other points are more wrong than misleading:

5. If consumers have less privacy, then someone will know things about them that they may want to keep secret. Most information is used anonymously. To the extent that things are “known” about consumers, they are known by computers. This notion is counterintuitive; we are not used to the concept that something can be known and at the same time no person knows it. But this is true of much online information.

If you use a more inclusive, control-based definition for privacy, then his statements are wrong because computer-controlled information is fundamentally different than subject-controlled information. Even if you assume a secrecy-based definition for privacy, third-party doctrine in the United States makes your secrets much less safe when they are stored on other people’s computers.