There is no security without privacy. And liberty requires both security and privacy. The famous quote attributed to Benjamin Franklin reads: “Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.” It's also true that those who would give up privacy for security are likely to end up with neither.
Bruce Schneier / photo courtesy Edward
The new surveillance dragnet harms our security while also destroying our privacy. It's a complicated and important subject, so here are some clear examples of how particular government spying operations do great harm, not good:
Data base systems with troves of private data on Americans can lead to serious security crises. If one person with access to the information collaborates with criminals, the system works against itself. A great example is the case of Fidencio Estrada, a Florida drug-runner who bribed a customs agent to feed him information from law enforcement data bases.
As computer technology becomes smarter, we are able to store loads of data on items as physically small as a thumb drive or CD. Remember Wikileaks? Just imagine what could happen if an insider or hacker distributed the private data of millions of Americans to the highest bidder, to terrorists, criminals or even to the internet broadly.
Data base-led or intelligence-led policing operates under the assumption that if the government can simply obtain all possible information about everyone and everything, it will be able to predict and prevent crimes before they occur. This is not only impossible and implausible, but also dangerous, because while it eliminates personal privacy it also makes people less trusting of law enforcement, particularly in targeted populations like the Muslim community. Community policing is a smarter model because it works better. When police have the community's trust, they will get better information before and after crimes occur, leading to safer, more secure, and just communities.
More data doesn't mean more security. In some cases, it means less. Think of the needle in the haystack metaphor. Why make the haystack bigger with the personal data of hundreds of millions of innocent Americans? Does making the haystack bigger help you find the needle? Bruce Schneier points out that the East German Stasi secret police gathered personal information about four million East Germans, a quarter of the population. But they didn't forsee the movement to overthrow Communism there, because instead of focusing on actual threats to their system, they vacuumed up troves of personal data.
Schneier really understands this stuff, and that's why we keep citing him. He's an expert who has thought through these problems from many angles, using his experience in computer technology systems to help read and analyze surveillance in the digital age. As he argues, more data doesn't mean more security:
People are willing to give up liberties for vague promises of security because they think they have no choice. What they're not being told is that they can have both. It would require people to say no to the FBI's power grab. It would require us to discard the easy answers in favor of thoughtful answers. It would require structuring incentives to improve overall security rather than simply decreasing its costs. Designing security into systems from the beginning, instead of tacking it on at the end, would give us the security we need, while preserving the civil liberties we hold dear.