The debate regarding security vs privacy

Like many people, I also had the perception that increased security can in most cases only be achieved at the cost of privacy and liberty. I have since started reconsidering that line of thought after I recently came across this article(“Protecting Privacy and Liberty”) by Bruce Schneier written way back on September 30 2001 just after 9-11, which argued that “this association is simplistic and largely fallacious”.

Security and privacy are not two sides of a teeter-totter. This association is simplistic and largely fallacious. It’s easy and fast, but less effective, to increase security by taking away liberty. However, the best ways to increase security are not at the expense of privacy and liberty.

It’s easy to refute the notion that all security comes at the expense of liberty. Arming pilots, reinforcing cockpit doors, and teaching flight attendants karate are all examples of security measures that have no effect on individual privacy or liberties. So are better authentication of airport maintenance workers, or dead-man switches that force planes to automatically land at the closest airport, or armed air marshals traveling on flights.

Liberty-depriving security measures are most often found when system designers failed to take security into account from the beginning. They’re Band-aids, and evidence of bad security planning. When security is designed into a system, it can work without forcing people to give up their freedoms.

Schneier goes on to give some very good examples in the article which demonstrates his point. I find this other section of this article very true, and especially relevant to India at this point.

People are willing to give up liberties for vague promises of security because they think they have no choice. What they’re not being told is that they can have both. It would require people to say no to the FBI’s power grab. It would require us to discard the easy answers in favor of thoughtful answers. It would require structuring incentives to improve overall security rather than simply decreasing its costs. Designing security into systems from the beginning, instead of tacking it on at the end, would give us the security we need, while preserving the civil liberties we hold dear.

For example, take a look at our National Unique Identification (NUID) project. The government and Mr. Nilekani is selling us the argument that it is the panacea to all our national and internal security problems. Illegal migration will be stopped, benefits of social programs will reach the intended recipient, etc. As Nilekani said recently in an interview with Karan Thapar,

On being asked on the investment of money in this project be invested in some other project as is better used for education, health for women and children and sanitation programmes, he replied “We certainly don’t want to take away money from important social programmes but remember that as we expand our social programmes, the efficiency of the social programme depends on the fact that they reach the right people and that there are no duplicates who are taking away the benefits which are meant for the poor. We need to make them more efficient. So you need the infrastructure at the bottom to make that happen. The investment of money in this project will actually make all those other money’s be spent more efficiently. Think of it as an infrastructure for enabling you to spend money more effectively.”

Of course, he conveniently doesn’t mention that there is another way to deal with the “efficiency” (an euphemism for corruption) of social programs. Tackle the systematic corruption in the PDS and other government doles to the poor.

Instead of targeting only the relatively few people involved in the system, Nilekani and GoI would rather spend thousands of crores every year on this scheme asking each and every billions plus Indians to meekly surrender whatever anonymity that they have against government (and the inevitable corporate) surveillance of everything that they do. This is apart from causing additional sufferings for the misgoverned citizens when they try to be compliant with this authority for every change they do in their lives. If people felt irritated with the need for quoting PAN numbers and voters ID card in many places right now, I cannot but imagine how they would feel when they will have to quote the NUID in everything they do - while seeking employment,renting a house, using a cyber cafe, filing any government application, etc.

Of course, if instead they had just tried to confront the real problem, we don’t have to do that. But again, who cares about the real problems? This country is just about tokenisms like NUID.

How are we ever going to get out of this mess? The government is best equipped to understand all the threats we face. The government security agencies specialize on knowing all the possible solutions to our problems. These people who are best placed do not  disclose to us all the possibilities of tackling security problems that they have considered and how they have reached the best possible solution. So how will us ordinary citizens ever know that we could have had a better solution which is more effective but required more work from the government. The government has a vested interest in not letting us know that. They are part of the problem in most cases. They are the interested party in others and in most cases it is political expediency - the results of the right way would take longer than one election term to show.

comments powered by Disqus