Let's talk about Privacy, Intimacy, Anonimity and Identity
lundi 10 juin 2013 à 16:29Let's talk about privacy, intimacy, anonimity and identity
I wanted to write about those topics for a while because I think they're important topics, eseentially nowadays due to the ever growing ubiquitous surveillance. I think that most of them are not perceived the same way by everybody, so i'll try to write down and define what I put behind the concept of identity, privacy, anonymity and intimacy.
So, we're going to start with some definitions, see how they are linked etc. I wo'nt use many links, because it's what I think it's probably not original and unique, but that's how I fell things are working. Also, we are going to eat Information Theory.
The identity problematics
We walk in the world as an emitter and receiver of signal (part noise, part information). This signal is directed toward one((unidirectional communication, also named unicast by network engineers)), some((multidirectionnal communication, named multicast in network operation)) or all((wide communication, or broadcast)) receivers in range.
The etymology of ''Identity'' comes form the latin identitas (sameness) annd indicates what information are emitted by the same entity, thing. That means two things. There's a track to previous information emitted by this entity, and the receiver can link the emitter to this entity. The identity is then the sum of all the information about an entity an emitter can perceive, and an entity can have multiple identity, in general one for each space (public or private) the entity evolves into.
One thing about information, if they're not archived and indexed, they will disappear with time. Who remember who Jessi Slaughter is?
What's my name?
The name is the unique handle of an identity. It can be a unique number, a common name, a description, etc. The name of an entity is how you will access all the information you can find about it. This is the bit of information you need to know to find out who an entity is and then accessing all the information available about this identity in the space you're standing.
If an entity has no name, and is in fact anonymous, then you won't be able to find any information about it. But then, the 'Girl with Nice Boobs who was at the party yesterday' and the 'Bunch of people that sing in the subway' in a name. A temporary one, but it's still a name. You can discuss about those person with other people who were in the same space at the same time, but the information will probably be wuickly dissolved in the flux of data we live in.
A name stand for an identity. Or should. The tricky part is the homonyms. Two (or more) different identities covered by only one name. To find out which entity you're communicating with, you will try to find context that is, previously stored information that you can then use to find out which entity your dealing with. You deal Homonimy the exact same way that Usurpation. Using the information you can find about an entity, you can know who they are to you, independently of their name.
Trust
The trust is the biggest thing in social relation. It exists in principally three states. You trust an entity, you distrust it or you have no idea of the trust you should have into the entity. The trust is the accountability. When something you trust gives you an information, you know the information is correct. If someone you trust claims a name, you won't check his history back to confirm or infirm it. Someone you trust is alos someone who will probably not takes information about you out of the space you are communicating.
The people you distrust is easy, you won't believe them and try to verify every information they send because you can find a source of information you trust to confirm or infirm their identity.
The world is small anyway, so you can probably build a trust chain to this entity and confirm or infirm the identity link for an entity you do not trust.
Trust is not bidirectionnal and is personnal. That's not because you trust me that I trust you. ANd that's not because I trust someone taht you should trust it by default, but it will gives it more trustability (because you trust me and I'm telling you that this entity is really who they claim to be), so that will help you to decide if you want to trust this entity.
What's privacy then?
Privacy opposes to publicity. If something is not in the public space, that means it's in a private space (or that it's in no space, which is not possible due to some contrsaints such as physics).
So, what is public then? From etymology it is linked to the people((From the latin poplicus which is a derivative from populus, the people)). That mean everybody can access and see a public thing. At least, there is no authorisation needed to access something public.
For instance, when you walk in the street, you are in a public space. When you enter a bar or a restaurant, you're still in a public space. When you pay the fee to access a museum or a night club, you are in a public space (it's not an authorization, it's a cost). When you surf the web reading at datas that do not requires a password to access to, you're in a public space.
That mean that everybody in the same public space as you can access all the information you're emitting. Wether it being you're apparent age, skin color, gender (not your sexual identity however), the thing you're saying or the song you're singing. If you are in a public space, everybody can access and see and track all the information you're emitting there.
So, the privacy opposes itself to the publicity. That is, you're in privacy, and so in a private space, when you access a non public place. A place that requires you to have an authorization of a kind. It could be a good old key for your house or your locker, a password to access a private sharing space online, a simple door closed with a sign on it stating 'Access forbidden' is a delimitation between a public and a private space.
Privacy is then a matter of limiting access to the information you emit. If you have the key to enter a private space, you can access the private information.
Intimacy
The intimcay, again from etymology, comes from the inside. This is what's inside an entity, that's all the information you're not emitting. It's when you opt-out totally, with no emitter of information you cannot control, and all the one you control shut down. You generally add your closest friend into this intimacy, as long as all the 'special' people, those are people that won't tell those information to anyone.
The intimacy is the part of yourself that no one knows about, except the specials ones. Intimacy is way more than privacy, privacy is intresting, as it allow you to communicate with people of choice without being put in danger for what your saying. It allow you to have multiple identities and to use them in multiple social circles. Intimacy is what's out of all social circle.
let's explore the world!
We now have our concepts defined. Almost. So, now, let's go online, because everything is funnier if you add network and computers to it.
Let's enter the world of information
So, it's easy to get a grasp on the private/public problem in the physical space. I can live with a bunch of people in an open space like a loft, or a squat, but still have some private space (the one I close with a key I own). What's hard is when you add some layers, and, for instance the cyberspace. I can sit in a private space (my room, locked) and accessing a maybe-public space.
The thing is, independently of the thing you're gonna access, every bits of information that goes out of your device of choice will go through different intermediaries before reaching the data you want to access. The origin and the destination of the packets are know, as long as a lor of other stuff. Those information are needed to route the packets through the diferents network, but they are data you emit in the public space (anyone on the route of yourpacket can see it and access to this information).
Wether you're accessing your facebook page (which is more or less private, dependings on the settings you choose), your webmail (which is private, given the fact that only you is supposed to have the password needed to access it) or your mails, reading a website, downloading a video using P2P protocols, etc, you will emit a lot of information that a lot of people (or computers) can read.
So, remember what I told about the lock in the previous part? You need to put a lock on the information you want to keep private. You can't lock all the information in the packets, some of them are needed to grants you access to the resource you've asked for. Those are mainly routing and protocol information, because that's the way computers works, they need to talk a lot to each other to get things done. But the others informations, the ones you want to keep private, you can lock them to deny anyone the possibility to read them without a key of a kind.
That's the cryptography goal. Forbidding a data being physically readable by anyone and restricting it to whoever got the key.
So, you're in the private space only when you use string cryptography. yeah, encrypt everything you want to make private. If something goes online without encryption, it belongs to the public space.
A wild corporation appears!
Corporations, at least internet ones, suck at two things. Security (but that's the burden of everyone) and transparency. When you land on a 'secured' website of a company, they will require you to proove your identity while they're doing the same (using ssl certificates). They're not asking you for a key (an authorization), they're using your identity as a key. They're using the whole set of data they can build about you as the key to access their services. You cannot know what data they have on you, you cannot opt-out those data, they're building a strong identity of you. And they're following you everywhere they can, without telling you.
So, they build an identity about you, one you don't know anything about and they're building it using data from a private space that they're not supposed to share with everyone else (except if you explicity opt-in). They're archiving everything information you emit, stocking it in extremly redundant servers becasue tehy do not want to lose any bits of identity about you. And then, they will replace the wall of the private space they made by polarised window, giving everyone who can afford it to penetrate theprivate space without the key and without your consent. When someone goes into your place without authorization, generally you call the authorities or shoot the trespassor. You're not allowed to do it for corporation taht sells personnal data, some of them they shoudl not have.
I mean, they do not need your name for running their business. The only reason they need it is becasue they want to cross check into other database - private space - what you're doing when not undr their radar. That's what real-name policies are, they're a meta identification token spanning all the databases taht uses the same policy. And that's why they're so bad.
The financial data stored in non banking websites is bad to. They do not need it. They need to know, in the worst case, who buys what to who and when. Not the bank name, the card number or any othr details on it.
So, corporation are robbing your identities. They lure you in confy private space, then put you on national broadcast. I'm not even speaking about the risks of a data leak or a breach in the infrastructure. People accuses hacker when information about them isleaked. But hackers did not archived this information in frist hand, they did not make huge files to track people and to spy them and to rape and destroy their privacy. What hackers do is finding a part of a public space that was hidden behind a curtain. So, next time someone is doxing you, asks the company why they had those information about you in clear text.
You can access a company server, if they store all the private information (or what they define as private) in an encrypted format you won't be able to read it. That's the way to go, if you want an information to be private, then encrypt it. If it touch toyour intimacy, do not publish the information. The internet and computers have an endless memory of extreme precision.
Protect yourself. Encrypt everything that moves. Give momentum to everything that do not move.
Version 1.0 of this entry was written by okhin on 2012/01/26. Use it as you wish. Or follow the WTFPL.