My latest Guardian column, Privacy technology everyone can use would make us all more secure, makes the case for privacy technology as something that anyone can — and should use, discussing the work being done by the charitable Simply Secure foundation that launches today (site is not yet up as of this writing), with the mandate to create usable interfaces to cryptographic tools, and to teach crypto developers how to make their tools accessible to non-technical people.
I think that the real reason that privacy is so user-unfriendly is that the case for privacy is intensely technical. The privacy risks presented by everyday internet use involve subtle and esoteric principles – understanding the risks of having your computer turned into a node in a botnet; or having its passwords harvested; or having your search- and browser-history logged and used against you (either to compromise you directly, or in use for attacks on your password-recovery questions); and having your metadata mined and joined up in ways that reveal your deepest secrets or result in false, incriminating, and hard-to-refute accusations being made against you, potentially costing you the ability to get credit, board an airplane, or even walk around freely.
You don’t need to be a technical expert to understand privacy risks anymore. From the Snowden revelations to the daily parade of internet security horrors around the world – like Syrian and Egyptian checkpoints where your Facebook logins are required in order to weigh your political allegiances (sometimes with fatal consequences) or celebrities having their most intimate photos splashed all over the web.
The time has come to create privacy tools for normal people – people with a normal level of technical competence. That is, all of us, no matter what our level of technical expertise, need privacy. Some privacy measures do require extraordinary technical competence; if you’re Edward Snowden, with the entire NSA bearing down on your communications, you will need to be a real expert to keep your information secure. But the kind of privacy that makes you immune to mass surveillance and attacks-of-opportunity from voyeurs, identity thieves and other bad guys is attainable by anyone.
Privacy technology everyone can use would make us all more secure [Cory Doctorow/The Guardian]
(Disclosure: I am a volunteer on Simply Secure’s advisory council)