The collective struggle for privacy
In an era where conversations about online privacy seem deceptively simple, achieving it is anything but. We are constantly being bombarded with PR campaigns that tout the robustness of corporate data protection measures, which often serve more as a smokescreen than anything relatively practical. Trying to reform a system that works against every individual through the relentless commodification of our data is nothing short of daunting and often times fail to acknowledge the fact that privacy (as a concept) must be rooted on class struggle.
Privacy is an abstract concept and achieving it takes work. Hard work, in fact. It’s not like someone can suddenly break apart from propriety products almost immediately. Even if they could, they have to make sacrifices to make do--sacrifices that not everyone can or is willing to make. Take for instance someone’s choice of a messaging app. You could choose a more secure one, but it is very likely that you’d lose connections with your friends and your families who would rather choose this other app because they “are used to it”. This other app boasts itself as secure as well, mainly because of the E2EE. But, in the grand scheme of things, the content of the message is just one thing. The use of your phone number remains an issue alongside transaction data, service-related information, information on how you interact with businesses, mobile device information, your IP address, among other things. But, you don’t convince people to move away from the app because of technical this and technical that. You don’t win people if your only argument to move away from Whatsapp is because Zuckerberg sucks. Unless they are personally affected by it, and, I mean personally, not just someone they know from work or a friend of a friend or a friend of a friend of a friend, chances are most people will not care. Not to mention how many of us are virtually trapped in what I call as 'platform jail', where all our interactions, personal and business, rely on BigTech platforms. And the act of surrending our rights for access is almost always out of constraint. The journey towards real privacy is not a mere switch of services but a challenging overhaul of habits, tools, and, most importantly, expectations.
This struggle is compounded by the pervasive myth that privacy is a personal responsibility rather than a collective right that should be upheld and protected by society at large. This western libertarian discourse around privacy needs a radical shift that moves away from individual burden and towards a systemic restructuring of how data is treated at the societal level. I believe that our current understanding of the right to privacy is selfish. The whole of private property, by itself, is steeped in capitalist ideologies anchored on the tenets of individualism that prioritise property rights. It emphasises personal protection without considering the broader societal implications. Privacy isn’t merely a personal choice. If anything, it is a social predicament. Kasper, in her 2007 paper, puts it so perfectly:
“Privacy is a socially created need, and without society, there would be no need for privacy”.
One person’s choice of an app can jeopardise the privacy of others. The interconnectedness of our data means that privacy should be considered a collective right rather than an individual choice. This becomes particularly clear when a critical mass adopts a less secure service, which then becomes a norm, making it harder for others to choose more secure options without sacrificing social or professional connections. It also fails to address the systemic issues at play. Many people aren’t equipped with the knowledge to make informed decisions about their privacy. Many cannot make the switch because their labour is anchored so deeply in these plarforms. And many don't want to make the shift if the so-called alternatives do not offer them a safe space. Some wouldn’t understand the trade-offs they’re making and the long-term consequences of their choices. Then what happens next? We blame them for not securing their data, rather than holding institutions accountable for not providing secure and user-friendly options.
This introduces my next point that privacy is also highly influenced by one’s position in the social hierarchy. The richer you are, the easier it is for you to obtain a higher level of privacy compared to those lower down the socialcapital ladder. The commodification of privacy creates a false dichotomy between those who can afford privacy and those who cannot. A classic tale as old as time. When we treat privacy as a purchasable good, we marginalise those who lack the resources to buy into these protections. And by framing privacy as an individual choice, society implicitly blames those who cannot afford privacy-enhancing tools for their lack of privacy (and we in the InfoSec community are guilty of this). This perpetuates the false idea that privacy is a matter of personal responsibility and capability, rather than a systemic issue rooted in economic inequality. It reinforces the idea that people attain privacy simply because they choose to. It ignores the financial and social barriers that prevent many from securing their personal data.
The current dominant libertarian understanding of privacy that revolves around individualism only serves the status quo. Not only does this approach fails to recognise that privacy violations have a compounding effects that reverberates beyond the individual, it also neglects the systemic inequalities that technology and data practices perpetuate.
The abrogation of privacy is tied very tightly with fear-mongering tactics that use the securitisation of both bodies and spaces to manipulate public perception. Time and time again, governments capitalise on this ‘fear’ of existential threats to justify extreme measures that would be unacceptable under non-securitised circumstances (see Copenhagen School of Securitisation Theory). Here, we see how this strategy plays on the collective anxiety about security that leads people to believe that sacrificing their privacy is a necessary trade-off for safety.
The manipulation of fear has given birth to a scenario where we have started to view privacy invasions not as an infringement of rights but as a necessary sacrifice for survival. It does not have to be like this. This narrative is carefully crafted in ways that would condition us to abandon reason about the efficacy and morality of such surveillance measures. But the reality remains that these measures are less about ensuring security and more about controlling and often oppressing populations. And as this narrative unfolds, it is critical to challenge the premise that security necessitates privacy sacrifices.
Urgent rethinking is crucial as we navigate the digital realms. Reconceptualising privacy demands a communal approach wherein collective action is prioritised over isolation. As the problem of privacy is inherently social, so too must be its solution. Definitely, one that is rooted in collective responsibility, social justice and not just the good old ‘me’ approach. Instead of questioning why someone whose privacy has been breached didn't take certain actions, we need to question why those actions were necessary to begin with. Reframe your questions and challenge the norm that places the burden of privacy on individuals alone. And as we ponder the complexities of digital privacy, let’s not forget that our choices, too, echo beyond ourselves.