He tackles the challenges of retaining secrecy on the Internet, privacy legislation, as well as issues encountered while developing Silent Circle.
As the co-founder of PGP, you've been a vocal privacy advocate for a long time. What's your take on the global erosion of privacy taking place in the last decade? Where are we headed?
Weíre moving into a strange place, with technology and social mores pushing us to less privacy by default. Interestingly, there seems to be a push-back against the larger trend. It will be interesting to see if people care about their privacy enough to do something about it. There are plenty of opportunities, but the major obstacle is people caring enough about their privacy to do something.
The good news is that they are starting to do so. Itís manifesting itself in people wanting control over their own personal data, people wanting their own space, people wondering whatís behind the offer thatís free. Iím more hopeful now than I have been in several years.
A popular opinion among politicians is: "If you have nothing to hide, you have nothing to worry about". Why is privacy still important, even if you have nothing to hide?
Thatís just a canard. Itís a way to justify intrusions into privacy by tacitly calling the rest of us names. Itís a convenience for them to intrude on us, and they say that thereís something wrong with us for not liking it. There are plenty of defenses of the need for privacy, and if I just repeat them then weíre wasting this interview.
They only get away with that if we let them. We need to recognize the trick for what it is and not let them get away with saying that somehow we donít deserve privacy. Everyone has the right to be left alone, and thatís all that it is.
Sadly, that means that this is going to be the last time you can ask a privacy advocate this question.
Security professionals tend to state that it is impossible to retain privacy if one uses the Internet. Is there any truth in that? Does it depend on what we share and how much we share? Is there anything users can do in order to prevent the leakage of sensitive data or is there no way around it?
Maybe. The most important thing someone can do is to realize that nothing is free and to ask yourself if you think youíre getting a good deal when you sell your information.
Sometimes itís a good deal. Heck, we all like being shown non-stupid ads. We like good searches, and those donít come for nothing. I like knowing what people I know are up to, as well. I wouldnít pay for a social network because itís just not worth that much to me, and most of us agree Ė thatís why there are a dearth of for-pay social networks.
The idea is to realize youíre paying for everything. Sometimes we pay with cash, sometimes privacy. The real thing to ask yourself is if youíre getting a good deal.
What kind of privacy legislation would you like to see in the near future?
Iíd like to see data retention laws changed. Thereís discussion in the EU now for a ďright to be forgotten.Ē In many cases, this is being aimed at the likes of Google and Facebook, and the difficulty in keeping them from tracking you. Yet the EU has data retention laws that require service providers to keep lots of unnecessary information about everyoneís network activities, and this is far more intrusive than anything else. The idea is good, and I support it. We need more of it.