Well, clothes are mostly down to weather and laws on public decency, and nudists are the counterpoint that prove some demographics would prefer to be naked if the law allowed it, same with tribes like Koma.
Locks are more for security than privacy, and it's important not to conflate the two. People can have nothing to hide, but also not want to be robbed.
And as for email, that's again a matter of security because then someone could impersonate you for one, and I can't name a service that allows you to omit having a password for your email account.
In an information environment, security and privacy are the same thing. The terms may have different connotations culturally, but good security-in-depth is the same set of practices that enable digital privacy, because the objective is the same: prevent leakage of facts.
You can have E2EE to the service provider, but they can be free to rummage through your data if they choose to or are coerced to by a legal demand from an authority. But it eliminates the average schmoe from going through that data.
Is that adequate security? Is that adequate privacy? This is what bills like EARN IT and its ilk are positing with backdoors et al. It depends on your threat model.
If a warrant opens a door or account one way or another, it can be argued that privacy-wise, locks and passwords are poor solutions. Are you protecting business data or trying to survive in an oppressive regime?
Different solutions for different problems, how appropriate they are varies with demographics too.
E2EE refers to fully encrypted communication between end-users of a service, hence end-to-end. If one of the ends is the service provider, the term doesn't apply.
This is the point. It's a buzzword and the reality of a lot of popular services is that the service provider can likely already provide access to your data if requested to by a government.
Ergo, if this is a consideration within your threat model, it's an inappropriate solution. However, I am highlighting that EARN IT is no more a threat than existing service providers abiding by a court order, ergo the existing solutions likely aren't fit-for-purpose for some folks, depending on threat model.
I'd argue that they're overlapping sets of concerns, not necessarily identical to or subsets of each other.
Off the cuff:
* Being an anonymous person walking through a city. This is a privacy concern and only becomes a security concern if I'm a public persona or some kind of person of interest.
* Moving to a new school/city/job and not having your social reputation follow you. This allows a lot of people a chance to redefine who they are and how they interact with people around them. This can't happen if everybody always knows somebody's pervious public persona.
* Breaking a law and being fined/punished/imprisoned for it. Without privacy, such a person has a much poorer chance of having a decent life even after they've done their time or paid their dues.
These all strike me as privacy concerns, but not necessarily concerns to security. I think they're all important enough to consider privacy as a good thing in it's own right and that such scenarios signal that it's possible to advocate privacy in the absence of (or opposition to) security concerns.
Not GP, but security refers to the protection of the system, while privacy refers to the protection of information.
So you need to protect the system to protect the information on it, but there are also sometimes trade offs between security and privacy when you offload some system protection by giving away some information to another party. For example SmartScreen with Microsoft, and Safe Browsing with Google Chrome.
elesiuta had some great commentary I agree with, but to add my own response:
> IMO these are all 'security' related, just personal security (which is what I define privacy as).
I think this level of reduction becomes problematic in scenarios where security>privacy advocates talk about security in the collective sense.
Playing devil's advocate to highlight where I believe this reduction of security->personal security->privacy breaks down: A man borrowed many books from a library on the topic of explosive chemistry. That man later was involved in terrorist acts.
This is a situation where one could argue that less privacy for people in relation to their library borrowing habits may have resulted in greater security.
This is an example of an event that has happened, and while I hate the cliche of terrorism in debates about privacy and feel this particular point can be argued, it's exactly these kinds of scenarios that security>privacy advocates use to push for fewer privacy protections across large groups of people.
I agree its a good counter-point. I would argue that we shouldn't give our decision making power to decide what is and isn't best for us over to any 3rd party because they will never have the same interest in making informed decisions as the beholder. There is nothing on the line for someone to make decisions on another's behalf.
The Sokovia Accords Debate [1] from the Captain America Civil War (2016) film says it best, imho.
Another problem that I feel has barely even been touched on in recent time is what even are facts. People see things on the Internet and take it for gospel.
You know information people ALWAYS blindly believe 100%? "Leaked" data. Imagine how much power one could have with manipulated, leaked, data.
You don't even need to say anything that isn't true. Just being selective about which true secrets you reveal can be a very powerful tool to control the narrative.
> as for email [passwords], that's again a matter of security
I guess if we're nitpicking I'll point out that this is still privacy (how one keeps their password) for the sake of security. Information is kept private and passwords are information.
Perhaps drawing a distinction between outbound and inbound email protocols would be good too. I understand the argument being made, but the sensible assumption is that your email, even with a password, isn't a sensible choice for sensitive communications.
> your email, even with a password, isn't a sensible choice for sensitive communications
This seems like it's shifting the goalposts. Someone says something about "nothing to hide but they have locks on their doors" and you say "security isn't the same as privacy". It's accurate but it's moot. I keep the location of my hide-a-key private so I can continue to keep my house secure with the lock on the front door. I keep my email password private so I can secure the account against unauthorized access.
Some people do use their email for what they would consider sensitive communications, and it's less than helpful to suggest they need better opsec practices in response to someone else saying that they should be able to expect their email to be private. It's saying "just hide it better, lol" when that's literally exactly what many people are trying to do when speaking against this sort of legislation.
> Well, clothes are mostly down to weather and laws on public decency
Where I live, there are no laws against public nudity (as long as the nudity isn't "salacious" in nature). And yet, very nearly 100% of the people are clothed at all times.
And yet in other areas of the world, people wear no clothes.
People also smoke cigarettes, eat junk food, and do things that are unnatural and otherwise detrimental due to what they're bombarded with.
I wear clothes, I'm not a nudist. I have zero shame about my body though, it's a body—we've all got one.
The point as per my other comments: different solutions for different problems, the appropriateness of each varies with demographics. E.g., if you're surviving in an oppressive regime as a dissenter, email is something to be avoided. If you're running a business, it's likely fine, provided that it's compliant for your industry, e.g., HIPAA.
Email passwords are not for preventing impersonation. For one, POP3 passwords are separate from SMTP. Second, nothing in SMTP prevents impersonation… large mail handlers like GMail don’t allow it anymore, but you can put whatever you want in the “From” field. Things like SPF, DMARC and DKIM are there to prevent impersonation at the domain level for mail servers that want to protect their users.
When accessing email via a protocol with an email client, sure, but I primarily had the Gmail web app in mind when I wrote the comment. I also touched on protocols in another comment.
With what I had in mind, if you logged into my Gmail account, which provides both sending and receiving, you could impersonate me to my own mother, but I would have nothing to hide as I don't receive any sensitive information via email (privacy). However, accounts elsewhere could be recovered via my email, and thus be used to impersonate me elsewhere (security).
Locks are more for security than privacy, and it's important not to conflate the two. People can have nothing to hide, but also not want to be robbed.
And as for email, that's again a matter of security because then someone could impersonate you for one, and I can't name a service that allows you to omit having a password for your email account.
(I know, looking too deeply into it! Sorry.)