Enough Is Enough
No More Compromise
I just returned from ETH Boulder and ETH Denver, two back-to-back conferences in Colorado where I gave five presentations on the importance of privacy. Both conferences were fantastic, and the conversation around privacy was more front-and-center than I’ve ever seen it. It was great to see so much mental bandwidth given to the topic from the builders there.
But here’s the thing: discussions from half the people were great. However, discussions from the other half were disquieting. They argued that privacy was “impractical”, “not pragmatic”, “a holdover from a bygone era of idealistic cypherpunks.” They explained that “we now live in the real world, and the only realistic path forward is to make concessions on privacy.”
What does that mean?
Add backdoors.
Expose viewing keys.
Build in compliance hooks.
Implement selective disclosure to regulators.
Create “privacy lite”: just enough to feel good, not enough to upset anyone in power.
The logic sounds reasonable on the surface: We can’t let perfect be the enemy of good. Let’s compromise now, ship something that’s palatable, and at least get people a little privacy.
A Flawed Argument
This is a fundamentally flawed argument. And the reason it’s flawed is that the people making it are evaluating the tradeoff in a vacuum, looking only at this present moment, without accounting for where we’ve come from.
These people are ceding ground to the forces that have been eroding privacy for decades. And those forces have never once returned what they’ve taken. Let me explain.
The Shifting Baseline
There’s a concept called “shifting baseline syndrome”. Each generation of people measures the current situation against what they personally remember, not against what existed before them. So what looks “normal” to a new generation is actually a deeply degraded version of what once was. The baseline keeps shifting downward, and nobody notices because each generation only sees their own slice.
This is exactly how the erosion of privacy works. You can’t evaluate whether a privacy tradeoff is worth making by looking only at the present moment. You have to look at the trajectory. You have to see the full arc of what’s been lost.
And when you do, the picture is staggering. Privacy has been all but eradicated, and it gets worse year after year.
The Bank Secrecy Act of 1970 and the regime it ushered in afterwards introduced mass financial surveillance as a social norm.
Executive Order 12333 in the eighties gave intelligence agencies sweeping authority to collect communications data abroad, which, in practice, meant millions of Americans’ calls, emails, and messages have been vacuumed up right along with it.
The Patriot Act of 2001 allowed warrantless wiretapping, National Security Letters that came with gag orders, and bulk data collection of millions of Americans who were suspected of nothing.
FISA Section 702, which keeps getting renewed again and again, allows the NSA to vacuum up communications from U.S. tech platforms and search through that data for American citizens, all without a warrant.
And the Third-Party Doctrine basically eliminates any kind of privacy in the digital age. It came from Supreme Court cases in the 1970s, and holds that any information you hand to a third party has no reasonable expectation of privacy. In the internet era, basically everything involves a third party, so this doctrine essentially argues that modern life forfeits your right to privacy by default. Which is an insane precedent.
These are just things going on in America, but the entire globe has followed suit. Each individual measure is presented as reasonable, and a small price to pay for security, compliance, and order. But each one has ratcheted the baseline lower.
And at no point along that trajectory have governments or institutions said, “that’s enough. We have all the surveillance we need.” They keep asking for more.
The Machine We Built
We now live under the largest data-collection regime in human history. We have built, and continue to feed, an infrastructure of surveillance unlike anything the world has ever seen.
Every day, a trillion-dollar industry harvests information about where you go, whom you talk to, what you read, what you buy, how long you linger on a screen, what scares you, and what persuades you. This data is packaged, analyzed, inferred, and sold, not just to advertisers, but to data brokers, and basically anyone willing to pay. In fact, some of the largest clients are governments all over the world who use this information to target their own populations.
This invasion of privacy, and overreaching data collection, isn’t just used by companies profiling us to sell us a better pair of shoes. Or social media companies learning about us for the algorithm. In many places, like authoritarian regimes, the machine is used to control dissent before it happens, by flagging potentially problematic people as more likely to join a protest movement, and then targeting those people.
Sometimes the machine is used to shape public sentiment, influence opinions, sway elections, or get entire populations to hate certain groups of people by convincing them that those groups hate them.
There are countries that publicly broadcast information about citizens whose social credit scores have dropped, and then use those scores to restrict their travel, limit their employment, block their children from certain schools, or cut them off from opportunity entirely.
And with the AI revolution, the machine stops being a record of your life and becomes an entire prediction engine. The data that we make concessions on and allow to be collected is dangerously easy to abuse.
A Fatal Flaw: It Can’t Be Secured
This surveillance infrastructure has another fatal flaw: it can’t be secured.
Every year, the number of data breaches hits a new all-time high. Billions of records are exposed, with information we never should have tolerated being collected in the first place, like location histories, medical records, financial data, private messages, biometric identifiers, and Social Security numbers.
This information gets dumped into the wild. It ends up on the dark web, bought and weaponized by organized cartels, criminal syndicates, and nation-state hacking operations. Centralized databases are constant targets, and breaches are not a question of if but when. As John Chambers, the former CEO of Cisco, once said: “There are only two types of companies: those that have been hacked, and those that don’t yet know they’ve been hacked.”
And yet people want to weaken privacy and security further still. Demanding even more KYC data to be collected, even though it’s been proven repeatedly that no one can keep it safe. Or clamoring for backdoors into encrypted communications, while knowing full well they cannot protect those backdoors from exploitation.
Salt Typhoon, for example, is a Chinese nation-state hacking group that infiltrated the core wiretapping infrastructure of major U.S. telecommunications providers. The very systems built to enable lawful government surveillance became the attack surface. The backdoor we accepted as a compromise to privacy, by allowing lawful access laws like CALEA to take hold, became the front door for foreign adversaries, who have been intercepting Americans’ calls and messages at scale.
And still, the calls for more backdoors continue. Just one more compromise, to keep us safe.
No More Compromise
I say, no more compromise. Those who tell us that we need limits on privacy to achieve mainstream adoption, that we need viewing keys for regulators, compliance hooks for institutions, even more backdoors for governments — they need to stop looking at this current moment in a vacuum, and see how far we’ve already fallen, and how low our shifting baseline of privacy has already sunk.
Look at the privacy that we used to enjoy, and now look at the kind of surveillance that has since become normalized. More and more privacy disappears every year through just “one more concession.” Powers that were granted were never relinquished. So-called “temporary measures” are now permanent fixtures. We are surrendering the last remaining vestiges of private life, and calling it pragmatism.
It’s time to draw a hard line in the sand. Enough is enough. We have to stop giving ground to a force that never stops asking for more. Privacy is essential for a free society, and we simply can’t afford to let people take it from us.
The Debate
Anyway, at the conferences I just came from, I had the chance to put this conviction to the test. I participated in a mock debate on a proposition that cuts to the core of the modern privacy movement: the proposition was that “Limits on privacy are a price worth paying for mainstream adoption of cryptographic privacy.”
In the previous email I published my opening statement from the debate — and for those interested, Matt Green and I ended up winning, by the way!
A mock debate is one thing. Now we actually have to win this battle in the real world. And I hope that enough people want to draw a line in the sand alongside us.
I’d also love your opinions in the comments: Who do you side with in this debate? These aren’t questions we can leave to policymakers and technologists to answer behind closed doors. If privacy is going to survive the digital age, we need more people like you in this conversation.
Yours In Privacy,
Naomi
Consider supporting our nonprofit so that we can fund more research into the surveillance baked into our everyday tech. We want to educate as many people as possible about what’s going on, and help write a better future. Visit LudlowInstitute.org/donate to set up a monthly, tax-deductible donation.
NBTV. Because Privacy Matters.