Techiebytes

If you’re like most Americans, you probably value your privacy. You’re probably not ashamed of anything, and you’re not doing anything wrong, but just on the principle of the matter, you would prefer to keep your private life private. If a stranger knocked on your door and told you that he was going to watch you read your mail, you would almost certainly call the police. If you saw your neighbors peeking through your living room windows as you watched TV at night, you would probably walk over and give them a piece of your mind. And if you found out that the government had been listening to your phone calls without a warrant, you would be outraged, and probably hire a lawyer to get justice and accountability. And all of these actions you would be justified in carrying out.

Just as you enforce your privacy in your tangible, day-to-day life, so, too, should you do so on your computer — especially as more and more of the activities that make up our usual days become digitized, are stored on hard drives, and are sent flying across the Internet. So it is somewhat mystifying to me that most of the people to whom I have talked about encryption seem entirely disinterested in taking the time to implement secure cryptography (see the end of this post for more information) on their computers.

Oftentimes, the first reaction to my suggestion that I hear is, “Why? I have nothing I need to hide.” But, while that is probably almost always the case, their reaction misses the point entirely. It’s not whether or not you have anything to hide, it’s whether or not anyone else has the right to pry, and in my mind, unless either someone is both legally authorized and justified in snooping on my data, or I give my consent for them to do so, I should keep the data on my computer as secure as possible.

It used to be the case that setting up good encryption was difficult, and that trustworthy software was hard to find — but this is no longer the case. While it is true that there are a glut of badly-written encryption programs that leave your data virtually as vulnerable as they were before, there are also plenty of respectable implementations that easily can be obtained and installed (see the end of this post), and no longer do you need a degree in computer science or mathematics to use them, either (although if you find Feistel networks or finite fields interesting there are plenty of technical aspects about which to learn as well).

The reasons aren’t purely philosophical, either, as there are serious risks in allowing data to sit unprotected on a hard drive. We store our home videos, vacation photos, tax records, hotel reservations, flight itineraries, bank statements, music, and business correspondences on our computers, just to name a few, and more and more, these data are not just sitting on our hard drives, but transmitted online, synchronized via servers located around the world, and categorized, indexed, dissected, and disseminated via the Internet and a littany of applications. So, just think of the potential devastation — financial loss, identity theft, character destruction, etc. — that could result from a breach of privacy on your computer.

Worse yet, it doesn’t take a skilled attacker or government spy for your information to be at risk. Social networking sites routinely encourage their users to volunteer reams of personal information; most grocery store shoppers don’t think twice about swiping their “frequent shopper cards” to gain access to special deals (and allowing the store to track their purchases); and, frighteningly enough, more than 70% of people would give up their passwords for a chocolate bar. Most people seem so incredibly careless with their information security that these and other signs of complacency only add emphasis to the fact that we collectively need to take more seriously the potential risks in leaving our data unprotected (not to mention giving it away) and abrogating our responsibilities — just as it would be irresponsible for us to leave our front doors unlocked and open at night, print our credit card numbers on the back of our shirts, or walk down the street announcing how much money we have and in which pockets we have our wallets.

If you value your privacy in other aspects of your life, consider taking more seriously your privacy when it comes to your computer and your “digital life,” for lack of a better phrase. It is both an issue of security and of philosophy, and it is a salient one. For respectable cryptographic software, consider TrueCrypt, PGP, GPG, and RSA. (For platform-specific options, consider also FileVault for Mac OS X and BitLocker for Windows Vista, both built into their respective operating systems.) For general cryptographic (and other) security information, check out Bruce Schneier‘s work (as well as his blog, Schneier on Security, and his books), the Center for Democracy and Technology’s cryptography page, and the Electronic Frontier Foundation.