When it came to data breaches that enable financial theft and fraud — store loses credit-card numbers; credit cards are reissued — I’ve long argued that what we need to fix is less how we handle the data and more how we handle transactions. We should assume — worst case — that data will be breached. We should not build transactions in such a way that breach es— a credit-card number here, a Social Security number there — can lead to theft. We need to strengthen the security of transactions more than data.
But you’re right: sex makes everything different. Giving up a credit card is one thing; a marriage, another.
Yet here too, I think we have to pull up on the joy stick and look at this situation from a higher level, asking questions about norms, about misbehavior, and about tolerance.
In Western society we are now — thank God — at the point at which that learning someone is gay is no longer a scandal, an opportunity for blackmail, a cause for ruination. It’s just a fact. What made this great transformation in society possible? Publicness. The brave people who chose to stand outside their closets — the closets they were forced into by bigots — said to the world: “We’re gay. You gotta problem with that? And by the way, so are lots of other people you know.” Publicness disarmed the weapon against which privacy was a protection.
In my book, Public Parts, I argued — or at least hoped — that publicness and sharing would lead to greater tolerance.
But should we be tolerant of the behavior that Ashley Madison enables? Well, in the end, that will be up to about 37 million spouses, give or take a few lawyers. Here I think we have to give credence to what Eric Schmidt said — to considerable mocking and derision: If you’re worried about people knowing what you’re doing, perhaps you should consider not doing it.
One breath after lauding a new tolerance, I’m not trying to suggest a re-engaged puritanism. But let’s concede that misbehavior is misbehavior because it has consequences for others and so whether your sin remains secret or not is somewhat besides the point. If you send a nasty, mean, spiteful email to someone and that someone passes it on, the problem is less the passing-on and more the creation.
This leads to the real standard we should be discussing: harm. Not perceived harm. Not worries about harm. Not creepiness. Harm. In your examples, data that could enable stalkers to find their prey or thieves to rob someone blind or tyrants to eliminate their foes is data that must be protected at a higher standard. The harm must be considered. And the responsibility lies with the holder of the information.
In Public Parts, I decided that privacy is an ethic of knowing someone else’s information. Once I’ve told you something — in conversation or in a transaction or when I was forced to by some law — that information is public to the extent that I no longer control it; its fate is in your hands. What you do with it should be influenced by context (why did I tell you this? what did I expect of doing so?) and harm (what ill could befall me if you reveal the information you know about me?).
We cannot and should not treat all information about all people as if it is harmful. We should not pretend that we can put genies back in bottles or that the internet has equipped us with the pens in Men in Black: the Right to be Forgotten machine. We must consider context and harm and put effort and resource into protecting that information that could do the greatest harm.