Instead of security, instead of privacy: Secrecy, intimacy and trust

Brist made the suggestion that we should stop talking about ‘security’ and instead start building a language around ‘secrecy’.

I think it sounds like a very good suggestion, so I here give my comments in a debate I would hope to see more contributions to. My problem with ‘security thinking’ especially stems from the expert bias it brings with it: the overly focus on learning complicated technologies and tools even before finding out what you want to secure, ie. keep secret. It’s like the security paradigm just breeds security consultants, eager to give their expert advice and still you have no clue why you would want to learn to encrypt your email or install plugins that makes your browser less vulnerable to so called man-in-the-middle attacks. Over and over, the same response: “Why would I want to put down time on all that crap, It’s not because I’m some kind of wanted person or politician”. The thing is: ‘Security’ seems completely irrelevant for most people.

So maybe not ‘secrecy’ … After all, everyone has secrets. Necessary secrets, secrets between friends, secrets between colleagues, large secrets and smaller secrets, silly secrets and dangerous secrets.

Before we continue, a disclaimer: Why do we even find it necessary to discuss replacing one word for the other? Is this not just silly semantics? To that I would answer: When we would like to replace one way of talking about things with another, we are messing with things other than language. So no, not ‘just’ semantics. More appropriately, we are negotiating a paradigm: Which means we are also always building the components for how we would want technology, tools, social contexts, law etc. to come into being. In short, certain words make certain things matter in a certain way. Similar to how all the fuss about ‘cloud computing’ easily comes to matter as a corporate rule of cyberspace. We think ‘the cloud’ is just ‘up there’ floating around freely in the sky, while all our data are being placed in the same few servers managed by the same few corporations, leaving us very dependent on these few central actors. Essentially losing control of how we want to communicate, share stuff, find each other etc. Then, instead of ‘the cloud’ we might speak about ‘the mountain’ – where the internet gods keep our digital offerings, or something. You get the point.

Given that the words we use matters, let’s continue to build on Brist’s suggestion to replace ‘security’ with ‘secrecy’. To frame it, here’s a long quote.

What I find really important about moving from security to secrecy is that it allows us to think about what we actually want to keep secret, and from whom. Because of this, thinking about secrecy is just as valuable for people like me who do most of what I do more or less openly as for the aforementioned people who are hunted by intelligence agencies. While security is often an all-or-nothing affair, since a weak spot can crack the whole system open, secrecy is about managing what information someone can gather about you. […] You have to ask yourself what secrets you want to keep. Your name? Your political affiliations? Your online habits, or your network of friends? Once you have those answers you can begin looking at tools and practices. Not the other way around — that’s for server admins and programmers.

There are several points to comment on, but let me start with the notion of ‘security as an all-or-nothing affair’. Security certainly invites people into a mode of thinking that can become dominated by paranoia. Either you’ve decided to be careful about it or you rather not care. And yes, paranoia does not mean that you are not followed and surveilled etc. A small dose of generalized paranoia can even be a good motivator to learn skills, as a way of remembering to do certain stuff.

But paranoia lacks heavily in what secrecy could be better in growing: Intimacy.

This is where it gets interesting for me. Parallel to the problems and ambivalences in security thinking is all the talk about ‘privacy’ in so called information activist circles. I say, liberal information activist circles. I’m not so sure I would want to fight and struggle to defend privacy. I’m just dropping examples from the top of my head – drawing from the feminist critique of the public/private division – but we have to remember that this division between the public and the private is the same thing that gave us the idea of a single bourgeous public (thereby ignoring minor voices and naturalizing their silence); it is the same division that have forced queers of all types behind closed (private) doors under the pretension of ‘tolerance’ (like you treat a guest in his house); it was the same division that sustained patriarchy in (private) homes; and so on … (let me know more examples and maybe we can list a bunch of problems with the division in order to find fitting replacements for them)

Intimacy seems to be intimately entangled with secrecy. Intimacy, pushing the questions Brist mentioned about what to keep secret, and to whom? Security, on the other hand, is most often something you want to do by yourself – conjuring passwords, keeping your valuables in your safe, hiring a private security firm to guard your solitary house. Security easily produces the kind of paranoid affect that makes you suspicious – to other people, people you might otherwise want to build trust with, your complicities, your friends …

So yes, this makes us introduce another concept that fits into the secrecy-intimacy-pair: Trust. Trust is always a social relation, something you build between each other, something to be shared and extended. Trust might just be the single most important affect when sharing secrets.

You can certainly try to build a secure world all by yourself, but you can never build trust all by ourself. Unless, you might not be trusting yourself? But then, this is only a problem for the extremely paranoid liberal, excessively focused on security and the idea of the self.

A good practical example is already existing terminology: When encrypting mails with GPG you can verify each other’s keys, gradually building a web of trust – enabling other people that trust those of us who verified the keys to trust them as well. As a contrary way of delegating trust, you have the hierarchical ‘tree of trust’ – here, all trust is placed on one single actor, instead of being built up through the trust-glue between all your trustworthy friends.

—————

On a side note: I’m reminded by Tiqqun’s concept of zones of offensive opacity (ZOO, in short), a concept that specifically builds on secrecy and trust: diffuse overlapping territories (not occupying the territory, but “being the territory”), dim grey zones of friend circles on dim grey zones of others who trust each other, a communist geography beneath the state’s cartography, spaces impenetrable in their composition and meaning to authority. A secret communism:

The advantage of the ZOO is that it establishes and expands a base for autonomy.  Specifically, it looks to communism as a qualitative guide.  At every moment when one might be tempted to engage in the social, for whatever resources it may offer, the ZOO suggests constructing a parallel space of communism.

For de danske / svenske optegnelser: Vi behøver at forhandle en erstatning af sikkerheds-privatlivs-paradigmet med en anden klynge koncepter omkring hemmelighed, intimitet og tillid.

3 Replies to “Instead of security, instead of privacy: Secrecy, intimacy and trust”

  1. Yes! The ZOO is a very interesting concept in this context. Ultimately, a form of offensive secrecy will result in inpenetrable networks of informal links, which might bear little resemblance to the surface phenomena. Or, to take it to a more concrete level, we would _see_ several different groups and organizations, but the actions performed (and the lives lived) would ultimately spring from different alliances and conspiracies.

    I particularily enjoy your critique of “privacy”. Most of what goes on online is in some form social, so there is no real “private sphere” at all to talk about — just varying degrees of secrecy. And isn’t an online store’s promise not to sell or pass on your mailing address built on your trust in them, rather than some natural law or moral?

  2. It certainly seems like trust plays great role when handing over information to corporations or store’s (especially since, over and over, we see that laws are notoriously difficult to uphold or even understand when dealing with foreign actors through internet).

    I think circulating distrust towards web 2.0 corporations is very important these days. Also, with distrust – ie. not trusting that those privileged web 2.0 businesses will just “take care of it” – a tendency towards hacking becomes obvious.

    The other thing you said about ZOO – in the context of internet politics – maybe what we want to develop are concepts like ‘Webs of Offensive Secrecy’ (WES) ?

    The variations are probably many :D
    Web of Offensive Trust (WOT)
    Web of Offensive Intimacy (WOI)

Comments are closed.