Why using encryption is seen as suspicious — the difference between privacy and secrecy.


(Originally posted on Medium)

Not long ago I discussed some of the steps I was taking to ensure some privacy online and since then have had quite a few conversations with other people about their own efforts to do the same. We most frequently talk about how easy or hard something is to implement and express shared desire to have more of these options baked in as standard features on normal applications used by everyone. If encrypting an email was as easy as CCing some for example, it’s safe to assume more people would encrypt their emails.

These discussions also inevitably note that the simple act of encrypting your email is more likely to draw the attention of folks like the NSA because to some people this is seen as suspicious behavior. But I don’t buy it — if encrypting your email is suspicious that’s only the case because not many people do it, which is only the case because it’s not that easy. And now we’re running in circles. But lets think about this a bit more for a second.

What’s so suspicious about it?

I was talking about this recently with Jonathan Foote (among others at the Catalytic Converter conference at the MIT Media Lab) and he made what I think is one of the most convincing arguments yet. He asked:

Would you mail a letter without putting it in an envelope?

For simplicity’s sake let’s keep the email/snail mail analogy intact. Obviously postcards aren’t in envelopes, but the content of a letter and that of a postcard are unquestionably different. A postcard is more like a tweeted reply to some — doesn’t really matter if others see it even if it’s intended for someone specific. But in thinking about a letter, perhaps a letter you might send to your doctor about a symptom you are having, your insurance company about a bill, your accountant about your income, a relative going through a tough emotional situation, or any number of other things — these are topics that you are likely to want to put in an envelope rather than put on a postcard. Why? Obviously, because they are private.

Which brings us to the discussion of privacy and how that’s different from secrecy.

Using the above examples, it’s not a secret that I talk to my doctor/my insurance company/my accountant/my relatives — but that doesn’t mean I want the world to know what I say to them. It’s not secret, it’s private. To further that example, I’m married and have a child: it’s not a secret how that happened but that doesn’t mean I would invite people over to my house to watch. That my wife and I have sex isn’t a secret, but it’s private. I eat food on a daily basis which results in trips to the bathroom. It’s not a secret that I poop, but that doesn’t mean I want to have people monitoring me while I’m sitting on the toilet. Because it’s private. Sorry about that, but you get the point I hope.

There’s nothing suspicious about being private.

On the other hand, there’s secrecy. Parking a few blocks away and then walking to your boyfriends house so that your husband doesn’t drive by and see you there, that’s being secretive. Using codereddit to prevent your manager from knowing your aren’t working, that’s being secretive. Keeping the curtains closed and the TV turned up loud to hid the face that you have a dog in your “no pets allowed” apartment, that’s being secretive. Covering your tracks to prevent your boss from knowing about the new job interview at a competing company you have planned later this week. These activities are suspicious because you are actively trying to hide something. Trying to cover it up. Being secretive.

Bringing this back to the point — we put letters in envelopes because we don’t want anyone in between us and the people we’re mailing them to reading them. If I write a letter to my accountant I want my accountant to read it. I don’t want my mail man or any number of other postal workers & delivery people who will touch that envelope before it reaches my accountant to read it. Again, because it’s private. I’m not trying to hide the fact that I have an accountant, I’m just comfortable saying it’s no one else’s business what I talk to her about.

Encrypting an email is the same thing. It’s not being secretive, it’s being private. It’s taking a step (like using an envelope) to ensure that only the person you are sending the email to reads it. If you email your doctor you want your doctor to read that email, you don’t want your system admin, your ISP, an advertiser, a different doctor (or maybe your accountant or insurance company for that matter) to read the email along the way. You want the email to go from you your doctor unread by anyone else.

When you send an email, it’s more like a postcard. It’s wide open and anyone who bothers can read it. Encrypting it puts it in an envelope to prevent prying eyes along the way.

Because it’s private.

But using an envelope for a letter is easy, and everyone does it so it’s not looked at as suspicious. Which brings us right back to the issue about encryption being too difficult. It’s only seen as suspicious because a person has to jump through a few hoops to get it running, and thus only a small number of people make that effort. But people shouldn’t have to make an effort, it should be simple.It should not be suspicious.

And we should demand that our web services and email clients make it easy for us.