If you have 'nothing to hide', here's where to send your passwords

If you believe that you have "nothing to hide" from the prying eyes of the NSA, you shouldn't mind letting a stranger rifle through your bank statements, emails, and photos — right?
Written by Zack Whittaker, Contributor
Image via CNET/CBS Interactive

Nearly every week, I hear someone shrug off privacy issues with a claim that they're not worried because they have "nothing to hide" from the government.

Let's put a cork in it, once and for all.

Journalist Glenn Greenwald, love him or hate him, offered attendees at his October TED talk a bulletproof argument (as far as I can tell) against the "nothing to hide" argument.

He said:

"Over the last 16 months, as I've debated this issue around the world, every single time somebody has said to me, 'I don't really worry about invasions of privacy because I don't have anything to hide,' I always say the same thing to them.

I get out a pen. I write down my email address. I say, 'Here's my email address. What I want you to do when you get home is email me the passwords to all of your email accounts, not just the nice, respectable work one in your name, but all of them, because I want to be able to just troll through what it is you're doing online, read what I want to read and publish whatever I find interesting. After all, if you're not a bad person, if you're doing nothing wrong, you should have nothing to hide.'

Not a single person has taken me up on that offer. I check that email account religiously all the time. It's a very desolate place."

Throwing out that poor attempt of an excuse that you have "nothing to hide" just doesn't work. It never has, and it never will. It's lazy, naive, and borderline idiotic. Everyone has something to hide.

Even if it's just your password.

Do you remember that time you had that sexy webcam session with your then-partner? So does the NSA. How about that drunken email you sent to your work colleague, which you apologized for and was swept under the rug, and was forgotten about the next day? The NSA remembers. What about that phone call you made last year, which you don't remember the full details of, but you told that person something about work you really shouldn't have? It's fine because the NSA does.

Everyone has something they are embarrassed, ashamed, or frightened of. Everyone has secrets.

But why would the government go after you?

The truth is, a lot of the time it doesn't. At least, it doesn't specifically go after "you." It goes to the companies that you openly hand your data to, either directly or through a third-party company, and you aren't told of it.

Why? Because those companies -- most technology companies -- know almost everything about you. How? Because you unwittingly hand them your personally-identifiable information yourself.

Every search you make in Google, Facebook, or Bing -- pretty much every search engine and social service going -- can, will, and is being used to build up a profile on you. That's not a secret. It's their business model. They sell it to advertisers for clicks, and they generate money based on your information.

Even though there are no secret "backdoors" as such, rather automated data demand systems -- PRISM is one good example, the major Silicon Valley technology giants that store this data are just mid-steps between you and the government.

When the government doesn't seek out you directly and in a targeted way, it can indiscriminately vacuum up Google or Facebook or Microsoft's entire stash of data on you in a flash. That capability exists under sections of US surveillance law. The federal government has already been shown to do this with the Verizon metadata case.

But even if you think you are entirely immune from government surveillance because you're protected by the Fourth Amendment, which restricts unwarranted searches and seizures? You're not. We've seen in the last few weeks and months the vast scope of international surveillance, not just by the US government, but also by its friendly partners around the world. We've also seen enough evidence to suggest that vast domestic surveillance is currently under way by the US government, likely ensnaring your phone calls, your email, your social networking data, and even your real-world location.

These search engines, technology giants, and Silicon Valley companies don't forget, unlike in Europe in which they are forced to destroy data when it's no longer necessary. This information builds up, and up, and up over time and it's never forgotten.

In one instance, privacy campaigner Max Schrems forced Facebook under European law to hand over its entire stash of data on him. The result? More than 1,200 pages of data separated out in 57 categories -- years worth of his information.

The things you're embarrassed about five years ago? Google, Facebook, Microsoft and other companies probably still has it, and the NSA has legal access to that data if it needs it.

In the end, you don't have access to your data. You know it, but you've unwittingly handed a piece here and a piece there, allowing these companies and the government to learn nearly everything about you. Where you go, who you've seen and communicate with, what you say, and what you do.

You may not believe you've broken any laws, but with a vast profile in your name residing on a server somewhere, how can you possibly know? Could you be unknowingly aware of a person connected with crime, and be subject to searches without your knowledge?

And if you really, truly, whole-heartedly believe that you don't have anything to hide? You clearly won't mind someone rifling through your emails, your photos, your documents, your bank statements, and even your household trash -- not to mention your usernames and passwords.

Well, Glenn Greenwald's email address is here. Drop him a note, and say I sent you.

Editorial standards