The “nothing to hide” argument has been a common fixture of post-Snowden discussion about surveillance and privacy. Most likely, you’ve heard some iteration of it in conversation—“I have nothing to hide, so why would I care if the government knows who I call on my cell phone?” Widely considered a fallacious argument by cybersecurity and legal experts, the “nothing to hide” argument also contains implicit assumptions about the divide between public and private–themes that pervade our discussions of digital communication more broadly. Most notably, shades of the “nothing to hide” argument appeared in recent discussions surrounding the leak of nude celebrity photos stolen from iCloud.
In the “nothing to hide” argument, citizenship trumps privacy—the statement declares that one is willing to exchange the privacy of their information for increased national security. With this in mind, many have objected to the “nothing to hide” argument for its legal implications. For instance, danah boyd wrote that the argument fails to consider the ways that data can be manipulated and filtered to cast an individual as guilty, and in so doing, it comes dangerously close to bypassing the “innocent until proven guilty” standard on which U.S. justice allegedly rests.
Importantly, the “nothing to hide” argument also rests on a conception of privacy as a form of secrecy, as Daniel Solove wrote in the Chronicle of Higher Education. Rather than seeing privacy as an essential right that contributes to a healthy life, the “nothing to hide” argument rests on a deep skepticism about why anyone would desire to keep certain information private. Additionally, as Solove notes, privacy is a particularly difficult concept to articulate. He writes that:
It is a plurality of different things that do not share any one element but nevertheless bear a resemblance to one another. For example, privacy can be invaded by the disclosure of your deepest secrets. It might also be invaded if you’re watched by a peeping Tom, even if no secrets are ever revealed.
The difficulty of articulating privacy means that, in instances where an individual claims their privacy has been invaded, they are often met with resistance. For instance, someone spied on by a peeping Tom may find their claim to privacy invalidated because of vague laws that fail to accurately define a “reasonable expectation of privacy.” In digital environments, this becomes all the more fraught.
After the September 2014 release of nude celebrity photos (crudely nicknamed “The Fappening”), a strain of commentary emerged that highlighted the public/private tension of the “nothing to hide” argument. In the aftermath of the leak, many took to Twitter with the hashtag #ifmyphonegothacked. These posts were often jokes about the fact that the users in question only had the most innocuous pictures phones—excessive animal photos, photos of food, and so on. The tweet generally included an example of the type of picture on the user’s phone, and sometimes included a comment that the user was “smart enough” not to take nude selfies. As Jill Scharr notes, this not only misses the point that the leak was an invasion of privacy due to lax security on iCloud’s part, but crosses over into victim-blaming and moralizing.
The #ifmyphonegothacked tweets point to the same misconception about privacy that pervades the “nothing to hide” argument—that privacy is a form of secrecy, and thus should be regarded with suspicion. In arguing that the most scandalous photo a hacker would be likely to find on one’s device is an awkward (clothed) selfie sent to a friend, and by posting this photo along with the #ifmyphonegothacked hashtag, the user is putting seemingly private or embarrassing content on a public forum. The subtext here is that while, yes, it may be embarrassing for a third party to see the photos, the user has nothing to hide—and that if you do have something to hide, you have done something wrong.
In this way, the #ifmyphonegothacked hashtag makes a much more chilling statement—that the women in question are in the wrong for maintaining private lives, for using their devices to express their sexuality (an increasingly common phenomenon). As Kelsey McKinney writes:
In reality, few people are above this. There is nothing wrong with libido, nothing wrong with sending a picture or a video or a snapchat to another consenting adult. What’s wrong about these photos isn’t that they exist or that they were shown on the internet. What’s wrong is that they were taken and distributed without consent from the parties involved.
In this way, the #ifmyphonegothacked hashtag not only misses the point about the crime at hand, but combines one of the most problematic arguments about security and privacy with the cultural bias against female sexual expression.
While the difficulty of articulating a right to privacy in digital environments remains a problem, some of the responses taken after the hacking and theft do hint at potential solutions. For example, 4chan (the message board site where the photos were initially posted) instituted a DMCA policy that would allow victims of hacking to have their photos removed on copyright grounds. However, these solutions come no closer to preventing these leaks in the first place, and certainly do not make up for the violation suffered by those whose intimate images are posted—violations that occur as much through the revelation of the images as well as the shaming and victim-blaming that follows.