No security without privacy

Some clear thinking from Bruce Schneier. He quotes a colleague of US Director of National Intelligence Michael McConnell, about a proposed plan to monitor all internet communications for security purposes, as saying 'privacy and security are a zero-sum game.' Schneier comments:

I'm sure they have that saying in their business. And it's precisely why, when people in their business are in charge of government, it becomes a police state. If privacy and security really were a zero-sum game, we would have seen mass immigration into the former East Germany and modern-day China. While it's true that police states like those have less street crime, no one argues that their citizens are fundamentally more secure. We've been told we have to trade off security and privacy so often -- in debates on security versus privacy, writing contests, polls, reasoned essays and political rhetoric -- that most of us don't even question the fundamental dichotomy. But it's a false one.

The debate, Schneier points out, 'isn't security versus privacy. It's liberty versus control.' Exactly. The familiar saying 'if all you've got is a hammer, you're going to see every problem as a nail' comes to mind. Control is something governments can do. It is, in fact, a large part of their raison d'etre, and justifiably: there are some things that only government can do, and one of them is creating statutes and maintaining order. But control isn't the only way of bringing about security, just as cutting anthropogenic greenhouse gas emissions isn't the only way of stabilising the climate. Government should do what it is good at: articulating our security needs and raising the revenue required to achieve them. But it should leave open just how those needs are to be met. Rather than impose questionable new controls, government could let the private sector devise the most efficient means of enhancing our security within the existing statutory framework.