Many of you are familiar with Heisenberg’s Uncertainty Principle. It basically states that, on a quantum level, the more accurately we measure one quantity, the less accurately we can measure others. The most common measures cited are location and velocity (oh, and velocity is both speed and direction, by the way). The most famous visualization of this principle, and some of its consequences (specifically the role of the observer in all this Uncertainty mess), is Schroedinger’s Cat. Never intended to be run as an actual experiment, it puts an imaginary cat in a box with food and water (to keep it alive), plus a vial of instant-acting poison which will be released at a random, unpredictable time (Schroedinger mentions a radioactive-decay-based trigger mechanism, but really any random trigger will work for purposes of the visualization). You know the location of the cat with absolute certainty (it’s in the box), but without opening the box you can’t know whether it’s alive or dead. Additionally, if it’s still alive when you open the box, you no longer know where it is, because it’ll take off at hyperspeed and hide in a pocket dimension for a while, as cats do. Not exact, but useful for visualization.
The Uncertainty Principle only applies to quantum behaviors, but it can be used as a starting point to describe other behaviors of other, non-quantum, things. In this case, I’ll use it as an analogy for different forms of security: physical safety, access control, privacy, and convenience. Many of you already understand this, but I wanted to address it anyway to add my own perspective to the conversation.
Security is a really difficult goal to achieve. The most secure computer in the world is the one that is never even built, with the second being the one that is never plugged in, even to power. The most secure vault is one with no door, the most secure password is one never stored anywhere, even in the memory of its creator.
All of these things are effectively useless, though. So we compromise slightly on the security in exchange for convenience. We build, then plug our computers in, so we can turn them on and actually use them. We build doors into our vaults so we can put things into them, and take them out later. We create passwords that we can actually remember, or store them someplace where they can easily be retrieved. Each of these compromises requires a lot of extra work to bring the security back up anywhere near what it was before the compromise, but too far and we lose all the convenience as well. We can have absolute security or absolute convenience, but not 100% of both simultaneously.
This is equally true online. Social media has made staying in touch with friends and family much more convenient – just post updates about events in your life once, and everyone gets it automatically. Much faster and easier than that yearly update “newsletter” your aunt sends to everyone in the family, and it can be much more detailed and interactive, too. This is where privacy comes in. Privacy is a form of security for your life choices and experiences. Since those status updates are stored on someone else’s servers, you’ve lost most of the privacy your aunt’s letters have – only your family even gets copies of them – in exchange for the convenience.
But at that point, convenience is a form of security for your ability to actually do the things you’d like to do in your life. The lower the convenience of an activity, the more difficult it is to actually do that activity, and the less likely you are to successfully complete it. Eventually, it becomes so inconvenient it isn’t even worth the attempt.
Picturing convenience as a form of security might be a bit difficult, so how about a scenario. Let’s say you’re standing watch over a facility of some kind. It doesn’t really matter what kind of facility, it could be a shopping mall or a military weapons depo, but whatever facility you’re guarding, someone wants inside to cause damage (rob the mall, blow up the weapons to prevent their use, etc.). When you detect this person attempting to access the facility, and they don’t respond to verbal force (“Stop!”, “Stay back!”, and similar are generally very effective for most assailants, as they’re trying to avoid detection, not kill everyone, and this is the required initial level of force when responding to threats), your responsibility is to step up the levels of force until they do respond. Most of these levels require no special equipment, but eventually you get to hard controls (blunt weapons intended to disable the assailant and reduce their desire to cause harm). If you, as the watch stander, don’t happen to have any hard control equipment on your person, your options are limited. You could go get one from an armory – a secure location to keep such things when not actively in use – but in the time it would take to do so, the assailant would likely already be inside. So you trade the security of keeping the equipment in the armory for the security of having it on hand when needed – that is, you check it out at the beginning of your shift, before you relieve the previous watch-stander, and then check it back in at the end of your shift, when the next watch-stander relieves you. The same principle applies to weapons at the deadly force level, which are strictly prohibited outside a combat zone unless the other levels of force have been unsuccessful.
It’s easy to see, in this scenario, how convenience is its own form of security. But we can apply that to our other examples from before. The computers we’ve built and plugged in can give us access to information we need to do (and thereby keep) our jobs. The vaults we’ve added doors to allow us a way to place valuables beyond reach of unauthorized persons. And the passwords we’ve stored for later reference (assuming we’ve stored them securely, of course) allow us to ensure we still have access to our own data. This approach can be applied to all kinds of convenience to see where an increase provides additional security. The big question is always what form of security we care most about. Ranking various forms of security from most to least important will help us make good choices about which tools are best for which tasks.
So physical safety – the doorless vault, the unbuilt or unplugged computer, the person standing watch – is one form of security, and among the most obvious. Access control – the combination on the vault door, the password on the computer, the watch stander’s request for ID – is another, also fairly obvious. Privacy – being the only one with the password to data which is only available through the password’s use, a closed door with no surveillance tech inside, the watch stander only allowing certain people through at any given time – is another, albeit a tiny bit less obvious than the other two. Convenience – the computer being built and plugged in, the vault having a door, knowing the password, the watch stander having the required response tools on their person while on duty – is the least obvious, but like privacy, no less important than the others. At least, not in general. But how to balance them?
Well, that comes back to which tool is best for a given task. Each scenario has different requirements for which form of security is most important, which is second-most, and so forth. That ranking will be different for each scenario, even if it does end up being very similar. Which brings me back to social media.
Physical security, in this case, becomes about data centers where your social activities are stored. Access control is generally via username and password combinations (the username tells the system who you are, while the password helps ensure you actually are the person associated with that username), though many platforms have added additional layers to their access control, generally in the form of a semi-random code that changes frequently. Both of these are considered the highest priorities, in no small part because they are among the simplest to implement, though neither is perfect in any case. Privacy and convenience, however, muddy the waters a bit. Platforms can prevent others from seeing your data, but then you lose the convenience of being able to say something once and have the whole world – or at least, the portion of it you care about – be able to see it. They give you control over this part of the process by letting arbitrarily group others, then control which groups see what information.
But there’s still the issue of your data being stored on their systems. How do you address that? One option is to trust that the platform’s owners and operators will not use the data you’ve supplied for anything beyond making sure your intended audience can see it. Of course, that rarely happens, mostly because it’s hard to make enough money to keep your servers running that way. So for many people, trust isn’t an option. What then? Well, you can choose not to use the platform itself at all. That satisfies the privacy concern, but sacrifices convenience. So maybe you set up your own server(s) to provide a similar platform. Nothing wrong with that – you control the server, so you know the data won’t be used for anything nefarious. But you still haven’t recovered your convenience, because your platform doesn’t have all of the same users as the platform you just left. So now you have to break the problem up differently. What information are you comfortable sharing with the entire world? What information will you need to present carefully in order to get the most of the convenience with minimal impact on privacy? What info is so sensitive that the convenience isn’t more important than the privacy? Then, you can start to use both systems – the public platform you don’t quite trust, and the private platform you trust implicitly – to their fullest potential.
But much like Heisenberg’s observation that knowing everything about a given quantum particle within a given instant is impossible, getting 100% of all types of security at once is beyond our grasp. Like scientists observing quantum interactions have to prioritize which properties of any given particle they’re interested in most, we have to prioritize our activities online by what is most important to gain from them. Often, we don’t need to completely abandon any given platform, so much as temper our interactions thereon for what we expect the platform to do with the data we’re generating.