Abstract
In this short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove examines the nothing to hide argument. When asked about government surveillance and data mining, many people respond by declaring: I've got nothing to hide. According to the nothing to hide argument, there is no threat to privacy unless the government uncovers unlawful activity, in which case a person has no legitimate justification to claim that it remain private. The nothing to hide argument and its variants are quite prevalent, and thus are worth addressing. In this essay, Solove critiques the nothing to hide argument and exposes its faulty underpinnings.

This short, 25 page paper covers more than a year's worth of newspaper articles and blog postings. Rarely do we see such a good discourse about a complex topic like privacy. This isn't a sensationalist piece like many articles out there. The author, A Professor Solove, even makes a point not to be sensationalist. I would quote the whole article if I were allowed, it was that good. But for the author's sake and for yours I will just share a few quotes I especially liked.

The court appears to grasp this distinction, but, unfortunately, doesn't follow it to the correct conclusion. In a footnote, the court points out that capturing URLs of webpages visited "might be more constitutionally problematic" because "[a] URL, unlike an IP address, identifies the particular document within a website that a person views and thus reveals much more information about the person's Internet activity. However, an IP address can point to a particular website and can also be used to identify "much more information about the person's Internet activity." For instance, it can be combined with information about the size of a file downloaded from a particular IP to identify a particular page on a website.

On top of this casual, erroneous reasoning, the court oddly says almost nothing about how the surveillance actually occurred. Indeed, at one point the opinion says, "the government applied for and received court permission to install a pen register analogue on [defendant's] computer." Ordinarily, pen register surveillance takes place on the provider's system, not on the target's computer; so this statement, along with the fact that keylogging software was used, raised questions about whether the court approved physical entry or some kind of remote surveillance like the FBI's "Magic Lantern." EFF has confirmed with defense counsel that the surveillance in fact occurred at the provider's system, but these ambiguities only underscore the need for review of the opinion.

In Friday's ruling, the court said computer users should know that they lose privacy protections with e-mail and Web site addresses when they are communicated to the company whose equipment carries the messages.
.
.
.
The ruling "further erodes our privacy," the attorney said. "The great political marketplace of ideas is the Internet, and the government has unbridled access to it."

The court case is a bit bogus, the guy was manufacturing Ecstasy, which I'm sure didn't help. Ingoring that detail, it is quite scary what the courts just said was allowable. They can watch where you go on the internet. The whole idea of 'they can't see what you are looking at' is bs. Any user can look at a URL visited and type it in themself to see what is there. The compare it to looking at the outside of a package. I can't just get another identical package and open it though, with the internet that is the case. So much data is also passed through the URL bar (anything with ?function=value after it is passing data (look at your google search page. Notice the q=proxyhost.com. Is it REALLY not invading my privacy? Remember the AOL case where the leaked millions of searches and people could be identified and their privacy was violated?