Secrecy & Privacy

IN THE SPIRIT of establishing thorough definition(s) for all of the words and concepts employed in any discussion related to the subject matter of cybersecurity; we hereby provide terminological foundations in relation to the topic of privacy.

Secret Thoughts

A secret-thought is a thought that occurs in the mind of an individual, and has not left the ‘mind’ of the thinker to enter another person’s mind and/or machine’s ‘mind’ (yet). Secret-thoughts may be related to thoughts originating in other minds; but vital here is that nobody else yet knows, or can easily discover the contents of the same, or that the thought has been (or is being) thought by the thinker.

Secret-thoughts are an individual’s natural property alone.

Others may be able to guess a secret-thought; but that is different from certain knowledge. With secret-thoughts the thinker is in (more or less) complete control over any communicated thought contents. A secret-thought is—bound in/with time —because what was once secret, may no longer be secret at some epoch in the future. Secret-thoughts are protected from discovery by others—and are hidden/concealed in some way.

Secrecy is a state of being/existence for the thought itself. Secret-thoughts, by definition, (potentially) exist in a single mind—or no mind ever (or for a specific time period)—in the case of ‘lost’ secret-thoughts.

Open Thoughts

Every open-thought was once a secret-thought; but has subsequently been communicated to other mind(s), or else written down and stored in a place freely accessible to others. Open-thoughts are essentially, social thoughts. Open-thoughts exist (potentially at least) in everyone’s minds; and the originator may have little control over how, when, and to whom such thoughts are communicated.

Both open and secret-thoughts may be singular or composite; and thus be comprised of thoughts and sub-thoughts copied from elsewhere, and link-to and/or subsume (or represent) many other thoughts/patterns-of-meaning.

What differentiates open from secret-thoughts is their state of discoverability—and in this respect a thought is only secret, if there can be no possibility of transfer to another mind (at a specific epoch). Writing down a thought in a public arena, would potentially nullify secrecy; and hence such an exposed thought may no longer be classified as secret, and because it is—potentially discoverable (it is a hidden/lost open-thought until then).

It is vital to recognise that not only original-thoughts start out as secret. When someone thinks/duplicates an unusual thought originated by someone else, then the fact that they are thinking this same thought, may constitute a secret—and hence a changed thought—by itself. What matters is whether another party is able to access unique/original thoughts (or has the possibility of so doing).

Private Thoughts

A third class of thought is identified as a private-thought; defined as a thought which has-been/will-be shared amongst a restricted group of people.

Private-thoughts possess a special feature, in that they are distributed to a limited number of people; and hence some form of social sharing plus protection is implied; and in order to protect the status of a private-thought, and to prevent it from morphing into an open-thought. Discoverability is restricted and controlled by some mechanism/lock/key, plus social trust.

Privacy / Secrecy in the Digital Arena

IT is insightful to ponder a little further on the nature (and fundamental definition(s)) of secrecy and privacy.

To begin with, let us imagine that you are standing next to someone in a private location, before passing a real-world item/object to that person, and in a such manner that ensures (for argument’s sake) that this same action cannot be overlooked/discovered. Accordingly, it is easy to understand—that this act is absolutely private.

However things are not quite so simple—when you pass datagrams (messages, folders and files etc) across a remote wired/wireless communication system (e.g. a public WAN network or the Internet).

In particular, such a data-transfer may be visible and/or exposed to the actions of other programs/actors/people—and primarily because it has a public aspect—in terms of the visibility/accessibility of associated communications data. This is because the network itself is public—or open. For example, the packetised-data may be visible, and/or the wired/wifi communications may be observable/hackable; and/ or the associated Internet traffic could be spied upon in some way etc.

Regardless of whether or not any exposed—or persisted—datum-copies exist on the communication system itself (i.e. central copies)—one has to admit—that on an open-network—aspects of the live communication process may be visible to nth-parties. Hence communications must be (theoretically) no longer entirely private/secret—or at least in terms of the existence of any transferred packets etc; and most probably in terms of other aspects of the copy’s form/content.

Another problem, for items existing in the digital arena, relates to the mixing-up—of the media of storage, transfer and access—and in way(s) that likewise result in aspects of a copy’s form being rendered publicly visible/accessible.

Public Facets of Privacy / Secrecy 

Ergo, we are forced to conclude—that total privacy/secrecy—in relation to—the sum total of all aspects of a datum-copy’s form/content—for a digital communication processis quite simply, impossible to achieve

Our discussion implies that you (the owner of the copy and possibly any other legitimate copy user(s))—plus the communication/security system designer(s)/operator(s)—must choose which aspects of the copy—and hence communication process as whole—to make secret/private.

However certain aspects will, nevertheless, remain public!

In other words— security is all about deciding which aspects of a datum-copy can be wholly removed from public view (aka beholder’s share etc)—and which (inevitably public) aspects to protect using locking/ blocking/concealment mechanism(s) etc.

We can conclude that a secret/private communication process—taking place in a semi-public arena—always has public aspects—or facets— regardless of how powerful—or impenetrable—may be the protection mechanism(s).

Attaining Privacy / Secrecy

NOW it is rewarding to probe even deeper—and in a philosophical fashion—into questions surrounding the true nature of secrecy and privacy. We ask: what is secrecy, in-and-of-itself? And how do we keep something secret? What are the fundamental techniques for attaining/securing/preserving secrecy?

Unquestionably, these are fundamental questions (for any society)—and answering the same can help us to understand secrecy at a deep, and even philosophical, level. Ergo, we wish to come up with a strict definition for the term.

In this respect, right away, we notice that it is necessary to protect an item by concealing, blocking and/or locking its specific material-form and/or inner-meaning from others. In other words we must prevent other people from finding, contacting and/or knowing the item.

The job of an effective Security System is to ensure—for any private/secret item—that we successfully:

  • BLOCK/CONCEAL/ELIMINATE all of the item’s illegitimate access pathway(s) + BLOCK/CONCEAL legitimate access pathway(s) + LOCK the item’s entrance-gateway(s) present on any legitimate access pathway(s). In other words build a protective barrier (i.e. walls) around the item (i.e. place it in a safe/vault); and then create a locked door—being one that requires a password/secret-key/secret-method in order to open.

Whereby the following definitions apply:

  • BLOCKING access to the item; is to prevent any unwarranted person/actor from reaching it—and by means of blocked/inaccessible pathways.
  • CONCEALING access to the item; is to hide the item in a secret location and/or form known only to ourselves (the legitimate owner(s)/user(s)/actors)—and the same being one that is—for some reason—difficult to see/find/open/know by other people/actors (illegitimate persons/processes).

Privacy / Secrecy = Manage Accessibility

In conclusion, attaining/defending privacy/secrecy—for any item—may be defined as protecting the material/virtual-form and/or the informational meaning of a thing; or restricting its contents to the actual owner/legitimate-user of the thing alone. In other words, we wish to protect the secrecy of the item—in terms of who can see, access, know and/or change it (often in any way whatsoever).

The concept of privacy/secrecy is at the same time—and equally—socially defensive (broadest possible terms) and socially restrictive (narrowest possible terms).

Above all, privacy/secrecy requires that the genuine entry-method(s)—or valid pathway(s)—be used to reach the item’s form/content—which must be exceptionally well-defended (in social accessibility terms)—and remain so perpetually. Ergo, any and all unauthorised pathways/surreptitious entry-methods must be untenable.

Additionally—authorised entry-method(s)—must be of such a form/type/kind that they cannot be attained/guessed/stumbled-upon, or otherwise discovered/used/broken-into by any unwarranted-party/breaching-technique (including statistical methods etc).

In a nutshell, privacy/secrecy is the attenuation/whittling-down—or drastic reduction—of unwarranted accessibility options (entry-methods/pathways) for an item—whereby the (relatively scarce) authentic entry-method(s)/pathway(s) are perpetually out-of-reach to any and all unwarranted people/actors.