When you hear 'privacy,' what comes to mind?
This story is a work in progress.
Whenever I would ask this question, I would almost always hear something along the lines of "strong passwords" and "good online habits"—and rightfully so, this is all good advice. It's important to not give out sensitive information online (privacy is, after all, simply a matter of control) and to use strong passwords (or ideally, passsentences), but it's also alarming: what about the government surveillance we keep hearing about in the news? And what about those companies that sell our personal data? They are considered afterthoughts, if thoughts at all.
This mindset—that privacy is cybersecurity and cybersecurity is privacy—is a result of the nature of 'hacking' and mass surveillance.
Hacking is perceived as both personal and widespread. It could happen to anyone, and most people either know someone who has been hacked or have been hacked themselves. It's scary, it's personal, and it's prevalent.
Mass surveillance, on the other hand, is much less understood. While it's certainly widespread (and most Americans recognize that it exists), it isn't as personal as hacking. People find solace in the numbers: if everyone is being spied on, they feel that they are not being monitored individually but rather as a community. While this is deeply upsetting for some (for example, Muslim communities in New York City), it is considered permissible by others—and that's what got us into this mess in the first place.
The state of public opinion that allowed for the development of government mass surveillance is well described.
Corporate surveillance, operated by the likes of Google and Facebook, is even less associated with privacy. Because these services are perceived as opt-in (though they are not—I don't have a Facebook account, but I'm still tracked by Facebook), the services themselves are not perceived as privacy-invaders. Instead, the blame is passed on to the users who 'opt-in.' But how can companies who make their revenue invading privacy not be considered to be invading privacy? The users cannot be entirely to blame.
In its propulsion to the forefront of the public mind, hacking has another distinct advantage over the others: you know when it happens to you. Unlike other forms of surveillance which (in theory) operate silently, hacking doesn't. And hacking doesn't disguise itself under the guise of 'national security' or 'improved product suggestions'—it is overtly malicious. Corporate and government surveillance, while superficially noble, is covert.