It's only a dichotomy if you see it from the angle where data is sacrosanct and its beset on all sides by evil trying to do it in.
The better way to approach this issue, long term, is from a legal point of view with an interim state where encryption holds us over. That is the law decides who may or may not own or access a certain type of data with penalties upon tort or criminality. And we develop civil protocols for days governance between people and between people and governments.
Like trademark. You could have it so trademark, i.e. authentication, is protected by mathematics, or you can have it protected legally.
Personally I don't believe the answer to data theft or surveillance is more mathematics in the form of encryption, but sensible laws regulating data its, use and access with penalties for transgressing. Obviously this would require international cooperation and would be a long way off and in the interim we'd need encryption to protect against unauthorized access until we reach that state of data governance. But ultimately the answer is not "make everything s black hole".
We don't protect against thieves by building impenetrable houses, we rely on legal instruments to dissuade burglary.
Thieves can't traditionally steal your stuff on a mass scale without you ever knowing about it and then cost effectively use it to economically and psychologically manipulate entire populations.
Once someone has your data, you don't know what they're doing with it and neither does the government. Which means they have to be prevented from getting it in the first place, which means encryption and laws that encourage and facilitate encryption.
Then the problem is putting so much meaning to data. Why should my ID (or SSN) have so much value? Why should my medical records have so much value? Medical records have value mainly because it can lead to discrimination, so the solution to that is remove the value of discrimination (job, medical care costs, etc.) based on medical conditions.
Because it existed before the invention of public key cryptography and is now permanently entrenched. If you think you can fix that, go do it and then make this argument after nobody is using SSNs anymore. Also, your argument for not deploying cryptography is "we should solve that problem cryptography would solve if it was more widely deployed"?
> Why should my medical records have so much value? Medical records have value mainly because it can lead to discrimination, so the solution to that is remove the value of discrimination (job, medical care costs, etc.) based on medical conditions.
You say "the solution" like all we have to do is snap our fingers and people will stop discriminating based on medical conditions even though doing so is highly profitable. The way the laws against that type of discrimination work is by preventing the discriminating party from obtaining that information.
Also, good luck passing or enforcing a law that says prospective mates can't discriminate against you based on your medical or mental health records. To say nothing of the outright violence that would result if the names of women who get abortions became known to the wrong people.
> That is the law decides who may or may not own or access a certain type of data with penalties upon tort or criminality.
What if criminals are willing to break those laws? (That's kind of the definition of criminals, after all.) Who cares, you say, because data isn't sacrosanct? Well, some of the data we'd like to protect is financial, and criminals can use it to steal my money, so I care.
What if foreign governments are willing to break those (US) laws? Again, who cares, you ask? Well, if I'm a company facing foreign competition, and the foreign government is willing to do economic espionage to help their companies, then I care. And if I'm the US government or military, I definitely care.
What if the US government is willing to break those laws? It'll never happen, you say? Read some history. It's happened before, and it will again.
The law only protects me against people willing to obey the law. I also need protection against those unwilling to obey the law.
The better way to approach this issue, long term, is from a legal point of view with an interim state where encryption holds us over. That is the law decides who may or may not own or access a certain type of data with penalties upon tort or criminality. And we develop civil protocols for days governance between people and between people and governments.
Like trademark. You could have it so trademark, i.e. authentication, is protected by mathematics, or you can have it protected legally.
Personally I don't believe the answer to data theft or surveillance is more mathematics in the form of encryption, but sensible laws regulating data its, use and access with penalties for transgressing. Obviously this would require international cooperation and would be a long way off and in the interim we'd need encryption to protect against unauthorized access until we reach that state of data governance. But ultimately the answer is not "make everything s black hole".
We don't protect against thieves by building impenetrable houses, we rely on legal instruments to dissuade burglary.