"Nothing to Hide, Nothing to Fear": Dissecting Big Tech's Favorite Myth

Today’s Privacy Debates

As more and more regions seek to implement increasingly robust laws regulating online activity, digital privacy debates are more timely and important than ever. In the European Union, proposals referred to as “Chat Control” would require platforms to scan private messages for illegal content. Five EU countries have also begun implementing policies to age-gate certain websites. In the United Kingdom, policymakers have not only implemented age-verification requirements for adult websites, they’ve proposed extending those requirements to tools like VPNs. Meanwhile, several U.S. states are introducing laws that mandate age checks for social media platforms and adult websites.

Supporters of these and similar policies often rely on a familiar argument: “if you have nothing to hide, you have nothing to fear.” The same phrase frequently appears in discussions about Big Tech’s data collection, where it’s used to justify gathering and monetizing user data. But the argument has long been criticized as flawed, as our founder explains in the clip below...

So why does this argument keep resurfacing? Where does it even come from? Does it actually make any valid points? Let’s unpack it…

An Argument Older Than Computers

Did you know that this argument is older than the Internet or even computers? While we don’t know precisely where the argument originates, experts attribute one of the earliest examples of this “nothing to hide” argument to an 1888 comedy novel by Henry James called The Reverberator, about a man who learns about juicy gossip and decides to publish it in a local newspaper: “If these people had done bad things they ought to be ashamed of themselves and he couldn't pity them, and if they hadn't done them there was no need of making such a rumpus about other people knowing.”

One of the first uses of the actual phrase was in Upton Sinclair’s 1917 book The Profits of Religion: “Not merely was my own mail opened, but the mail of all my relatives and friends — people residing in places as far apart as California and Florida. I recall the bland smile of a government official to whom I complained about this matter: ‘If you have nothing to hide you have nothing to fear.’” From here, we see usage of the phrase and the argument spread across the globe and be used largely by real and fictional governments attempting to justify surveillance of their citizens. Many attribute the quote to the Nazi Minister of Public Enlightenment and Propaganda Joseph Goebbels who sought to justify his government’s actions before and during World War II (although we know now that it existed beforehand). It was also used in the early 1950’s by U.S. Senator Joseph McCarthy and other similarly minded politicians to justify the creation of "loyalty review boards" during the second Red Scare. In fiction, we see the phrase famously used by the all-seeing state in George Orwell's dystopian novel 1984, and in Alan Moore’s classic graphic novel V for Vendetta.

In the 21st century, as technology has enabled more advanced and robust surveillance than ever, usage of this rationale has increased exponentially. To give some examples, we saw it used in the U.S. after the 9/11 attacks during the passage of the PATRIOT Act in 2001. The United Kingdom made comparable arguments when expanding nationwide CCTV camera systems nationwide. China has used it in response to criticism for its extensive monitoring infrastructure and the rollout of a nationwide social credit system. As recently as 2015, conservative MP Richard Graham has invoked the same logic in support of a controversial surveillance bill.

But, as you’ve no doubt seen yourself, it’s not just governments who use this argument anymore…

Big Tech Grabs the Baton

As the internet grew, so did the amount of data that companies could collect about their users. Computer networks have always gathered certain data for diagnostic reasons, but user activity wasn’t always so closely monitored. In fact, when Facebook first launched, it marketed itself as a safer and more private alternative to MySpace, since it required users to have a college email to join. However, that reality quickly began to change as the rapidly growing market for “targeted ads” transformed the online economy. User monitoring proliferated as companies realized how profitable it could be to track behavior and serve ads based on interests, browsing habits, and demographics.

Over time, this approach evolved into a surveillance based business model. It was no longer just about ad targeting, but about predicting and influencing behavior. Before long, these companies were gathering more data and accurately predicting user behavior better than any government, and did so with substantially less scrutiny. Thus, Big Tech and Big Government formed a surveillance match made in heaven...or perhaps somewhere else. Big technology companies are able to obtain user consent for tracking and profiling that government agencies would normally need warrants to collect directly. In turn, government agencies can buy information from data brokers to circumvent the need for warrants. Historically, many government databases were deliberately kept separate to limit abuse. But now that tech giants and data brokers are able to consolidate vast amounts of personal information in one place, we see entities that are combining government databases with private sector user targeting and profiling and using that data out in the world. Worse yet, we now see the same justification repeated from both governments and companies.

Sounds Reasonable, Doesn’t It?

The “nothing to hide” argument continues to be used because it’s effective at transforming the language of consent. Instead of focusing on the actions of government entities or tech companies, the responsibility is turned on the individual. But here’s the thing: there is no amount of consent that can account for Big Tech’s privacy violations. Why? Because it’s not clear where the data winds up or how it's used. It can determine if you get a job or insurance or an apartment or access to healthcare. These are complex issues of surveillance and data collection that have many layers and require detailed and highly technical debates. But the “nothing to hide” argument simplifies a huge and tricky debate into a false binary: people are either “innocent” or “guilty.” This positioning makes it easier for the general public to accept broad monitoring without fully considering the consequences, since no one wants to be one of the “guilty” ones.

Another part of why this argument works is that it pairs surveillance with a promise of benefits. Governments present it as “safety” and “security” for you and your family, while tech companies guarantee “personalization” and “convenience.” Let’s also not forget that, in the case of tech, the vast majority of software and services require that you accept ALL of their terms and conditions in order to use them (another manufactured binary choice). Add to this that the idea of mass data collection, especially now, is largely intangible because we don’t see anyone monitoring us. Thus it’s very easy to forget just how much we’re being tracked over time. So when users are faced with a manufactured binary choice where opting in is quick and “painless” and opting out is inconvenient and cumbersome, most take the easy route without thinking, and have a convenient platitude to justify that choice that makes them feel like good, upstanding citizens.

Unfortunately, the longer this narrative thrives, the more normalized it becomes. Constant surveillance and data harvesting slowly settle into the status quo, reinforced by assurances from tech companies that “we care about your privacy.” Yet evidence consistently shows that privacy protections are often limited, and the incentives for continued tracking remain strong. That’s why it’s vitally important for users to understand the true implications of the choices that they make and the deceptive arguments being used to manipulate them.

Debunking the Myth

The argument that “if you have nothing to hide, you have nothing to fear” falls apart easily when you look at everyday life. People keep diaries, lock doors, and maintain private conversations and photos every day. They don’t do it because they are doing anything wrong, but because privacy and discretion are important boundaries and human rights. Most of us wouldn’t question someone for wanting a moment alone in their room, so why do we expect people to share everything online? The same logic still applies in the digital world: having digital privacy doesn’t indicate wrongdoing, it simply reflects normal expectations for personal space.

More importantly, digital surveillance does not make us safer. Recent incidents, like the Discord ID data breach that exposed 70,000 IDs, show how “ID verification” can actually create treasure troves of sensitive information for bad actors. Mass data collection can also fuel government overreach, as seen with China’s surveillance targeting dissidents or mistakes in U.S. systems like ICE’s facial recognition misidentifying citizens. Lawsuits against major tech companies for unlawful data gathering (including cases involving children) prove that people often have little to no idea of what they are really consenting to. But there is encouraging news! Public debates around new and proposed “digital ID laws” show that more people than ever are paying attention to how personal information is handled. By thinking more critically about the systems shaping our digital lives, we can create a world where privacy is standard and not treated as suspicious.

A Better Way Forward

The challenges around digital privacy are complicated, and there’s no single solution to a multi-pronged problem. This is especially true in a tech ecosystem where users often trade privacy for convenience, advertisers fund “free” services, and governments rely on tech infrastructure to function.

One important step is engaging with lawmakers if you live somewhere where you can. While the vast majority of people would consider privacy a human right, human rights can’t exist if there aren’t laws to protect them. That’s why it’s important to pressure your representatives to oppose laws that harm privacy, such as KOSA or online ID check laws, that compromise privacy, enable censorship, and harm children. It’s also important to express your support for laws designed to protect digital rights, like the GDPR in Europe or the CCPA in the US. Laws can enforce standards that put more autonomy and choice in your hands, like how the GDPR’s mandatory cookie consent rules have helped European internet users more easily manage the data that websites can gather on them. That’s why smart and effective regulations are crucial to the fight for privacy.

On the personal side, there are practical tools to keep your data out of the surveillance ecosystem. Use private email providers (like StartMail), VPN services, and encrypted message apps that don’t sell your data. Create unlimited aliases with StartMail to hide your real email and prevent tracking. Rely on private browsers or ad blockers to limit device fingerprinting. These are all tools that put you back in control of what you share and with whom.

Finally, don’t be afraid to call out the myth when you hear it. When you hear the old “nothing to hide” line, help them understand the real implications of what they’re saying. You can outline the arguments given here, or you can simply say to them “okay, so unlock your phone and hand it to me!”