Battle for individual privacy is winnable. There is no need to sacrifice convenience or security either.
What do we mean by privacy? Not having our physical location, activities, preferences, bodily environment, and not for public thoughts known to various entities without our permission. And no, indecipherable to laymen 20 page legal agreements to join an organization or website do not count as such permissions. (It is clear last remnants of contractual society have collapsed if one needs to pass a bar exam to understand what one is entering into.)
Terms of use the way they exist now are meaningless, actually promote violation of privacy due to inequality of contract initiation (lawyer to normal person), and most importantly, assume a private organization
can potentially have full control and rights within its domain (whether physical or digital)
if a beer guzzling illiterate presses "accept". Such feudal notions are laughable and have no place in the 21st century.
It would be intolerable for an office building to have hidden micro cameras everywhere. Cameras using face recognition software to constantly scan employee location/mood in various parts of the building, audio record and read their lips to see what they say, allow zoom ins on an employee during work, lunch breaks, bathroom breaks, etc. Cameras and sensors which record and store every possible bit of data from urine in toilets to heart/pulse rate fluctuations during meetings. We intuitively understand that physical 1984 dystopia in a private hierarchical organization is repulsive even if they promise to "not share your stool analysis data and lip reading with third parties".
When it comes to government, preventing such abuses is relatively easy. The mainframes and databases of the NSA, FBI, etc can be physically destroyed the way STASI files were. The people responsible for accumulating such records can be put into prison. The government organs of a replacement regime can then be made transparent using the latest technology (having the government as an entity have its "privacy" heavily violated by the public that it lords over). That does not mean collecting private conversations and urine samples from government employees but having tremendous real time access to an entity that is a monopoly of force within a given area. Also it is rather easy to use microcameras and sensors to record the government when it has proactive contact with the public where abuse can occur.
This means that when a policeman stops a car of a citizen, the citizen's car can and should record and transmit every aspect of this encounter in real time to the citizen's lawyer, public and private database, online etc. However, when the policeman is just cruising the neighborhood in his car and talking with fellow employees, such surveillance over him or her is intolerable. The government as an entity should have its macro level functions (policies, non-nuclear arsenal related activities) be under rigid surveillance by the public yet have the private lives of its micro level individual functionaries respected.
Preserving privacy and dignity within the physical and digital realm of private organizations is a lot harder task yet not an impossible one.
Sure we can start by:
1) Throwing the tyrannical idea of corporate personhood (key source of various major planetary abuses currently) into the dustbin of history
2) Legislating that large private organizations are cooperatively owned, democratically run, and have flatter organizational structures
3) Making all basic online contracts 5 sentences long for normal citizens
4) Have the government enforce individual privacy with the zeal of Switzerland or Luxembourg
However these efforts will still lag behind the exponential progress of surveillance technology from private individuals and organizations. What is needed is a moral and legal framework that develops a constantly active bubble of protection around every single individual. Such a protective bubble would guarantee that every person has the right to privacy (location, bodily environment, preferences, not for public thoughts) from the start. In other words, whether you are a public/private employee or a customer, certain key aspects of privacy will be understood to be off limits at all times.
For example when you go to a doctor and provide various bodily fluids for testing, that information would be stored
in your hyper encrypted database (residing either in your physical portable computer, virtual wallet, etc) and not in the doctor's database. The new government can perhaps distribute a sort of standardized Passport type database to everybody who wants it (to offer a sort of public option for groups like the elderly who are not as well versed in new technology). The idea would be that your privacy is like your property and things that occur on this property belong only to you. Sometimes you may loan your information (preferences) when you enter a physical or digital store for convenience. That loan will be returned as soon as you exit the store.
Sure, you may loan bodily information from your privacy property (existing within your database) to a doctor and his colleagues at times but at the end of the day the vault will lock. The Internet itself, the links between personal databases, can be made hyper encrypted to beef up anonymity to levels not yet imagined. This way, when you join a social networking digital realm of some sort, there would be a strict legal and cultural understanding that your informational loan can be taken back by you at any time.
This systems engineering task becomes increasingly easy to implement if key things like communication infrastructure is publicly owned and publicly financed/developed. This way the government builds say, 1 gig a second national hyper encrypted network that covers everybody for free (to be upgraded to say, 100 gig a second network as soon as tech advances) and has responsibility for preserving privacy on it. In this regard protection and augmentation of privacy becomes no different than provision of other welfare such as clean drinkable water and food.
There should not be financial incentives for private organizations to violate your privacy. Bandwidth should be "too cheap to meter" to reduce ads and allow entry for small developers. Google is already a de facto arm of the NSA and existing major private players like Facebook can be made to bend to the public will in the years to come (after their corporate personhood is shredded). Civilization will continue and people will continue to develop interesting software even after a major cultural change.
In part 2 I'll touch upon 21st century identity management, guarding against
mass scale production of encrypted fake identities, and technological defenses against privacy intrusions (such as privately owned satellites or flying machines tracking, spying, and exploiting this data).