This post was presented as a brief talk during the LessWrong curated talks event on July 19. 

Here is a transcription of the Q&A session following the talk. 

---

mr-hire: I'm curious if you've thought about what training this at scale would look like. When I was younger, I remember being trained a little bit on how to keep secrets, just with friends and stuff, but what would it look like if you had ways to train more deliberately?

Raemon: I know some people who have actually thought about this a lot and have entire world views and practices oriented around it. For me, I noticed that I wasn’t good at keeping secrets, which was at times a problem for my relationships. So I actively thought about it for a while and increased my ability.

So the short answer is: do lots of thinking and practicing. To answer your question about training at scale, I have two ways that you can teach this.

First, you can teach people trigger-action plans for dealing with secrets. A key piece of such trigger-action plans is the ability to notice when you're in a conversation that might create  sensitive information or bear on information you already have that is confidential.

Being able to notice that is much of the battle, and then having follow up actions like “slow down and think before you say each new thing”, or “deflect the conversation in a new direction”. So that's a skill I came up with on my own. 

Another skill someone else pointed out, for situations where you find out confidential information about an organization, is to have different mental models for storing public and private information and keeping track of them differently. 

And then, when having a conversation, live inside one of the two different models. This doesn't work for me yet. I haven't really tried to do it, but it's a thing that seems to work for at least two people that I know of.

---

johnswentworth: So given that a big part of a secret is the fact that a secret exists, how do you ever trust that someone can keep secrets if they tell you that they have kept secrets before?

Raemon: Well, there technically was a whole second half of this talk. I have multiple blog posts coming that deal with a lot of like, "Hmm, this topic sucks. What do we do?" One of the problems is that people don't even necessarily mean the same thing by secret. Sometimes it means they just don't bring it up. Sometimes, it means they do not reveal any Bayesian information that can possibly inform people that the secret even exists.

And sometimes, it's just like Alice saying, "Bob, just don't tell Charlie. You can tell Dave. Just make sure it doesn't get back to Charlie." So what I try to do, noticing that we’re getting into a sensitive situation (or ideally if I have detected that the person I am speaking with has an ongoing, long-term relationship with the person where secrets are likely to come up), I try to have a meta-conversation about what secrecy means to them, discussing what the various parameters of secrecy are and which ones are the most important to them, before a specific secret comes up.

Sometimes, the duration of a secret matters and  you need to keep it to your grave. Other times  it could simply be a controversial thing happening in the next three months and I need you to keep it quiet until it is over. 

Generally, I don’t think it is actually tractable to not give Bayesian information that you have any secrets. I think a slightly better equilibrium is where there's some glomarization of “I can neither confirm nor deny that I have secrets relating to this thing”, and you just always say that whenever this conversation comes up. And then, you get into the meta a bit. A practice that I like to do while having this meta-conversation is avoid making eye contact. Not looking at each other while having the conversation ensures  our micro-expressions aren't betraying any information until we have built up a little bit of trust.

Ben Pace: I am also much more likely to accept a secret if it's on a three-month scale rather than a four-year or  permanent time scale. 

---

ricraz: I guess if we take a Hansonian perspective and we say, "Is keeping secrets really actually about keeping secrets...?"

Raemon: Oh my.

ricraz: A lot of people around here have quite high scrupulosity. I am fairly low on this. A lot of the time when I say to somebody, "Please keep it a secret," it's just mostly a social nicety. Maybe it reveals some information about them if they don't keep it secret, and maybe I'd feel a bit annoyed... But it feels much more like it's a standard part of the interaction I'm having with them. Maybe I'm ticking a box or something. 

It feels fairly rare that I'm telling somebody information that it's crucial for them to keep secret. And so, I wonder if actually outside a corporate context like, "Please don't give away our secret product plan," and stuff like that, how relevant is this actually in most social interactions?

Raemon: So another pet peeve is that, most of the time, I think people are doing something like what you just said--keep it on the downlow. Keep R0 of the secret <1 if you can. 

The tricky bit is that's what people need most of the time, but if the secret ends up causing them more damage than they expected, then they're like, "No, you said you would keep it a secret," and then retroactively judge you harsher than you might have assumed. 

So one of the key things I want is transparency about what level of secret we're talking about. So if people start telling me anything confidential, one of the first things I say is, "FYI, the default thing I am going to offer you is, I will try a little bit to keep R0 of the secret less than one, but I'm not going to try that hard. And if you want more than that, you are asking me a favor and I'm checking if you want to ask me that favor."

And most of the time, they don't actually care about that, the more high-level secret. I do think in the rational sphere and the ecosystem, there's a lot of blurry lines between, "Ah, I'm just commenting about my friend," and, "Oh, my comments about my friend actually directly inform whether some other person's going to give that friend a grant," which makes this all a bit trickier. So the main thing I want to get out of this is to have common knowledge of what the default norms are and of what favors you're actually asking of people.

jacobjacob: So I heard you ask,  Richard, if  this really matters or if it matters only if you know some important intellectual property due to your work? And I think there's a thing where a small secret with someone might be fine, but if you need to keep track of 10 or 100 small secrets across a large number of people, then whenever you say a sentence, you have to run this working-memory process which checks the sentence against all these secrets you have to keep track of, in various weird interactions. And you get to a point where this messes up your ability to have conversations or to think clearly, even if the individual secrets themselves are not super important.

Ben Pace: Yeah. I don't enjoy how much obfuscating  some people have to do in conversations with me when we're trying to talk about the same thing, but they can't say anything because it would betray that they know some information that I also know. I was expecting you to say something like “it's also hard to tell if someone's good at keeping secrets, and so, being able to keep secrets about small things is often the only way you can even check. If someone only keeps secrets about massive important things, it's often hard to know about those things, because you're not privy to them”. And so, it helps the person doing the right thing in smaller iterated games. 

---

George Lanetz: When I thought about this problem a while back, I decided it's impossible to really keep my privacy. So I committed to a life that won't require that. From your talks with other people, how often did you find that they actually care about their privacy? And how many people do that if they are not presidents or something like that?

Raemon: I run into social circles that are one or two steps removed from a lot of EA grants, and this comes up a lot there, where there's informal situations that turn out to have fairly strong financial stakes. So I think I've probably interacted with 10 people, plus or minus a few, where some kind of common understanding of what secrecy meant mattered.

Ben Pace: I also have really strong feelings about the things George said. I think Vitalik Buterin has said something relevant here. Namely that the less privacy you have, the more Hansonian things get: the more signaling that you're doing on all of your supposedly “private” conversations. I think the internet has generally done this a lot. People used to be able to have informal bonds of trust, but then suddenly it gets recorded and put online.

And then, a million people see it and you're like, "I can't live my life where a million people are watching all of my interactions, all of my moves, checking whether or not they're good." It would talk more time to make this point in full.

I am very good at keeping info secret including when the other party hasn't explicitly said it's confidential but I have some reason to believe they might have wanted it to be if asked.

It is costly.

I am worst at figuring out when future me might have wanted it to be confidential if asked.

Conversations with Ray clarified for me how much secret keeping is a skill, separate from any principles about when would agree keeping a secret was good in principle, which has been very helpful in thinking through confidentiality agreements/decisions. 

One thing to consider here is legal duty to disclose certain information and that should form a part of such meta discussions.

Brief review: I think this post represents a realization many people around here have made, and says it clearly. I think it's fine to keep it as a record that people used to be blasé about the ease of secrecy, and later learned that it was much more complex than they thought. I think I'm at +1.

Promoted to curated: I think the consequences of privacy and how to navigate is a topic that isn't covered well enough on LessWrong. A lot of information I interact with these days is confidential, and I've had to do a lot of work to figure out good norms and rules about how to navigate these situations, and have seen many people get into quite a bit of conflict over differing norms around privacy. I think this post covers one of the most important norms/questions in this space, which is to allow open and transparent communication about those differing norms. 

I think about this alot with regards to sexuality. I've always found the expectations of closet gays with whom I've had encounters to keep the encounter secret to be unfair, theres a cost to me in conversation with friends, and like everyone I talk about my relationships with friends for advice and I think this important for my mental health. When I share this secret, its in the vein that I'm confiding knowledge X with you, and you can share it (with your circle of trusted confidants) provided it doesn't get back to the person its about or someone whom may act differently towards that person because of now knowing X. This is my default. But if I'm telling a 'super secret' I'll emphasise to my friends that it really can't go outside the room, or the consequences if it does, getting the mutual understanding this post advocates for. I think that usually I leave it to the other person to make their own risk evaluation on further spreading X: but they know if caught spreading X willfully with insufficient effort to not spread X, that they will have 'broken my trust' and henceforth loose access to my secrets. In effect, they evaluate the risk to loosing my close friendship. But when they trust another to not further spread X, they build trust which is foundational for friendship. Thus secrets and gossip are both useful and risky regarding friendships.

For personal communications, meta-conversations seem fine.

If you're setting up an organization, though, you should consider adopting some existing, time-tested system for maintaining secrets. For example, you could classify secrets into categories--those which would cause exceptionally grave harm to the secret's originator's values (call this category, say, "TS"); those which would cause serious harm ("S"), and those which would cause some noticeable harm ("C"). Set down appropriate rules for the handling of each type of secret--for example, you might not even write down the TS ones unless you had a very secure safe to store them in, or verbally discuss them outside of protected meeting rooms; and you might not do anything with the S secrets on an internet-connected computer. Anything above C might require a written chain of custody, with people taking responsibility for both the creation and destruction of any recorded form of the information.

You would then have to watch for mutual information in your communications, and see that no combination of the information that you publicly released could cause a large update toward one of the secrets you were keeping.  You'd also want to think of some general steps to take after an unplanned disclosure of each type of secret.

It may not sound like the most efficient way to do things, but there's some pretty high Chesterton's Fences around this kind of policy.

Can you keep a secret?

As far as I know: yes I am good at keeping secrets.

How do you know?

People have observed, that I am very concious about talking about other people. I say things like "you better ask them this in Person" or changing topic when permission groups don't match (e. g. more people present than previously). Like many people, I am concious what's on red tape and what's not. Personally I advocate for transparency but I've learned that some people only make deals when off-tape.

This results in people telling me more secrets. They know I can keep them - they have observed, how I not crack when asked about information I probably have.

Person in my sports club once told me about patients of them. After describing vague psychological behaviour I stopped them and said something along the line of "I probably don't know the person but it's easier than you might think, to pin down individuals based on behaviour". I have a degree in computer science with focus on information management, information transportation, analysis... etc. Maybe that's because I sort of know how much information can be contained inside random excerps. I advocate in fahour of the GDPR and am fairly privacy-minded. I know how e-mail addresses can be used to trivially match online accounts. Thats's why my LessWrong account has a randomly generated e-mail address. Etc.

What exactly do you mean by secret?

'Secret' is someone not to be shared. It's very different from 'not telling'. 'Not telling' means that I say it thruthfully when directly confronted. For example the question "Are you seeing other girls?" is a classic question which I would put under 'not telling'. There's nothing to be gained from yelling it into the world. But if someone asks I'd answer the truth (example completely fictional). 'Secret' on the other hand requires some more active work. Tracking the information which a person knows or knows not. Knowing the relationship between the people. If A told me this and B is a trustee of A then this person probably either knows it already of A hides it from B. That sort of stuff. I think the easiest way to solve this is by containerizing 'Secrets'. Like in a way of 'never say this unless you double checked that it's okay to say right now'. Usually I say the truth. There are no logical loopholes if you answer "can't tell" instead of faking something.

Also helpful: I have a reputation for being a really bad liar. That's good. Because 'acting like a liar' is a good thing when you want to tell the truth on paper while still gaining no acceptancy.

I think my definiton of secret is a bit wonky and might need adjusting. Overall I think the term 'Secret' ist used for too many vague things.

I don’t personally find keeping secrets a significant enough hardship to be worth asking people to tell me fewer secrets. I just asked a friend of mine, and they feel the same as me.

My hypothesis is that you feel differently because you hear a lot more secrets, and each additional secret carries an additional mental burden to not reveal it. Perhaps when you know too many secrets, you have a greater meta-challenge of separating them from each other and remembering which groups each secret can and cannot be discussed with.

What are the factors behind one’s mental burden of keeping secrets? I think the number of secrets one hears depends on both the number of people you converse with regularly and those people’s propensities to share secrets. And since secrets are only a burden during conversations, the frequency that one converses with others is also a factor. Thus, if someone has less social interaction in general, they would be more likely to would not think of secrets as a big deal.

As for why people don’t self-evaluate whether they have the ability to keep secrets, after thinking about it now, neither me nor my friend can remember a time we leaked a personal secret that was explicitly labeled as one. (It probably happened when I was a young child and didn’t understand secrets, but I can’t remember it.) So that’s two data points towards it being okay for most people to assume that other people are able to keep secrets.

Upon reflection, I do realize that I have sometimes shared secrets that weren’t labeled as such. In such cases, one person assumed I wouldn’t tell another person the news they were sharing, but I didn’t see the harm in it. I wouldn’t call those failures to keep secrets, though; they are more like failures to understand social norms or failures to guess at someone’s unstated feelings. The secret-sharer can easily solve that problem once they know about it: just say “please don’t tell so-and-so about this; I’d like to keep this private”.