At the beginning of the internet age, people used to go online, but no longer. Instead we live there from the moment we first pick up a smartphone to the moment it is laid on a bedside table. Our digital lives are now as real as money, and so debates about online privacy are actually about our political freedoms. Around the world these debates are reaching very different conclusions.

Last week, the Indian supreme court decided that the country’s constitution guaranteed a right to privacy. This disrupts and at least delays the government’s plans to ensure that everyone in the country not only has, but must use, a unique identity number tied into biometric scans, so that in theory (for in practice the technology is always flawed) more than a billion people can be reliably and uniquely identified.

Yet on Monday China moved still further in the opposite direction, with a regulation that aimed to ensure that no one could post anything on social media without their real identity being easily accessible. The Chinese government does not believe its citizens have any right to privacy at all. This is also the attitude of the American tech industry, for whom personal information about its users has been the foundation of immense fortunes. At the same time in the US, the constitutional right to privacy has been central to culture wars of the last 50 years and it supplied the legal justification for the sexual revolution.

Privacy, it turns out, is always limited. What matters is not the fact that we have secrets, but whom we keep those secrets from.

In that light, there are several dimensions on which privacy might be measured: there is the ability to keep secrets from governments, from private companies, and from the media, as well as from our neighbours. And in all these areas the principles that seemed self-evident in the pre-digital era do not easily translate into the digital world.

The trade-off of privacy for convenience and even power is one that many people are happy to make. Few in the west keep any significant secrets from their smartphones, which know whom we talk to, where we have been, and what we write, read, watch and photograph. Within a few years, they will be monitoring our vital signs as well. When these powers are bent to malicious use, as they are in the spyware used mostly by jealous men as a means of controlling women, they are unmasked as existentially frightening, but for the most part people are content to conceal them behind a haze of willed ignorance.

Some restrictions on privacy are obviously desirable. In fact, they are necessary for any kind of civilised existence. The kind of privacy that entirely conceals identities can and, online, has destroyed communities. Reputation and responsibility are essential to society. If you don’t know whom you are trusting, you can’t trust anyone.

But there are opposite and perhaps equal dangers in the complete absence of privacy, when you are trusting strangers with potentially vast quantities of information about you. This is clear enough from the case of China, where the knowledge of who is posting what on social media is clearly a means for the reinforcement of tyranny. The mucky tides of fake news and other sewage that sweep through the social media should certainly be cleaned up, but not at the price of constructing an authority that would know everything about everyone who posts or reads there.

What makes the move from principle to practice difficult is the extraordinary power of computer networks to consolidate and sift information, whether it’s true or false. Computers gossip. What we tell one may soon be known to millions. There are strong reasons to tie a personal digital identity to health records, tax records, banking records, and even purchase records – if only to ensure that these are not accessible to the wrong people. A strong identity is also necessary if we are to correct the records on us, but will be essential to ensure that all of these transactions are kept separate from each other. The final trade-off may well involve fixed digital identities, but with robust measures to ensure that these are only ever visible in fragments which never coalesce into a dangerously powerful whole. In any particular transaction with a government agency or private company, the principle should be that the other party knows only what is necessary at that moment for them to trust that we are whom we claim to be. Only then can we trust them.