The Relationship Between Privacy and Security in the Cyber-World
Privacy: when information is available for a select number of eyes and hears only
Security: the true test of whether or not you are free from danger or threat
Issues surrounding data privacy on the World Wide Web dominated headlines in 2018. These headlines, such as news of the Facebook data breach in March and the European Union’s General Data Protection Regulation in May, signal changes to how the world values data privacy and security in the digital age. Harvard Business Review recently shared that privacy and security are converging due to the rise of big data and machine learning. Keeping this in mind, it is now more critical than ever to treat privacy and security as one of the same.
Defining Privacy versus Security
While the two appear as two different sides of the same coin, privacy and security each describe two different concepts. Privacy ensures that your personal information, often including corporate confidential information, is to be collected, used, protected, and destroyed in a manner that is both legal and fair. On the other hand, security limits the access to personal information while also protecting against unauthorized use and acquisition.
One example of how privacy functions versus how security functions is within a virtual private network. A VPN is a security product that encrypts any and all data that you send or receive on your device. Regarding privacy, a VPN helps block websites, internet browsers, cable companies, and internet service providers from tracking your information, browser history, and etcetera. Security, however, protects you from unauthorized intelligence accessing your personal information and other data for their own use.
The Convergence of Privacy and Cybersecurity
Harvard Business Review recently discussed how the threat of unauthorized access to data used to exist as the biggest scare to digital users. With the rise of big data and machine learning, privacy and security are no longer separate functions. We instead should pivot our attention towards the fear of unintended inferences. These inferences threaten anonymity and allow individuals to learn more about us than we intended to share. Examples include when machine learning techniques identity authorship based on language patterns, or when our information is used to assume our political leanings.
When privacy and security converge to prevent these harms, we will begin to see privacy as measurable. While this might not be through a specific, definitive figure, there will be identifiable impacts on businesses’ bottom lines should privacy be at risk. For example, Facebook lost $119 billion in market capitalization following the Cambridge Analytica scandal due to privacy concerns.
To ultimately measure privacy and keep businesses accountable, privacy and security will essentially begin to become on of the same. Organizational leadership should anticipate that legal and privacy personnel will become more technical, and technical personnel will be well acquainted with legal and compliance mandates. As privacy and security converge, these two teams will no longer be able to operate as separate entities – businesses will now be held more accountable for upholding privacy than ever before.
Privacy and security used to exist as two separate entities: Privacy ensured that your personal information is legally used, and security limits access to personal information. With widespread machine learning techniques on the rise, it is now more possible than ever for hackers to absorb and assume certain outcomes from our data. In 2019, businesses should therefore expect privacy and security to converge as the most powerful means of addressing these growing threats.