Since the birth of digital technology, cybersecurity has become an obvious necessity. This need created the cybersecurity sector, which makes computer networks secure by protecting them from unauthorized access and cyberattacks. Cybersecurity prioritizes the privacy of the user. However, it is essential to recognize privacy and security are unrelated terms. While privacy refers to the users' ability to protect themselves and their personal information, security refers to the actual systems in place to protect the users and their information.
The Importance of Technology for Privacy and Security
After recognizing this difference, one can realize that security needs to be in place to ensure privacy. When systems are implemented to secure data, that setup helps ensure privacy for the subjects of that data. In cyberspace, technology can be utilized to allow privacy and security to coincide successfully. For example, homomorphic encryption is a technology that analyzes encrypted data without decrypting it. Using this technology, it is possible to compare an individual's data against a set of records without ever knowing what that individual data (or even who the individual) really is. The applications for this can be heavily utilized by governments and businesses to maintain their people's privacy while ensuring and promoting everyone's safety.
The government ensures security through policies that would benefit citizens. To do this, they must consider not only privacy but security and health as well. For example, the Federal Trade Commission issued a $5 billion fine to Facebook for abusing its control of its subscribers' personal data in 2019. When viewing prior cases regarding security, it can be determined that this fine was a reactionary measure. Going forward, it would help if the US government could put more preventative measures in place.
Privacy and Security All Around the World
Contrary to this, other countries made different decisions. As a preventative measure, the European Union implemented the GDPR, allowing customers to choose what information they would like to share. Within the GDPR (General Data Protection Regulation), some amendments specify the rights of the people; one, in particular, is the right to be forgotten. The right to be forgotten states that people can remove themselves from coming up in search engines under certain circumstances. This right has been heavily popularized in various countries, but the United States of America is yet to acknowledge it at the federal level. The right to be forgotten is included in the California Consumer Privacy Act (CCPA).
In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) is a federal law for data privacy and has numerous provisions for the confidentiality of electronic documents.
Government vs. Business Mentalities
Consumers' data is everywhere; the government can't be the only one to protect it. Because of this, businesses must play a pivotal role in securing data and protecting the privacy of their consumers and employees. In recent years, we have seen a rise in large corporations making consumer privacy an integral part of their business. In particular, Apple has incorporated privacy as a central feature of its product offerings. Apple has famously been in a public battle with the FBI over refusing to unlock iPhones belonging to terrorism suspects, which led to the question of how information between law enforcement and businesses should be handled.
Businesses can protect their customers by securing and backing up their data, securing their networks, encrypting data, and being compliant with the relevant regulations. By running anti-malware programs and doing threat assessments, the business's security posture can be improved, and the customer's well-being can be promoted.
Although the government and businesses involve themselves in protecting consumers, the responsibility to protect their data rests on the user as well. Through proper password management and encryption and paying close attention to the information they release, consumers can ensure the security of their data. If individuals do not attempt to do their bit to protect their information, they might become victims of fraud, identity theft, ransomware, or more. With stolen personal information, cybercriminals can forge important documents, commit fraud, and participate in felonious activities.
Within different fields, there may be different levels of need for privacy and security. In healthcare, it is of the utmost importance, as a breach in security can lead to leaks of financial information, personally identifiable information, or protected health information. Hackers would be able to commit insurance fraud, sell data on the black market, and irretrievably impact the consumer's health record. In businesses that do not have a presence on the internet or have a reduced presence, there is evidently a lesser need for cybersecurity, but that still would not permit the business to slack off on physical security. In any business, there is always data that could be stolen and revenue that can be impacted.
The relationship between privacy and security is visible: security is about the data, while privacy is about the user. They go hand in hand, and while they are often mistaken for one another, they both must exist for the benefit of society. If both are properly managed, data can become fortified, and people can breathe easily in terms of the privacy of their data.
As everyday technology users, we must understand who manages our data, what plans are in place to secure them, who secures them, why we need to secure them, and more. When technology takes up as much space in our lives as it does, we cannot ignore the detrimental effect it can have on one if not adequately protected.