So what exactly is privacy and how does it differ from security? Privacy rights are the right of a person to be free from intrusion into, or publicity concerning, personal matters. Privacy is about controlling your personal information and its usage. Security protects the confidentiality, integrity, and availability of your personal information. There’s no privacy without security.
And what are your privacy rights? The Fair Information Practices, paraphrased below, provide a reasonable summary.
Collection Limitation Principle. There should be limits to the lawful collection of your personal data and, where appropriate, your personal data should only be collected with your knowledge and consent.
Data Quality Principle. Your personal data held by a third party should be accurate, complete and up-to-date.
Purpose Specification Principle. The purposes for which your personal data is collected should be specified not later than the time of collection.
Use Limitation Principle. Using your personal data for purposes other than those specified at the time of collection should only be done with your consent or by the authority of law.
Security Safeguards Principle. Reasonable security safeguards should be employed to protect your personal data against loss or unauthorized access, destruction, use, modification or disclosure.
Openness Principle. Data holders should disclose how they will manage your personal data, including who they are, that they hold your data, and how they intend to use it.
Individual Participation Principle. You have the right to know what personal data is being kept and by whom, to review your data or told why your review is being denied, to challenge retention of your data and if successful, to have your data erased, or amended.
Accountability Principle. A third party that holds your personal data should be accountable for complying with the principles stated above.
Question: Do you believe your privacy rights as articulated in the Fair Information Practices are being honored? Should they be? If not, what actions might you take? Hint: Start by following some or all of the recommendations in this blog.
We often trade privacy for convenience. But it’s fair to ask, must we do so? Is this a real or a false dilemma? I’ll explore this question further in the posts that follow.
But before we go on to the next topic, it’s also fair to ask—what about the bad guys? Do they have a right to privacy? Will these tools protect the bad guys from the good guys?
There’s a balance to be struck between personal privacy and the common good. This is a vigorous and complex debate. I focus this blog on taking simple and practical actions that protect your privacy, and will not enter into this debate here. If you wish to better understand the legal and philosophical foundations of the debate, I recommend “Nothing to Hide: The False Tradeoff between Privacy and Security” and “Understanding Privacy”, both by Daniel Solove. With this information under your belt, you will be better prepared to tackle the many specific issues raised.
Information provided in this post is subject to the disclaimer in the first post of this series.