Security at the expense of privacy? Why not both?

Steve Cook, the CEO of Apple, mentioned in an interview that Americans should have both privacy and security. The statement, which raised a few eyebrows, was in response to US’s government desire to access data that is protected by encryption. The move was aimed at making the fight against terrorism easier by trying to be one step ahead of the criminals. However, Cook was afraid this will also open the door to hackers looking to steal people’s personal information, like their financial data.

The discussions around these two essential pillars of a safe digital environment made me realize there is a tendency to treat security as a first-class citizen, as opposed to privacy, which is somehow shadowed. But what we all miss is the fact that a data security policy is actually the means to the desired end, which is, of course, data privacy. Therefore, how can companies ensure data privacy via a viable data security policy?

Clearly, the most important aspect is fully understanding the difference as well as the relationship between privacy and security. Because, besides those who tend to put privacy in the background, there is also the case of the people who perceive privacy and security as being synonyms. But there is obviously a major distinction between them. On the one hand, there is privacy, which enables users to control the way their data is being collected, used, stored and distributed. And on the other hand, there is security, which refers to all the means used to safeguard that data.

Taking this into account, there is no doubt that the right thing is to make sure there is a balance between the two of them and that consumers feel their personal information will be both safe and confidential. Yet, we all can see that a thriving economy built on mass consumer surveillance is growing. Companies collect information about consumers in order to sell ads more effectively. Websites use tracking cookies and sophisticated software through third-parties to collect information about consumers and sell it to advertisers, even without consumers’ consent or knowledge. Hence, new technologies and an increased level of sharing on multiple outlets have led to moral and practical dilemmas that confront consumers, the tech industry, retailers and the government.

In this security-privacy tension, the latter seems to be sometimes sacrificed in favour of the former. But this doesn’t have to be the case. Consumers should not be put in the position where they have to choose between knowing their data is secure and having their privacy violated. In the context of a booming online era, when our activities have become almost 100% digital, each piece of information can become a “product”.

But the right to privacy should give us the possibility to acknowledge and even decide which part of our online lives can be shared with others and who should these others be.