Computer Security vs Computer Privacy
Table of Contents
Table of Contents
Computer Security vs Computer Privacy
Computer security and privacy are concerned with safeguarding computer data on user information. Security encompasses protecting information against unauthorized access, whereas privacy encompasses keeping data safe from improper access and use, especially without a user’s consent. Privacy requirements demand that data collected by an organization during its activities cannot be used or exploited as they deem fit. However, these two elements are dissonant. It is possible to have security without privacy because an organization can draft a policy that allows them to share or sell users’ information, whereas their systems remain secure. The trade-off between an organization’s security features and its privacy invasion features determines the overall safety of user information and data.
Computer security is the collective reference to resources implemented to protect the user’s identity, data, and other assets. Methodology in computer security refers to developing structures that ensure systems are safe and protected from unauthorized access (Sen & Basahel, 2020). Organizations can collect data from clients or users using their systems. However, they must ensure they protect the collected data from unauthorized access, especially by malicious cyber attackers aiming to steal private information. Computer security faces multiple challenges, especially when the system is up against skilled cyber criminals and hackers. In addition, good firewalls and protection systems are often challenging and expensive to set up.
Comparatively, privacy is understood as the rights of an organization to use and control information collected from clients or users. The organization controls and determines privacy methodologies and policies regulated by their agreements with users and clients during sign-ups (Ghauri, 2021). The organization secures the data, and since the element of keeping information secure from external attacks has been addressed, the organization remains with access to the information. The organization can use the data for different purposes, such as improving service delivery and product development. In some cases, they can monetize the data by selling it to research organizations or companies that may have use for collecting information.
Organizations need to evaluate and settle on secure systems, but often it would mean that the privacy invasion system may not be as secure. According to Chassidim et al. (2020), users often prefer applications with a robust security system coupled with medium-level privacy invasion protection. Users will be more focused on whether their application can protect their information from unauthorized attackers. Chassidim et al. (2020) posit that users prefer slackened privacy invasion requirements because, most of the time, they guarantee the better utility of the app, as is the case with location functionality in an app.
However, data security and privacy are also inextricably linked since one can significantly affect the other. According to Milton (2021), data privacy influences data usage policy, whereas security influences data access. However, Milton (2021) further states that organisations will only achieve optimal data security levels after addressing privacy issues.
Data privacy and security are linked at some level, but there must be trade-offs when an app incorporates both. For instance, to ensure minimal privacy issues, an application could opt to collect lesser private information from the user. However, without the knowledge of private information, the application is less likely to explore ways to protect confidential information. Similarly, an organization can focus on encrypting private information to enhance privacy measures. However, encryption measures that prevent unauthorised access are ineffective in securing data from skilled attackers. Regardless, it is the role of organizations to ensure they do not deliberately confuse users with privacy agreements that exploit loopholes and allow them to sell private information.
Privacy and security are data protection elements that often have trade-offs to operate effectively. The organisation’s role is to keep users’ information secure from external attacks, usually driven by malicious motives. On the other hand, internal members of the organization need to preserve privacy by controlling internal access and use of confidential data. Concertedly, these two elements provide security and protect confidential information. However, it is important to balance any trade-offs to ensure that while information is kept secure from external risks like hackers, the organization has to internally ensure that they uphold policies that prioritize user confidentiality over monetary gain or reckless operations.
Chassidim, H., Perentis, C., Toch, E., & Lepri, B. (2020). Between privacy and security: the factors that drive intentions to use cyber-security applications. Behaviour & Information Technology, 40(16): 1769-1783. https://doi.org/10.1080/0144929X.2020.1781259
Ghauri, F. A. (2021). Digital Security versus Private Information. http://dx.doi.org/10.5281/zenodo.5164002
Milton, S. (2021). Data Privacy vs Data Security. Global Business Leadership Development for the Fourth Industrial Revolution. http://dx.doi.org/10.4018/978-1-7998-4861-5.ch009
Sen, A. A., & Basahel, A. (2020). A Comparative Study between Security and Privacy. 6th International Conference on Computing for Sustainable Global Development. https://ieeexplore.ieee.org/document/8991376