Ashley Walker's Blog

Understanding the Nuances of Security and Privacy

, , , ,

While privacy and security are often discussed interchangeably, they are distinct concepts with nuanced differences. Security typically revolves around controls that provide three key guarantees: Confidentiality, Integrity, and Availability (CIA). While privacy is giving the data respect and forces you to make considerations before collecting, storing, using, or accessing this sort of data, whether it be as a single point of data, or as a collection of data.

To understand this, consider what is meant by the CIA:

Confidentiality pertains to who is authorised to access and interact with data. This is usually enforced through access controls, security controls, encryption, and other controls.

Integrity ensures that the information is accurate and unmodified. It involves processes that control how the data or information can be modified and manipulated, and mechanisms to ensure that what is being seen by a user is correct. This can involve encryption, access controls, version controls, error corrections, restoration processes, and other controls.

Availability refers to the ability to access data or information as and when required. The most common form of availability failure that we experience is data outages from our telco, or ISP, or the cloud SaaS going down. The controls that are typically put in place include High Availability systems, fail overs, scheduled windows, caching, and other controls.

While if we apply the similar CIA with consideration on privacy:

Confidentiality protects an individual’s personal data from unauthorized access or disclosure.

Integrity ensures an individual’s personal data is not tampered with or modified.

Availability ensures that the individual has control over how their data is used, shared, and accessed.

However, achieving high levels of maturity in these three aspects, while providing good coverage and safety, does not necessarily translate into good privacy.

Privacy extends beyond merely keeping data secret (confidentiality). It also involves respecting the data. Privacy can be considered at both the individual user or consumer level, as well as within a collection of data points. In essence, while security focuses on the protection of data, privacy is about the respectful and appropriate use of that data.

Many of my clients do not realise the private data that they have on hand about their clients and consumers. Some of the most common data points include:

  • Full names
  • Phone number(s)
  • Shipping, or billing address(es)
  • Identifying documents

Whilst these pieces of data are often required to provide the value, or the services requested by the consumer. My client may be holding onto other very sensitive information that may be covered by other regulations such as to financial, location, social graphs, medical, health, or credit card details.

With this sensitive information, it is imperative that good protections are put in place through the application of security controls. And the privacy aspects will inform some of the policies that are layered over the data. But privacy will inform the business decision on other technical and non-technical policies. Some questions that frequently come up when considering privacy, and the use of data points:

  • What attributes can we use, to advertise to existing, and new clients?
    • Would it seem creepy if we use that piece of information?
    • Could it appear to be too personal?
  • What information can be shared with others?
    • How do you verify the user or consumer is who they say they are before divulging the information?
    • How can the user or consumer delegate the authority to access information to others?
  • Do we need to collect this information?
    • Do we need to store this information?
    • Is there an alternative to this data?
  • Are there specific regulations that cover this data, or the usage of this data?
    • Local, national, or international.
    • Or if no regulations, are there standards, or industry practices?
  • Within a collection, can this data be truly anonymised?
    • Can it be de-identified of all direct identification markers?
    • Can it be anonymized by tweaking the data in subtle and random ways?
  • Has consent been given to use this data in this way?
    • Does it need explicit consent? Or is implicit consent enough?
  • How can this data be deleted?
    • Does it need to be removed from backups?
    • Do we need to legally retain specific information?

With some of this information, it may not be enough to identify an individual, but it may be enough to cause harm to the individual if it is in the hands of a malicious actor.

By ensuring that specific privacy considerations are taken into consideration when improving security, will ensure that the users’ data will be given the respect it deserves. Privacy is less about following specific standards that apply in a lot of security areas, and more about knowing your business process, clients and consumers, and asking these sorts of questions to give the data respect.