Individual Privacy vs.

National Security

June 3, 2020

Prepared by:

Chelsea Kerber, Chris May, and Chris Simonds

IT486 - Critical Issues in IT Group #4

 Contents

Executive Summary………………………………………………………………………………………...2

Introduction………………………………………………………………………………………………....2

Ethics of Moving the Lines Between Privacy and Security………………………………………………...3

Simultaneously Increasing Privacy and Security…………………………………………………………...4

Has Mass Data Collection Made Us Safer?…………………………………………………………….......5

Potential Laws to Protect Privacy Rights………………………………………...………………………....7

Harnessing Big Data Without Losing Privacy………………………………….…………………………..8

Systems Used to Protect Big Data from Criminals………………………....…………………………........9

Conclusion………………………………………………………………………………………………...10

References………………………………………………………………………………………………....12

Individual Privacy vs. National Security 1

 Executive Summary

In today's world, technology is everywhere, and thus the ability to track individuals is also

everywhere. From the cameras on the streets and inside airports to the cellphones we keep in our

pockets, mass surveillance has become a critical part of what the U.S government calls a “matter

of national security.” After terror attacks throughout the years, the U.S has pushed for backdoors

into phones and access into devices saying that it will keep America safe, and have even gone as

far as to access devices without the owner's permission. This leads to the question, where should

the line be drawn between individual privacy and national security?

Introduction

We all are familiar with how technology has altered the perception of individual privacy around

the world. We use connected devices for nearly everything and this information is stored in large

databases waiting to be analyzed. It is likely that organizations have made data profiles of

everyone that uses these technologies for advertising purposes. Individuals must actively engage

with both companies and governments to preserve our rights to privacy. “If you have nothing to

hide, you have nothing to worry about.” We all have certain information about our lives that we

would like to keep private, whether it is medical records, family issues, purchasing habits, etc. Is

it possible to keep this data from being stored in massive databases in today’s digital

environment? The technology services that have emerged recently, like social media, online

shopping, GPS tracking, etc., have revolutionized the way corporations and governments interact

Individual Privacy vs. National Security 2

with the public. We provide these organizations with an immense amount of information when

we use their products and this information can easily be used against us. Collecting, analyzing,

and selling this information has become a multi-billion-dollar industry that covers nearly every

type of personal data point that many people would like to keep private. These technologies are

only going to continue growing into the foreseeable future and individual privacy of citizens will

be sacrificed as a result.

Ethics of Moving the Lines Between Privacy and Security

One of the most difficult aspects of privacy and security is knowing where to draw the line. If

you go too far onto the security side, it is at the cost of individuals' privacy. If you choose to go

more on the privacy side, people are protected, while running the risk of being unable to acquire

valuable information that can be utilized to protect these same people. There is a very important

balance that should be met when dealing with this issue, however in times of crisis or after major

events the government and others may call for more security systems to be put in place. This

leads to the issue of ethically moving the line, where more protections can be put in place

without infringing on individuals privacy.

The biggest issue with this topic is understanding that these changes can begin the process of a

“slippery slope”. Even now, this is currently happening as government officials are asking for

backdoors in Iphones and using devices to track your search habits to promote targeted

advertising. The more security you have, the less rights the individual has, and it only gets worse

as new disasters bring new security protocols. However, the argument can also be made that

technology is advancing at a pace that is too great to catch up to, and so there are now situations

Individual Privacy vs. National Security 3

where people can use these new technologies to plan attacks under complete secrecy. It is

understandable that some would call for policies that would allow services such as police or

government forces the ability to track, record, or simply flat out gain access to people devices,

but this creates a much bigger issue as the problem continues. Today, people already have issues

with devices such as their phones or computers logging their information or listening to them via

their in device microphones. Thanks to Edward Snowden, a majority of U.S. citizens now know

that the government has been listening to people through devices without their authorization in a

means of “national security”, which already creates high tension.

Simultaneously Increasing Privacy and Security

Unfortunately, there is no 100% way to combat this issue, as history has shown that the

government may be using these kinds of methods without the general public's knowledge. There

are still several things that can be put in place in order to hopefully prevent this kind of thing

from happening. One of the best, and hopefully easiest to implement, solutions is to make sure

that there are limitations on what is allowed in mass surveillance. By enforcing limitations, this

protects the individual while still allowing for surveyance to take place. These limitations can

come into question when large events warrant them, but hopefully these limitations can prevent a

similar snowden event from happening again.

The other big thing that gives power to the individual is the idea of practicing good cyber

hygiene. By constantly checking your systems, clearing histories and safely storing private

information on other external drives in separate locations, this gives the power to the individual

rather than the government on where their data is and how it is secured. It also gives the user

Individual Privacy vs. National Security 4

ample knowledge on what programs and files are on their systems, helping them to find

fraudulent programs that may be skimming information on your devices. While not also not

allowing for complete immunity from people taking or viewing you or your information, this

gives more power to those in possession of the devices, and gives information on what is being

placed on your devices while you are using them.

Has Mass Data Collection Made Us Safer?

Mass data collection and surveillance by government organizations, like the NSA, has not only

reduced the level of privacy and other freedoms that individuals are constitutionally entitled to in

the US, but they have additionally made us less safe as a whole. There is so much data being

collected that it is nearly possible for our law enforcement agencies to sift through it all and

quickly determine who is a threat before a serious event occurs. “As

NSA-contractor-turned-whistleblower Edward Snowden argued, “We’re monitoring everybody’s

communications, instead of suspects’ communications. That lack of focus has caused us to miss

leads that we should’ve had”” (Guariglia, 2017). The focus on collecting anyone and everyone’s

information has blind-sided the ability of these organizations to perform their essential role,

which is to monitor potential criminal suspects and prevent acts of terrorism or other tragedies

before they happen. There have been several instances where the authorities had received

intelligence on probable attacks before the event but failed to take the necessary action to prevent

them, such as attacks in Boston, Orlando, and Manchester that either killed or injured hundreds

of people including children.

Individual Privacy vs. National Security 5

Millions of Americans have had their phone records collected for years, and it hasn’t made the

country any safer. In 2009, an inspector report stated that “the section 215 program cost

taxpayers $146 million in supplemental counterterrorism funds to buy new hardware and

contract support to make payments to the phone companies for their collaboration” (Guariglia,

2017). This program was misused and showed little evidence in helping America stay safe from

terrorist attacks. It would be more beneficial for the government to target surveillance by

focusing on the people connected to terrorism rather than collecting mass data from the general

population.

Phones, computers, and other smart devices now collect lots of data about the individual and

send them back to their respective companies. This data could be important, yes, but in reality if

you haven't done anything wrong; it’s just collecting needless data that will be wasted. Cell

phone tracking can be beneficial, but only after something bad has happened and someone

requires tracking. All of these forms of surveillance are useful, but only to catch someone after

they have committed a crime. Every other law-abiding citizen is now forced to have their own

data collected; simply because it could be later used against them.

Airports, which after the terrorist attacks on 9/11 scaled up their security, are now more of a

hindrance to law-abiding citizens rather than helping them. Lines are longer, there are more

security checks, and still things slip through the cracks all the time. These pushes for more

security are both a financial and privacy disaster with a record to match it.

Individual Privacy vs. National Security 6

 Potential Laws to Protect Privacy Rights

A law that deals with how long organizations may be allowed to store sensitive information

could be enacted to protect individual privacy in cyberspace. The law could go into specifics,

such as what type of data is being stored and how long that data can be kept on file. This could

be an immediate removal for information with the highest relevance, while less sensitive

information could be kept for a specific number of days, months, years, etc. Protecting our

individual privacy has never been so important as it is today with the technological revolution

that we have been experiencing over the last several decades, and it is crucial that steps be taken

to limit the amount of information that each consumer has available in cyberspace. “One-third of

internet users admit to having no idea what personal information is available online, who has it,

or even where it is” (Right to be forgotten - erasing your private information from cyberspace).

Our private data is being stored and exploited by nearly every single online service that we use

and there is really no way to track exactly how much information we have out there.

Additionally, laws should be created that concern how companies handle your data. It is a

well-known competitive advantage for companies that want to create a "personalized experience"

for their consumers, but people shop online and use the internet enough now that stockpiling all

of that data is needless. Companies will say that they need the data or are fearful of deleting the

wrong data, but if you are a standard retail business, or even something like Google, you have

enough data coming in constantly that the old data will simply become useless. The right to give

consumers the ability to request for a deletion of their data from a company is an important step

towards better individual privacy.

Individual Privacy vs. National Security 7

We must also pass laws that aim to protect citizens whose identities have been stolen from a data

breach. Citizens shouldn’t have to suffer the consequences, or go through financial hardships,

when the situation was out of their control. Identity theft can have long lasting negative effects

on people’s emotional, physical, and social state. Some people are severely impacted to where it

hurts their career, they are banned from traveling internationally, they are unable to take out

loans, or have acquired bad credit. Implementation of such a law would offer protection to

people who have fallen victim to identity theft.

Harnessing Big Data Without Losing Privacy

When it comes to big data we are already far beyond the point of considering how these

technologies may or may not result in a loss of privacy. With so many devices connected to the

Internet of Things, the ability to collect and analyze immense amounts of data has rapidly

increased. We harness the capabilities of digitally connected devices for nearly every aspect of

our lives from our phones, to refrigerate, thermostat and many more. All our information is

being stored by corporations for financial gain, often without our knowledge or consent. This can

easily be seen by the amount of advertisements that are thrown at us after making a simple

Google search for a product or service. In order to receive these services for free, “the use of our

personal data seems to be a price users are forced to pay as companies that do not produce any

actual products seek profitability (CBS, 2019).”

Many corporations are paying top dollar to find new ways to purchase our information and

harness it for their businesses. Because of this, we not only have companies collecting data on

Individual Privacy vs. National Security 8

us, but even going as far as to sell our data like we're a product. For example, let’s take a look at

the Facebook and Cambridge Analytica scandal. Facebook, an organization that probably holds

more personal data on individuals than any other, allowed our data to be used by Cambridge

Analytica to sway the elections. This is a major breach of privacy for the billions of subscribers

that use their service daily. This clearly shows how flawed the system is when concerning

privacy.

The current framework surrounding big data has effectively obliterated the privacy of individual

citizens. And as unsettling as it may sound, we must rely on our politicians and legislators to

fight for our right to privacy in the digital age. Only through regulation and strict oversight can

we seize back the freedoms that have been stripped from us.

Systems Used to Protect Big Data from Criminals

Many organizations have implemented the use of big data analytical tools to create more

business opportunities and improve performance. But unfortunately, since most of the tools

associated with big data are open source it has led to major security concerns. It has given cyber

criminals the opportunity to access loads of sensitive information through the use of advanced

techniques. According to McAfee’s Center for Strategic and International Studies it is estimated

that, “the total cost of data breaches will be 15% to 20% of the Internet economy, which is worth

$2 trillion to $3 trillion per year (Tunggal, 2020).​” To prevent future threats businesses must

create a strong IT infrastructure and implement proper security measures.

Individual Privacy vs. National Security 9

The most widely used security control organizations implement to protect their big data systems

is encryption. Encryption is an essential tool for any organization that deals with personal

information as it prevents it from falling into the hands of cyber criminals in a readable form.

“Encryption converts text messages, emails, and data uploads into ciphertext, which renders

them unreadable by humans” (The Importance of Understanding Encryption in Cybersecurity).

The only way encrypted data can be read is through the use of a key, which is stored in a

separate location on the network. It is an important extra layer of security that all organizations

should implement to safeguard important documents and customer information.

As massive amounts of information are stored by organizations, the more challenges they will

face to secure their big data systems. In the event that an organization’s system is breached it

would severely impact their reputation, customer confidence, and result in a huge financial loss.

Ensuring that your business is complying with the General Data Protection Regulations could

minimize the change of a data breach and prevent many legal fines.

Conclusion

Technology has drastically changed the way that we share and store our personal information,

and that has raised some major concerns among individuals and organizations alike regarding the

protection of our privacy. Both the governments and the large corporations that we deal with on

a daily basis are rapidly expanding their data collection technology for purposes, such as national

security. We must implement a vast system of oversight and regulation in order to properly

balance the lines surrounding personal privacy and national security. The ever increasing need

Individual Privacy vs. National Security 10

for additional security protocols and technology among the government has led to a slippery

slope of diminished privacy for the vast majority of law-abiding civilians. These systems have

surpassed their intended purpose of simply protecting the public and have drastically infringed

upon the rights of the people to privacy. Government organizations, like the NSA, have been

heavily criticized for their mass surveillance programs that have collected data on nearly every

individual that has personal information in cyberspace, and these programs have ultimately been

unsuccessful in reaching their overall goals. Collecting so much unnecessary information has

proved to be an overwhelming burden on these government organizations when it comes to

preventing acts of terror or other similar criminal actions. It may be next to impossible to

effectively increase the privacy of individuals with the wide-spread data collection that is

currently underway without some kind of resistance from the billions of users that use these

technologies on an everyday basis. The majority of people in our country and around the world

must stand up and fight for their rights to privacy in the digital age.

Individual Privacy vs. National Security 11

 References
Big Data Security - Issues, Challenges, Tech & Concerns.​ (n.d.).

Retrieved from RD-Alliance:

https://www.rd-alliance.org/group/big-data-ig-data-security-and-trust-wg/wiki/big

-data-security-issues-challenges-tech-concerns

DOES AIRPORT SECURITY MAKE US SAFER?​ (n.d.).

Retrieved from Security Degree Hub:

https://www.securitydegreehub.com/airport-security-make-us-safer/

END MASS SURVEILLANCE UNDER THE PATRIOT ACT.​ (n.d.).

Retrieved from ACLU:

https://www.aclu.org/issues/national-security/privacy-and-surveillance/end-mass-

surveillance-under-patriot-act

Guariglia, M. (2017, July 18). ​Too much surveillance makes us less free. It also makes us

less safe.

Retrieved from The Washington Post:

https://www.washingtonpost.com/news/made-by-history/wp/2017/07/18/too-muc

h-surveillance-makes-us-less-free-it-also-makes-us-less-safe/

Henry, A. (2012, April 25). ​Why You Should Care About and Defend Your Privacy.

Individual Privacy vs. National Security 12

 Retrieved from Life Hacker:

https://lifehacker.com/why-you-should-care-about-and-defend-your-privacy-5904

966

CBS, (2019, August 23) How Companies Profit and Use Your Personal Data.​ (n.d.).

Retrieved from CBS:

https://cbscreening.co.uk/news/post/your-personal-data-and-how-companies-use-i

t/

Johansen, A. (n.d.). ​4 Lasting Effects of Identity Theft.

Retrieved from Life Lock:

https://www.lifelock.com/learn-identity-theft-resources-lasting-effects-of-identity

-theft.html

McKinney, I., & Crocker, a. A. (2020, January 29). ​New Bill Would Make Needed Steps

Toward Curbing Mass Surveillance.

Retrieved from Electronic Frontier Foundation:

https://www.eff.org/deeplinks/2020/01/new-bill-would-make-needed-steps-towar

d-curbing-mass-surveillance

Menard, L. (2018, June 11). ​Why Do We Care So Much About Privacy?

Individual Privacy vs. National Security 13

 Retrieved from New Yorker:

https://www.newyorker.com/magazine/2018/06/18/why-do-we-care-so-much-abo

ut-privacy

Osborne, C. (2019, September 24). ​No right to be forgotten? Here's how to remove

yourself from the Internet and hide your identity.

Retrieved from ZD Net:

https://www.zdnet.com/article/how-to-erase-your-digital-footprint-and-make-goo

gle-forget-you/

Porup, J. (2020, February 11). ​8 steps to being (almost) completely anonymous online.

Retrieved from CSO Online:

https://www.csoonline.com/article/2975193/9-steps-completely-anonymous-onlin

e.html

Right to be forgotten - erasing your private information from cyberspace.​ (n.d.).

Retrieved from Thomson Reuters:

https://legal.thomsonreuters.com/en/insights/articles/erasing-your-private-informa

tion-from-cyberspace

The Importance of Understanding Encryption in Cybersecurity.​ (n.d.).

Individual Privacy vs. National Security 14

 Retrieved from Florida Tech Online:

https://www.floridatechonline.com/blog/information-technology/the-importance-o

f-understanding-encryption-in-cybersecurity/

Tunggal, A. (2020, May 25). ​What is Cyber Hygiene and Why is it Important?

Retrieved from Upguard: ​https://www.upguard.com/blog/cyber-hygiene

Individual Privacy vs. National Security 15