Professional Documents
Culture Documents
Final Paper b00085588 Graded
Final Paper b00085588 Graded
Samuel Abishek
July 4, 2020
2
Abstract
resulted in a loss of privacy. This paper examines how security can lead to a loss of privacy
in the modern technological era. To address this issue, scholarly articles and books were
found on academic databases and articles from the Privacy and Security journal were used to
analyze security measures and its impact on privacy. The results showed that security has
been used as an excuse to violate people’s privacy by methods of mass surveillance. A false
trade-off model and a false belief that people do not value privacy has been used to justify the
loss of privacy. To ensure privacy there is a need for modernized legislation regarding the
online violations of privacy, improving information security among the users, and involving
privacy by design into the technology used for security. The study draws attention to the non-
ethical of monitoring and surveillance that grants unauthorized access to people's data and
information.
Table of Contents
3
Abstract......................................................................................................................................2
Introduction................................................................................................................................3
Trade-Off Model........................................................................................................................5
Privacy Paradox.....................................................................................................................7
Surveillance............................................................................................................................8
Legislation............................................................................................................................10
Information Security............................................................................................................11
Privacy by Design................................................................................................................12
Conclusion...............................................................................................................................13
References................................................................................................................................15
4
Introduction
Advancements in technology have made life easier by helping people simplify their
day to day tasks. These advancements have also facilitated easier methods for
communications and transfer of information which have caused millions of people and
Things which is the general idea of things that are readable, recognizable or locatable through
information sensing device and/or controllable via the Internet, irrespective of the
communication means (S. Patel & M. Patel, 2016), many countries which heavily depend on
technology have taken cyber security measures to prevent cyber criminal attacks. The need to
protect these platforms often overshadows the non-ethical monitoring of the users. The
internet can also be used to collect information and conduct surveillance on people in the
name of security. Since the cyber platforms are very vast, there are no specific methods yet
that can be applied to restrict the reach of security agencies. The ability to judge their own
actions, grants governments and private security agencies free reign to access sensitive
in the name of security, is a huge violation of a fundamental right of privacy granted to every
human. The possibility of misuse of the information could lead to the privacy of millions of
people being violated in the name of security. This situation has created a trade-off model
between security and privacy, a model that states that in order to gain security, privacy must
be sacrificed. This model has been falsely used by many as an excuse for mass surveillance.
When the National Security Agency’s surveillance of millions of citizens was leaked by
Edward Snowden, Barack Obama, the ex-president of the United States used this trade-off
model to condone the wrongful surveillance of millions of the country’s citizens (McCarthy,
2013). When governments have been excused from their security methods of conducting
mass surveillance in the name of security, they set themselves as examples for other security
5
agencies to follow similar methods of mass surveillance in the name of security. Often times
the government uses private companies such as Google and Facebook to conduct surveillance
on their citizens, which has caused the loss of sensitive information of the millions of people
who use these highly reputed websites. The websites and companies used by security
agencies to gather information could use the information for illegal purposes or even sell the
information to the highest bidder. Hence, there is a need for people living in technologically
could be used to disregard their privacy. This need raises the research question for the current
paper: How can privacy be protected without harming the increase of security in the modern
technological era? To answer the question, the reasons that justify the loss of privacy would
need to be analyzed and better methods of protecting privacy while attaining security would
need to be discussed. Therefore, methods used for security that infringe upon the privacy of
citizens and can be reduced with better legislation, increasing people’s education on methods
to attain information security, and involving privacy by design for security software.
Trade-Off Model
responsible for security to protect them from various threats. Due to advancements in
technology, threats of attacks from far distances have become a major concern. In order to
protect the people from different threats that they might face, organizations responsible for
maintaining security have come up with a trade-off model that requires the sacrifice of
privacy to gain security (Hildebrandt, 2013; Valkenburg, 2015). In the 20th century, the
trade-off model has been frequently used as an excuse for the monitoring and surveillance
actions taken by organizations in the name of security. The model is used by many
government officials in decisions involving cyber policies because when posed against each
6
other, security is considered more important than privacy (Valkenburg, 2015). Security is
often considered more important as security is usually always is considered as protection for
the community as a whole but privacy is always considered individually (Solove, 2011).
People’s different values for privacy and security show that privacy and security are not equal
and thereby represent a mistake in the trade-off model. The idea of the model that considers
privacy and security as equal and opposite terms and is deeply flawed because the complexity
of both the terms cannot be understood by a simple give and take relationship. Often times
One of the main arguments behind the acceptance of this model is the argument that
law abiding citizens should not have anything to hide from the government. This statement is
argued by Solove (2011), who states that the very security that citizens are assured will be
nullified as there no guarantee that data gathered by the governing agencies will not be used
against people. The current world thrives on data and information, security against the misuse
organization to have free reign over people’s information will result in a huge imbalance of
power.
The value of privacy is often underestimated until it is lost. Dienlin & Trepte (2015)
described privacy concerns as “the desire to keep personal information out of the hands of
others” (p. 286). Privacy can be differentiated into territorial privacy, personal privacy, and
information privacy. Privacy has always been an important part of life for humans as it
associated with the feeling of safety. The aspects of life important for privacy have been
changing since the beginning of time. From not wanting people to enter their hut to not
wanting people to write about them to not wanting people to taking pictures of them, privacy
7
has always been a concern. Nowadays, just as technology has helped people communicate
between far distances, it has also allowed for information to be gathered from distances and
thereby causing concern for privacy. Since there is a high reliance on the internet and other
forms of modern technology for communications, fear of losing privacy is slowly being
instilled into people. The need for information privacy and information security is higher than
ever as the current world is being run by data (Von Solms & Van Niekerk, 2013). There are
many different methods in which information privacy can be lost. Two main methods used by
and by collecting the person’s online footprint such as websites, emails, and watch history.
Privacy Paradox
When privacy is lost in the fight for security there is a tendency among security
leaders to claim that people do not value privacy and therefore the sacrifice of privacy is not
consequential. The value people have for privacy is questioned by the privacy paradox which
states that though people claim to value privacy, they are also very willing to share sensitive
information for immediate gratification. They thereby prefer to acknowledge current benefits
over future threats (Dienlin & Trepte, 2015; Kokolakis, 2017). The difference between
people's attitudes and behavior can be seen by the huge backlash received by the Indian
government when a widely used video sharing app called TikTok was banned due to
evidence that user information was being collected by China. There is a need to find if people
value their privacy. In order to find if people do value their privacy, Dienlin and Trepte
(2015) conducted a study and found that though the privacy paradox was relevant in the past,
it is flawed due to not taking several factors such as immediate environment, emotional
circumstances and the trust placed by people on the sources they give information to. In
another study conducted about the privacy paradox, Kokolakis (2017) the information sharing
8
tendency of people. He found that the sharing of information was not due just due to
immediate gratification and the disregard of privacy, it was rather due to different
surroundings and lack of information about the risks of sharing information. In many studies
of the privacy paradox, people that were found to share information did not know the
repercussions of their actions. After being educated of the different effects of their action and
when given a choice, people either chose not to share sensitive information or chose the more
People find it easier to share information to a screen than share information with
another human being as there is a false satisfaction of thinking there will be no immediate
misuse of the information shared. Therefore, people are more likely to share information with
a digital screen (Dienlin & Trepte, 2015; Kokolakis, 2017). People were also more likely to
share their information with highly reputed websites and government websites, showing that
people do care about who has access to their privacy. Though the younger generation are
expected to not care about privacy and are associated with careless mobile phone usage, the
youth were found to be more knowledgeable and cared about privacy than the older
generations (Kokolakis, 2017). There is a need to fight for privacy as the younger generation
are showing that they value privacy and do not want to sacrifice without valid justification.
The privacy paradox can no longer be used to accept the violation of privacy.
Surveillance
Prevention is better than cure is a saying that is often used regarding situations that
have the possibility of a harmful or painful ending. With regard to security, one of the
methods of prevention is to know the intent of criminals before they commit a crime. This
surveillance as “close watch kept over someone or something” and traces the first use of
9
the word to the year 1802 (Merriam-Webster, n.d.). Developments in technology and the
high usage rates of modern communications systems have made surveillance of the masses
easier. Surveillance can be conducted by gathering information that is available online and
accessing direct communication such as phone calls. The importance of how privacy can be
easily affected in the name of security is showcased by the actions of the NSA in the United
States.
Bauman et al. (2014) analyzed methods used by the NSA and found that the NSA
begins by monitoring one person under suspicion and then continues to monitor the suspect’s
Bauman et al. also found that the NSA used private internet companies such as Google,
Facebook, and Skype to access user information. UK, France, Germany, and Sweden have
already been reported to have placed hundreds of interceptors on cables running through
their country (Lauer, 2012). This data collected by surveillance is then further stored and
analyzed to find potential criminals or criminal activities. The method of being able to find
criminals before they commit an act is not possible. No algorithm can predict potential
mass disaster causing human actions based on a person's attitude and behaviors on the
internet (Mattord & Whitman, 2011; Hilderbrandt, 2013). There is a trend of developing
countries trying to conduct surveillance on its own citizens and citizens of other countries.
Countries with a high number of criminal attacks such as the US and the UK and countries
with a low number of attacks such as Sweden conducting surveillance show the belief that
should not be seen as a mistake waiting to be stopped after it is revealed but instead must
be seen as indicators to the dire methods the governments of different will undertake in
order to gain a sense of security that cannot be proved (Bauman et al., 2014; Fura et al.,
10
2012; Lauer, 2012). Surveillance methods could not be justified as no security agency was
able to present proof that security had become better due to surveillance
Legislation
Legislation is the greatest weapon against the powerful as it holds every individual
and organization accountable for their actions. Legislation has played key roles in protecting
humans rights and hence, plays an important role in protecting people’s right to privacy. The
legislation of most countries is dedicated to protecting its citizens by judging every person’s
actions with the same standards. In the fight for privacy, the law should be used to hold
government and other security-based institutions accountable for their actions. Since each
country has different and complex laws there are no particular laws that can be used to grant
privacy to every person in the world. Since the legislation of many countries was created
before the technological boom, most of the privacy laws only grant the person physical
privacy and personal privacy but legislation regarding information security is not yet
effective in most countries. There is a need for regulation of the reach and scale of
surveillance conducted to determine if the privacy lost is justified (Bauman et al., 2014).
When security is involved there will always be a need for constant surveillance of
individuals who have a high possibility of causing harm to others. However, the legislation
has to set a limit to the powers granted over electronic surveillance. The surveillance powers
could be limited by enforcing security agencies to go through more checks in order to be able
to conduct surveillance. When agencies decide that surveillance is absolutely necessary, they
should have to prove the need for surveillance by providing proof. Legislation should restrict
and define the exact terms involved in the act of surveillance. The methods and data collected
should be documented. The definition should state the number of close friends of the suspect
11
allowed to be monitored so that the excuse of surveilling close friends of close friends would
not lead to millions losing their privacy due to the suspectable actions of a single person.
There are laws that partially do grant privacy but as seen by the NSA’s actions, surveillance
was conducted even though the 4th amendment of the American constitution grants citizens
the right to privacy. The consequences of disobeying such laws are not dire enough to prevent
the loss of privacy and hence stricter actions should be taken when non-ethical surveillance is
conducted. Hilderbrandt (2013) and Solove (2011) raised concerns that even were
surveillance is done effectively, many times the data collected is often misused. When data is
collected and analyzed, the data is disregarded and the companies or people in charge of the
data could sell the information to other countries or companies. Legislation should make sure
that the data collected is properly handled and disposed of. These changes to legislation will
provide the start required to ensure privacy in the modern technological era.
Information Security
To fully ensure privacy, people must protect their information and data. Information
security refers to the process and methodology which is designed to prevent unauthorized
access to any form of sensitive and private information. (Von Solms & Van Niekerk, 2013, p.
98). Information security plays an important role in ensuring privacy and information security
can be enabled by the users themselves instead of depending on other sources for the
protection of privacy. Information security is not a code of programme or technology that can
ensure confidentiality, integrity, and availability of information. This is also known as the
CIA triangle of information security. One of the methods that can ensure the CIA triangle is
to control access to the person's data. Access needs to be regulated as too much free access
would result in a loss of information and surveillance and not providing enough access will
12
result in the technology being useless and unfunctional. When surveillance does take place
with the required legal permissions, the security agency will automatically be granted access
to the person’s information and therefore there is no cause for fear that security cannot be
achieved because the information of a person will ill intentions cannot be accessed.
People themselves can control the different entities that can legally access their
information but are not educated on the steps required to restrict access. When people use
technology, users are oftentimes not aware of the information they give out and do not know
the necessary steps to ensure privacy. Many technologies and apps allow direct information
access unless the user specifically disables it. Since many of the older generations are not
very knowledgeable about their devices, they are actually more likely to share information
than teenagers (Kokolakis, 2017). Internet users should be educated on the rights they have
for privacy and how to gain it. Due to a lack of education about modern programming, many
companies such as Google and Facebook legally collect information from the user and then
sell it to security agencies. Therefore, in order to preserve privacy with security, information
security needs to become a higher priority as one can take initiative to control access to their
data and also by educating people of the right methods to use technology without sacrificing
privacy.
Privacy by Design
Security in the modern age involves software and technology. These technologies
should be programmed to respect the privacy of people. Valkenburg (2015) states that one of
the best methods to gain security without disrupting privacy is by involving Privacy by
Design. Privacy by design is an idea that states that privacy should not be something that is
fitted in when the security system is being used but privacy must be part of the design process
of the security features. To protect privacy, information security must be designed into the
13
system from the beginning of usage and then be implemented only after successful trials
showing proof that the system can provide a balance between gaining security and respecting
privacy. Security systems that handle information and data with functions to handle privacy
added after usage, often require constant patching and maintenance to prevent damage to the
Technologies (OST). There are many types of OSTs and all of them are designed to attain
security by different methods but none of the OSTs have a privacy protection setting
designed. Hildebrandt (2013) examined these systems and found that as new OSTs are
developed, a privacy factor can be added without damaging the security features of the OSTs.
Privacy features need to specific to the particular type of OST as different types of OSTs use
Conclusion
The fight between privacy and security has been a debate since the beginning of
advancements in technology. The trade-off of privacy for security is not balanced and hence
the loss of privacy in the name of security is not justified. As surveillance cannot be
restrictions on the extent of surveillance conducted and monitoring the type of surveillance
conducted is a key factor in ensuring privacy. Legislation should also ensure the right
management of the data collected from ethical surveillance and severely punish agencies that
violate privacy laws. Since the law itself cannot fully guarantee privacy, there is also a need
sharing their information and methods to attain personal information security. As the law and
the users are required to play their role in attaining privacy, the security experts must design
14
privacy settings into the technology and software involved in security. Privacy factors added
after the security system is in use often are impractical and hence privacy should be included
into the design before the use of the security systems. As these methods are followed people
will be able to protect their privacy without affecting the methods followed by different
agencies to attain security. These methods of ensuring privacy are just the beginning of the
fight for privacy as continuing advancements made in technology will present new methods
advanced. Though privacy and security are often falsely seen as opposite terms due to
technology, there will always be methods to attain privacy without harming the privacy of
people.
15
References
Bauman, Z., Bigo, D., Esteves, P., Guild, E., Jabri, V., Lyon, D., & Walker, R. B. (2014).
Sociology, 8(2), 121-144.
Dienlin, T., & Trepte, S. (2015). Is the privacy paradox a relic of the past? An in‐depth
Psychology, 45(3), 285-297.
Fura, E., & Klamberg, M. (2012). The chilling effect of counter-terrorism measures: A
Kokolakis, S. (2017). Privacy attitudes and privacy behaviour: A review of current research
Lauer, J. (2012). Surveillance history and the history of new media: An evidential
Solove, D. J. (2011). Nothing to hide: The false tradeoff between privacy and security. Yale
University Press.
Valkenburg, G. (2015). Privacy versus security: Problems and possibilities for the trade-off
model. In Gutwirth, S., Leenes, R., & Hert, P., Reforming European Data Protection
Von Solms, R., & Van Niekerk, J. (2013). From information security to cyber
Learning.