The concern for individual privacy has been growing since the 19th century when the mass dissemination of newspapers and photography became commonplace. The concerns we had then -- the right to be left alone and the right to keep private what we choose to keep private -- are now echoed in conversations carried on today about data security and privacy carried on today.
The contemporary conversation about privacy has centered on, and ironically also has been promulgated by, the technology that’s become part of our daily life. Computer technology in particular, including the internet, mobile devices, and the development of machine learning, has enriched our lives in many ways. However, the advances of these and other technologies have grown partly due to the collection of enormous amounts of personal information. Today we must ask if the benefits, both individual and societal, are worth the loss of some semblance of individual privacy on a large scale.
Keep in mind that privacy is not the same as secrecy. When we use the bathroom, everyone knows what we're doing, so there's no secret. However, our use of the bathroom is still very much a private matter. On the other hand, credit card information, for most people, is considered a secret. Though some of the data that's commonly collected today might not necessarily be secret, we still must grapple with issues of privacy, or, in other words, we must grapple with the right to share or keep hidden information about ourselves.
An exhaustive look at the rights of the individual with regard to privacy would take volumes to analyze it's cultural, legal, and deeply philosophical foundation, but today we find ourselves doing just that. Our favorite technology services collect a tremendous amount of information about us with what we hope are well-intentioned motives. Sometimes this is done unwittingly, such as when browsing our history, or when our IP address is recorded. Sometimes these services invite us to share information, such as when we are asked to complete an online profile for a social media website.
Seeking to provide better products and services to customers is a worthy endeavor for a company, but concerns arise when a company doesn't secure our personal information, which puts our cherished privacy at risk. In terms of government entities and nation-states, the issue becomes more complex. The balance between privacy and security, between the rights of the individual and the safety of a society, has been the cause of great strife and even war.
Today's technology exacerbates this concern and fuels the fire of debate. We're typically very willing to share personal information with social media websites and in the case of retail institutions, such as e-commerce websites and online banks, secret information. Though this is data we choose to give, we do so with an element of trust that these institutions will handle our information in such a way as to sufficiently ensure its safety and our privacy.
Therein lies the problem. It's not that we're unwilling to share information, necessarily. The problem is with the security of that information.
In recent years, we’ve seen financial institutions, retail giants, hospitals, e-commerce companies, and the like all fall prey to cyber attacks that put our private and sometimes secret information at risk of compromise.
Netflix knows our credit card information.
Facebook knows our birthday, religion, sexual preference, and what we look like.
Google knows the content of our email.
Many mobile app makers know our exact geographic location.
Mortgage lenders know our military history and our disability status.
Our nations know our voting history and political affiliation.
We almost need to share this information to function in today's society. Sure, we could drop off the grid, but except for that sort of dramatic lifestyle change, we've come to rely on email, e-commerce, electronic medical records, online banking, government collection of data, and even social media.
Today, organizations, including our own employers, store information of all types, including our personal information, in distributed databases sometimes over the world. This brings in another layer of complexity. With globally distributed information, we must deal with competing cultures, values, and laws that govern the information stored within and traversing national borders.
The security of our information, and therefore the control of our privacy, is now almost completely out of our hands, and it's getting worse.
Those of us working in technology might respond by investing in secure, encrypted email services, utilizing password best practices, and choosing to avoid websites that require significant personal information. But even we, as technology professionals, use online banking, hand over tremendous private and secret information to our employers, and live in nations in which our governments collect, store, and analyze personal data on a consistent basis.
The larger society seems to behave similarly. There may be a moment of hesitation when entering our social security number in an online application; nevertheless, we enter and submit it. Private and public institutions have reacted to this by developing both policy and technological solutions to mitigate the risk associated with putting our personal information out there. Major components of HIPAA seek to protect individuals' medical information. PCI-DSS was created to protect individuals' credit card information in an effort to reduce credit card fraud. Many websites are moving away from unencrypted HTTP to encrypted HTTPS.
So it seems the climate of data security doesn't seem to be centered much on limiting the collection of information. The benefit we gain from data collection and analysis precludes our willingness to stop sharing our personal and secret information. Instead, attention is given to securing information and developing cultural best practices to protect ourselves from malicious people and insecure technology. The reaction, by and large, hasn't been to share less, but to better protect what we share.
In mid-2017, we see reports of cyber attacks and data breeches almost daily. These are the high-profile attacks that make the headlines, so imagine how much malicious activity is actually going on. It's clear that the current state of data security and therefore our privacy is in a state of peril. Cyber attacks and their subsequent breeches are so commonplace that they've become part of our popular culture.
That aspect of data security is getting worse exponentially, and since we're mostly unwilling or unable to stop sharing personal information, we must ensure that our technology and cultural practices also develop exponentially to mitigate that risk.