article banner
ARTICLES

Security and Privacy in the Digital Era

Dionysios Alevras Dionysios Alevras

Some years ago, one would have never dreamt of the possibilities that this “digital network” called the Internet, would provide regarding the ways and means of communication with other people across the globe.

Basically, the main idea still remains the same. It is to successfully transfer the information from one place to the other by following three basic principles, regardless of the mean or type of information. It must be ensured that the information will be transferred securely, then that there shall be no intervention to the original data within the transferring process and finally to ensure that it will be delivered only to the intended recipient.

Besides these, we should bear in mind that the “data subject”, namely the owner of the information fragments being transported, is the beneficiary of “privacy” rights.

Information Security


Since the beginning of information exchange, the need to protect the transferred data became very important. It was the first governments and the military that began to invent ways to secure the information transmitted (for apparent reasons). It is clear that Information Security is not only about digital data, but about physical ones as well.

We could try to define information security using the approach from The International Association of Privacy Professionals (IAPP): “Data (Information) security focuses more on protecting data from malicious attacks and the exploitation of stolen data for profit. While security is necessary for protecting data, it’s not sufficient for addressing privacy”.

The three pillars of Information Security are to maintain the Confidentiality, Integrity and Availability of systems and data. This clearly sets the goals, aspects, properties and criteria for information under protection. An effective security scheme must ensure that all three principles are covered and taken into account when protecting underlying data. It is obvious that there is no mention to data privacy within the context of Information security, since the one deals with data, and the other with human beings.

Information Privacy

Since people began to socially connect to each other, the need to exchange private information was mandatory in order that a genuine connection could be established. The last few years a “revolution” took place that reshaped the social landscape in a way that no one could imagine. It is astounding how easily people choose to share their private information through all these digital channels and networks without second thoughts, whilst not so long ago, only a very small amount of people were “eligible” to receive such data – usually close friends and social circle trustees.

This blast of private data sharing is still developing and – naturally – led to the exploitation of those data from various profit organizations, which are using people profiles and behavior patterns in order to foresee their activities.

That was the curving point that brought the flashlights onto privacy. From both sides of the Atlantic, US and EU began to impose legislation regarding the regulation of privacy in the Digital era we are living in. Since private data has become an “asset”, containing great prospect for income, a new market became active that had to be managed by those establishments.

The International Association of Privacy Professionals (IAPP) defines: “Data privacy is focused on the use and governance of personal data— things like putting policies in place to ensure that consumers’ personal information is being collected, shared and used in appropriate ways”.

Having these in mind, it becomes clear that privacy cannot be fully addressed by information security, since those two domains deal with different aspects of data management.

Security and Privacy in Cyberspace

The main challenge for each and everyone one is the ability to apply security and privacy principles to the digital presence in Cyberspace: “a notional environment in which communication over computer networks occurs”. If we try to evaluate and define our digital footprint in this digital environment, we’ll surely be overwhelmed by the amount of data we have shared over numerous applications, websites and social networks though our mobile devices, laptops and wearables.

Data regarding our character, our preferences and – even – our health are pouring through these streams of data into cyberspace in ways we do not perceive or are aware of. Most of the times people transfer data without having previously evaluated the necessity or intention of doing it, leading to the aforementioned blast of private data sharing.

The good news are that there are ways to protect privacy in daily communications. Software and hardware solutions may prove to be helpful, but, in the end, it is the human factor that tilts the balance. What needs to be done is to “digitally” tweak our perception, in order to become cyber aware and adjust our behavior accordingly.

Conclusion

Information Security and Privacy is not about measures and controls. It’s about culture and mentality. In a world that is being rapidly digitally transformed, it is imperative to become cyber aware, otherwise we’ll end up as the outcasts of the emerging society.

Our time seems to be the most interesting era in human history to live in, since we are getting very close to our next evolutionary step in our history as a species. This evolutionary path will create the “Homo Digitalis”.