What is the relationship between security and privacy?
Privacy is often defined as control, regulation, and access to personal information - anything data that can be used to determine identity - and how it is used. Security on the other hand refers to how well data is protected from unauthorized access through a breach, leak, or cyber attack. The relationship between security and privacy is close, with security and privacy often being used interchangeably.
Loss & Protection of Privacy
Security violations (like data breaches) often mean a loss of privacy while preserving privacy requires more than just a secure system. The difference is more nuanced though, reflecting which data is being protected, how it’s being protected, from whom it’s being protected, and who is responsible for that protection. Security then focuses on protection while privacy is concerned with responsible data use.
The other substantial difference is the type of protection involved and the entity seeking access to some sensitive data. This difference is reflected in privacy regulations that define data holders and protect users from untrusted-third party data access. Meanwhile, security measures protect data from malicious access or theft, targeting the act rather than the intent of the third party.
What comes first, security or privacy?
Although the relationship of security and privacy are closely tangled, we know that it is possible to have security without privacy, but impossible to have privacy without security. Given this relationship, privacy has historically been considered secondary or less important than security. Security's historical importance means there are well-established principles, guidelines, and standards.
Types of privacy
Privacy however has a more diverse set of notions like k-anonymity, l-diversity, differential privacy, homomorphic encryption, and secure multi-party computation (or cryptographic/information-theoretic secrecy) each with their own application scenarios. Given that data privacy is increasingly being recognized as a fundamental human right, a hybrid design of security and privacy principles to design privacy-preserving systems is the need of the hour.
References
Devron is a next-generation federated learning and data science platform that enables decentralized analytics. Learn more about our solutions, read more of our knowledge base articles, about our federated learning platform, or schedule a demo with us today.