Absolute privacy has never truly existed. Before the industrial revolution, we largely inhabited small villages where everyone knew everything about everybody else. At that time, remaining isolated or maintaining privacy regarding details of health and welfare would have been regarded suspiciously. That tendency would have been counter to the necessity for the community to work together through informal information-sharing networks to survive and thrive.
It was not until the introduction of the industrial revolution that the concepts of anonymity and privacy took root. It was during this time -- when governmental structures did not have the means to collect and maintain personal information on a consistent basis -- that these philosophical concepts were born.
As industry evolved, so did the formal structures for tax collection and the distribution of social welfare programs, with the state collecting more and more personal information. While anonymity and privacy still were possible, they became less likely and sustainable.
Today, with the introduction of radio, television, and, most recently, the computer, the world has turned into a global village. Attaining anonymity today is almost impossible. Privacy -- although still expected as a right -- has gradually eroded in a world where information has become a commodity and that commodity can be collected, processed, stored, and retrieved at speeds unimaginable 50 years ago.
Data vs. Information
To protect and enforce the right of privacy, we focus on "data  security ." That's our first self-imposed challenge. We talk about data security when we should be talking about information security. Semantics? Not really. Data is pervasive and has no intrinsic value. Information, on the other hand, does have value.
Attempting to institute a data-security model is like trying to design Utopia. Alternatively, information security is achievable. Why is this important? Anyone who has ever worked with a security engineer understands that use of poor descriptions quickly leads you down a rabbit hole.
Let's be truthful with ourselves. Information is a commodity and its use and availability fuels the economy. What is needed is a more pragmatic approach to information security that recognizes the value of the commodity yet balances the individual right to have personal information maintained securely.
Is this achievable? Yes. For starters, we must define our terms to understand what information is worthy of protection. One of the biggest problems I see on the horizon is the patchwork of disclosure mandates being passed by some states, including Arkansas, California, Connecticut, Delaware, Florida, Georgia, Illinois, Indiana, Maine, Minnesota, North Dakota, and Washington. (continued...)
|
Rackspace: It makes a difference when you focus on support.
House Lawmakers Push Ban on Peer-to-Peer Software
GAO: Los Alamos Computer Security Has Weaknesses
Computer Security Firm Fortinet Plans IPO This Week
Flat Shipments Hurt Dell Despite Increased Earnings
Smartphones: A Bigger Target for Security Threats
FBI Says Hackers Targeting Law Firms, PR Companies