Staying safe online: Security & privacy are not the same thing 

This week saw the annual Safer Internet Day, a global celebration for a better internet.

Part of staying safe online is protecting your privacy, but the two aren’t and shouldn’t be considered the same thing. So what’s the difference between security and privacy, and why does it matter?

There are no agreed definitions for privacy or security, and the purpose of this post isn’t to offer them. As a point of reference though, I’d suggest the following definitions are enough for this conversation:

Privacy is concerned with control over personal information.

Security is concerned with being safe from danger or threat.

We give up our privacy for security regularly. Take for example, gated communities. There’s a belief (especially from people who live within these communities) that they are safer than neighbouring open suburbs. But this security comes at the cost of privacy – there’s no way to hide who you are or who your visitors are.

The recent metadata retention debates in Australia and the UK highlight this dichotomy. Tracking your phone calls and the websites you visit may well make you safer, but it will also reveal personal information you might prefer to keep private. Again, the purpose of this post isn’t to argue about metadata retention, but it does highlight ways in which privacy is traded for security.

So, what can you do to protect your privacy online that also keeps you safe?

Understand when and where you are giving people access to personal details.
Something as simple as your email address can give away your full name. Does that clothing store need to know your name to send you a catalogue? Probably not. An anonymous email address (like we all had pre-Gmail) can be a good choice.

Remember that services such as Instagram and Facebook are open by default.
That means that anyone can see your pictures and posts, unless you change these settings. Take the time to review privacy settings and set them to a level you are happy with.

If you are an organisation that handles personal information, make sure that you have a plan to ensure it is protected adequately.
Organisations with a regularly reviewed privacy and security policy are better positioned to respond to both security threats and privacy breaches.

Privacy and security are closely related bedfellows. Understanding when and how your privacy is being traded is an important aspect of staying safe online.

The Office of the Children’s eSafety Commissioner has a number of resources you can find here, and the conversation is being tracked using the #SID2016 hashtag.

Dr Vanessa Douglas-Savage

Consulting Director