Past Releases and Reports
About Privacilla
Privacy Fundamentals
Privacy and Government
Privacy and Business
Online Privacy
Financial Privacy
Medical Privacy
Secure your opportunity to e-mail Privacilla!
Your Source for Privacy Policy from a Free-market, Pro-technology Perspective

Click to return to the Privacy Fundamentals outline

Home > Privacy Fundamentals > Security and Privacy

Security and Privacy

Security and privacy are often discussed together. Though they are related, they are really quite separate concepts.

Businesses have privacy obligations because of commitments they have made to customers. These commitments may be made through contracts, they may be required by statutes, and, because of the privacy torts, they are a part of just holding personal information.

Governments, too, have privacy obligations with regard to the information they collect about citizens. These obligations are imposed by a variety of statutes (and they are different from the protections of the Fourth Amendment, which appropriately guard privacy by limiting governments' ability to collect information in the first place.)

Security, on the other hand, is any number of practices and processes that respond to threats against a company's or government's ability to function. Only one such function is carrying out privacy obligations.

Security, in short, is a means to an end. The relevance of security to privacy is that a business or government lacking proper security may violate its privacy commitments.

Along with threatening privacy, a business that lacks proper security may violate contracts and lose trade secrets, cash, or equipment, in addition to subjecting itself to lawsuits. A government that lacks proper security may also violate privacy and fail to serve its citizens.

Security threats, and responses to them are constantly shifting. Given the huge variety of businesses, and the different ways they use information, the best approach to security is not for legislators and regulators to try guessing in the name of privacy what companies must do to protect their functions. Rather, security should be left as a clear responsibility of business, a responsibility on which success or failure rides.

Governments do not succeed or fail based on whether their security measures for the privacy of citizen information are sufficient. For this reason, information collection by governments should be minimized and the security measures adopted by governments should be constantly monitored by the press and the public.


Comments? (Subject: Security)

[updated 12/26/00]

©2000-2003 All content subject to the Privacilla Public License.