Privacy and security aren’t the same thing

Florida has been attacked three times by malware in the summer of 2019.  ICE and the FBI are scanning pictures of faces from state DMVs to find criminals. The FTC recently imposed a $5 billion USD fine on Facebook for mishandling customer data.  Whether or not these events seem related, security and privacy issues have been in the shadows behind the headlines for much of 2019.

Security, in its simplest form, is protection against unauthorized access.  Security could be related to devices, networks, or data.

Privacy is tied to personal information, such as your name, address, phone number, medical records or diagnosis, or social security number (and your online activities as well), and the rights you have to protect this information from being used, sold, or compromised.

The problem with security and privacy is that oftentimes people (and companies) don’t fully understand what these two terms mean and end up blurring the differences by saying that security includes or addresses privacy.  This isn’t always true.

How to distinguish between security and privacy risks

For example, if you are browsing the internet for a mental health therapist for an eating disorder on an unencrypted wifi connection, anyone who intercepts your traffic on the wifi connection has compromised both your security and your privacy.  Here’s the breakdown: your security has been compromised because your wifi connection was not protected against unauthorized access, plus your privacy was compromised because personal information about your mental health was exposed.

Here is how downloading and installing a shopping app can pose privacy risks.  The app may have the appropriate security controls in place to protect your data while it is being transmitted to servers and is protected against tampering. However, it may lack privacy controls once data arrives on the app’s servers.  Once your data gets to the app’s servers, your data related to shopping patterns, name, e-mail address, and physical address may be sold to third parties.  Unless this information sharing is explicitly outlined in the terms of service for the app, this is a huge privacy violation. Further, if an app shares any user data with third parties that aren’t explicitly required to complete a service or transaction (e.g. payment processing), it would be prudent to not use that app because that company doesn’t demonstrate a strong commitment to protecting your privacy.

Strategies for protecting your security and privacy

While it is impossible to be completely secure and keep all of your personal information private, you can do things to help protect both your security and privacy.  For example, a good VPN protects both the security and privacy of your connections and traffic no matter where you are.  It’s why we think Rubica is the best VPN for iPhone or Android because the protection follows you across all of your devices and we guarantee that we won’t sell your data.

It is also important to read the terms of service for any app or service you use to see what their stance is on privacy.  As we’ve seen in the news, many companies have been less than forward with their data handling and privacy practices.  So, taking a few moments to read through privacy policies can go a long way to help protecting your personal information.