Privacy: The New Security

“Would you be comfortable sharing the hotel you stayed in last night? Would you be comfortable sharing the names of people you messaged this week?”. These were the questions fired by Senator Richard Durbin towards Mark Zuckerberg, the founder, and CEO of Facebook. The Facebook founder was being grilled by Congress for allegedly violating his users’ privacy.

What’s privacy? Simply put, privacy describes the right to be left alone. As Wikipedia puts it, “Privacy is the ability of an individual or group to seclude themselves or information about themselves, and thereby express themselves selectively”. It simply means users in an organization or users of a product do not want information about them flying around here and there. Also, if for any reason you need to have access to user data or information, express right and permission must be exclusively given by the user in question.

Security deals with protecting data while privacy deals with keeping what’s secret. Privacy is a fundamental human right. The owner of any information deemed private (what’s private is also deemed sensitive) must control access to that data. Penalties usually apply when the custodian of private data fails to keep the data secret.

One of the frameworks that describe a holistic privacy structure is the European Union that created the General Data Protection Regulation (GDPR). It’s a law that controls how firms, companies, and organizations must use personal/private data in integrity, and privacy-compliant manner.

In summary, the core requirements of the GDPR law are enumerated below:

· The law is consistent throughout Europe

· Personal data must be used in line with integrity friendly principles

· Personal data use must be legal

· Personal data use must be respectful to the individual’s rights

· Personal data breaches must be reported within 72 hours

· Businesses are responsible for their suppliers

· The size of the sanctions are significant

Here in Nigeria, we have a similar law called the Nigerian Data Protection Regulation (NDPR) that enforces privacy measures for businesses, organizations, and government parastatals. They also come with huge fines for breaches.

To get started in the privacy field or to get certified with a reputable body, it’s pertinent to take a couple of certifications like:

· Certified Data Privacy Security Engineer by ISACA (CDPSE)

· Certified Information Privacy Manager by IAPP (CIPM)

· Certified Information Privacy Professional also by IAPP (CIPP)

These are industry standard certifications that would give any professional an edge in the privacy field.

To conclude, the scope of cybersecurity can be expanded to include privacy. Not just dealing with protecting information but ensuring it remains secret throughout its lifecycle until deletion by the original owner.

Authors

Charles Chibueze CISSP, CISM, CEH.

Linkedin: https://www.linkedin.com/in/charles-chibueze-cissp-cism-ceh-2358a2112/

Victor Funmipe O
Twitter:
@4g3nt_386

386konsult: https://www.linkedin.com/company/386konsult

--

--

--

At 386Konsult, We provide world class technology services that help business achieve high level performance and accelerated growth.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Hybrid Analyst Article of the Day: Dark Web Price Index 2021

{UPDATE} Pharaohs Casino Slots Machine Hack Free Resources Generator

CoinEx Institute | NYM, A Privacy-preserving Network Under Web 3.0

Be the Owner of Your Own Data and Say “No” to the Harassing Call

{UPDATE} Triviador Slovenija Hack Free Resources Generator

{UPDATE} Hexxagon Hack Free Resources Generator

{UPDATE} Game Show Studio Hack Free Resources Generator

VIMworld Weekly Roundup — 30 May to 05 June, 2022

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
386Konsult Limited

386Konsult Limited

At 386Konsult, We provide world class technology services that help business achieve high level performance and accelerated growth.

More from Medium

How To Link Your Plug Wallet To Your IMPOSSIBLE THINGS Account

Comprehensive Guide on TRON Technology and Deployment

tron node deployment guide

The Internet Computer

BugBase is now ISO 27001:2013 Compliant