Subscribe to Email Updates

Ebook Choosing the Right Custom Software Development Partner
Denver Custom Software Solutions | Custom Software Development
Ebook Guide to Custom Software Solutions
Technology and Privacy: What Tradeoffs Are We Making?

The Symbiosis of Technology and Privacy

priscilla-du-preez-216790-unsplashThe recent century has seen an explosion in the magnitude and quality of advanced technologies that have helped to greatly increase both personal and business workflows and projects. All forms of businesses - including SMEs and larger enterprises - across all industries, have benefited from the use of technological advancements. Along with that, the last few decades have seen an increase in processing power, and the evolution of previously unimagined computational infrastructures and ICTs (information and communication technologies), that have made life easier, for businesses and end-users alike. Consider these four major advantages in daily living:

  • Opportunities (innovation): The ability to utilize a novel technology or tool to operate in a new manner, offer new services/products, and refine a business model is critical to business scaling and growth.

  • Efficiency (productivity): Companies need to remain efficient and productive, which requires saving time, minimizing resources, and allocating manpower correctly so that all necessary tasks are completed with the least amount of issues.

  • Speed (streamlined workflows): The time that it takes for a business to complete its critical tasks is as critical as the task itself. Streamlining operations helps to increase the speed at which tasks are completed, so that more tasks are completed in a given timeframe, leading to an increase in the bottom line.

  • Convenience (Ease-of-use/feasibility): The ability to carry out complex tasks from one’s home, for instance, using advanced technology, helps businesses and end-users to operate in a much speedier and efficient manner than before. Tasks that might have required considerable time and effort to complete decades ago can often now be carried out in a few minutes via computer systems.

Technology has changed the way businesses, of all sizes, operate. For instance, in comparison to historical business workflows, the advent of fax machines allowed for: faster communications between businesses and end-users (speed/streamlined workflows), more ways to alter and refine business practices and business models based on fax machine products/services (opportunities/innovation), the ability to send documents and receive crucial paperwork quickly without having to rely on old-fashioned mail systems (convenience/feasibility), and helping businesses save time, money and overhead, all of which makes a business more productive. Additionally, while computer systems used to be large and cumbersome, now smaller laptops and Personal Computers (PCs) are commonplace. Then email systems were invented to increase the speed and efficiency of data communications, and then came messaging/social apps, along with quantum computer systems, robust desktop workstations, smart gear, blockchain technology, GPS (geolocation), tablet computers, smartphones, Internet of Things technology, cloud systems, Artificial Intelligence, and much more. All of these IT inventions have two things in common - they give businesses (and end-users) the above four advantages, and they come at a cost - an increased risk to personal and corporate privacy.

IT systems innately go hand-in-hand with data, and not just any data - private data. This private data can be the critical data of a business, or the personal data of an end-user. Either way, such data cannot be separated from the IT systems that communicate said data, store said data, or utilize such data in some way. Interacting with private data is simply the result of using technological systems for private, personal and business tasks, thus private data and IT systems are inseparable. It is commonly believed that a fundamental human right is the right to privacy, which makes the utilization of IT systems - which may infringe on that right - difficult to quantify and define at times. So important is business and personal data that entire industries have arisen (I.e. Cybersecurity) to solve the issue of private data being threatened by two major parties: cyber criminals and governments. There are many facets to how technology and privacy can exist side-by-side: data legislation, hardware security, software security, and network security. Essentially, security and privacy can be used interchangeably with regard to applying measures that allow IT systems and privacy to co-exist optimally.

Data legislation is important to define how private data (i.e. PII, Personal Identifying Information) can be used by corporations, governments, and other third parties - for instance with HIPAA and PCI-DSS - and to determine how criminals, who abuse IT systems to gain unauthorized access to private data - should be punished. Best practices and standards have also arisen to ensure that private and corporate data stays private, so criminals and governments are unable to access private data in an unauthorized manner. Along with data legislation, hardware systems need to be constructed from the ground up with hard-baked security into their firmware and BIOS. Such security measures would mitigate the unauthorized snooping/stealing of private data associated with a computer system on the lower (I.e. hardware) level. In addition to this, software security must be added to all software processes (including the Operating System) and applications that run on a hardware platform. They must be patched, secure and without vulnerabilities that could allow a malicious cyber-user (including governments) to spy on - and steal - private information. Combining hardware and software systems is database security/privacy. The storage of private/critical data on computer systems, database servers, cloud systems, mobile units (tablets/smartphones) and USB drives is to be taken seriously, since it is common today for users to store their private photos, passwords, bank account information, home address information, etc. on their computer devices.

While hardware and software security is important, network security is just as pivotal. In this age of Internet connectivity and global WiFi, the main advantage of the evolution of ICT systems is also its most dangerous - the transmission of such data over a network. The Internet has allowed businesses and end-users to operate in unimaginable new ways, creating the evolution of e-commerce and the revolution of messaging/social media apps  that has helped the process of globalization. With that, security measures must be taken to ensure that data - including passwords, financial information, PIIs, and private photos - are secured during network transmission, that legislation defines how cyber thieves are punished, and that best practices are used on a daily basis to ensure that all network utilizations do not allow private information to be tracked, stolen or accessed by unauthorized third parties. It is very possible for the entirety of IT systems on a global scale to implement and allow for 100 percent privacy, for corporate or personal use. However, it is very difficult to create global measures (with regard to the Internet) across borders.


What is Privacy and Why is it Important?

Privacy is essentially the right to be left alone, the ability to keep the information associated with one’s life outside of the public domain, and the right to not be spied on. An extension of that is digital privacy, which is essentially the ability for each individual to determine how their personal digital information is handled, stored and transmitted by third parties.

Cybersecurity and its sub-industries exist for the sole purpose of increasing the security and privacy of ICT systems, including hardware systems, software systems, network systems, or mobile systems. Since businesses and end-users tend to use all of the aforementioned systems, applying best practices is important to ensure that business data and private/personal data is not compromised.For businesses, the breach of privacy can result in loss of revenue, loss of customer trust, and costly fines. In the year 2018 alone, for instance, ransomware attacks cost companies an average of $5,000,000 USD (“Top Cybersecurity Facts, Figures and statistics for 2018”)[1]. Additionally, since ICT systems tend to store, transmit and utilize private data, consumers are at risk for having financial information stolen (which can result in one’s bank account being completely drained by a cyber criminal), home addresses being revealed, private photos being accessed, one’s identity being stolen, governments using personal data for unethical or illegal prosecutions, and more. Private data needs to stay private, as it is a fundamental human right, so it is of the utmost importance that technological systems are designed - and best practices standardized - to ensure that all personal data is protected.

The realm of Cybersecurity is composed of hardware security, network security, mobile security, application security, web application security, cryptography, ethical hacking/vulnerability testing, and Malware Analysis.

  • Hardware security: Physical or hardware security is concerned with the actual securing of physical computer systems and the securing of PCB (Printed Circuit Board) firmware/BIOS to mitigate hardware hacking.

  • Network security: Network security focuses on the OSI layers and TCP/IP to maintain data security with regard to both database systems linked to a network, and the servers/hosts that are endpoints for data transmission.

  • Mobile security: Mobile tablets and smartphones create a novel challenge for security specialists in that they comprise hardware, software, network, cellular and application security. These devices are small enough to be lost or stolen, which may compromise a personnel’s/end-user’s entire spectrum of private data, thus compromising his/her privacy.

  • Application security: Desktop and non-web applications can be hacked or cracked, and since many applications are linked to back-end databases or network servers, such applications must be hardened to ensure that private data is not accessed through a vulnerable application.

  • Web application security: Web applications utilize JavaScript and backend systems. If vulnerabilities are present cyber criminals or corrupt governments may access personal data, where privacy can be compromised.

  • Cryptography: Crypto-systems were created to ensure that private data is encrypted over network systems during transmission, and in storage systems  during storage. Common cipher systems include RSA (public-key cryptography) and Symmetric Block Ciphers. Additionally, novel systems for email privacy, such as PGP, were created to ensure complete security. SSL/TLS and security applications are also often used by businesses and consumers alike.

  • Hacking/Testing: All ICT systems should be routinely tested both passively and actively to ensure that cyber criminals and governments cannot illegally access private data on any IT component of an IT infrastructure.

  • Malware Analysis: As Malware threats grow, such malicious code is analyzed and mitigated via security professionals to thwart criminal attacks that seek to manipulate computer systems or steal private data via malware code executions.

All of the above security sciences help to secure private data, in all facets of ICT systems, so that private data remains private.


How does Technology Impact Our Privacy?

In this day and age, it isn’t uncommon for people to carry smartphones that store most - if not all - of their private electronic information. Such e-information is typically composed of PII, and other private data, such as Social Security Numbers, Bank Account numbers, Passwords, Tax Information, Phone Numbers (private contacts), private photos, Home addresses, and much more. The use of passcodes and passwords has evolved to include biometric information, which may be sent to companies and may reduce a consumer’s privacy as well, despite being used to enhance security. Additionally, it isn’t uncommon for users to conveniently shop online, do their banking online, complete their schooling/degrees online, do their taxes online, send private emails online, and store their private data online in public cloud systems. Along with that, messaging, dating, social media and business apps use network systems - often on mobile platforms - to transmit private pictures, and other private information over networks via those apps, and to store private user information in online servers. Social media and messaging apps are the most used apps of today, especially among the younger generation, while most willingly send their private information to others via online applications, putting themselves at a certain risk for compromising their private information. Much of the user information that is sent via social media is also collected and sold to third parties, who may have dossiers of information on users that rivals government agencies. Software applications also often collect - or even spy on - users, as do some smart IoT systems, such as smart house and central IoT hubs such as Amazon’s “Alexa.”

Businesses utilize technology in a myriad of ways, all of which has the potential to expose private data to cyber-criminals. Servers - including public cloud systems - house private, critical data, networks and intranets transmit crucial business information, databases store customer information, including credit card information, and enterprise systems utilize critical data in order to aid companies with their workflow productivity and efficiency. Technology now makes up the backbone of enterprises globally. Both consumers/end-users and corporations use a variety of ICT systems which have the potential to impact their privacy.

Information Technology Development

The five major aspects of a corporation's IT infrastructure include: hardware systems, software systems, database systems, enterprise systems, and network systems. As each component of ICT systems have been invented and evolved, they have all impacted the privacy aspect of a company’s data. Database systems, web servers and software apps have needed to be hardened and tested for security holes, where unpatched and/or unmonitored systems are often vulnerable to attack, often resulting in costly data breaches that affect not only the business, but all of the company’s customer (private) data.

However, TLS (Transport Layer Security, the evolution of Secure Sockets Layer/SSL, that keeps websites private/secure), encryption and security best practices have evolved to mitigate such security threats.

Internet

The Internet/World Wide Web - along with standards such as OSI/TCP/IP and advancements in tech such as IP geolocation/GPS, MAC addresses, IP address and cookies - have allowed businesses and consumers to shop online from anywhere in the world, conduct business from anywhere in the world, and to carry out critical tasks - like paying bills, submitting taxes, signing documents, applying for visas, or sending business paperwork - all via the Internet. At the same time, however, cookies, for instance, allow businesses to offer personalized ads, meaning that a user’s activity is being tracked and is not private.

Social Media

While search engines are known for using data mining to allow people to quickly locate resources and web pages on the World Wide Web, social media apps allow people to remain interconnected from anywhere in the world. However, such online interconnectivity comes at a cost - such as making public one’s PII, apps spying on users, financial data like credit card numbers being stolen, and the fact that social media platforms often sell a user’s private data to third parties.

Big Data

While Big Data has allowed companies to essentially crunch and parse large volumes of information to produce critical business intelligence, such systems often offer companies the mechanism known as predictive analytics. PA allows companies to use statistical analytics and Big Data analytics to better understand a buyer’s spending habits, needs and past behaviors and predict their future buying habits. This has some ethical and privacy concerns since companies (via AI) often use the psychology of spending in order to “foresee” what some users may do before they even think about doing it, all based on the use of their past, private data.

Big Devices

While Big Data has allowed companies to essentially crunch and parse large volumes of information to produce critical business intelligence, such systems often offer companies the mechanism known as predictive analytics. PA allows companies to use statistical analytics and Big Data analytics to better understand a buyer’s spending habits, needs and past behaviors and predict their future buying habits. This has some ethical and privacy concerns since companies (via AI) often use the psychology of spending in order to “foresee” what some users may do before they even think about doing it, all based on the use of their past, private data.

The Internet of Things (iot)

The IoT allows companies to attach WiFI-connected sensors to a variety of objects, allowing data feedback for company analytics, and the ability to control such devices via an internet connection . With such a novel system, everyday objects can be made “smart.” However, such objects, when connected to one’s private assets (i.e. house, refrigerator, clothes, watch, etc.), may have the possibility of spying on the user, creating a privacy concern.

As noted by SafeHome.org, most intrusions into one’s personal digital privacy include a variety of digital devices, most of which are IoT smart devices linked to the Internet, including smart thermostats, smart devices, smart cars, and smart clothes. Other intruders include biometric identification, location tracking, and public cameras, all of which can use IoT tech in the future and may further create issues associated with privacy violations.

E-Government

After the events associated with Snowden, it became apparent that threats to individual digital privacy extend beyond cyber criminals to national governments. Due to government agencies utilizing ICT for their affairs (including spying), along with an increasing use of hardware systems using biometrics, such as fingerprint tech for smartphones, and facial recognition, users have attempted to maintain complete anonymity online via a variety of methods aimed at increasing digital privacy, including the use of TOR, VPNs, and operating systems such as the Linux-based Tails OS.

 

Key Benefits That We Get from Technology’s Fast-paced Progression

As technology has continued to evolve and develop at a very quick pace, businesses and consumers alike have been able to obtain a number of key benefits with regard to the four major advantages spoken about earlier. The development of IBM’s Personal Computer, the advent of email systems, the invention of cloud systems and the Internet have all given businesses and users unprecedented opportunities to conduct novel workflows.

Abundance of Resources

The Internet, along with Wiki resources, online web pages, information apps, and even AI (i.e. Siri) have allowed everything from learning a language to learning history as easy as clicking an application or going online. This also translates to an incredible amount of resources at the fingertips of business personnel and corporate executives, all of which translates to better decision-making, more effective strategizing, and reduced overhead. Additionally, the Internet has allowed critical outsourcing abilities that allow experts across the world to aid a business at a lower cost than would be the norm if in-house specialists were used.

Health Benefits

One of the industries using advanced technology is the health industry. Everything from medical AI systems for diagnosis, to the use of computer databases for health PII, and even advanced robotics that aid in surgery - along with smart gear/clothes, and smart monitors that monitor one’s health and send critical data to a doctor via medical applications - all have revolutionized how doctors carry out clinical medicine. Genomic Big Data (Bioinformatics), and advanced Lab technologies have also aided with Precision Medicine’s goal in finding individual treatments and cures for hard to treat chronic illnesses in a fraction of the time that would be required without such technology. But health data is one of the most private assets pertaining to an individual human being, and despite benefits in the health field, such data must be guarded closely.

Ease of Information Processing and Access

Large volumes of data have allowed businesses to analyze patterns and understand facets of customer behavior in unprecedented ways. In order for the novelties of data science to be possible, robust computing systems were required. With the invention of powerful servers, cloud computing systems and data analytics engines, new ways to collaborate, access information (i.e. via the cloud), and process Big Data have given businesses and consumers an edge in fulfilling their tasks in a streamlined manner, while minimizing overhead and being more productive.

Great Increase in Mobility

Tablets and smartphones are essentially mini computers that have allowed businesses and consumers to carry out critical tasks on the go, while still being connected to business systems and/or crucial consumer apps (like Booking apps, travel apps, messaging apps), regardless of location. This also allows business personnel to conduct their affairs across borders and outside of the enterprise’s headquarters.

Financial Gain as a Result of Technology Development

With new technologies evolving, new industries have been made, new ways of conducting business have developed and both consumers and businesses have been able to develop new, novel ways to make financial gains. This includes using social media to aid in business marketing, the utilization of inbound marketing, e-commerce, working online via the cloud, web application software development, and the offering of new business services and products as new technologies develop.


The Sacrifices We Make to Our Privacy for Technology

While users and businesses maintain key advantages in using technology, such advantages come at a sacrifice to privacy. In a world where online anonymity seems hopeless, some would believe that it is near impossible for anyone - or any corporation - to keep all of their data completely private.

While computer systems and technology allow for faster data access/communications, collaboration and greater productivity, the transmission of such data over networks may not ensure complete security, in which such pivotal, private data may be compromised. Business information may be hacked and personal user account data may be stolen. Companies or governments may track and store user information illegally, or spy on users in an unethical manner. Even VPN companies may track user passwords and keep logs of Internet activity, which ISPs are also fully capable of. Internet cookies may track a user’s internet browser history and activity, search engines, and social media apps may keep records of user activity. While technology may allow better physical security - for example, the utilization of AI bots to aid the Police and smart cameras to track criminals - it may also allow governments and agencies to spy on everyone.

Technology also allows for unprecedented convenience. For instance, using Apple Pay and digital cards/money for payments and transportation (i.e. WeChat, Uber, BitCoin), and the advent of Web e-commerce (I.e. Amazon, Alibaba, Lazada), allows an increase in consumerism and the feasible purchasing of goods from one’s own home. Social media also allows apps to connect with locals on every country on earth. With those advantages, however, comes geolocation/GPS global tracking of users, and the tracking of personal data, spending habits, and activity, thus potentially compromising privacy. Lastly, while technology allows for the creation of better strategies for businesses , it also means that customer habits and activities are not truly private, but are recorded, analyzed and stored by enterprises for business use.


The Future of our Privacy

While no one knows what the future holds, there are a number of advanced technologies that are being developed and deployed every year. Some future technologies that may relate to privacy include:

  • Smart cities: Cities where everything is connected to a central network allows objects to be “connected” to the Internet for the feasible maintenance and management of all city assets.

  • Advanced IoT Tech: Adding IoT sensors to guns, airplanes, or clothes allows the military and fashion industries, respectively - and all industries that utilize IoT - to evolve in ways that can radically alter the global Internet, and the privacy of data that is associated with all IoT devices.

  • Quantum Computers: More powerful computer systems - that can break even RSA crypto-systems - may become large threats to personal and business privacy.

  • Advanced AI: Depending on how AI is used, robust AI systems may develop to hack other computer systems, uncover the most private data, record user actions, and learn in a way that causes such systems to evolve into systems that may threaten users and businesses.

  • Blockchain Technology/Cryptocurrency: While smart contracts may become more prevalent globally, the use of cryptocurrency - which was designed to increase financial privacy among users - is only set to spread more and more.

  • Advanced Internet apps: Advanced VPNs, The Dark Web, the Deep Web, and “Global Port Scanner” apps like Shodan all have the potential to affect online privacy as users try to maintain anonymity more and more, and criminals attempt to adopt more advanced hacking methodologies to aid in their unethical acts of accessing private data.

  • And more…

Ultimately, the major aspects associated with aligning privacy rights with technology - legislations, hardware security, software security, and network security - will have to be implemented correctly in order to ensure that, while businesses and consumers gain advantages by adopting advanced ICT systems, such users are not effectively selling their collective souls for convenience and daily technological gains.

 

 

Assessing the Impact Your Technology Has On the Business