We can have ‘win-win’ on security vs. privacy

March 26, 2007

People think there has to be a choice between privacy and security; that increased security means more collection and processing of personal private information. However, in a challenging report to be published on Monday 26 March 2007, The Royal Academy of Engineering says that, with the right engineering solutions, we can have both increased privacy and more security. Engineers have a key role in achieving the right balance.

One of the issues that Dilemmas of Privacy and Surveillance – challenges of technological change looks at is how we can buy ordinary goods and services without having to prove who we are. For many electronic transactions, a name or identity is not needed; just assurance that we are old enough or that we have the money to pay. In short, authorisation, not identification should be all that is required. Services for travel and shopping can be designed to maintain privacy by allowing people to buy goods and use public transport anonymously.

"It should be possible to sign up for a loyalty card without having to register it to a particular individual – consumers should be able to decide what information is collected about them," says Professor Nigel Gilbert, Chairman of the Academy working group that produced the report. "We have supermarkets collecting data on our shopping habits and also offering life insurance services. What will they be able to do in 20 years’ time, knowing how many donuts we have bought?"

Another issue is that, in the future, there will be more databases holding sensitive personal information. As government moves to providing more electronic services and constructs the National Identity Register, databases will be created that hold information crucial for accessing essential services such as health care and social security. But complex databases and IT networks can suffer from mechanical failure or software bugs. Human error can lead to personal data being lost or stolen. If the system breaks down, as a result of accident or sabotage, millions could be inconvenienced or even have their lives put in danger.

The Academy’s report calls for the government to take action to prepare for such failures, making full use of engineering expertise in managing the risks posed by surveillance and data management technologies. It also calls for stricter guidelines for companies who hold personal data, requiring companies to store data securely, to notify customers if their data are lost or stolen, and to tell us what the data are being used for.

"Technologies for collecting, storing, transmitting and processing data are developing rapidly with many potential benefits, from making paying bills more convenient to providing better healthcare," says Professor Gilbert. "However, these techniques could make a significant impact on our privacy. Their development must be monitored and managed so that the effects are properly understood and controlled." Engineering solutions should also be devised which protect the privacy and security of data. For example: electronic personal information could be protected by methods similar to the digital rights management software used to safeguard copyrighted electronic material like music releases, limiting the threat of snooping and leaks of personal data.

The report also investigates the changes in camera surveillance – CCTV cameras can now record digital images that could be stored forever. Predicted improvements in automatic number-plate recognition, recognition of individual’s faces and faster methods of searching images mean that it may become possible to search back in time through vast amounts of digital data to find out where people were and what they were doing. The Royal Academy of Engineering’s report calls for greater control over the proliferation of camera surveillance and for more research into how public spaces can be monitored while minimising the impact on privacy.

The public will be to find out more about this report and have their say at a free evening event at the Science Museum’s Dana Centre in London on Tuesday 27 March.

"Engineers’ knowledge and experience can help to ‘design in privacy’ into new IT developments," says Professor Gilbert. "But first, the government and corporations must recognise that they put at risk the trust of citizens and customers if they do not treat privacy issues seriously."

Source: University of Surrey

Explore further: Study finds despite expectations of privacy, one in four share sexts

Related Stories

In Zika, echoes of US rubella outbreak of 1964-65

August 1, 2016

Just over 50 years ago, a highly contagious but seemingly harmless virus swept through the United States, infecting as many as 12.5 million people. In both adults and children, the virus presented as a mild illness, but caused ...

The cat-and-mouse game of blocking digital ads

August 16, 2016

If you were using Facebook on a desktop last week, you may have noticed that your ad-blocking software was being blocked. That was a move by Facebook, which said it was updating its approach to ad blocking while also expanding ...

Baby in Texas dies from Zika

August 9, 2016

A baby born with brain defects caused by the mosquito-borne Zika virus has died in Texas, marking the southern state's first Zika-related death, officials said Tuesday.

Gawker.com dies next week, killed by an unhappy subject

August 18, 2016

Gawker.com, the brash New York website that broke new ground with its gossipy, no-holds-barred coverage of media, culture and politics, is shutting down after 14 years, brought low by an unhappy, but deep-pocketed, subject.

Recommended for you

Apple issues update after cyber weapon captured

August 26, 2016

Apple iPhone owners on Friday were urged to install a quickly released security update after a sophisticated attack on an Emirati dissident exposed vulnerabilities targeted by cyber arms dealers.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.