We can have ‘win-win’ on security vs. privacy

Mar 26, 2007

People think there has to be a choice between privacy and security; that increased security means more collection and processing of personal private information. However, in a challenging report to be published on Monday 26 March 2007, The Royal Academy of Engineering says that, with the right engineering solutions, we can have both increased privacy and more security. Engineers have a key role in achieving the right balance.

One of the issues that Dilemmas of Privacy and Surveillance – challenges of technological change looks at is how we can buy ordinary goods and services without having to prove who we are. For many electronic transactions, a name or identity is not needed; just assurance that we are old enough or that we have the money to pay. In short, authorisation, not identification should be all that is required. Services for travel and shopping can be designed to maintain privacy by allowing people to buy goods and use public transport anonymously.

"It should be possible to sign up for a loyalty card without having to register it to a particular individual – consumers should be able to decide what information is collected about them," says Professor Nigel Gilbert, Chairman of the Academy working group that produced the report. "We have supermarkets collecting data on our shopping habits and also offering life insurance services. What will they be able to do in 20 years’ time, knowing how many donuts we have bought?"

Another issue is that, in the future, there will be more databases holding sensitive personal information. As government moves to providing more electronic services and constructs the National Identity Register, databases will be created that hold information crucial for accessing essential services such as health care and social security. But complex databases and IT networks can suffer from mechanical failure or software bugs. Human error can lead to personal data being lost or stolen. If the system breaks down, as a result of accident or sabotage, millions could be inconvenienced or even have their lives put in danger.

The Academy’s report calls for the government to take action to prepare for such failures, making full use of engineering expertise in managing the risks posed by surveillance and data management technologies. It also calls for stricter guidelines for companies who hold personal data, requiring companies to store data securely, to notify customers if their data are lost or stolen, and to tell us what the data are being used for.

"Technologies for collecting, storing, transmitting and processing data are developing rapidly with many potential benefits, from making paying bills more convenient to providing better healthcare," says Professor Gilbert. "However, these techniques could make a significant impact on our privacy. Their development must be monitored and managed so that the effects are properly understood and controlled." Engineering solutions should also be devised which protect the privacy and security of data. For example: electronic personal information could be protected by methods similar to the digital rights management software used to safeguard copyrighted electronic material like music releases, limiting the threat of snooping and leaks of personal data.

The report also investigates the changes in camera surveillance – CCTV cameras can now record digital images that could be stored forever. Predicted improvements in automatic number-plate recognition, recognition of individual’s faces and faster methods of searching images mean that it may become possible to search back in time through vast amounts of digital data to find out where people were and what they were doing. The Royal Academy of Engineering’s report calls for greater control over the proliferation of camera surveillance and for more research into how public spaces can be monitored while minimising the impact on privacy.

The public will be to find out more about this report and have their say at a free evening event at the Science Museum’s Dana Centre in London on Tuesday 27 March.

"Engineers’ knowledge and experience can help to ‘design in privacy’ into new IT developments," says Professor Gilbert. "But first, the government and corporations must recognise that they put at risk the trust of citizens and customers if they do not treat privacy issues seriously."

Source: University of Surrey

Explore further: The internet was delivered to the masses; parallel computing is not far behind

add to favorites email to friend print save as pdf

Related Stories

New generation is happy for employers to monitor them on social media

14 hours ago

Will employers in the future watch what their staff get up to on social media? Allowing bosses or would-be employers a snoop around social media pages is a growing trend in the US, and now a new report from PricewaterhouseCoopers and the Said Business School suggest ...

Scientist exposes new world of forensic analysis

Aug 15, 2014

Over the past 20 years DNA evidence has become the foundation upon which forensic investigation is built. The identification of traces of blood, saliva and other bodily fluids places a suspect directly at ...

New technologies are improving the lives of seniors

Aug 14, 2014

If Betty Lewis falls at the Edgemere senior living community, a pendant she wears around her neck will alert the staff. The device picks up the motion of the fall and notifies staff members at the North Dallas facility so ...

Recommended for you

Hacking Gmail with 92 percent success

5 hours ago

(Phys.org) —A team of researchers, including an assistant professor at the University of California, Riverside Bourns College of Engineering, have identified a weakness believed to exist in Android, Windows ...

User comments : 0