Byline: Greg Cohen, chief revenue & strategy officer,Merchant Warehouse
When news events like the NSA revelations or the Target breach arise, it often becomes clear that we, as both consumers and businesses, don’t have a good grasp on the difference between security and privacy. There is a blurred line that we can’t seem to get our heads around. Because of that, regardless of your political affiliations, it’s important to have an open and honest conversation about where privacy and security differ, where they meet and what we can do to protect both.
I personally think part of the reason for this blurred line is that our digital-first world has changed the way the two words are defined. We share by default now, and it’s not always clear where the content we create and the data we share about ourselves will wind up. It’s also not clear who should be responsible for protecting our data, or who’s at fault when a breach occurs.
So what’s the real difference between security and privacy? We define security as the state of being free from danger or threats. Security is a table-stakes necessity, a prerequesite in order to get people to share information. They need to believe that it will be protected accordingly.
Privacy, on the other hand, is the ability to decide the extent to which your data is shared — how, when and with whom. Online, privacy is eroding quickly. And although consumers often complain about the “creepy” factor of having their data readily accessible to humans and algorithms alike, it’s obviously not creepy enough for us to change our behavior. Consumers will decry invasions of privacy without taking action to change anything, because they derive too much value from the devices, apps and services that erode their privacy.
So you might ask: what about privacy settings, user preferences and Do Not Track programs? In some cases, I think these processes have actually led consumers to believe they have control over what is shared and when. Consumers are largely willing to share their data in exchange for what they want. For example, a recentCisco study found that 52 percent of shoppers are willing to share information with retailers in exchange for a discount. And93 percent of American consumers do not see Amazon and its recommendation algorithms as a privacy threat.
But not all data sharing, even the voluntary kind, is safe. This is where security comes into play, and why it’s important to understand where that blurred line between security and privacy exists.
Take a look at the apps and services we use daily. They’re porous; we give them access to our information — contacts, personal details, location, etc. — in order to make the services better and more personalized. And though this type of information collection usually results in a more positive experience, it can easily cross into “scary” territory. For example, in January,4.6 million Snapchat users’ data was leaked by hackers. This was particularly troubling for people who use the service precisely because of its ostensibly private — and impermanent — nature.
And that’s hardly an isolated incident. In 2013, hackers nabbed 12 million passwords and accessed almost 30 million accounts from tech darlings like Apple, Twitter and LinkedIn.
Yet, in spite of examples like this, many businesses continue to believe that they aren’t at risk for a breach or fraud.
So what can be done? For businesses, the first step is honesty and transparency. For consumers, it’s education. We need to realize that we give up privacy every time we shop, whether online or in stores. Because of this, security processes are critical.
While this may sound dire, all is not lost. If we do a good job of implementing security practices and preserving privacy where it matters, then the positive aspects of sharing our data online and in the real world can be brought to bear for both consumers and businesses. That’s the goal, and now it’s time for us to get to work achieving it.