The Human Element is Inherent to Privacy

Image for post
Image for post
RSA Conference 2020’s theme centers on the “human element.” And privacy is highlighted even more in this year’s conference. But what hasn’t perhaps been explored sufficiently is how the human element is inherent to privacy.

Much has been written on this topic from the cybersecurity angle. In this post, we explore how the human element is inherent to privacy. In some ways, even moreso than it is in the security domain. At a basic level, privacy is a human right. It is concerned with people’s personal information and pertains to information relationships with people. Privacy values are derived from values that we have as collective societies of people. And most importantly, building and maintaining a culture of privacy begins and ends with each of us.

In many parts of the wold, privacy is considered a human right. The 1948 Universal Declaration of Human Rights explicitly declares:

“No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks.”

At a basic level, the human element is inherent to privacy because privacy is a human right.

At the data level, privacy is specifically concerned with people’s personal information. Security, by contrast, has a boarder scope: trade secrets, confidential information, and any data that an organization deems valuable enough to secure. Privacy focuses on one type of data: personal data. But its narrow data scope is countered by its broader scope of concern than just securing such data. The privacy domain also asks whether personal data is collected legitimately and transparently, used for appropriate purposes, and retained for an appropriate period of time, amongst other things.

Because privacy is concerned with people’s personal information, it follows that privacy practices involve relationships with people. When we collect credit card data for payment, for instance, there is a human being behind that data transaction — something that we often forget in this digital age.

As evidenced by global privacy laws and consumer privacy sentiment, we know that privacy values are cultural to some extent and influenced by societal values. Europeans, for example, are generally more sensitive to consumer privacy issues, than Americans are. Our values as collective societies of people contribute to nuances in privacy around the world.

At an organizational level, privacy culture depends on people. Whether an organization will have a strong culture of privacy depends on its people. We know that company leaders’ behavior towards privacy serve as a model for the rest of the workforce’s own behavior. This human element explains why we have workforce privacy training and awareness programs. Privacy begins and starts with each person in an organization.

As flawed human beings, we will never have a “perfect” or homogeneous culture of privacy — but this is neither the point nor the goal. Having an ongoing debate on what privacy means to the collective society is what’s more important. After all, the human element is inherent to privacy. I would also go a step further and argue that privacy is inherent to being human.

Written by

Founder & CEO @PIX_LLC @PrivacyTechRise | Privacy & Cybersecurity Strategist & Board Advisor| Reformed Silicon Valley Lawyer | @LourdesTurrecha

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store