The erosion of privacy in the digital world
by Mirko Zorz - Tuesday, 20 August 2013.
Yves Le Roux is the Technology Strategist at CA Technologies and Chair of ISACA’s Data Privacy Task Force. In this interview he discusses the evolution of the digital identity, the influence of politics on privacy, Google Glass, and much more.

What are the critical issues in understanding the very nature of identity in a society actively building bridges between the real and digital world?

If you speak to a psychologist, he/she will explain you that each individual integrate various aspects of identity, memory and consciousness in a single multidimensional self. As said in a study done by Cabiria (2008), “The structure and design of virtual worlds allows its users to freely explore many facets of their personalities in ways that are not easily available to them in real life”. But this may have some consequences. For example, if an individual creates a virtual identity that is different from their real life identity, it can take a lot of psychological effort to maintain the false identity. In addition, one of the two options will occur, the identities may converge into one, making the virtual and real identities truer, or the individual may simply toss out the virtual identity, and start over with a new one.

The main issue with identities in this virtual world is trust. Law enforcement officials view this possibility of multiple untrusted identities as an open invitation to criminals who wish to disguise their identities. Therefore, they call for an identity management infrastructure that would irrevocably tie online identity to a person's legal identity.

A popular opinion among politicians is: "If you have nothing to hide, you have nothing to worry about". Why is privacy still important, even if you have nothing to hide?

The line "if you've got nothing to hide, you have nothing to worry about" is used all too often in defending surveillance overreach. It's been debunked countless times in the past. For example, in 2007,in a short essay, written for a symposium in the San Diego Law Review, Professor Daniel Solove (George Washington University Law School) examines the nothing to hide argument.

His conclusion was: “The nothing to hide argument speaks to some problems, but not to others. It represents a singular and narrow way of conceiving of privacy, and it wins by excluding consideration of the other problems often raised in government surveillance and data mining programs. When engaged with directly, the nothing to hide argument can ensnare, for it forces the debate to focus on its narrow understanding of privacy. But when confronted with the plurality of privacy problems implicated by government data collection and use beyond surveillance and disclosure, the nothing to hide argument, in the end, has nothing to say.”

In our privacy study following a European paper issued by Michael Friedewald, we distinguish seven types of privacy:

1. Privacy of the person encompasses the right to keep body functions and body characteristics (such as genetic codes and biometrics) private.

2. Privacy of behaviour and action includes sensitive issues such as sexual preferences and habits, political activities and religious practices.

3. Privacy of communication aims to avoid the interception of communications, including mail interception, the use of bugs, directional microphones, telephone or wireless communication interception or recording and access to e-mail messages.

4. Privacy of data and image includes concerns about making sure that individuals’ data is not automatically available to other individuals and organisations and that people can “exercise a substantial degree of control over that data and its use”.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Feb 12th