This post is more than three years old so may contain incorrect information, or opinions I no longer hold.

Privacy & Security Are Different - Round 2

24 Dec 2019 | ~3 minute read

I recently wrote a post explaining that I think Privacy & Security Are Different. Following that post I've received some feedback questioning my rationale. This post is a response to some of that feedback.

Privacy is part of security

A lot of the feedback I received was stating that privacy is part of security, and without security you can't have privacy. I don't feel that is the case. I like analogies, so let's look at an analogy to explain how I see privacy vs security:

The bank sends a letter marked private and confidential to me. Only I should open the letter because it is private and addressed to me.

Unfortunately, my postman accidentally delivered the letter to my neighbour. Not reading the addressee, my neighbour opens the letter. My privacy has now been breached because the letter was not secured.

As you can see, data can be private, yet insecure.

A better way for my bank to ensure my privacy was maintained, would have been to send the letter to me digitally via my online banking site. Then email me to say a digital letter was waiting.

I would need to log in to my online banking before being able to read the letter. So my bank has secured my letter and maintained my privacy.

Confidentiality

A couple of people mentioned that privacy is part of security because Confidentiality is part of the CIA Triad that I mentioned in the previous post. Confidentiality and privacy are not the same thing.

The CIA Triad

This post on findlaw.com explains the differences between confidentiality and privacy really well. But if you don't want to read the post, I'll sum up the differences below:

Confidentiality refers to personal or sensitive information that is shared with a person or group. For example medical records or a document that contains sensitive business information. The expectation is that confidential information is not shared any further without express permission.

Privacy on the other hand, refers to the freedom from intrusion into someone’s personal matters or information. For example, my neighbour not opening that letter from the bank.

So when we talk about confidentiality within the CIA triad, it’s referring to the securing of data so that only those who need to see it, see it.

That is why the letter from my bank was marked private and confidential. They are different things.

Conclusion

Hopefully this post helps clarify my position on the differences between privacy, security and confidentiality. All three are different things, albeit closely linked.

I considered editing the original post, but ultimately I feel that a second post was a better way to go.

As with all the posts I put out on this site, this is just my opinion. If you think I'm wrong, feel free to get in touch and I will be happy to discuss the matter further.

← The one before
Moving To Progressive Web Apps

Up next →
How To Convert WordPress To Markdown

Get in touch!

Receiving emails from my readers is my favourite thing, so if you have something to say, feel free to drop me an email or sign my guestbook.

Want more content?

Say no more, dear reader. Here's three random posts from this blog for you to peruse:

Elementary OS Juno Review
17 Oct 2018

Are Password Managers Really Worth It?
27 Dec 2017

The Expert vs the Impostor
02 May 2022

Want to be informed when I post new articles? Simply enter your email address below and you will get an email whenever new posts are published.

Alternatively, you can subscribe via RSS instead.

Enjoyed this post?

I put a lot of work into maintaining this site and I really enjoy interacting with my readers.

My fuel of choice is coffee, so if you did enjoy this post, or found it in any way useful, I'd appreciate more fuel to keep me going. ❤️

Buy me a coffee