What is the difference between security and privacy?
Security is an overarching principle in IT. As more new technologies become connected by networks such as global IP and wireless telecom networks, there is more attention paid to how to control data and how to make it secure. Security architectures can include very different components, from endpoint security practices that control the display of data on smartphones and tablets, to "data in use" network security practices that protect network data and infrastructure from hacking or cyberattacks.
Privacy is a bit of a different issue having to do with an individual's right to own the data generated by his or her life and activities, and to restrict the outward flow of that data.
It’s true that in many cases, security and privacy are tandem operational goals. In other words, the same safeguards that offer data security offer privacy for users. But in another sense, privacy is something that may not be built into security efforts, or seen as a necessary objective by big companies or government agencies.
The debate around the mining of personal data by the government, corporations and other agencies shows the difference between security and privacy. Most major organizations see digital security as paramount, while ignoring the digital privacy of users and others. For example, government agencies may help to ensure that private businesses don’t get access to some kinds of personal information regarding citizens, but at the same time, that same agency may be looking to get their hands on the information for other objectives. Many of these issues will continue to come up as different parties struggle to acquire, control and safeguard data.
Being digital should be of more interest than being electronic.- Alan Turing, 1947