Expert Witness: The challenge of balancing privacy and security

Most people today use Gmail. Ask the person about security and they think of their password. Ask, what is data privacy and they think of the way Google uses their data to administer their account.  It’s often been said that security is the lock on the front door of your apartment. Privacy is the shade on your bedroom window. Unfortunately, even black-out shades do not work if your front door is wide open. 
There is no such thing as being 100% secure; there are only acceptable levels of risk. Acceptable is defined as what you are willing to live with. For example, take  the dilemma of safety vs privacy. The debate centers around whether U.S. technology companies should provide back doors into their products to assist law enforcement. Back doors are really vulnerabilities which are exploitable (especially by foreign governments), which puts citizens and companies at greater risk. Are you willing to live with the existence of magical back doors that could inevitably be vulnerable to bad actors? The answer depends on how you define an acceptable level of risk to you because risk is personal.


In essence, it’s not only important to implement a successful privacy program with the support of a security program, but also to determine what YOUR acceptable level of risk is.