Reviving Privacy: the Opportunity of Cyber-security

Abstract

The online entertainment industry has thrived thanks to unprecedented technical innovations and responsive organizational changes, whose combination is challenging privacy and data protection in two respects. Firstly, they are affected by those business models based on the provision of seemingly free services, in the subtle exchange for as much personal information as possible. Secondly, the multiplication of online devices, users and services, cloud computing and big data raise issues of technical security, i.e. cybercrimes and cyber-security, and affect privacy and data protection when personal information is affected. Moreover, due to the relevance of Critical Information Infrastructure to the national economy and security, governments are starting to tackle cyber-challenges. Yet, the policy debate is focussing excessively on traditional crimes committed by electronic means, which are quite different from novel crimes possible only in the online environment, and on surveillance measures. This may bias the choice of the best means to tackle cyber-crimes and further challenge privacy and data protection, mostly seen as an obstacle to investigations. However, I maintain that, in theory, the adoption of cyber-security policies represent more an opportunity to revive privacy and data protection than a threat. Not only is privacy built into classic computer security paradigms, but the data protection regime also contains provisions whose implementation in a cyber-security policy may act as a proxy to reduce cyber threats, provided that a number of conditions are respected. Part of the problem, and therefore the solution, may lie in appropriately redistributing responsibility and accountability online.