Introduction
Globally, privacy and security are fundamental human rights that not only have international significance but also ones that various international and regional documents recognize (Winkler & Rinner, 2010). Due to the advancement in technology, most aspects of individuals’ lives are exposed to be accessed by others, and the security of individuals and their privacy is increasingly becoming difficulty to guarantee. Although there are endless promises to uphold privacy and security of both people and information, there are innumerable questions that researchers and even the general public never get satisfactory answers. For instance, are privacy and security possible in the digital age? And why are they important in the first place? According to Romansky and Noninska (2020), privacy and security simply pertain to an individual’s or a group’s ability to safeguard the private aspects of their lives or environment, which is not limited to the information about themselves. Still, however, there lacks a clear distinction defining what a private and secure life is or even the borders of these domains. Filkins et al. (2016) argue that the rise of the digital media has further complicated the conceptualization of privacy and security as generic concepts. Today, at a time when almost everything has been digitized, digital information security, e-privacy, as well as cyber security are concepts that cannot be ignored at both personal and organizational levels. Consequently, this paper argues that there is an opportunity that in the current era, technologies will disrupt some rudimentary tenets of information security and privacy through unmanned access to private data, compelling the public to trade either for the other.
By inspecting and analyzing some of the available literature on this subject, the paper will first explore the prevalence of technology-related threats to data security and personal privacy in the fields of health, education, and business. Then, examine the variation of user privacy and security issues, focusing on such phenomena as cyber-attacks and data fraud, and how data, which is the basis of all these phenomena, is stored and accessed. Finally, the paper will propose how the key stakeholders to this subject can help standardize the use of big data to address the major privacy and security issues. The paper will close the discourse with both a conclusion and a call to action.
Literature Review
Conceptualization of user privacy and security in healthcare
Although healthcare practitioners can now work with a digital ecosystem of effective tools that are easy to use, thereby facilitating healthcare delivery and analysis, this has come with daunting setbacks to the safety of users’ personal data. In their study, Filkins et al. (2016) argued that when working in healthcare settings, employees and patients alike are required to provide data that could be used to personally identify them no matter their location. Since most of this data is stored in the cloud, it is accessed at various health facilities using both immobile and mobile (portable) devices. The authors argued that the risk to users’ security and privacy is intensified by the fact that majority of the devices lack adequate protection. For instance, in 2013, of the 4.5 million lost or stolen devices, only 36% were reported to have been protected with a PIN, and only 29% had backed up their data. Additionally, only 7% were established to have taken strong measures to protect their data and just 8% were reported to have had a software that could enable an administrator or the owner to completely delete all the contents of the device remotely (p.1565). Similarly, Katsikas, Lopez, and Pernul (2008) investigated the nature of security and privacy challenges characterizing the distributed health services in diverse settings. The study noted that the (lack of) security measures necessary to guarantee individuals that any data relating to them will be carried out securely and in privacy, is the greatest challenge to the proliferation of e-health. As a result, patients, especially, become unwilling to take part in e-health (or only partially participate) due to lack of trust in the security and privacy of the technology involved in e-health services, and mostly providers’ sites. For Vora et al. (2018) concerns were similar and pertained to the security and privacy issues around transfer, archival, and access of the huge data relating to mobile medicine and healthcare. These authors had established that while various entities have varying authorization levels to access healthcare records, the privacy and security of this data are not usually guaranteed to due inadequate and sometimes weak measures. The authors concluded that to reduce the mistrust among e-health model users, and concurrently promote large-scale usability, there is need to encrypt medical data at any level. Thus, despite the opportunities that the digital era has brought in healthcare, it has also attracted innumerable setbacks to the security and privacy of users’ personal data. However, similar concerns characterize the field of education.
Privacy and security issues in education
Although there has been increased capacity to sort out large volumes of complex datasets in education, the uncertain security and privacy of this data has significantly undermined effective performance of qualitative and quantitative higher education research. In their study, Florea and Florea (2020) examined the innumerable issues surrounding data privacy in higher education research, including anonymity, confidentiality, as well as informed consent. The research focused on three aspects: the data collector, data user and data subject. It was noted that there are various Big Data collector-subject-user cline concerns that necessitate the privacy and its technical definitions in higher education research to be revised. An example of these concerns include the conflicting nature between exemption for scientific research and the general endowment by legal data collection practices, personal data minimization, as well as scope limitation. The study concluded that due to the evolution of Big Data-centric higher education research into a mainstream research paradigm, there is a need, prior to widely embracing this paradigm, to address critical data privacy issues. Similarly, Reidenberg and Schaub (2018) sought to understand the relationship among education, Big Data, and the privacy of students. The study noted that digital learning technologies are highly beneficial to educationists as they present better tools for collecting educational data and performing large-scale empirical analysis. However, they have also cultivated ethical tensions between security and privacy of education data on the one hand, and Big Data utilization for educational improvement on the other. Habbabeh, Schneider, and Asprion (2019) focused on the European General Data Protection Regulation (GDPR). These authors cited the requirement by the GDPR that institutions for higher learning (re)examine procedures they have erected to promote data privacy, and how they process personal data in particular. The study concluded that due to the issues facing data security and privacy in education, all institutions, even those beyond the control of the GDPR, need to comply with such regulations. Thus although digital technology has increased capacity to sort out large volumes of complex datasets in education, it has also resulted in the inability to successfully safeguard the security and privacy of this data. However, this challenge is not unique to education as it is also prevalent in the business industry.
Privacy – and security-related issues in business in the e-commerce era
In their survey to examine the privacy and security issues in e-commerce, Ackerman and Davis (2003) defined privacy and security as the ultimate control over an individual’s personal information, and the bid to access data by unapproved others, respectively. The authors cited these two concepts as being problematic today for both e-commerce and consumers. The study cited a case where 41% of consumers had requested for a particular site to be removed, after feeling that the owner organization had misused their information. The authors also established that 92% of consumers do not trust businesses to safeguard the privacy and security of their personal data. As a result, they concluded that regulators should now perceive data privacy and security as public issues requiring immediate attention. Similarly, Udo (2001) argued that in today’s information age, technology is highly invasive in people’s private space and users experience a multitude of threats and problems that come in form of spam, cookies as well as the clickstream. Thus, the author argued that the concerns elicited by the massive data that the digital age helps assemble are not merely about just privacy and security of value, but trust and public confidence as well. Consequently, data privacy and security issues are some of the central hurdles for e-commerce in the contemporary world of business. Finally, Alharbi, Zyngier, and Hodkinson (2013) conducted an explanatory research to collect data through in-depth interviews and focus groups. The sources of data were managers from six organizations in diverse sectors, and consumers in a high-user demographic segment. The findings revealed that the rapid progress in technology has facilitated the provision of electronic transactions along with improved customer service. However, the security and protection of privacy of the information provided by the users of the offerings provided by the businesses benefiting from this rapid technology are yet to be guaranteed. Moreover, there is a huge difference in the ways and methods that businesses use to safeguard access to information databases. Thus, for the field of commerce as well, the digital era is both a “blessing and a curse”.
Analysis and Recommendations
While an individual’s security and privacy in their person is considered a basic human right, the digital age has altered how these terms are currently defined and understood. As a result, technology-related threats to data security and personal privacy are prevalent in every aspect of human life. The consulted literature has indicated that the era of digital media poses innumerable threats to user privacy and security in the fields of healthcare, education and even business. However, this is not to say that this technological advancement is all harmful. Rather, it means that each field has benefited immensely from increased capacity to collect, sort out, and use large volumes of complex datasets. Nevertheless, the ultimate test will be to determine whether these benefits will outweigh the cost associated with data security and privacy issues in the long-term. Regardless, the findings of the current study are intended to equip relevant parties, including communication practitioners, with possible strategies and standardizations to minimize exposure to data security and privacy challenges. As a recommendation, such standardizations should include thorough assessment of overall data security programs as well as effective regulatory enforcement. Additionally, personal responsibility will be essential for both the providers and users of data, such as consumers, personnel/organizations working in this area, and individual industries in general.
References
Ackerman, M. S., & Davis Jr, D. T. (2003). Privacy and security issues in e-commerce. New economy handbook, 911, 930.
Alharbi, I. M., Zyngier, S., & Hodkinson, C. (2013). Privacy by design and customers’ perceived privacy and security concerns in the success of e-commerce. Journal of Enterprise Information Management.
Filkins, B.L., Kim, J.Y., Roberts, B., Armstrong, W., Miller, M.A., Hultner, M.L., Castillo, A.P., Ducom, J.C., Topol, E.J. and Steinhubl, S.R. (2016). Privacy and security in the era of digital health: what should translational researchers know and do about it? American journal of translational research, 8(3), p.1560.
Florea, D., & Florea, S. (2020). Big Data and the ethical implications of data privacy in higher education research. Sustainability, 12(20), 8744.
Habbabeh, A., Schneider, B., & Asprion, P. M. (2019). Data privacy assessment: An exemplary case for higher education institutions. International Journal of Management, Knowledge and Learning, 8(2), 221-41.
Katsikas, S., Lopez, J., & Pernul, G. (2008). The challenge for security and privacy services in distributed health settings. Studies in health technology and informatics, 134, 113-125.
Reidenberg, J. R., & Schaub, F. (2018). Achieving big data privacy in education. Theory and Research in Education, 16(3), 263-279.
Romansky, R. (2017). A survey of digital world opportunities and challenges for user’s privacy. International Journal on Information Technologies and Security, 4(9), 97-112.
Romansky, R. P., & Noninska, I. S. (2020). Challenges of the digital age for privacy and personal data protection. Mathematical Biosciences and Engineering, 17(5), 5288-5303.
Udo, G. J. (2001). Privacy and security concerns as major barriers for e‐commerce: a survey study. Information management & computer security.
Vora, J., Italiya, P., Tanwar, S., Tyagi, S., Kumar, N., Obaidat, M. S., & Hsiao, K. F. (2018, July). Ensuring privacy and security in e-health records. In 2018 International conference on computer, information and telecommunication systems (CITS) (pp. 1-5). IEEE.
Winkler, T., & Rinner, B. (2010, August). A systematic approach towards user-centric privacy and security for smart camera networks. In Proceedings of the Fourth ACM/IEEE International Conference on Distributed Smart Cameras (pp. 133-141).
write