Privacy
-
What is Privacy
- Policies
- Guiding Principles
- ISPC
- Project Reviews
- Education
- Services
- GDPR
- COVID-19
- Forms & Templates
- Contact
Generally, privacy is the right to be let alone, free from interference or intrusion. We may hear people say "I don't care about privacy because I don't have anything to hide," but that argument misses many important privacy concepts. Privacy is not just about confidentiality, but also about having control over our own domains and knowledge about what is done with those domains. Privacy is integral to free speech, openness in research, and the ethical treatment of individuals and institutional assets. Beyond compliance with laws, privacy is trust! It is a concept closely related to the US Constitutional concept of ordered liberty. This talk, "In Defense of Privacy," explains the importance of privacy to personhood and society.
The University of California Privacy and Information Security Steering Committee Report of January 2013 described privacy as two intertwined concepts of autonomy and information privacy.
Another way to think about the various parts of privacy is to split the field into various concepts (domains):
Genetic testing, health research, drug tests, and abortion rights all involve the concept of bodily privacy.
Video surveillance, house and car searches, and physical access restrictions all deal with the concept of territorial privacy.
Workplace email monitoring, recording a phone call, and wiretaps all involve the concept of communication privacy.
Social media, smart phone apps, and educational technology services all have data privacy implications.
Vast amounts of data about individuals are collected and processed every second from millions of sources. This information is routinely used not only to predict behavior, preferences, and status, but also to monitor or manipulate people for gains. As a university that handles the personal data of applicants, students, staff, faculty, research participants, alumni, and the general public, we have an ethical and stewardship responsibility to all of these individuals to treat them and their information with respect.
Any activity that involves human beings has the potential to impact privacy! Below are some examples of university activities with potential privacy implications:
Privacy and security are two interrelated but separate concepts. Information security is concerned with unauthorized activity that causes a loss of confidentiality, integrity, or availability of information or systems (including systems that don't involve personal information). Privacy concerns may arise from unauthorized access, but they can also arise from planned and permissible activity. So, even if information is handled securely, privacy concerns may exist where the use or disclosure of that data impacts individuals.
For example, a social website may handle all information it collects securely, but then use that information to profile individuals, make decisions about the content users will see, and share their information (securely!) with advertising firms.