Hacker News new | past | comments | ask | show | jobs | submit login

> In an information environment, security and privacy are the same thing

Yes. Privacy is a subset of security.




I'd argue that they're overlapping sets of concerns, not necessarily identical to or subsets of each other.

Off the cuff:

* Being an anonymous person walking through a city. This is a privacy concern and only becomes a security concern if I'm a public persona or some kind of person of interest.

* Moving to a new school/city/job and not having your social reputation follow you. This allows a lot of people a chance to redefine who they are and how they interact with people around them. This can't happen if everybody always knows somebody's pervious public persona.

* Breaking a law and being fined/punished/imprisoned for it. Without privacy, such a person has a much poorer chance of having a decent life even after they've done their time or paid their dues.

These all strike me as privacy concerns, but not necessarily concerns to security. I think they're all important enough to consider privacy as a good thing in it's own right and that such scenarios signal that it's possible to advocate privacy in the absence of (or opposition to) security concerns.


How would you define the terms? IMO these are all 'security' related, just personal security (which is what I define privacy as).

The most accurate lines I can draw around either are abstract enough that they end up in the same bucket, but perhaps we're defining them differently


Not GP, but security refers to the protection of the system, while privacy refers to the protection of information.

So you need to protect the system to protect the information on it, but there are also sometimes trade offs between security and privacy when you offload some system protection by giving away some information to another party. For example SmartScreen with Microsoft, and Safe Browsing with Google Chrome.


elesiuta had some great commentary I agree with, but to add my own response:

> IMO these are all 'security' related, just personal security (which is what I define privacy as).

I think this level of reduction becomes problematic in scenarios where security>privacy advocates talk about security in the collective sense.

Playing devil's advocate to highlight where I believe this reduction of security->personal security->privacy breaks down: A man borrowed many books from a library on the topic of explosive chemistry. That man later was involved in terrorist acts.

This is a situation where one could argue that less privacy for people in relation to their library borrowing habits may have resulted in greater security.

This is an example of an event that has happened, and while I hate the cliche of terrorism in debates about privacy and feel this particular point can be argued, it's exactly these kinds of scenarios that security>privacy advocates use to push for fewer privacy protections across large groups of people.


I agree its a good counter-point. I would argue that we shouldn't give our decision making power to decide what is and isn't best for us over to any 3rd party because they will never have the same interest in making informed decisions as the beholder. There is nothing on the line for someone to make decisions on another's behalf.

The Sokovia Accords Debate [1] from the Captain America Civil War (2016) film says it best, imho.

[1]: https://www.youtube.com/watch?v=JmjRhmk800U




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: