What’s the difference between digital privacy and online security?
Programmers and tin-foil hat wearers aren’t the only ones who have to worry about how our information is used (and used against us) online. If we use the internet, we’re at risk of having our personal information exploited somehow. And chances are, some of our personal data has already been breached or exposed.
To this end, we all need to be aware of and fully informed on what digital privacy and online security are, how they differ, and how we can use this knowledge to better protect our digital selves.
Digital privacy vs online security?
I like to consider digital privacy and online security as related and two steps in the same process. What I mean is this: digital privacy is protecting personal info before it’s known. Whereas online security is making sure that when our personal info needs to be known, it’s done as safely as possible.
- Digital privacy protects our personal information and data so that it’s not unnecessarily exposed.
- Online security protects and secures our personal information and data when it needs to be exposed.
An example of this is our own Fathom Analytics website, which you are reading right now. Your digital privacy is protected because we use our own product for website analytics and, therefore, de-identify all website visitors’ personal information. So no personal information of any website visitor is exposed, sold, or targeted with ads across other websites. This is because we don’t need to know who each visitor individually is when they browse our website.
And now, here’s the difference: when a visitor becomes a customer (yay!), we do actually need some personal information to provide them with service (since our business model is selling software, not selling data). Therefore we need a name, address and credit card details. We need this information to create secure accounts for our customers, to be able to comply with tax laws and to combat fraud. But mostly we need that information to create a secure account that you and only you can log into.
Online security (in the example above) means we protect the personal information we need of our customers. We have two-factor authentication for accounts, which we advise all our customers to use, and we take all security steps we can to protect that personal information.
Digital privacy, in that example, is protected because your personal data is de-identified in our analytics and not exploited when browsing this website. There are no other trackers or cookies or anything invasive in use on this website.
How digital privacy and online security can be compromised
While these two things overlap very often, it’s important to grasp how they differ when they are compromised:
- Your privacy and security are maintained. Great! Your information is not obtained without your consent and without good reason, and when it is, it’s guarded safely.
- Your privacy is digitally compromised, but your security is maintained. A tracker follows you around the internet, creating a profile about you based on your browsing habits, and then sells that data to a marketing company. There were no hacks or breaches (and no one gained access to any of your accounts), but this is still horribly invasive.
- Both your privacy and your security are digitally compromised. Yikes. This means someone gained unauthorized access to your personal, private information and has exploited it. The most common example is that you are the victim of a data breach, where a hacker gets your name, email, password, and possibly other personal details for software that wasn’t secured properly. That information is then sold on the dark web or posted online for anyone to download and use.
So security is possible without privacy, but privacy is not possible without security. We could post personal information on social media, which has secure accounts, but posting that information isn’t doing much for our digital privacy (and we’ve compromised our privacy willingly in this case). That information would be freely available without anyone hacking our accounts.
How to protect both your privacy and security
Digital privacy means protecting information and data that we could knowingly or unknowingly be sharing online. Online security means making sure that if/when our information or data needs to be known, that it’s done so in as safe a way as possible.
Let’s look at ways to mitigate both areas and stay as safe as possible when using the internet.
- Limit what we knowingly share online. That means considering one main thing before we post on social media, message boards, blogs, or anything on the web: “How can someone else use this information against me or to exploit me?”
- Protect your devices and their data. Always use strong and unique passwords/PINs for them, and never insecurely connect to networks.
- Use privacy-focused services, like DuckDuckGo for searches, Fastmail for email or any other software that considers digital privacy.
- Use a password manager, unique email addresses and 2FA. This means every service you use online that has a username and password for your account should be 100% unique, the password should be strong, and you should enable non-SMS (2FA) two-factor authentication.
- Use a VPN to hide your browsing habits from your ISP, insecure wifi networks, and to obfuscate your location from websites that don’t use privacy-focused analytics tools.
- Check data breach websites (or your password manager) to see if your security has been compromised and update your passwords if that happens. Or rather, when that happens.
Remember, both digital privacy and online security are essential for all of us who use the internet. The only way we can be protected online is to ensure both are fully protected at all times.