The security breaches of the big social media companies last year, the use of information shared between users and privacy policies will be the focus of experts in an attempt to improve user privacy in 2014
Privacy is a cause of constant concern that has grown exponentially in recent years. You just need to think back to everything that happened in 2013 in regard to data security and privacy to realise that despite all of the precautions and security measures, something is still not working.
This uncertainty is driven in part by certain up-and-coming business strategies, as in the case of BYOD. Although we’ve already discussed the advantages and disadvantages of this business strategy in the blog before, a lot of experts warn against the security and privacy issues caused by the use of personal devices as part of business activities.
Since the current trend in companies is towards the BYOD model, 2014 will be a key year to redesign security protocols of mobile phones and tablets for personal use in companies, as well as the corporate information devices. This business practice focuses the privacy debate on how to guarantee that personal information, stored images or the recording of calls from employee devices are not exposed to the eyes of their superiors in backup copies of the company’s IT servers.
Some security experts support the idea of the separation of corporate data and company applications on an independent partition separate from the personal data stored on employee devices. This means that the company can monitor and make backup copies of the corporate information generated by each employee during the workday, without crossing the border of personal area. They could even remotely manage the deletion of the information collected on the personal devices, if the employee is fired. This type of measure would represent intelligent use of the BYOD model, which would guarantee the individual privacy of employees.
Another important question arising from the controversial consequences of the Edward Snowden case and his revelations regarding the National Security Agency, is that the privacy of email accounts in the case of legal processes is on the ropes. After the court order that forced email provider Lavabit to hand over the encryption keys to investigate communications related to the case, the confidentiality of its users was called into question and forced the company to close down the service to prevent its other clients from being involuntarily investigated by the government.
This unpleasant situation poses questions regarding privacy policies that need to be addressed urgently in order to manage legal requests without violating the privacy of other clients. A gesture to alleviate this feeling of distrust and insecurity that many users feel as a result of this controversial case.
In regard to this question and the resounding security breaches of the principal social media companies, exposing the data of millions of users, a little more transparency and specificity in the privacy policies of these service providers would also be helpful. In most cases, their incomprehensible legal jargon doesn’t clearly outline the responsibility of the companies in situations like the ones experienced by the users of Twitter, Pinterest and Tumblr at the start of 2013, and later by the users of Facebook, Yahoo and Google, among others.
This defencelessness has made security policies into strategic documents to restore user trust over the course of 2014. In this regard, what is needed is an exercise in self-criticism to promote privacy policies that explicitly, and in clear, readable language with no linguistic loopholes, summarises the rights and obligations that apply to us when contracting a particular service, and to clearly define how far the liability of these service providers extends if private information is revealed, or the uses that these companies make of the information shared by the users.