Читать книгу Building an Effective Security Program for Distributed Energy Resources and Systems - Mariana Hentea - Страница 37

Similar to security, privacy has many definitions for use on different contexts, cultures, and jurisdictions. One definition is provided as [Dictionary 1994]:

The condition of being secluded from others; secrecy.

Generally, privacy means a state in which an individual is not observed or disturbed by others.

Privacy refers to protection of personal data. Personal data means any information relating to an identified or identifiable individual (data subject) [Shei 2013].

In the Internet and Web context, where users exchange private data via Web or email with organizations or other users, sometimes unknown users, users experience many concerns:

 What personal information can be shared with whom.

 Whether and how one can share information anonymously.

Thus, users are concerned with privacy as it relates to personally identifiable information (PII). This is associated with collection, ownership, access control, integrity control, distribution, modifications, repurposing, reconstruction, and disposition of relating to an individual.

In some situations, an individual might choose to withhold their identity to be publicly unknown or anonymous. In protecting the PII, one option is anonymity. Anonymity is a result of not having identifying characteristics (such as a name or description of physical appearance) disclosed. More concepts and principles related to privacy are available at [OECD 2016]. Therefore, privacy rights are defined in constitutional and common law. Privacy laws deal with the regulation of personal information about individuals that can be collected, stored, and used by governments and other public as well as private organizations.

There is not one universal, internationally accepted definition of privacy; it can mean many things to different individuals. At its most basic, privacy can be seen as the right to be left alone. Privacy terms are defined differently among various industries, groups, countries, and even individuals. Furthermore, privacy should not be confused, as it often is, with being the same as confidentiality, and personal information is not the same as confidential information. Confidential information is information for which access should be limited to only those with a business need to know and that could result in compromise to a system, data, application, or other business function if inappropriately shared.

Additionally, privacy can often be confused with security. Although there may be significant overlap between the two, they are also distinct concepts. There can be security without having privacy, but there cannot be privacy without security; it is one of the elements of privacy.