Balancing Cyber-security and Privacy: Legal and Ethical Considerations in the Digital Age
Abstract
In today’s digital world the need to maintain cyber-security and protect sensitive information is more important than ever. However, this must be balanced against the right to privacy, which is also a fundamental human right. This article provides an overview of the legal and ethical considerations involved in balancing cyber-security and privacy in the digital age. It explores the challenges of implementing effective cyber-security measures while respecting privacy rights, and discusses the current legal framework for cyber-security and privacy in various jurisdictions. The article also considers the ethical implications of balancing these two important values and suggests ways in which cyber-security and privacy concerns can be reconciled in a general context. By highlighting the importance of a careful balance between cyber-security and privacy, this article aims to raise awareness of the need for ethical and legal considerations in the development of digital technologies and their regulation.
Downloads
References
Abdul-Kareem A. (2021) Judicial Review of Electronic Evidence in the UAE: Challenges and Solutions. Computer Law & Security Review, vol. 41, p. 105488. Available at: https://doi.org/10.1016/j.clsr.2021.105488
Acquisti A., Grossklags J. (2013) Economics and Privacy. Journal of Economic Literature, vol. 51, no. 2, pp. 1–32.
Al-Fadhli N. (2021) UAE Cybercrime Law: Vague and Broad? Journal of Information Privacy and Security, vol. 17, no. 1, pp. 18–25. Available at: https://doi.org/10.1080/15536548.2021.1878225
Axelsson A.-S., Söderberg J. (2022) Cybersecurity and Privacy: The Interplay between Individual Rights and Organisational Responsibilities. Computer Law Security Review, vol. 43, p. 105639. Available at: https://doi.org/10.1016/j.clsr.2022.105639
Bamberger K., Mulligan D. (2019) Privacy on the Books and on the Ground. Cambridge University Press.
Barnes D., Liang X. (2022) Privacy, Security, and Ethics in Information Systems. Information and Management, vol. 59, no. 1, p. 103598. Avail-able at: https://doi.org/10.1016/j.im.2021.103598
Bergmann M., Grohmann B. (2022) Cyber-security, Discrimination, and Fairness: A Systematic Literature Review. Journal of Business Research, no. 143, pp. 197–207. Available at: https://doi.org/10.1016/j.jbus-res.2021.08.010
Brennan-Marquez K., Hoffman S. (2022) Fragmentation and the Future of Privacy Law. Columbia Law Review, vol. 122, no. 1, pp. 9–55. Available at: https://doi.org/10.2139/ssrn.3883466
Chakraborty R. (2021) Data Security and Privacy: The Need for a Comprehensive Cyber-Security Strategy. Journal of Public Affairs, p. 2727. Available at: https://doi.org/10.1002/pa.2727
Chia P., Teo T. (2021) Cyber-security and Privacy in Australia. Computers & Security, no. 105, p. 102307. Available at: https://doi.org/10.1016/j.cose.2021.102307
Choo K.-K., Tan H. (2021) Privacy and Security Challenges in a Connect-ed World. In: K.-K. Choo (ed.). Cyber Security and Privacy. Cham: Springer, pp. 3–17. Available at: https://doi.org/10.1007/978-981-15-9029-9_1
Eubanks V. (2021) When Artificial Intelligence Systems Perpetuate Bias. Communications of the ACM, no. 2, pp. 22–25. doi: 10.1145/3442037
Fisher D. (2021) Cyber-security and Privacy Law: The Evolving Inter-section. Boston College Law Review, vol. 62, no. 6, pp. 2129–2149. Avail-able at: https://doi.org/10.2139/ssrn.3832595
Floridi L. (2021) The Ethics of Cyber-security, Privacy and Artificial Intelligence. Philosophical Transactions of the Royal Society, no. 379, p. 2020242. Available at: https://doi.org/10.1098/rsta.2020.0242
Floridi L., Taddeo M. (2016) What is Data Ethics? Philosophical Transactions of the Royal Society, no. 374, pp. 1-19. Available at: https://doi.org/10.1098/rsta.2016.0360
Ghosh D., Scott M. (2022) Data Protection and Cyber-security: Walk-ing the Tightrope between Privacy and Security. Computer Law & Security Review, vol. 43, p. 105666. doi: Available at: https://doi.org/10.1016/j.clsr.2022.105666
Greenwald G. (2019) Permanent Record. N. Y.: Penguin.
Greenwald G. (2021) The National Security Agency in the Age of Cyber Surveillance. Foreign Policy, no. 237, pp. 78–86. Available at: https://doi.org/10.2307/26947126
Gross A., Acquisti A. (2021) Transparency and Control of Personal Data: Balancing Privacy and Security. Computers&Security, no. 105, p. 102260. Available at: https://doi.org/10.1016/j.cose.2021.102260
Gürses S., Troncoso C. (2022) Privacy and Security: Tensions and Synergies. IEEE Security and Privacy, vol. 20, no. 1, pp. 78–84. Available at: https://doi.org/10.1109/MSEC.2021.3104862
Hawkins D. (2022) Experts Weigh In: Can Security and Convenience Coexist in a Post-Pandemic World? Available at: https://www.security-magazine.com/articles/96037-experts-weigh-in-can-security-and-convenience-coexist-in-a-post-pandemic-world
Hernández-García Á., Kudenko D. (2022) Security, Privacy and Eth-ics of Autonomous Systems: A Review. Electronics, vol. 11, no. 1, p. 30. Available at: https://doi.org/10.3390/electronics11010030
Hickman L., Martin C. (2022) The FTC’s Unfulfilled Promise: Revisit-ing the Effectiveness of the FTC’s Data Security Enforcement Program. Ohio State Law Journal, vol. 83, no.1, pp. 73–132. Available at: https://doi.org/10.2139/ssrn.3839553
Hirila-Rus A., Borza A. (2022) The Need for a Unified European Cy-ber-security Strategy. In: 2022 International Conference on Cyber-security and Privacy Engineering, pp. 1–6. Available at: https://doi.org/10.1109/CySEng.2022.00008
Hu M. (2021) The Need for Comprehensive Federal Privacy Legislation. Harvard Journal of Law & Technology, vol. 34, no. 2, pp. 501–534. Available at: https://doi.org/10.2139/ssrn.3537656
Ikram N., Burnett E. (2022) Data Minimization: a Key Tool in Managing Data Protection and Cybersecurity Risks. Journal of Data Protection & Privacy, vol. 6, no. 2, pp. 97–108. Available at: https://doi.org/10.1108/JDPP-01-2022-0003
Izumi K. (2021) Strengthening Japan’s Data Protection Framework: An Analysis of Recent Developments. Asian Journal of Law and Society, vol. 8, no. 1, pp. 1–23. Available at: https://doi.org/10.1017/als.2020.29
Joo S. (2022) The Challenges of Data Privacy and Cyber-security in South Korea. Business Law Today, vol. 32, no. 3, pp. 23–27.
Kim M., Kim Y. (2021) A Study on Privacy Regulation in South Korea: Focusing on Personal Information Protection Act and Related Statutes. Information Japan, vol. 24, no. 5, pp. 2675–2692. Available at: https://doi.org/10.3390/info24050154
Kharraz A., Robertson W. et al. (2021) Cyber-security Investments: A Prioritization Framework. IEEE Security&Privacy, vol. 19, no. 3, pp. 13–23. Available at: https://doi.org/10.1109/MSEC.2021.3058652
Koops B., Newell B. et al. (2021) The EU General Data Protection Regulation: Implications for International Cyber-security. Journal of Cyber-security, vol. 7, pp. 1–19. doi:10.1093/cybsec/tyaa013
Koops B., Newell B. et al. (2021) Ethical Governance of Cyber-security Surveillance. Ethics and Information Technology, no. 2, pp. 93–109. Available at: https://doi.org/10.1007/s10676-021-09578-1
Kshetri N. (2021) Block-chain’s Roles in Meeting Key Supply Chain Management Objectives. International Journal of Information Manage-ment, p. 102178.
Kshetri N. (2021) A Global Analysis of Data Breaches: Focus on Sensitive Data Theft. Journal of Business Research, no. 133, pp. 326–334. doi: 10.1016/j.jbusres.2021.01.032
Latham J., Sassenberg U. (2021) Managing Balance between Cyber-security and Privacy: A Review of Relevant Empirical Research. Current Opinion in Psychology, vol. 36, pp. 1–6. Available at: https://doi.org/10.1016/j.copsyc.2020.06.004
Leong K. (2021) The Cyber-security Act and the Personal Data Protection Act. Computer Law & Security Review, vol. 41, p. 105484. Avail-able at: https://doi.org/10.1016/j.clsr.2021.105484
Liao Q. (2022) Translating the GDPR’s Accountability Principle into Corporate Practice. International Journal of Environmental Research and Public Heal, vol. 4, p. 1072. Available at: https://doi.org/10.3390/ijerph19031072
Lips M., Stupar A. (2021). Cyber-security, Surveillance and Privacy: Ethical Issues in the COVID-19 Pandemic. Journal of Information, Communication and Ethics in Society, vol. 19, no. 1, pp. 60–75. Available at: https://doi.org/10.1108/JICES-10-2020-0122
Liu X. (2017) The Cybersecurity Law of the People’s Republic of China: A Content Analysis. International Journal of Cyber Criminology, vol. 11, no. 1, pp. 1–20. Available at: https://doi.org/10.5281/zenodo.573584
López-Pozuelo J. et al. (2022) Machine Learning Bias in Cyber-security: A Systematic Review. Future Generation Computer Systems, no. 128, pp. 1146–1162. Available at: https://doi.org/10.1016/j.future.2022.09.019
Luiijf E., Douma A. (2019) Cyber Security and Resilience: What Are We Talking about? In: Cyber Security: From Technology to Society. Cham: Springer, pp. 3–14.
Mangla S. (2021) Cyber-security and Privacy: Balancing the Scales. Journal of Cyber-security and Information Management, no. 2, pp. 49–62. Available at: https://doi.org/10.21632/irjbs.12.1.1-16
Mendes R., Bonneau J. (2022) Balancing Privacy and Security: A Re-view of Technologies and Techniques. IEEE Security & Privacy, vol. 20, no. 2, pp. 78–89. doi: 10.1109/MSEC.2022.3125795
O’ Harrow R. (2017) Privacy vs. Security: A False Dichotomy. Journal of National Security Law & Policy, vol. 9, no. 1, pp. 95–113.
Pavlou P., Lewis K. (2020) The Cambridge Handbook of Consumer Privacy. Cambridge: University Press.
Patterson M. (2021) The Weakening of Privacy Protection in Australia: A Critique of Recent Developments. Melbourne University Law Re-view, vol. 44, no. 3, pp. 825–857. Available at: https://doi.org/10.2139/ssrn.3759518
Purcell R. (2021) The GDPR: Success or Failure? Journal of Data Protection & Privacy, vol. 5, no. 2, pp. 135–148. doi: 10.1108/JDPP-12-2020-0053
Rajić M., Filipović S. (2021). Balancing Cyber-security and Privacy: An Ethical Perspective. International Journal of Cyber-Security and Digital Forensics, vol. 10, no. 1, pp. 1–16. Available at: https://doi.org/10.17781/P002959
Rass S. et al. (2021) Dealing with the Technical Complexity of Cyber-security and Privacy in the Digital Age. Journal of Cyber-security, no. 7, tyaa017. Available at: https://doi.org/10.1093/cybsec/tyaa017
Rosenzweig P. (2015) Balancing Privacy and Security: The Ethical Dimension. In: J. Quigley, D. Molnar (eds.) Routledge Handbook of Science, Technology, and Society. L: Routledge, pp. 318 –329.
Rideout V. (2022) Privacy in a Digital World: Canada’s Laws Fall Short. Canadian Journal of Law and Society, vol. 37, no. 1, pp. 83–85. doi: 10.3138/cjls.37.1.83
Rizvi S., Alhadreti O. (2021) Investigating the Impact of Cyber-security Measures on User Experience. In: Proceedings of the 2021 3rd International Conference on Computing, Electronics and Communications Engineering, pp. 36–39. Available at: https://doi.org/10.1109/ICCECE52537.2021.9478139
Rosenberg Y. (2021) Creating a Culture of Privacy: Tips for Leaders. Security Management, no. 3, pp. 36–42. Available at: https://doi.org/10.1080/09540962.2021.1901422
Schaerer E. (2022) Cyber-security and Data Protection in Latin America: Regulatory Trends and Challenges. Journal of Cyber Policy, vol. 7, no.1, pp. 111–125. doi: 10.1080/23738871.2022.2040862
Singer N., Tufekci Z. (2021) The Ethics of Digital Contact Tracing. Science, no. 368, pp. 951–954. Available at: https://doi.org/10.1126/science.abb9414
Singer P., Tushman M. (2021) Understanding Cyber-security and the Implications for National Security. N. Y.: Columbia University Press.
Sharma R., Jindal A. (2022) Balancing Cyber-security and Privacy: A Review of the Literature. Journal of Cyber-security, vol. 8, no.1, pp. 1–22. doi: 10.1093/cybsec/tyab006
Stevens A. (2022) Balancing Privacy and Cyber-security: A Delicate Dance. Duke Law & Technology Review, vol. 21, pp. 45–77.
Sun R., Xu Q. (2021) Innovate or Comply? Technology Adoption un-der the Chinese Regulatory Environment. Information & Management, vol. 58, no. 1, p. 103341. doi: 10.1016/j.im.2020.103341
Sundararajan M. (2022) Balancing Privacy and Cyber-security Using Encryption Journal of Cyber-security, no. 81, tyac002. Available at: https://doi.org/10.1093/cybsec/tyac002
Taddeo M., Floridi L. (2021) The Challenges of Cyber-security and Privacy: A Review. Science, no. 371, pp. 53–54. doi: 10.1126/science.abf1424
Talbot D. (2021) The Cyber-Security-Privacy Paradox: Impact on Consumers, Businesses, and Governments. Available at: https://se-curityintelligence.com/posts/the-cybersecurity-privacy-paradox-im-pact-on-consumers-businesses-and-governments/
Thomas M. (2021) Data Protection: The UK’s New Regime. Computer Fraud & Security, no. 3, pp. 6–9.
Van Eecke P., Oberschelp de Meneses A. (2021) The EU Cybersecurity Regime: GDPR and the NIS Directive Compared. Journal of International Data Privacy Law, vol. 11, no. 4, pp. 293–307. Available at: https://doi.org/10.1093/idpl/ipab015
Vadlamudi P. (2022) Balancing Cyber-security and Privacy: A Comprehensive Overview of Regulations, Challenges, and Solutions. Journal of Information Privacy and Security, vol. 18, no. 1, pp. 1–18. Available at: https://doi.org/10.1080/15536548.2022.2002224
Villeneuve E. (2022) The Privacy-Security Paradox: Navigating Ethical Tensions in the Age of Cyber-security. Journal of Business Ethics,vol. 183, no. 3, pp. 495–511. doi: 10.1007/s10551-019-04322-5
Warren M., Brandeis L. (1890) The Right to Privacy. Harvard Law Review, vol. 4, pp. 193–220. Available at: https://doi.org/10.2307/1321160
Wessel M., van der Sloot B. (2021) The US Needs Federal Privacy Legislation. Journal of Cyber Policy, vol. 6, no. 2, pp. 167–183. Available at: https://doi.org/10.1080/23738871.2021.1892145
White L. (2021) What Does Brexit Mean for GDPR? Computer Fraud & Security, no. 3, pp. 8–10. doi: 10.1016/S1361-3723(21)00043-5
Xu H., Zhang, R. (2021) Balancing Cyber-security and Privacy Protection. IEEE Security and Privacy, vol. 19, no. 2, pp. 9–12. Available at: https://doi.org/10.1109/MSP.2021.3055223
Yoo C. (2015) Cyber-security and Freedom on the Internet. Harvard Journal of Law & Public Policy, vol. 38, no. 1, pp. 129–137.
Zhang Y. (2021) The Legal Framework of China’s Cyber-security: a Critical Review. Journal of Cyber Policy, vol. 6, no. 4, pp. 519–540. Available at: https://doi.org/10.1080/23738871.2021.1906843
Zheng Y. (2021) China’s Cyber-security Law and its Implementation. Telecommunications Policy, no. 4, p.102156. doi: 10.1016/j.tel-pol.2020.102156
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors who publish with this journal agree to the Copyright Notice.