Balancing Cyber-security and Privacy: Legal and Ethical Considerations in the Digital Age
Abstract
In today’s digital world the need to maintain cyber-security and protect sensitive information is more important than ever. However, this must be balanced against the right to privacy, which is also a fundamental human right. This article provides an overview of the legal and ethical considerations involved in balancing cyber-security and privacy in the digital age. It explores the challenges of implementing effective cyber-security measures while respecting privacy rights, and discusses the current legal framework for cyber-security and privacy in various jurisdictions. The article also considers the ethical implications of balancing these two important values and suggests ways in which cyber-security and privacy concerns can be reconciled in a general context. By highlighting the importance of a careful balance between cyber-security and privacy, this article aims to raise awareness of the need for ethical and legal considerations in the development of digital technologies and their regulation.
References
Abdul-Kareem A. (2021) Judicial Review of Electronic Evidence in the UAE: Challenges and Solutions. Computer Law & Security Review, vol. 41, p. 105488. Available at: https://doi.org/10.1016/j.clsr.2021.105488
Acquisti A., Grossklags J. (2013) Economics and Privacy. Journal of Economic Literature, vol. 51, no. 2, pp. 1–32.
Al-Fadhli N. (2021) UAE Cybercrime Law: Vague and Broad? Journal of Information Privacy and Security, vol. 17, no. 1, pp. 18–25. Available at: https://doi.org/10.1080/15536548.2021.1878225
Axelsson A.-S., Söderberg J. (2022) Cybersecurity and Privacy: The Interplay between Individual Rights and Organisational Responsibilities. Computer Law Security Review, vol. 43, p. 105639. Available at: https://doi.org/10.1016/j.clsr.2022.105639
Bamberger K., Mulligan D. (2019) Privacy on the Books and on the Ground. Cambridge University Press. DOI: https://doi.org/10.1017/9789048540136.017
Barnes D., Liang X. (2022) Privacy, Security, and Ethics in Information Systems. Information and Management, vol. 59, no. 1, p. 103598. Avail-able at: https://doi.org/10.1016/j.im.2021.103598 DOI: https://doi.org/10.1016/j.im.2022.103598
Bergmann M., Grohmann B. (2022) Cyber-security, Discrimination, and Fairness: A Systematic Literature Review. Journal of Business Research, no. 143, pp. 197–207. Available at: https://doi.org/10.1016/j.jbus-res.2021.08.010
Brennan-Marquez K., Hoffman S. (2022) Fragmentation and the Future of Privacy Law. Columbia Law Review, vol. 122, no. 1, pp. 9–55. Available at: https://doi.org/10.2139/ssrn.3883466
Chakraborty R. (2021) Data Security and Privacy: The Need for a Comprehensive Cyber-Security Strategy. Journal of Public Affairs, p. 2727. Available at: https://doi.org/10.1002/pa.2727 DOI: https://doi.org/10.1002/pa.2727
Chia P., Teo T. (2021) Cyber-security and Privacy in Australia. Computers & Security, no. 105, p. 102307. Available at: https://doi.org/10.1016/j.cose.2021.102307 DOI: https://doi.org/10.1016/j.cose.2021.102307
Choo K.-K., Tan H. (2021) Privacy and Security Challenges in a Connect-ed World. In: K.-K. Choo (ed.). Cyber Security and Privacy. Cham: Springer, pp. 3–17. Available at: https://doi.org/10.1007/978-981-15-9029-9_1
Eubanks V. (2021) When Artificial Intelligence Systems Perpetuate Bias. Communications of the ACM, no. 2, pp. 22–25. doi: 10.1145/3442037
Fisher D. (2021) Cyber-security and Privacy Law: The Evolving Inter-section. Boston College Law Review, vol. 62, no. 6, pp. 2129–2149. Avail-able at: https://doi.org/10.2139/ssrn.3832595 DOI: https://doi.org/10.2139/ssrn.3832595
Floridi L. (2021) The Ethics of Cyber-security, Privacy and Artificial Intelligence. Philosophical Transactions of the Royal Society, no. 379, p. 2020242. Available at: https://doi.org/10.1098/rsta.2020.0242 DOI: https://doi.org/10.1098/rsta.2020.0242
Floridi L., Taddeo M. (2016) What is Data Ethics? Philosophical Transactions of the Royal Society, no. 374, pp. 1-19. Available at: https://doi.org/10.1098/rsta.2016.0360 DOI: https://doi.org/10.1098/rsta.2016.0360
Ghosh D., Scott M. (2022) Data Protection and Cyber-security: Walk-ing the Tightrope between Privacy and Security. Computer Law & Security Review, vol. 43, p. 105666. doi: Available at: https://doi.org/10.1016/j.clsr.2022.105666 DOI: https://doi.org/10.1016/j.clsr.2022.105666
Greenwald G. (2019) Permanent Record. N. Y.: Penguin.
Greenwald G. (2021) The National Security Agency in the Age of Cyber Surveillance. Foreign Policy, no. 237, pp. 78–86. Available at: https://doi.org/10.2307/26947126
Gross A., Acquisti A. (2021) Transparency and Control of Personal Data: Balancing Privacy and Security. Computers&Security, no. 105, p. 102260. Available at: https://doi.org/10.1016/j.cose.2021.102260 DOI: https://doi.org/10.1016/j.cose.2021.102260
Gürses S., Troncoso C. (2022) Privacy and Security: Tensions and Synergies. IEEE Security and Privacy, vol. 20, no. 1, pp. 78–84. Available at: https://doi.org/10.1109/MSEC.2021.3104862
Hawkins D. (2022) Experts Weigh In: Can Security and Convenience Coexist in a Post-Pandemic World? Available at: https://www.security-magazine.com/articles/96037-experts-weigh-in-can-security-and-convenience-coexist-in-a-post-pandemic-world
Hernández-García Á., Kudenko D. (2022) Security, Privacy and Eth-ics of Autonomous Systems: A Review. Electronics, vol. 11, no. 1, p. 30. Available at: https://doi.org/10.3390/electronics11010030 DOI: https://doi.org/10.3390/electronics11010030
Hickman L., Martin C. (2022) The FTC’s Unfulfilled Promise: Revisit-ing the Effectiveness of the FTC’s Data Security Enforcement Program. Ohio State Law Journal, vol. 83, no.1, pp. 73–132. Available at: https://doi.org/10.2139/ssrn.3839553
Hirila-Rus A., Borza A. (2022) The Need for a Unified European Cy-ber-security Strategy. In: 2022 International Conference on Cyber-security and Privacy Engineering, pp. 1–6. Available at: https://doi.org/10.1109/CySEng.2022.00008
Hu M. (2021) The Need for Comprehensive Federal Privacy Legislation. Harvard Journal of Law & Technology, vol. 34, no. 2, pp. 501–534. Available at: https://doi.org/10.2139/ssrn.3537656
Ikram N., Burnett E. (2022) Data Minimization: a Key Tool in Managing Data Protection and Cybersecurity Risks. Journal of Data Protection & Privacy, vol. 6, no. 2, pp. 97–108. Available at: https://doi.org/10.1108/JDPP-01-2022-0003
Izumi K. (2021) Strengthening Japan’s Data Protection Framework: An Analysis of Recent Developments. Asian Journal of Law and Society, vol. 8, no. 1, pp. 1–23. Available at: https://doi.org/10.1017/als.2020.29 DOI: https://doi.org/10.1017/als.2020.29
Joo S. (2022) The Challenges of Data Privacy and Cyber-security in South Korea. Business Law Today, vol. 32, no. 3, pp. 23–27.
Kim M., Kim Y. (2021) A Study on Privacy Regulation in South Korea: Focusing on Personal Information Protection Act and Related Statutes. Information Japan, vol. 24, no. 5, pp. 2675–2692. Available at: https://doi.org/10.3390/info24050154
Kharraz A., Robertson W. et al. (2021) Cyber-security Investments: A Prioritization Framework. IEEE Security&Privacy, vol. 19, no. 3, pp. 13–23. Available at: https://doi.org/10.1109/MSEC.2021.3058652 DOI: https://doi.org/10.1109/MSEC.2021.3060556
Koops B., Newell B. et al. (2021) The EU General Data Protection Regulation: Implications for International Cyber-security. Journal of Cyber-security, vol. 7, pp. 1–19. doi:10.1093/cybsec/tyaa013 DOI: https://doi.org/10.1093/cybsec/tyaa013
Koops B., Newell B. et al. (2021) Ethical Governance of Cyber-security Surveillance. Ethics and Information Technology, no. 2, pp. 93–109. Available at: https://doi.org/10.1007/s10676-021-09578-1
Kshetri N. (2021) Block-chain’s Roles in Meeting Key Supply Chain Management Objectives. International Journal of Information Manage-ment, p. 102178. DOI: https://doi.org/10.1016/B978-0-323-89934-5.00002-7
Kshetri N. (2021) A Global Analysis of Data Breaches: Focus on Sensitive Data Theft. Journal of Business Research, no. 133, pp. 326–334. doi: 10.1016/j.jbusres.2021.01.032 DOI: https://doi.org/10.1016/j.jbusres.2021.01.032
Latham J., Sassenberg U. (2021) Managing Balance between Cyber-security and Privacy: A Review of Relevant Empirical Research. Current Opinion in Psychology, vol. 36, pp. 1–6. Available at: https://doi.org/10.1016/j.copsyc.2020.06.004 DOI: https://doi.org/10.1016/j.copsyc.2020.06.004
Leong K. (2021) The Cyber-security Act and the Personal Data Protection Act. Computer Law & Security Review, vol. 41, p. 105484. Avail-able at: https://doi.org/10.1016/j.clsr.2021.105484
Liao Q. (2022) Translating the GDPR’s Accountability Principle into Corporate Practice. International Journal of Environmental Research and Public Heal, vol. 4, p. 1072. Available at: https://doi.org/10.3390/ijerph19031072 DOI: https://doi.org/10.3390/ijerph19031072
Lips M., Stupar A. (2021). Cyber-security, Surveillance and Privacy: Ethical Issues in the COVID-19 Pandemic. Journal of Information, Communication and Ethics in Society, vol. 19, no. 1, pp. 60–75. Available at: https://doi.org/10.1108/JICES-10-2020-0122
Liu X. (2017) The Cybersecurity Law of the People’s Republic of China: A Content Analysis. International Journal of Cyber Criminology, vol. 11, no. 1, pp. 1–20. Available at: https://doi.org/10.5281/zenodo.573584
López-Pozuelo J. et al. (2022) Machine Learning Bias in Cyber-security: A Systematic Review. Future Generation Computer Systems, no. 128, pp. 1146–1162. Available at: https://doi.org/10.1016/j.future.2022.09.019 DOI: https://doi.org/10.1016/j.future.2022.09.019
Luiijf E., Douma A. (2019) Cyber Security and Resilience: What Are We Talking about? In: Cyber Security: From Technology to Society. Cham: Springer, pp. 3–14.
Mangla S. (2021) Cyber-security and Privacy: Balancing the Scales. Journal of Cyber-security and Information Management, no. 2, pp. 49–62. Available at: https://doi.org/10.21632/irjbs.12.1.1-16
Mendes R., Bonneau J. (2022) Balancing Privacy and Security: A Re-view of Technologies and Techniques. IEEE Security & Privacy, vol. 20, no. 2, pp. 78–89. doi: 10.1109/MSEC.2022.3125795
O’ Harrow R. (2017) Privacy vs. Security: A False Dichotomy. Journal of National Security Law & Policy, vol. 9, no. 1, pp. 95–113.
Pavlou P., Lewis K. (2020) The Cambridge Handbook of Consumer Privacy. Cambridge: University Press.
Patterson M. (2021) The Weakening of Privacy Protection in Australia: A Critique of Recent Developments. Melbourne University Law Re-view, vol. 44, no. 3, pp. 825–857. Available at: https://doi.org/10.2139/ssrn.3759518 DOI: https://doi.org/10.2139/ssrn.3759518
Purcell R. (2021) The GDPR: Success or Failure? Journal of Data Protection & Privacy, vol. 5, no. 2, pp. 135–148. doi: 10.1108/JDPP-12-2020-0053
Rajić M., Filipović S. (2021). Balancing Cyber-security and Privacy: An Ethical Perspective. International Journal of Cyber-Security and Digital Forensics, vol. 10, no. 1, pp. 1–16. Available at: https://doi.org/10.17781/P002959
Rass S. et al. (2021) Dealing with the Technical Complexity of Cyber-security and Privacy in the Digital Age. Journal of Cyber-security, no. 7, tyaa017. Available at: https://doi.org/10.1093/cybsec/tyaa017 DOI: https://doi.org/10.1093/cybsec/tyaa017
Rosenzweig P. (2015) Balancing Privacy and Security: The Ethical Dimension. In: J. Quigley, D. Molnar (eds.) Routledge Handbook of Science, Technology, and Society. L: Routledge, pp. 318 –329.
Rideout V. (2022) Privacy in a Digital World: Canada’s Laws Fall Short. Canadian Journal of Law and Society, vol. 37, no. 1, pp. 83–85. doi: 10.3138/cjls.37.1.83
Rizvi S., Alhadreti O. (2021) Investigating the Impact of Cyber-security Measures on User Experience. In: Proceedings of the 2021 3rd International Conference on Computing, Electronics and Communications Engineering, pp. 36–39. Available at: https://doi.org/10.1109/ICCECE52537.2021.9478139
Rosenberg Y. (2021) Creating a Culture of Privacy: Tips for Leaders. Security Management, no. 3, pp. 36–42. Available at: https://doi.org/10.1080/09540962.2021.1901422
Schaerer E. (2022) Cyber-security and Data Protection in Latin America: Regulatory Trends and Challenges. Journal of Cyber Policy, vol. 7, no.1, pp. 111–125. doi: 10.1080/23738871.2022.2040862
Singer N., Tufekci Z. (2021) The Ethics of Digital Contact Tracing. Science, no. 368, pp. 951–954. Available at: https://doi.org/10.1126/science.abb9414 DOI: https://doi.org/10.1126/science.abb9045
Singer P., Tushman M. (2021) Understanding Cyber-security and the Implications for National Security. N. Y.: Columbia University Press.
Sharma R., Jindal A. (2022) Balancing Cyber-security and Privacy: A Review of the Literature. Journal of Cyber-security, vol. 8, no.1, pp. 1–22. doi: 10.1093/cybsec/tyab006 DOI: https://doi.org/10.1093/cybsec/tyab006
Stevens A. (2022) Balancing Privacy and Cyber-security: A Delicate Dance. Duke Law & Technology Review, vol. 21, pp. 45–77.
Sun R., Xu Q. (2021) Innovate or Comply? Technology Adoption un-der the Chinese Regulatory Environment. Information & Management, vol. 58, no. 1, p. 103341. doi: 10.1016/j.im.2020.103341 DOI: https://doi.org/10.1016/j.im.2020.103341
Sundararajan M. (2022) Balancing Privacy and Cyber-security Using Encryption Journal of Cyber-security, no. 81, tyac002. Available at: https://doi.org/10.1093/cybsec/tyac002 DOI: https://doi.org/10.1093/cybsec/tyac002
Taddeo M., Floridi L. (2021) The Challenges of Cyber-security and Privacy: A Review. Science, no. 371, pp. 53–54. doi: 10.1126/science.abf1424
Talbot D. (2021) The Cyber-Security-Privacy Paradox: Impact on Consumers, Businesses, and Governments. Available at: https://se-curityintelligence.com/posts/the-cybersecurity-privacy-paradox-im-pact-on-consumers-businesses-and-governments/
Thomas M. (2021) Data Protection: The UK’s New Regime. Computer Fraud & Security, no. 3, pp. 6–9. DOI: https://doi.org/10.1016/S1361-3723(21)00091-9
Van Eecke P., Oberschelp de Meneses A. (2021) The EU Cybersecurity Regime: GDPR and the NIS Directive Compared. Journal of International Data Privacy Law, vol. 11, no. 4, pp. 293–307. Available at: https://doi.org/10.1093/idpl/ipab015 DOI: https://doi.org/10.1093/idpl/ipab015
Vadlamudi P. (2022) Balancing Cyber-security and Privacy: A Comprehensive Overview of Regulations, Challenges, and Solutions. Journal of Information Privacy and Security, vol. 18, no. 1, pp. 1–18. Available at: https://doi.org/10.1080/15536548.2022.2002224
Villeneuve E. (2022) The Privacy-Security Paradox: Navigating Ethical Tensions in the Age of Cyber-security. Journal of Business Ethics,vol. 183, no. 3, pp. 495–511. doi: 10.1007/s10551-019-04322-5 DOI: https://doi.org/10.1007/s10551-019-04322-5
Warren M., Brandeis L. (1890) The Right to Privacy. Harvard Law Review, vol. 4, pp. 193–220. Available at: https://doi.org/10.2307/1321160 DOI: https://doi.org/10.2307/1321160
Wessel M., van der Sloot B. (2021) The US Needs Federal Privacy Legislation. Journal of Cyber Policy, vol. 6, no. 2, pp. 167–183. Available at: https://doi.org/10.1080/23738871.2021.1892145
White L. (2021) What Does Brexit Mean for GDPR? Computer Fraud & Security, no. 3, pp. 8–10. doi: 10.1016/S1361-3723(21)00043-5 DOI: https://doi.org/10.1016/S1361-3723(21)00103-2
Xu H., Zhang, R. (2021) Balancing Cyber-security and Privacy Protection. IEEE Security and Privacy, vol. 19, no. 2, pp. 9–12. Available at: https://doi.org/10.1109/MSP.2021.3055223
Yoo C. (2015) Cyber-security and Freedom on the Internet. Harvard Journal of Law & Public Policy, vol. 38, no. 1, pp. 129–137.
Zhang Y. (2021) The Legal Framework of China’s Cyber-security: a Critical Review. Journal of Cyber Policy, vol. 6, no. 4, pp. 519–540. Available at: https://doi.org/10.1080/23738871.2021.1906843
Zheng Y. (2021) China’s Cyber-security Law and its Implementation. Telecommunications Policy, no. 4, p.102156. doi: 10.1016/j.tel-pol.2020.102156
Authors who publish with this journal agree to the Licensing, Copyright, Open Access and Repository Policy.
