Privacy and Security: Finding the Balance

Nechama Adina Goldhar

May 7, 2016

Motivation
Many people seem to use the
concepts
of
privacy
and
security
synonymously. While there is a tight
coupling between the two and their
relationship is often complementary and
harmonious, it is not always the case. When
security and privacy are in direct lines of
conflict with each other can a balance be
achieved that is acceptable to both sides?
How does one find the balance?
These questions become even more
dire and important when the security
concern is a national security concern,
particularly on the digital front. Does the
fact that there is potential that peoples lives
are in danger negate their right to privacy?
Does an individual lose their right for the
benefit of the collective group? How does
one balance national security while still
maintaining the privacy of an individual?

While these security measures are indeed

necessary and important, what many do not
realize is just how many people already
might have access to their information.
Mistakenly they are equating privacy and
security [1].
In truth while there is a very close
working relationship between privacy and
security, the relationship is not always oneto-one. Privacy is defined as information
self-determination the ability to decide
what information about you goes where
while security defines the framework to
ensure that those decisions are respected [1].
Usually something that is private is kept
secure, but just because something is secure
does not make it private.
This connection yet disconnect often
creates confusion. Since saying a system
maintains privacy implies the system is
secure yet saying a system is secure does not
imply that the system is private. While
security is necessary in order to build
privacy an environment can be secure but
completely unprivate [1]. Thus, maintaining
long and complicated passwords and twofactor authentication may create a secure
environment to prevent someone from
hacking into personal data, however that
data may already be public knowledge.
Technology is rapidly developing and
enabling citizens to extend their lives, their
personalities, and their most private thoughts
out to the whole world over the Internet
through digital communications [3].
Without realizing it, privacy is being lost

Introduction
Many perceive the use of a
smartphone as a right, not a privilege. They
surf the web, chat with friends and check
Facebook and other social media accounts
believing that only they know what goes on
behind the password protected screens of
their phones/tablets/computers. With the rise
of cyber attacks there has been a hyper focus
on computer and cyber security; there is an
emphasis on having longer, stronger and
more complex password and/or using
biometric and two-factor authentication in
order to keep their information secure.
1

even as digital systems are becoming more

secure.
This disconnect between privacy and
security is not always negative. There are
certain situations when a system requires
security but does not necessitate privacy.
Usually this occurs when security and
privacy goals are orthogonal or completely
independent of each other. For instance,
phone companies use various security
mechanisms to authenticate that a handset is
linked to the correct account to ensure that
the proper customer is billed. In this
situation the goal of authenticating the
handset is a security goal, yet privacy is not
a concern [1].
The problem arises when there is a
conflict between security and privacy goals.
A small example would be caller ID; a caller
may want the right to keep their number
private while the callee wants the security to
know who is calling [1]. In this situation the
privacy and security goals are in direct
conflict of each other and a compromise has
to be made. In the above situation most
countries have ruled in favor of privacy or
information self-determination, allowing a
person to protect their name and number [1].
People who are major proponents of placing
security concerns over privacy concerns
may not be so excited about this
compromise however they always have the
option not to answer a caller with a blocked
number. No one is forced into a less secure
situation because of other peoples desire for
privacy. This compromise respects peoples
desire for privacy while still creating a
secure environment.
What happens when the compromise
between privacy and security goals is not so
simple? How do people find the balance

when lives are at stake? How can one secure

themselves and their information when they
feel that their privacy is being wrongfully
and unnecessarily invaded by others? After
using a secure transaction, how can one
ensure that their information remains private
and does not fall into the wrong hands? Can
a transaction be considered secure if it
collects personal information without the
users knowledge? What happens when
peoples desire for privacy creates an
insecure environment?
Governments, corporations and
individuals have all been asking these
questions and similar ones in an effort to try
to understand these concepts and strike a
balance so that people can have their privacy
without undermining national security. The
government must figure out how to balance
their constituents privacy while still being
able to actively prevent crime and terrorism.
Companies must determine how much data
to collect on their customers and how they
will protect it from breaches. Individuals
wonder whether they will be able to go
anywhere without location tracking devices,
and
facial
recognition
technology
recognizing them. These types of decisions
present themselves in those situations when
not only does security not imply privacy but
in fact undermines it.
The goal of this paper is to analyze
how America finds the balance between
maintaining national security and individual
privacy on the digital front. It will examine
the issue looking at the Constitution and
seeing what the government does today. It
will also attempt to explore how companies
play a hand in this debate and where/if a
balance can be struck between privacy and
security.
2

right to privacy albeit in a broader and more

interpretive fashion.
The Fourth
Amendment in the Bill of Rights gives
Americans the right of the people to be
secure in their persons, houses, papers, and
effects, against unreasonable searches and
seizures no Warrants shall issue, but upon
probable cause, supported by Oath or
affirmation, and particularly describing the
place to be searched, and the persons or
things to be seized [5]. This amendment
was put in place to protect Americans
privacy, particularly from unreasonable
physical invasion or trespass of an
individuals private sphere, like the home or
physical property [3]. In 1967 the Supreme
Court clarified the term search to mean that
the government, through their actions, have
encroached or invaded a persons
reasonable expectation of privacy [3].
Nowadays the debate rages on the
interpretation of what constitutes a search
and what is considered a reasonable
expectation of privacy. Thomas Harrison,
publisher of Lawyers Weekly USA, explains
that the crux of the matter lies in the fact that
an effort must be made to keep something
private, and society must agree that it should
be private [6]. Harrison gives an example
of a woman walking down a street wearing a
blue dress and a purse; one can assume that
everyone can see she is wearing a blue dress
and thus she has no expectation of privacy
on that piece of data. However, since her
purse is closed she can reasonably expect
privacy in regards to the contents of her
purse [6]. The government agrees with that
expectation and if a policeman wanted to
search her purse they would need a search
warrant and a probable cause that something

National Security and Privacy

In June of 2013 Obama remarked, I
think its important to recognize that you
cant have 100 per cent security and also
then have 100 per cent privacy and zero
inconvenience [2]. This delicate balance of
providing national security while upholding
the privacy of the American people was
discussed, weighed and examined at the
creation of the United States of America.
Security and privacy are both equally
important truths that are necessary to create
a functioning and safe democracy. National
security, protecting the United States and
Americans from foreign attack is an
imperative. In a very practical sense without
effective national security, we would lose all
of the other freedoms enshrined in the
Constitution [3]. It is the duty of the federal
government to look out and protect America
and Americans from threats in whatever
realm they deem necessary, without
infringing on the other rights of the
American people. A crucial aspect of
intelligence is this current war on terror is
gathering information and finding patterns
that seem to indicate terrorist activity. Since
most communication happens today over
text, email and phones gathering information
from those sources appears to be the only
way to go. Without the means to actively
fight the war on terror, the government
would be lacking in their duty to protect
Americans.
At the same time however, privacy is
a fundamental human right. Germany, Spain
and other European Union countries have
explicitly mentioned the right to privacy in
their constitutions [4]. The United States
Constitution also protects an individuals
3

in her bag is linked to a crime or criminal

activity.
Nowadays however, as crime moves
online what are reasonable expectations of
privacy with regards to transactions and
communications over the Internet? Are the
websites one visits private, or is that public
information? Does the government have a
right, or even the duty, to scan everyones
emails for key words that would aid them in
catching terrorists and preventing attacks?
Can the government keep a record of
everyones phone logs in an effort to weed
out suspicious people, or in doing so would
the government be violating peoples Fourth
Amendment rights? As Hamilton said the
Internet is like the wild, wild west of the
legal system [6]. Since the cyber world is
relatively new with regards to the country,
the government and legal system are still
trying to figure out exactly how to protect
the American people from and with this
incredible tool.

purposes as well that had no connection to

terrorism such as photography or tourism.
Yet in late 2001, taking pictures of
landmarks took on a different meaning, it
paralleled a terrorist casing their location
[7]. This paranoia occurred because there
was a heightened sense of security in light of
what had just happened. Fifteen years later it
would seem ludicrous to arrest someone for
taking pictures of landmarks, yet then it was
appropriate. Even while it was occurring it
did not violate peoples rights, at the most it
merely inconvenienced them for a couple of
hours.
There other security measures, that
conflicted with peoples privacy, were put in
place, that still remain some fifteen odd
years later. A little over a month after
September 11th, President George Bush
signed into law the Uniting and
Strengthening America by Providing
Appropriate Tools Required to Intercept and
Obstruct Terrorism Act of 2001, otherwise
known as the Patriot Act. Under the Patriot
Act the government was given the authority
to collect a record of every single phone
call made by every single American on an
ongoing daily basis [8]. The government
program would collect the metadata, or
transactional information, about every call
nationally and internationally and would
convert it into an easily searchable form
before placing it into a single database [3].
Through the use of data-mining, if the
agency found that there was reason to
believe that information or a number of a
person was related to terrorism, intelligence
agencies were able to gain access to the
databases and query those numbers to see
who had spoken with them [4]. The purpose
of the program was to enable investigators

Terrorism and Privacy

The world changed irrevocably after
September 11, 2001. After seeing the effects
of terrorism firsthand, the country went into
immediate lockdown mode before reversing
to a new set of normal with people more
frightened, nervous and uptight. Suddenly
terrorism was not something that was just in
the Middle East but easily could be in our
neighborhoods, at our parks and our work.
Immediately after September 11th people
were questioned and arrested for taking
pictures of landmarks such as bridges,
monuments and tunnels. To common
knowledge, photographing landmarks fits a
pattern of terrorism planning. However,
photographing landmarks
had other
4

to find numbers that the FBI was unaware

of before that may be associated with a
terror cell operating inside the United
States [3]. It was felt
that that are
associating with known foreign terrorist
organizations are of vital importance to
national security and therefore should be
investigated [3]. After September 11th
security became much more proactive and
intrusive allowing the government to
actively without a warrant collect
information on all Americans [9]. The goal
of this surveillance program was to maintain
national security and fight the war on
terrorism, hoping to proactively prevent
another September 11th.
Unfortunately, this security goal was
in direct conflict with peoples reasonable
expectation of privacy. With the rise of these
programs, the stakes in the conflict between
protecting
individual
privacy
while
protecting Americas physical and digital
infrastructure and the lives of Americans
rose [9]. Many believe that the data mining
the government is doing to prevent terrorism
is not just unreasonable but also
unconstitutional, violating the Fourth
Amendment. In an ironic twist, non-state
actors such as terrorist organizations aim to
destroy the fundamental fabric of democracy
and civil liberties. Fighting back,
democracies tend to sacrifice some of those
human rights, the right to privacy included
[4]. Ironically, the way trends are going
governments are violating peoples liberties
in an effort to let them retain other liberties.
A 2014 Pew study showed however
that only 22% of Americans believed that
they needed to give up privacy and freedom
for the sake of security. 74% did not think
that giving up their privacy or freedom was

needed in order to maintain security [10]. It

would seem then that collecting phone and
internet records without warrants, even in
the name of security, violates the Fourth
Amendment since people still have
reasonable expectation of privacy while
desiring to maintain secure. The Pew
research showed though, that only 54% of
the total people surveyed disapproved of the
NSAs surveillance in collecting Internet and
phone records [10]. While still a majority,
this number is clearly lower than the 74%
who do not believe that it is a necessity to
give up their privacy in the name of security.
The question then becomes, do people not
consider the collection of phone, email, text
and other internet data a violation of their
privacy? 49% of the people surveyed
believed that the government was not doing
enough to protect the country, while 37%
felt that the government had gone to far
restricting civil liberties. Interestingly
enough, in the year following Edward
Snowdens big reveal of the NSA
surveillance program more people felt that
the government was restricting peoples civil
too much. The Pew study showed though
that 61% of those who know fully about the
NSA surveillance program believed that it
was not serving the public interest and 61%
opposed the government monitoring
Americans conversations. When they were
asked about privacy, 93% said it was
important to them to control who was able to
get their information and 90% felt that it was
important for them to control what
information was retrieved [10].
The results from the Pew research
appear to not be consistent with each other.
Almost all Americans want to control who
can see their personal information and what
5

information can be seen. At the same time

however, a strong majority of Americans do
not want the NSA to monitor their
conversations and feel that the government
surveillance programs do not really have in
mind to protect the publics interest.
However only a slight majority disapproved
of the government collecting their Internet
and phone records, yet almost three quarters
did not think that it was necessary to give up
their privacy for security. Although the
trends all lean towards the same direction, it
seems that most Americans either do not
realize how much information can be
collected about a person from their phone
and Internet records or they do not believe
that phone and Internet records are
considered an invasion of privacy.
Another viable option is that many
people do not realize how much, and which
data on them is being collected and how it is
being used. If they knew would their
answers change? Perhaps, or perhaps not.
Not much is known on exactly what
information the NSA and government
officials collect and how they use the
collected data. The director of NSA
defended the program and its secrecy when
he stated, The perspective is that were
hiding something because weve done
something wrong. Were notthe problem
is weve not been able to explain it because
its classified [4]. Were it not for Edward
Snowdens
whistleblowing
many
Americans might never know that the
government was collecting all these records
about them.
Some believe that the lack of
transparency between the government and
the people with regard to these programs is
at fault. Achieving a balance between

national security and individual privacy is

indeed possible, it cannot be done however
when the government is hiding behind a
curtain of alleged conspiracy [4]. And
while digital monitoring might be essential
to combating terrorism, government
transparency is essential to the protection of
privacy [4]. If privacy is the power to
decide who can see what about oneself as
defined previously, then by definition there
can be no privacy without transparency. It
was for this reason that Snowden justified
his whistleblowing. He claimed that it was
not done with treasonous intent but rather
motivated by his belief in the need for
government
transparency
and
open
conversation [4]. His desire was not to
expose American secrets, but rather to start a
discussion on what rights people were
wiling to give up in the name of security [4].
It was this lack of transparency and lack of
open communication that Snowden wanted
to break. Although it may be imperative for
the government to monitor digital
communication in order to prevent terrorist
attacks, it is only logical that civilians
understand the delicate, though imperative
trade-off between certain rights and their
own security [4]. Would Americans be
more content if they knew exactly what the
NSA and other surveillance programs were
collecting in the name of security? Maybe.
Or maybe not.
Regardless of whether Americans
would be content if they had the knowledge
of what the NSA surveillance would be
about, it is important to note whether the
ends justify the mean. Are these surveillance
programs, in which data-mining helps
intelligence agents find leads to terrorists,
the best and most effective method to be
6

catching terrorists? Recall how immediately

after September 11th people were arrested for
casing landmarks, yet it stopped once law
enforcement realized that there were many
other legitimate reasons people were taking
pictures of landmarks. Perhaps immediately
after September 11th it was the governments
duty to do mass digital monitoring in order
to prevent other attacks; now though that
America is not in crisis mode another means
of terror prevention that does not conflict
with personal privacy is a better method.
Perhaps the collection of telephone metadata
does not violate the Fourth Amendment
since it does not require a search warrant in
these cases [3], yet what are the privacy
implications of the data-mining?

raises the concerns of privacy and due

process that are both fundamental American
rights written about in the Fourth and Fifth
amendment.
There are two major privacy
concerns with the large data-mining mass
surveillance programs. These concerns were
raised in the 110th Senate Judiciary
Committee by Jim Harper. Speaking before
the committee he combined the technical
term of privacy and combined it into legal
jargon stating, if government data mining
will affect individuals life, liberty, or
property including the recognized liberty
interest in travel the questions whether
information is accurate and whether an
algorithm is legitimate go to Fifth
Amendment Due Process [7]. Once the
government has already collected the correct
information they have to be extremely
careful in choosing a sound algorithm to
make sure that their information is correct in
order to not violate the Fifth Amendment. If
the outcome of data-mining labels a person a
suspect and thus leads law enforcement to
search or seize someones house or papers
does that violate their Fourth Amendment
amendment right [7]. Another issue that
could arise with data-mining is choosing an
algorithm that makes people suspected
terrorists by choosing characteristics that the
Equal Protection Act ruled out or treating
people differently [7]. With the stakes so
high, is data-mining in-of-itself is an
effective means of fighting terrorism to
make it worth the risk? To choose an
algorithm that will lead to proper suspects
and not violate peoples Fourth Amendment
rights is a very tight balancing act.
Those questions and concerns are all
essential provided that data-mining is itself

Data Mining: Privacy and Security

Whenever one makes a choice, he or
she always has to ask themselves what will
be the effect of such an outcome and who
will be affected by the outcome of the
choice. Even more so the government,
before it decides on a plan of action it must
take into account who and what will be
affected by that decision. Before the
president, congress, or any government
agency makes a decision they have to take
into affect the millions of people that will be
directly affected by such a decision; but
even more than their citizens, the
government has to figure out whether the all
the outcomes of their decision is in line with
the Constitution, the guiding light of
America. To add to the complexity of a
decision is when the Constitution itself is
left up to interpretation, especially when it
comes to personal rights. The question of
data-mining as the most effective and
constitutional means of fighting terrorism,
7

an effective and secure means of fighting

terrorism. Data mining is an extremely
useful tool for security agents since it brings
together more information from more
diverse sources and correlates the data [7].
Data-mining links together pieces of data
and finds the correlations between them,
similar to what law enforcement agents have
been doing for hundreds of years. The
benefits of data-mining though is its ability
to traverse large quantities of data and find
correlations that may not be so noticeable to
the human eye at first sight. One method
through which it is able to discover common
crime is using historical patterns through
which it sifts through thousands of pieces of
data and finds patterns. Unfortunately, this
does not work for terrorism. With a
relatively small number of attempts every
year and only one or two major terrorist
incidents every few yearseach one distinct
in terms of planning and executionthere
are no meaningful patterns that show what
behavior indicates planning or preparation
for terrorism [7]. Since there is, thankfully,
such a rarity of terrorist attempts and attacks
there is not a lot of data for which pattern
analysis to work.
Another issue with using datamining to discover terrorists is the issue of
false positives. Data-mining looks for
patterns and determines and sends a positive
signal when it believes it found something
that fits the pattern. There is always though
the concern with false positives, when the
algorithm believes it found a match but it
did not. Since terrorist attacks and attempted
terrorist attacks are so infrequent even a
highly accurate test would have very high
false positivesmaking data-mining more
harmful than beneficialand do more to

threaten civil liberties than is justified by

any improvement in security it would bring
[7]. Since thankfully there are not a lot of
terrorists planning on doing acts of terror in
America, the data-mining would falsely
accuse innocent people of planning terrorist
attacks costing more money and wasting
investigators time doing more harm than
good.
Since terrorism and terrorist planning
in America is such a rare event it is a double
edged sword. On the one hand, thankfully
Americans security is not threatened on a
daily basis with acts of terror. They have the
security to go about their lives in a normal
fashion. Because it is so rare though, it is
hard to find patterns and establish
connections to prevent future terrorists. Thus
while the NSA does mass digital monitoring
of Americans by keeping records of their
phone calls, emails, texts and other
information in order to find and prevent
such attacks, the methods they are using are
not the most effective means of achieving
that goal. These digital monitoring and data
mining programs are not increasing national
security but rather they appear to just violate
the privacy of the entire country, perhaps
even unconstitutionally.
The constitutional fight to protect
Americans against Fourth Amendment
infringement stems from the fact that the
government agencies are not obtaining a
search warrant before they collect and datamine to find potential suspects. On the
matter of the telephone metadata collection
the Supreme Court ruled that it is not an
infringement of Fourth Amendment rights
since the transactional data the NSA collects
is business records of transactions and are
not private records that the customer
8

controls or in which the customer maintains

a reasonable expectation of privacy [3]. A
customer of a telephone company does not
have any privacy claim over data that the
telephone company collects for their own
business purposes, primarily because they
do not reveal the content of any customers
private
communications
[3].
What
information a business collects about a
customer in order to better operate their
business is not in control of the customer
and, according to the Supreme Court, the
customer has no reasonable right to expect
privacy with those records. It is in this
manner that the government collects and
archives online data from several major
service providers including Microsoft,
Yahoo, Google, Facebook, PalTalk, AOL,
Skype, YouTube and Apple [4]. Without
these companies data records, the
governments mass data-mining efforts
would be fruitless.
What then is the role of corporations
and companies when it comes the
government collection of their records?
How can companies maintain secure and
private systems without compromising
national security? Legally, is a company
required to hand over their transactional data
without a warrant from intelligence agencies
and are they required to inform their
customers of such a transaction? Is it
reasonable for a customer to expect privacy
on information they give to companies and
other third parties or does that not exist?
More importantly, what is the responsibility
of a company in terms of providing security
features to protect the privacy of their
customers?

On December 2, 2015 Syed Farook

and his wife killed fourteen people in San
Bernardino in the deadliest terrorist attack
on American soil since September 11th. The
FBI wanted to get into their iPhones in
order to glean more information about the
case. The problem was their phone was
locked and would erase itself after ten false
attempts to get in. This mechanism erases
the hopes of getting the password through a
brute force attack. A federal magistrate
judge ordered Apple to create a backdoor in
their operating system that would allow
government officials to break into the
phone [13]. In an open letter to their
customers, Apple explained their position
stating that by creating this backdoor it
would cause people to lose control of their
data and by doing so, Apple would be
compromising the privacy and safety of their
systems. Another reason Apple explained
why they were unwilling to unlock Farooks
iPhone is that it would set a legal precedent
that would expand the powers of the
government and we simply dont know
where that would lead us, the best way to
make sure that such a system would never
be abused is to never create it in the first
place [11]. This case between Apple and the
FBI is a landmark case that has brought to
fruition the discussion of privacy and
national security on a corporate level,
particularly in the area of encryption. Ira
Rubinstein, a senior fellow at the New York
University Information Law Institute
remarked that this case with Apple really
goes right to the heart of the encryption
issue, and in some ways, this was a fight that
was inevitable [12].
Since
the
majority
of
communications occurs digitally, privacy is

Companies and Encryption

9

a big concern. People do not want hackers to

be able to intercept their messages. Thus
encryption was created. Encryption is the
scrambling sensitive information so that it
becomes unreadable to everyone except the
intended recipient [19]. This means that if
Alice were to send a message to Bob she
would scramble it from plaintext, in a
readable format, to a cipher text, encrypted
format so that only Bob would be able to
decrypt it back to plaintext. In this manner
encryption achieves privacy and security.
Since Previously privacy was defined as
being able to control who sees what
information about oneself. In this case, Alice
was able to control that only Bob was able
to see what was written in her message. She
is able to choose different means of
scrambling her messages for different
people. In terms of computer systems,
encryption appears to be the safest and most
reliable means for an individual to achieve
privacy.
Encryption algorithms are becoming
more and more advanced scaring law
enforcement agencies. For over a decade the
FBI have been concerned that digital
messaging would reach a point where the
encryption mechanisms would be so
advanced that the government would be
unable to break in. In Fall 2010 a bill was
suggested that would require companies to
provide unencrypted data to the government.
The law was drafted specifically for
situations like the case with Apple in mind.
This law would give the federal government
the authority to force a company to redesign
its system or write a program that would
decrypt the encrypted data [12]. After the
Snowden scandal however the bill was
halted. Six years later this exact situation

played out. As Apple explained in their

letter, it was not that they refused to give the
government information they had about the
iPhone, they had given the government all
the information they possessed. What they
refused to do was redesign their operating
system to decrypt the encrypted data. As
they explained in their letter, they have no
access to the personal data stored on
someones phone because Apple believes
that the contents of [ones] iPhone is none
of [their] business [11]. After Edward
Snowden revealed how Americans were
being spied on through WikiLeaks many
technology companiesstarted to build
tougher encryption safeguards in their
products because of the privacy demands of
their customers [12].
When Snowden revealed just how
much the government was spying on
Americans in the name of the war on terror,
Americans became frightened and forced
companies to protect their privacy.
Companies also started to push back on the
governments collection of their customers
data by building stronger encryption
safeguards into their systems thereby
protecting consumer privacy [12]. In terms
of computer systems, encryption appears to
be the safest and most reliable means to
achieve privacy. Recently WhatsApp
achieved full end-to-end encryption on their
application. This was a means to protect
users privacy and safeguard them against
hackers,
cybercriminals,
oppressive
governments and even WhatsApp. The only
people that are able to view messages,
videos, files and the like, are the two people
who are communicating in the chat.
WhatsApp explained their reasoning for
doing end-to-end encryption was to prevent
10

peoples digital communication from future

attacks. They believe that encryption will
promote safety and security in the new
digital age [14]. Moreover, they explained
people would be able to communicate freely
without the fair that their information will be
able to be seen by everyone [14].
Not everyone agrees with Apple and
WhatsApp, that having stronger encryption
that even the companies do not have access
too is beneficial to the safety of the country.
There are those that believe that having
stronger encryption mechanisms and such
strict privacy is a breeding ground for
terrorism and other cybercrimes. Richard
Clarke, a retired senior counterterrorism
official in the government, though spoke out
against this concern stated that within the
United States government, we've decided
long ago that there are limits on what we're
going to do in the war against terrorism
[17]. Those limits include encryption and
privacy to protect the people. Erwin pointed
out that in several recent terrorist attacks, it
was clear that the government had
information beforehand that could have
provided a warning, if it had been properly
analyzed [16]. It is not encryption or
creating secure digital systems that protect
peoples privacy will halt the prevention of
terrorist attacks since the information
needed is already there. The issue is that the
information is not being properly analyzed.
Erwin also did not believe that the
encryption of personal information, such
that no one aside from the two
communicating parties would ever pose an
existential threat to law enforcement [16].
The easiest way for a company to
get out of this whole debate of whether the
government is able to collect citizens data

and monitor their communication is to use

encryption. By encrypting their customers
communication in such a way that even the
company does not have access to it opts a
company out of that whole morass [16].
While a company might be obligated to give
transactional information they collect about
their customers to the government, if they do
not have content information about their
customers then they would not feel obligated
to give it. In this way, they protect
themselves from potentially going against
the Constitution.
Conclusion
The discussion regarding privacy and
security is a long one, and one that requires
an open mind to be able to view both sides.
Before technology came around the
discussion was a much simpler one. Now
that technology and the Internet has become
so pervasive and a vital part of peoples
lives, the conversation has become complex.
People expect the two to work in harmony
as they would in a perfect world. Security
would systems would be put in place to
protect peoples privacy and indeed for the
most part they do. Security mechanisms
such as encryption, intrusion detection
systems,
filters,
authentication
and
authorization, are all put in place as a means
of keeping hackers and cybercriminals out.
Yet when the discussion becomes about
national security and the safety of peoples
lives the argument to allow the government
past all these systems is a strong one.
Privacy is a right that all humans are
entitled too. Nobody, no matter what side of
the argument they are on would deny that.
The Constitution even created an
amendment to protect peoples right to
11

privacy. However, the questions regarding

privacy now arise with regard to the
Internet; is privacy a right in the digital
world? While no one would argue that
privacy is a fundamental human right, they
would say that in order to combat terrorism
and protect peoples lives, sometimes you
have to give up some of your other rights.
Since most communication occurs in the
digital realm, a right people would have to
give up for the sake of security and their
lives. The argument is often made, if you
have nothing to hide, you have nothing to
hear [15]. This implies that those who are
concerned with the government invading
peoples privacy is only because they are
doing illegal stuff and are worried about
others seeing it. However, many of peoples
privacy concerns is that their security will be
violated since the information would be
misused. The response therefore is, if you
have something to fear, you have reason to
hide [15]. The concern over the
government invading their privacy, even for
the name of national security, is their fear
that the government will abuse their power
and turn it on innocent people by misusing
and manipulating their information.
How therefore is the government
able to create a balance to protect
individuals privacy while still being on top
of national security when it comes to the
digital world? The question is not an easy
one and the answer is similarly not
straightforward. However as was always
done in this country, when looking at issues
of major concerns to the country the
government has looked to the Founding
Fathers and the Constitution as their guiding
light. Where America stands right now, the
government has every right to collect

transactional data on its citizens since

citizens do not have a reasonable
expectation of privacy when it comes to
such information. They know that the
information is being collected by businesses
for business use. Americans still have a
reasonable expectation of privacy when it
comes
to
the
content
of
their
communication. The governments desire to
collect peoples content without a search
warrant and probable cause would be
unconstitutional and violate Americas
expectation of privacy. Companies therefore
are providing security mechanisms, like
encryption, to protect their consumers
privacy expectation. The government has a
long fight against them if they wish to hack
into peoples lives even in the name of
national security.
Works Cited
[1] "The Difference Between Security and
Privacy", W3.org, 2016. [Online]. Available:
http://www.w3.org/P3P/mobile-privacyws/papers/zks.html.
[2] "Obama on NSA surveillance: Can't have
100% security and 100% privacy", RT
International, 2016. [Online]. Available:
https://www.rt.com/usa/obama-surveillancensa-monitoring-385/.
[3] S.Bradbury, FederalistEdition,2nd

ed..
[4] "Privacy, security, or both? An elusive
balance", The Jerusalem Post | JPost.com,
2016.
[Online].
Available:
http://www.jpost.com/Opinion/Op-EdContributors/Privacy-security-or-both-Anelusive-balance-316867.
[5] "Fourth Amendment", LII / Legal
Information Institute, 2016. [Online].

12

Available:
https://www.law.cornell.edu/wex/fourth_am
endment.
[6] "Privacy vs. Protection: A Delicate
Balance", SIGNAL Magazine, 2004.
[Online].
Available:
http://www.afcea.org/content/?q=privacy-vsprotection-delicate-balance.
[7] J. Harper, "Balancing Privacy and
Security: The Privacy Implications of
Government Data Mining Programs", Cato
Institute,
2007.
[Online]. Available:
http://www.cato.org/publications/congressio
nal-testimony/balancing-privacy-securityprivacy-implications-government-datamining-programs.
[8] "NSA Surveillance", American Civil
Liberties Union, 2016. [Online]. Available:
https://www.aclu.org/issues/nationalsecurity/privacy-and-surveillance/nsasurveillance. [Accessed: 06- May- 2016].
[9] "Understanding the balance between
privacy and security", SearchSecurity, 2016.
[Online].
Available:
http://searchsecurity.techtarget.com/Underst
anding-the-balance-between-privacy-andsecurity.
[10] G. Gao, "What Americans think about
NSA surveillance, national security and
privacy", Pew Research Center, 2015.
[Online].
Available:
http://www.pewresearch.org/facttank/2015/05/29/what-americans-thinkabout-nsa-surveillance-national-securityand-privacy/.
[11] "Customer Letter - FAQ - Apple",
Apple,
2016.
[Online].
Available:
http://www.apple.com/customerletter/answers/.

[12] E. Benner, "Apple Fights Order to

Unlock San Bernardino Gunmans iPhone",
Nytimes.com, 2016. [Online]. Available:
http://www.nytimes.com/2016/02/18/technol
ogy/apple-timothy-cook-fbi-sanbernardino.html?_r=1.
[13] "Apple Opposes Judge's Order To Help
FBI Unlock San Bernardino Shooter's
Phone", NPR.org, 2016. [Online]. Available:
http://www.npr.org/sections/thetwoway/2016/02/17/467035863/judge-ordersapple-to-help-investigators-unlockcalifornia-shooters-phone.
[14] "end-to-end encryption - WhatsApp
Blog", Blog.whatsapp.com, 2016. [Online].
Available:
https://blog.whatsapp.com/10000618/end-toend-encryption.
[15] "The Ethics Of Encryption: Who
Guards Your Privacy?", Lifehacker.com.au,
2013.
[Online].
Available:
http://www.lifehacker.com.au/2013/11/theethics-of-encryption-who-guards-yourprivacy/.
[16] S. University, "The Ethics of
Encryption - Resources - Business Ethics Focus Areas - Markkula Center for Applied
Ethics - Santa Clara University", Scu.edu,
2016.
[Online].
Available:
https://www.scu.edu/ethics/focusareas/business-ethics/resources/the-ethicsof-encryption/.
[17] "Encryption, Privacy Are Larger Issues
Than Fighting Terrorism, Clarke Says",
NPR.org, 2016. [Online]. Available:
http://www.npr.org/2016/03/14/470347719/e
ncryption-and-privacy-are-larger-issuesthan-fighting-terrorism-clarke-says.
[18] P. Beshar, "Cybersecuritys privacy
problem",
Fortune,
2015.
[Online].
Available:
13

http://fortune.com/2015/08/03/cybersecurity
-privacy-europe-u-s/.
[19] "What is encryption? definition and
meaning", BusinessDictionary.com, 2016.

[Online].
Available:
http://www.businessdictionary.com/definitio
n/encryption.html.

14

Works Cited
[1] "The Difference Between Security and
Privacy", W3.org, 2016. [Online]. Available:
http://www.w3.org/P3P/mobile-privacyws/papers/zks.html. [Accessed: 06- May2016].
[2] "Obama on NSA surveillance: Can't have
100% security and 100% privacy", RT
International, 2016. [Online]. Available:
https://www.rt.com/usa/obama-surveillancensa-monitoring-385/. [Accessed: 06- May2016].
[3] S.Bradbury, FederalistEdition,2nd

mining-programs. [Accessed: 06- May2016].

[8] "NSA Surveillance", American Civil
Liberties Union, 2016. [Online]. Available:
https://www.aclu.org/issues/nationalsecurity/privacy-and-surveillance/nsasurveillance. [Accessed: 06- May- 2016].
[9] "Understanding the balance between
privacy and security", SearchSecurity, 2016.
[Online].
Available:
http://searchsecurity.techtarget.com/Underst
anding-the-balance-between-privacy-andsecurity. [Accessed: 06- May- 2016].
[10] G. Gao, "What Americans think about
NSA surveillance, national security and
privacy", Pew Research Center, 2015.
[Online].
Available:
http://www.pewresearch.org/facttank/2015/05/29/what-americans-thinkabout-nsa-surveillance-national-securityand-privacy/. [Accessed: 06- May- 2016].
[11] "Customer Letter - FAQ - Apple",
Apple,
2016.
[Online].
Available:
http://www.apple.com/customerletter/answers/. [Accessed: 06- May- 2016].
[12] E. Benner, "Apple Fights Order to
Unlock San Bernardino Gunmans iPhone",
Nytimes.com, 2016. [Online]. Available:
http://www.nytimes.com/2016/02/18/technol
ogy/apple-timothy-cook-fbi-sanbernardino.html?_r=1. [Accessed: 06- May2016].
[13] "Apple Opposes Judge's Order To Help
FBI Unlock San Bernardino Shooter's
Phone", NPR.org, 2016. [Online]. Available:
http://www.npr.org/sections/thetwoway/2016/02/17/467035863/judge-ordersapple-to-help-investigators-unlock-

ed..
[4] "Privacy, security, or both? An elusive
balance", The Jerusalem Post | JPost.com,
2016.
[Online].
Available:
http://www.jpost.com/Opinion/Op-EdContributors/Privacy-security-or-both-Anelusive-balance-316867. [Accessed: 06May- 2016].
[5] "Fourth Amendment", LII / Legal
Information Institute, 2016. [Online].
Available:
https://www.law.cornell.edu/wex/fourth_am
endment. [Accessed: 06- May- 2016].
[6] "Privacy vs. Protection: A Delicate
Balance", SIGNAL Magazine, 2004.
[Online].
Available:
http://www.afcea.org/content/?q=privacy-vsprotection-delicate-balance. [Accessed: 06May- 2016].
[7] J. Harper, "Balancing Privacy and
Security: The Privacy Implications of
Government Data Mining Programs", Cato
Institute,
2007.
[Online]. Available:
http://www.cato.org/publications/congressio
nal-testimony/balancing-privacy-securityprivacy-implications-government-data-

15

california-shooters-phone. [Accessed: 06May- 2016].

[14] "end-to-end encryption - WhatsApp
Blog", Blog.whatsapp.com, 2016. [Online].
Available:
https://blog.whatsapp.com/10000618/end-toend-encryption. [Accessed: 06- May- 2016].
[15] "The Ethics Of Encryption: Who
Guards Your Privacy?", Lifehacker.com.au,
2013.
[Online].
Available:
http://www.lifehacker.com.au/2013/11/theethics-of-encryption-who-guards-yourprivacy/. [Accessed: 06- May- 2016].
[16] S. University, "The Ethics of
Encryption - Resources - Business Ethics Focus Areas - Markkula Center for Applied
Ethics - Santa Clara University", Scu.edu,
2016.
[Online].
Available:
https://www.scu.edu/ethics/focusareas/business-ethics/resources/the-ethicsof-encryption/. [Accessed: 06- May- 2016].

[17] "Encryption, Privacy Are Larger Issues

Than Fighting Terrorism, Clarke Says",
NPR.org, 2016. [Online]. Available:
http://www.npr.org/2016/03/14/470347719/e
ncryption-and-privacy-are-larger-issuesthan-fighting-terrorism-clarke-says.
[Accessed: 06- May- 2016].
[18] P. Beshar, "Cybersecuritys privacy
problem",
Fortune,
2015.
[Online].
Available:
http://fortune.com/2015/08/03/cybersecurity
-privacy-europe-u-s/. [Accessed: 06- May2016].
[19] "What is encryption? definition and
meaning", BusinessDictionary.com, 2016.
[Online].
Available:
http://www.businessdictionary.com/definitio
n/encryption.html. [Accessed: 08- May2016].

16