A variety of new technologies — intrusive, mobile, ubiquitous and inexpensive — are causing immense societal and business disruption. There are great privacy concerns regarding each of these devices by themselves and more importantly in their synergistic combinations. In many cases, the legal and community sectors lag behind these developments as well, and we cannot fully address their technical aspects or social implications.

Sound familiar? We’re not describing the phones, drones and clones problem of 2015. Rather, the above describes the privacy and technology problems that many of our great-grandparents faced and resolved in the early 1900s.

History Repeats Itself

A hundred years ago, the beneficial and democratic aspects of technology and industrialization caused certain technical powers to pass from the very rich to the middle class. For example, the inexpensive box camera with rolled film caused a sensation regarding its portable and ultrapersonal nature: “What, you dare to take pictures of me, my spouse and my teenage children while we are strolling in the public park, and you bring these very likenesses into your own home?”

The telephone was similarly discouraged by many: “Must you interrupt the sanctity of our home by the infernal jangling of that bell and your unwelcome voice; even worse, at a time of your own choosing?”

Similar controversy could arise from the automobile: “We expect our children to spend their evening’s entertainment within our town, not out of it!” and from the daily newspaper: “My police summons for this minor charge need only be mentioned in the police station blotter, not seen on my neighbor’s doorstep the next morning!”

Privacy Problems Continue Today

Many, but certainly not all, of today’s privacy issues arise from the fact that technology continues to democratize that which was previously highly concentrated. For example, in the past in the U.S., a governmental agency could have readily ascertained whether a particular individual committed a minor infraction within its borders because it had visibility into all of our approximately 3,100 counties and their myriad of towns. But typically, this was only done in certain law enforcement situations, and doing so had a significant cost with respect to time, communications and human effort.

Today, the Internet — widespread, well-read and time-independent — has both democratized data access and expanded the potential for illuminating even minuscule past embarrassments. That evidence, while public, may once have been hidden in obscure, marginally accessible files.

In 2015 and beyond, it is particularly important to differentiate the issues of information security and privacy. Security and privacy serve related but very different goals. Information security is primarily concerned with protecting information’s confidentiality, integrity and availability (CIA). In both the customer’s and client’s environments, privacy may be considered the expectation of careful and ethical access, retention and use of personal information of many types and sensitivities. A person’s information must ultimately be viewed and used only in ways known to and acknowledged by the individual to which it pertains.

The Security Conundrum

Thus, it is conceivable that, if wrongly deployed, an enterprise could have comprehensive, effective information security without personal privacy. But it could only have adequate privacy if it already had a firm base of security. When used together effectively, adequate security and appropriate privacy, or cognitive privacy, lead to a business and societal goal of customer, regulator and public trust.

Although some may (incorrectly) view the many emerging governmental privacy mandates and other potential security and regulatory impacts as being unusual or unforeseeable events, in fact they are completely predictable. It is equally foreseeable that similar privacy expectations will increase in frequency and depth in the future. And in many cases, regulators are a metaphor for what customers and other stakeholders now legitimately expect.

It is urgent to be in a posture of continual compliance readiness. For privacy, this can be achieved via many means, including better organization of existing discrete data, usable alerting and logging elements, software control techniques and rigorous data and access management. In short, there must be an accurate understanding of privacy posture at all times and at all appropriate management levels.

Finding the Right Solution

How do we resolve these issues? Just as was done by our forebears, the very real expanding privacy problems of the 21st century — including misuse of information, intrusiveness, ubiquitous and improper distribution — may be addressed by both enterprises and individuals. Providing world-class capabilities to tangibly enhance privacy via encryption, access controls, fraud countermeasures, and many other products is an excellent first step toward reconciling strong security and privacy.

An important initiative may arise from IBM’s many innovations in the realm of cognitive privacy. We have emerging capability to use our technologies to help address, detect and prevent privacy concerns such as improper cross-border data flows or illegitimate access to personal data. Other cognitive privacy techniques and values can preclude both the appearance and perception of privacy problems, particularly in new cloud and mobile implementations. But the main goals continue to be appropriate personal appreciation and business enablement.

Hopefully, through the use of these techniques, effective information security and data privacy — and, most importantly, customer trust — will be the result of an enterprise’s sound business, regulatory and technical initiatives and innovations.

More from Artificial Intelligence

Data Privacy: How the Growing Field of Regulations Impacts Businesses

The proposed rules over artificial intelligence (AI) in the European Union (EU) are a harbinger of things to come. Data privacy laws are becoming more complex and growing in number and relevance. So, businesses that seek to become — and stay — compliant must find a solution that can do more than just respond to current challenges. Take a look at upcoming trends when it comes to data privacy regulations and how to follow them. Today's AI Solutions On April…

Tackling Today’s Attacks and Preparing for Tomorrow’s Threats: A Leader in 2022 Gartner® Magic Quadrant™ for SIEM

Get the latest on IBM Security QRadar SIEM, recognized as a Leader in the 2022 Gartner Magic Quadrant. As I talk to security leaders across the globe, four main themes teams constantly struggle to keep up with are: The ever-evolving and increasing threat landscape Access to and retaining skilled security analysts Learning and managing increasingly complex IT environments and subsequent security tooling The ability to act on the insights from their security tools including security information and event management software…

4 Ways AI Capabilities Transform Security

Many industries have had to tighten belts in the "new normal". In cybersecurity, artificial intelligence (AI) can help.   Every day of the new normal we learn how the pandemic sped up digital transformation, as reflected in the new opportunities and new risks. For many, organizational complexity and legacy infrastructure and support processes are the leading barriers to the effectiveness of their security.   Adding to the dynamics, short-handed teams are overwhelmed with too much data from disparate sources and…

What’s New in the 2022 Cost of a Data Breach Report

The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. New research in this year’s report also reveals for the first time that 83% of organizations in the study have experienced more than one data breach and just 17% said this was their first data breach. And at a time when…