MANAGEMENT OF INFORMATION SECURITY
Management of Information Security
According to Holt and Malcic (2015), the use of remote data storage has increased exponentially resulting in citizen and consumer awareness. Industry, education, cultural and governments sectors are continuously storing remote data from citizens and consumers through the use of the internet. Digital content distribution relies on cloud storage infrastructure, access to big data and streaming platforms. Many of these sites store personal information making citizens and customers wary of their privacy concerns. Furthermore, the access of digital data by governmental and private companies has increased raising concerns and anxiety among unsuspecting people (Cranor 2003). Therefore, protectionist movements have increased to protect citizens and consumers from unwanted privacy intrusions by big companies and governmental organizations through their websites. Furthermore, many citizens are raising concerns about government intrusion and monitoring of internet communications and phone calls. Holt and Malcic (2015) argue that managing and securing privacy protection rights is a complex process that is affected by clear laws in global trade, health care, and intellectual property. However, Holt and Malcic (2015) argue that it is the responsibility of government organizations and companies to develop privacy policies that allow users to know what type of information that the websites collect and also how they will use the information.
When people use the internet, they entrust a lot of sensitive information about the daily activities when using the internet to internet carriers (Clement and Obar 2017). Internet service providers transmit a lot of private information about people when they visit their popular sites over the internet. For example, people spend a lot of time on social media sites, websites and emails. The personal information that internet service providers carry are susceptible and can reveal a person’s nature and habits. Therefore, it is clear that a person’s privacy is affected because of personal information stored in websites. While the use of the internet to communicate and do business has increased in the last decade, privacy concerns have also increased. Major companies that run private websites, social media sites and government sites have developed privacy policies that stipulate how they collect, use and disseminate the information collected from users. According to Clement and Obar (2017), data privacy transparency is the act of being open about in regards to data privacy protection. Also, the privacy policies developed by companies and governments indicate how they manage, store, retain, disclose and distribute sensitive information about users. Clement and Obar (2017) argue that it is important for people to choose reliable internet service providers based on privacy concerns because they can hold them responsible when third parties access users’ private information. Transparency is important; companies, organizations and governments sites that do not safeguard transparency should re-evaluate their privacy policies to protect users’ right to privacy.
According to Han (2017), information technology has helped shaped means of communication around the world. However, information technology has developed a growing concern over privacy concerns because it threatens the social and political lives of individuals. Cranor (2003) argues that the growing concern of privacy is the ability of technology-based systems to track people and analyze their information. Furthermore, technology based systems can disseminate the information, therefore, inhibiting people’s right to privacy. People should have a right to privacy, which should not be equated to the right to secrecy or control, but a right to determine the flow of information about a person. Therefore, privacy policies are important because they protect an individual’s right to privacy (Cranor 2003). Through privacy policies, an individual is convinced that a particular website will not transmit sensitive information to third parties.
Users should know what information the website will collect and how it will be used. Also, different laws suggest how companies should collect data from users who are below 13 years of age. Therefore, when developing the policy, key stakeholders should take the legal implications of privacy breach into consideration. It is ethical for a company to ensure that it meets the stipulated legal requirements when developing privacy policies. Also, companies and organizations should refrain from using a lot of legal jargons when developing the policies because it reduces the interest of users to read the policy. Furthermore, it puts users at risk because they will not understand how the company/organization will use their data (Barth 2008).
Technological advancements have changed how people communicate and do business. The use of the internet has become widespread in both developed and developing countries. As a result, many companies and organizations that run public websites contain a lot of sensitive information about their users. Furthermore, many citizens have accused the government of monitoring their calls and internet activity. The Constitution protects the right to privacy; therefore, many companies have developed privacy policies that indicate the type of information collected and how the information will be used. Privacy policies are a necessity because they assure the public that third parties will not access the personally identifiable information.
Barth, A, 2008, Design and analysis of privacy policies. Stanford University.
Clement, A and Obar, J, 2016, Keeping Internet Users in the Know or in the Dark. Journal of Information Policy, 6, p.294.
Cranor, L, 2003, P3P: making privacy policies more useful. IEEE Security & Privacy Magazine, 1(6), pp.50-55.
Dhillon, G, 2002, Social responsibility in the information age: issues and controversies. Hershey, PA, IRM Press.
Dreyer, S and Ziebarth, L, 2014, Participatory Transparency in Social Media Governance: Combining Two Good Practices. Journal of Information Policy, 4, pp.529-546.
Goldberg, I and Atallah, MJ, 2009, Privacy enhancing technologies: 9th international symposium, PETS 2009, Seattle, WA, USA, August 5-7, 2009: proceedings. Berlin, Springer.
Holt, J and Malcic, S, 2015, The Privacy Ecosystem: Regulating Digital Identity in the United States and European Union. Journal of Information Policy, 5, p.155.
Paterson, N, 2014, End User Privacy and Policy-Based Networking. Journal of Information Policy, 4, pp.28-43.
Sumeeth, M, Singh, R, and Miller, J, 2010, Are Online Privacy Policies Readable?. International Journal of Information Security and Privacy, 4(1), pp.93-116.
Zhu, L, 2011, Privacy in Context: Technology, Policy, and the Integrity of Social Life. Journal of Information Privacy and Security, 7(3), pp.67-71.