Tuesday, 29 October 2013

RSA Conference: Anonymity is the Enemy of Privacy

‘Anonymity is the Enemy of Privacy’ was a point stressed by Art Coviello, the Executive Chairman of RSA, in the opening keynote of the RSA Conference Europe 2013.  This point is controversial to say the least, especially to a European audience, with mainly Europeans still rocking in the wake of the massive NSA covert internet surveillance allegations against European leaders, and millions of EU citizens.


Many privacy advocates hold a polar opposite view to Art, believing anonymity online is a fundamental ingredient for online privacy. Art's perspective also highlights the difference in attitudes towards privacy harboured between the United States and Europe. The European Union was built on its citizen rights, including the right to privacy, a right the EU wishes to see exercised online, whereas the US view tends to be 'privacy is dead', believing the right to online privacy has been given up and the privacy fight lost.

2 comments:

@kkempskie said...

The one thing to remember in this context, however, is that Mr. Coviello is referring to anonymity on enterprise networks being the enemy to privacy - not anonymity on the internet at-large. Individuals are entitled and should expect and demand personal privacy online - or at least understand what they might be giving up in order to gain the benefit of a service they wish to use. But when they are using a corporate network or device (even in BYOD settings), they must accept that security teams cannot tolerate anonymity if they are to adequately protect company assets, intellectual property and workers identities and information from malicious attackers who care nothing of privacy. Still, Mr. Coviello does assert that privacy and security DO complement each other in a trusted environment that provides transparency and good governance. This is a bottom-line vision that the security industry and privacy advocates should be in agreement on: IT security professionals should be able to monitor company-owned networks for anomalous behaviors while also putting in place controls that can assure worker personal privacy.

@kkempskie said...

The one thing to remember in this context, however, is that Mr. Coviello is referring to anonymity on enterprise networks being the enemy to privacy - not anonymity on the internet at-large. Individuals are entitled and should expect and demand personal privacy online - or at least understand what they might be giving up in order to gain the benefit of a service they wish to use. But when they are using a corporate network or device (even in BYOD settings), they must accept that security teams cannot tolerate anonymity if they are to adequately protect company assets, intellectual property and workers identities and information from malicious attackers who care nothing of privacy. Still, Mr. Coviello does assert that privacy and security DO complement each other in a trusted environment that provides transparency and good governance. This is a bottom-line vision that the security industry and privacy advocates should be in agreement on: IT security professionals should be able to monitor company-owned networks for anomalous behaviors while also putting in place controls that can assure worker personal privacy.