Security Boulevard has a great piece unpacking the terminology behind privacy. Including- what is meant by data privacy as opposed to data protection? What is the significance of this?
The terminology used around privacy has been changing as fast as the privacy landscape has. In this context it is important to keep ahead of the language used to formulate and express privacy ideas. Security Boulevard does just that in its recent post.
It’s definition typically focuses on the zonal nature of privacy. Thus the fact that it can be lost, breached or reformulated.
The Guardian has released an excellent piece from Edward Snowden on the importance of encryption.
The piece considers the importance of encryption as a standard and by design as a mechanism to protect from surveillance. The article itself considers the benefits of end-to-end encryption- where data is encrypted at source and encrypted throughout processing. In these cases third party interference typically attempts to interfere with the intial processing of data prior to encryption, embedding itself throughout the process thereafter.
Messaging services such as Facebook and WhatsApp operate via end to end encryption to protect messages by design. However, much is left to be done to ensure data ecosystems have sufficient protection- third party vendors and intermediaries must ensure the same high level of data protection to ensure holistic data protection.
For the purposes of data protection legislation encryption is considered an act which processes data in and of itself. This means the act of encryption will usually bring the processing party into the remit of data protection legislation.
For an update on legal developments over the summer readers are directed to my Summer Round-Up published on the INFORRM legal blog- https://inforrm.org/2019/09/04/law-and-media-summer-round-up-4-september-2019/
Significant updates include changes to prodecure for the High Court Media and Communications List.