Dissemin is shutting down on January 1st, 2025

Published in

Concepts, Methodologies, Tools and Applications, p. 1246-1254

DOI: 10.4018/978-1-61350-323-2.ch601

Concepts, Methodologies, Tools and Applications, p. 1246-1254

DOI: 10.4018/978-1-61350-323-2.ch6.1

Links

Tools

Export citation

Search in Google Scholar

Managing IS Security and Privacy:

Book chapter published in 1970 by Vasilios Katos ORCID
This paper was not found in any repository, but could be made available legally by the author.
This paper was not found in any repository, but could be made available legally by the author.

Full text: Unavailable

Red circle
Preprint: archiving forbidden
Green circle
Postprint: archiving allowed
Red circle
Published version: archiving forbidden
Data provided by SHERPA/RoMEO

Abstract

The concept of privacy has received attention for over a century now and its definition?let alone, understanding?has been profoundly challenging. This is primarily attributed to the “incompatible” and rich set of characteristics privacy comprises. As Brunk (2002) states very sharply, “Privacy is a matter of intellectual and philosophical thought and retains few tangible characteristics, making it resistant to simple explanation.” Perhaps the first scholarly work on privacy was that of Warren and Brandeis (1980), who introduced the highly abstractive yet popular definition of privacy as the “right to be left alone.” As privacy was recognized as a right, it primarily existed within a legal context. Legislation for protecting one’s privacy exists in many countries and in some cases at a constitutional level (see for example the Fourth Amendment of the U.S. Constitution). It was soon realized in the information revolution era that privacy and information are somewhat coupled. More precisely, emerging privacy concepts and metrics relate to the intentional or unintentional information flows. However, when it comes to studying, using, and investing in information, security appeared to have a higher priority over privacy. Security and privacy seemingly operate under different agendas; privacy is about protecting one’s actions in terms of offering anonymity, whereas security includes the notion of accountability which implies that anonymity is waived. Still, security is a vital component of an information system, as it is well needed in order to protect privacy. This contradictory relation between security and privacy has caused a considerable amount of debate, political and technical, resulting in a plethora of position and research papers. Accepting that there may be no optimum solution to the problem of striking a balance between security and privacy, this article presents a recently developed methodology that could support policy decision making on a strategic level, thus allowing planners to macro-manage security and privacy.