With the increased use of the Internet to share confidential information with other users around the world, the demands to protect this information are also increasing. This is why, today, privacy has found its important place in users' lives. However, Internet users have different interpretations of the meaning of privacy. This fact makes it difficult to find the best way to address the privacy issue. In addition, most of the current standard protocols in use over the Internet do not support the level of privacy that most users expect. The purpose of this chapter is to discuss the best balance between users' expectation and the practical level of privacy to address user privacy needs and evaluate the most important protocols from privacy aspects.
TopWhat Is Privacy?
The term privacy had come into existence when for the first time people declared themselves as owners of some items of physical property and wanted to protect them against intruders (Hirshleifer, 1980). Later, this term was used in a broader scope, especially in computer systems, and in combination with other terms such as anonymity, secrecy, etc.
Unfortunately, the broad scope of this term allowed it to be confused with other terms, such as security terms, whereby they were conceived to be the same, which is not true. This fact leads to disagreement on the privacy definitions.
In computer terms, privacy which considered being a social term gives one the ability to choose what data he/she wants to expose to others and what data he/she wants to keep from others. In other words, privacy gives users to control their data disclosure. But when interactions are done via computers and networks, privacy often relies on technical tools for data confidentiality and data integrity. Security, on the other hand, gives one the ability to protect these data and preserve their confidentiality. These important data can be anything including user’s bank information, names, date of birth, medical information, user’s address and any information that can give an attacker a possibility to track this user.
This information might be of different nature when we are talking about privacy in a company. The data can indeed be company’s product details (confidential data that are hidden from competitors), codes, employees’ personal information, etc.
Sometimes, privacy and security are conflicting. One example of this scenario is where a company records the location of its users in order to use it as part of the authorization process – perhaps some applications or datasets may only be accessed from inside company premises. But although this helps the company maintain security, tracking and recording employees' location could violate their privacy.