Cybersecurity and the Dilemma Between Privacy and Safety
Those who would give up essential liberty to purchase a little temporary safety, deserve neither liberty nor safety.
– Benjamin Franklin
The adage goes that freedom is possible neither without privacy nor without protection. But in today’s society, these two values seem to conflict. They beg important questions. For example, to what extent can rules designed to safeguard individual privacy present an obstacle to ensuring adequate public safety and security? Or, what is the limit beyond which measures to ensure public safety begin to encroach on our civil liberties?
In today’s hyper-connected world, our movements online are constantly being tracked. Trackers hide in every corner of the internet. It is said that the average web page shares data with at least a dozen different third-parties. The same goes for the average mobile phone. Your mobile phone also holds a number of apps that are constantly collecting and analyzing information, some of it sensitive such as location data and call records, even when the apps are not in use.
Not only that, but in the physical world, shopping malls now use automatic license-plate readers that track cars that enter and exit carparks. Businesses, concert halls and political campaigns use Bluetooth and WiFi to perform passive monitoring of people in and around the surrounding areas. Further, retail stores are now rapidly adopting facial recognition software to identify customers, protect against theft and deliver “better” and more targeted advertising.
Like it or not, in this world, we are all endpoints in a series of data science clouds; with Amazon monitoring what we buy, Uber knowing where we live and work, and Google and Facebook monitoring our preferences, wants and thoughts, often in real-time. With millions of data points being fed straight into their (and other companies’) data science machinery, these (and other) companies have figured out how to monetise our personalities (which have themselves become decomposed into millions of data points across the digital spectrum).
With so much data hoarded, organised, structured, analysed and stored, these companies (and by extension, governments) are now sitting on what most people would call Too Much Information or TMI. Regulation such as the Global Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) have thus been introduced to put ownership of this data back into the hands of people. Under GDPR, for example, individuals have the right to ask that organisations erase their data. Failure to do so results in these organisations being subjected to large fines.
A recent Cisco survey focused on data privacy showed that 84% of respondents considered their privacy and personal data important, and wanted more control over how they use it. 48% of these privacy-conscious consumers had already switched to new brands and/or service providers at least once because of their perceived better privacy practices and governance structures.
The importance placed on personal privacy today goes hand-in-hand with three key market developments.
- Arrival of consumer-focused privacy regulation – The enactment of sweeping privacy regulation has brought to light the need for good governance structures around our most sensitive data. Few today take a company’s non-compliance with the GDPR or CCPA lightly, and sanctions imposed for non-compliance have already reached values as high as USD 150 million. It is becoming increasingly apparent now that, whatever the value a brand holds, a security breach can quickly erode the same if private consumer data is jeopardised.
- Fear of consolidated power – We can all picture what it would look like to live in surveillance state, especially after revelations made by the likes of Edward Snowden or Julian Assange. The “Big Brother” paradigm, in 2020, is entirely online. While a healthy degree of state power is necessary to ensure public safety and ensure society remains civil and orderly, most people would agree that any government effort designed to protect us should not extend to the inside of our homes. Most people would also agree that any effort by companies to offer us things they believe we value (e.g. same-day delivery, on-demand video streaming, instant gratification on social media, etc.) should not help consolidate our personal data into the hands of a few mega-companies. Many of us are already trying to reverse some of these effects. A number of people have switched to Telegram, for example, as an alternative to Facebook Messenger, or DuckDuckGo as an alternative to Google Chrome.
- No end in sight for cyber-attacks – Cybersecurity disasters are still the order of the day. Equifax, Sony, TalkTalk, Facebook, British Airways, and more recently, easyJet… there appears to be no end in sight. IBM estimates that the average cost of a security breach equates to almost USD 4 million. Cyber-attacks are unlikely to stop (according to the University of Maryland, we have a new cyber-attack every 39 seconds).
While all of this may seem daunting, the truth is that the speed at which we have become hyper-connected has outpaced society’s ability to provide adequate shelter and protection from the perils of the web. And today we are paying the price. As the world tries to grapple with a resolution to the global pandemic, we have actually seen an increase in cybersecurity spending as the economy has been virtualised.
It is no surprise, therefore, that we believe strongly in the investment case for cybersecurity companies offering protection in this digital world. Companies that are fighting cybercrime, and pushing for better privacy regulation around the world. As a megatrend, cybersecurity and data privacy is one that will have a colossal, long-lasting impact on the way consumers interact with their digital environment. The sector presents an exceptional growth opportunity for investors, and for the companies that are gearing up to take advantages of this digital revolution.
CYBR: The Rize Cybersecurity and Data Privacy UCITS ETF seeks to track the Foxberry Tematica Research Cybersecurity & Data Privacy Index. The objective of the Index is to provide exposure to companies that derive significant revenues from the provision of products and services that secure individuals and organizations against cyber threats.
Capital at Risk Warning: An investment in the Fund(s) involves risks, including illiquidity, lack of dividends, loss of investment and dilution, and it should be done only as part of a diversified portfolio. The Funds may be registered or otherwise approved for distribution to the public in one or more European jurisdictions. Investors should continue to consider the terms of investment in any Fund (or Share Class thereof) carefully and seek professional investment advice before taking any decision to invest in such Fund (or Share Class thereof).
 Electronic Frontier Foundation, “Behind the One-Way Mirror: A Deep Dive into the Technology of Corporate Surveillance”, December 2019. Available at: https://www.eff.org/wp/behind-the-one-way-mirror
 Cisco, “Consumer Privacy Survey, 2019. Available at: https://www.cisco.com/c/dam/en/us/products/collateral/security/cybersecurity-series-2019-cps.pdf
 Cybint Solutions, “15 Alarming Cyber Security Facts and Stats”, September 2019. Available at: https://www.cybintsolutions.com/cyber-security-facts-stats/#:~:text=A%20Clark%20School%20study%20at,give%20attackers%20more%20chance%20of
 Cisco, “From Privacy to Profit: Achieving Positive Returns on Privacy Investments”, January 2020. Available at: https://www.cisco.com/c/dam/en/us/products/collateral/security/2020-data-privacy-cybersecurity-series-jan-2020.pdf