Data Privacy vs Data Protection: Understanding the distinction in defending your data

Data Privacy vs Data Protection: Understanding the distinction in defending your data

1. Having one doesn’t ensure the other
Data protection is focused on protecting assets from unauthorized use, while data privacy defines who has authorized access. One can say that data protection is mostly a technical control, while data privacy is more of a process or legal matter. One doesn’t ensure the other, and we need both to work together as a proper control mechanism.

2. One addresses regulation; the other mechanisms
I like to think of data privacy as the regulations, or policies, that governs the use of my data when shared with any entity. On the other hand, data protection is the mechanism — that is, the tools and procedures — to enforce the policy and regulation, including the prevention of unauthorized access or misuse of the data that I agreed to share.

3. Users control privacy; companies ensure protection
The important distinction people should know about data privacy and data protection is who controls which part. Data privacy controls are mostly given to users. Users can usually control which data is shared with whom. Data protection is mostly a company’s responsibility. Companies basically need to make sure that the level of privacy their users have set is implemented and data is protected.

4. Safety from sales VS. safety from hacks
Data privacy is about keeping your information from being sold or shared, while data protection focuses on keeping that information from hackers. It’s important to explain this difference to people and have a policy as to what your company does for each type of data intrusion.

5. Ensuring your data is only accessed as intended
The distinction between privacy and protection boils down to who we intend to share your data with versus how we plan to protect your data from everyone else. At the data access level, they mean the same thing. But in reality, protecting data from unauthorized access requires going beyond a simple ACL scheme and defending against all the vulnerabilities of the underlying systems.

Original Source: Blazon Online –