隐私与安全，两者的差异和关系，（非常详细）从零基础到精通，收藏这篇就够了！-CSDN博客

本文链接：https://blog.csdn.net/Libra1313/article/details/148007979

富人可以负担得起自己的高墙和紧闭的大门。隐私长期以来被视为一种奢侈品，并且仍然经常被这样对待。隐私被当做一种可以随意处置的资产，有了固然好，但不是必不可少的。这种态度得到了加强，因为人类居住在一个小社区中 —— 任何低于邓巴数（Dunbar’s Number）规模的社区，几乎没有什么隐私，这是出奇地容易，甚至是出于本能的。

Both security and privacy are important in the physical and digital worlds. Privacy is the right to control how your information is viewed and used, while security is protection against threats or danger. In the digital world, security generally refers to the unauthorised access of data, often involving protection against hackers or cyber criminals. Privacy involves your right to manage your personal information, and security is the protection of this information. Both are equally important aspects of cyber safety. You have privacy rights and should take measures to secure your personal information and data within the digital environment.

在物理世界和数字世界中，安全与隐私都非常重要。隐私，是指控制个人信息如何被查看和使用的权利，而安全，则是指针对威胁或风险的保护措施。在数字世界里，安全通常指的是防止数据被未经授权的访问，这往往涉及对黑客或网络犯罪分子的防护。隐私涉及到个体管理自己信息的权利，而安全则是这些信息的保护工作。两者在网络安全中同等重要的方面。每个人都拥有隐私权，并应在数字环境中采取措施来保障个人信息和数据的安全。

—

安全和隐私的常规解释

Computer security and privacy often overlap; however, they do pertain to two different things. Privacy is your personal information and how you allow it to be accessed and viewed. In contrast, security is the protection of this data and information. When you download a new app on your smartphone, you are often asked to agree to a privacy policy. This policy will detail what information the app is going to collect and how it will be used. It is up to you to decide if you agree to the terms or not. With security, the goal is to safeguard your data and information, often through cybersecurity products and measures. Cybersecurity deals with deflecting unauthorised access to your data through leaks or breaches using security technologies and tools.

计算机安全与隐私常常相互交织，然而它们确实涉及两个不同的概念。隐私指的是您的个人信息，以及您允许这些信息如何被访问和查看。相比之下，安全则是指这些数据和信息的保护工作。当您在智能手机上下载一个新的应用程序时，通常会被要求同意一份隐私政策。该政策会详细说明应用程序将收集哪些信息，以及如何使用这些信息。是否同意这些条款由您自行决定。对于安全而言，目标是保护您的数据和信息，通常通过网络安全产品和措施来实现。网络安全通过使用安全技术和工具来防止数据因泄露，或被侵入而遭受未经授权的访问。

—

隐私的定义

Privacy, in short, is the right to be free from interference or intrusion — the ability to be left alone without being watched. Information privacy refers to the right to have control over how your personal information and data are collected, stored, and used. Privacy policies are in place to protect sensitive information and safeguard your identity. Privacy is often about using sensitive information responsibly. Organisations are required to be transparent about what forms of data they intend to collect, the purpose of the data collection, and where and with whom it is to be shared. As the user, you have to accept these terms and conditions; therefore, you have the right to control your shared information.

简而言之，隐私是指免受干扰或侵扰的权利 —— 能够在不被监视的情况下独处的能力。信息隐私指的是拥有控制个人资料和数据如何被收集、存储和使用的权利。隐私政策的存在是为了保护敏感信息并确保您的身份安全。隐私通常涉及负责任地使用敏感信息。组织必须对其打算收集的数据类型、收集数据的目的以及数据将被分享给谁和在何处分享保持透明。作为用户，您需要接受这些条款和条件，因此，您有权控制您共享的信息。

Well, it depends on who you ask. Broadly speaking, privacy is the right to be let alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how your personal information is collected and used.

Ask most people these days what they think of when it comes to privacy and you’re likely to have a conversation about massive data breaches, wearable tech, social networking, targeted advertising miscues—not to mention the Snowden revelations.

Add to that, various cultures have widely differing views on what a person’s rights are when it comes to privacy and how it should be regulated.

什么是隐私？这取决于你问的是谁。广义来说，隐私是指被允许独处的权利，或者说免受干扰或侵扰的自由。信息隐私是指拥有一定程度的控制权，决定个人资料如何被收集和使用。

如今如果你问大多数人提到隐私时他们想到的是什么，你很可能会听到他们谈论大规模的数据泄露事件、可穿戴技术、社交网络、定向广告的失误 —— 更不用说斯诺登的披露了。

除此之外，不同的文化对于个人在隐私方面的权利，以及应该如何对其进行监管持有广泛不同的看法。

—

个人隐私保护的重要性

Privacy is one of the most important consumer protection issues as technology continues to expand, more information is digitalised, and more measures exist to collect data. Businesses and apps often store data, such as this information:

随着技术的不断发展、更多的信息被数字化，以及更多收集数据的手段出现，隐私成为了最重要的消费者保护问题之一。企业和应用程序经常存储数据，例如以下这类信息：

个人姓名
出生日期
家庭住址
个人邮箱
电话号码
银行信息
医疗信息

This data can be vulnerable to cybercriminals for the purposes of identity theft. Nearly 5 million fraud and identity theft reports were received by the Federal Trade Commission (FTC) in 2020, and close to half of all American adults were victims of financial identity theft. Information privacy is vital to keeping users safe from hackers and cybercrime involving the theft of personal information.

这类数据可能容易受到网络犯罪分子的攻击，用于身份盗用。2020年，美国联邦贸易委员会（FTC）收到了近500万份欺诈和身份盗用报告，接近一半的美国成年人成为金融身份盗用的受害者。信息隐私对于保护用户免受黑客和涉及个人资料盗窃的网络犯罪至关重要。

根据身份盗窃研究与防控中心（ITRC）发布的 2023 年度数据泄露报告，2023年美国单年内发生了创纪录的高数量数据泄露事件。这一数字比 2021 年创下的历史最高记录高出 72 个百分点。至少有 3.53 亿人受到影响。
根据联邦调查局（FBI）2023 年的互联网犯罪报告，公众向 FBI 报告了880,418 起网络犯罪投诉，比 2022 年增加了 10%。潜在的总损失金额在2023 年上升到了 125 亿美元，高于 2022 年的 103 亿美元。加利福尼亚州、得克萨斯州和佛罗里达州的网络犯罪受害者人数最多。
联邦贸易委员会（FTC）的消费者哨兵网络在 2023 年收到了超过 539 万份报告，其中 48% 涉及欺诈，19% 涉及身份盗用。信用卡欺诈占身份盗用案件的 40.2%，其次是其他类型的未分类身份盗用，占 25.1%，其中包括在线购物和支付账户欺诈、电子邮件和社会媒体欺诈以及其他形式的身份盗用。乔治亚州、佛罗里达州和内华达州的身份盗用报告数量最多。

身份盗用和欺诈报告，2019-2023 年

—

安全的定义

Security involves measures taken to be protected from danger, threat, or harm. It often refers to safety. In the digital world, cybersecurity is typically the protection of data and sensitive information against potential breaches or leaks, often at the hands of cybercriminals or hackers. Security is the act of keeping your private information and data secure, and ensuring it is not accessed by any unauthorised sources. Cybersecurity can involve a number of tools and methods, including these:

安全涉及采取措施以避免危险、威胁或伤害。它通常指的是安全性。在数字世界中，网络安全通常是保护数据和敏感信息免受潜在的泄露或侵入，这往往是网络犯罪分子或黑客所为。安全是指保护您的私人信息和数据的安全，并确保这些信息和数据不会被任何未经授权的来源访问。网络安全可以涉及多种工具和方法，包括以下这些：

防火墙
网络限制
安全软件
用户认证
内部安全措施

—

安全保护的必要性

A new cyber attack starts every 40 seconds. Cybercrime is evolving at rapid rates, costing businesses and individuals billions of dollars and countless hours of hassles. The more advanced technology gets, the more reliant we are on it, and the more sophisticated cybercriminals become to attempt to access secure information. This makes security practices even more important. Security measures are necessary to protect sensitive data and personal information that is shared online and elsewhere. Our dependence and use of technology can make us vulnerable. Security is a vital means for keeping users safe and our information private.

每 40 秒就会有一次新的网络攻击。网络犯罪正以惊人的速度发展，给企业和个人带来了数十亿美元的损失和无数小时的困扰。技术越先进，我们对其依赖就越深，网络犯罪分子在试图获取敏感信息方面，也就变得越加老练。这使得安全实践变得更加重要。为了保护在线和其他渠道共享的敏感数据和个人信息，安全措施是必要的。我们对技术的依赖和使用可能会使我们变得脆弱。安全是保护用户安全和信息隐私的关键手段。

—

安全与隐私的差异

The main difference between privacy and security is that privacy involves how your data is used and controlled, while security protects this data. Security can exist without privacy, but the reverse is not true. Computer security and privacy are both equally important for managing personal and sensitive information and data. In general, privacy refers to details about you directly and how you wish to share them. Security keeps you safe from potential threats. Cybersecurity, therefore, involves securing data from unauthorised use or access. In terms of data, privacy refers directly to how companies are able to collect, manage, store, and control the use of data that you provide. Personal privacy has often been considered a luxury not available to everyone, while security has long been deemed essential. Public security has regularly been valued over privacy; however, a lack of personal privacy can become a public security issue. While different, security and privacy both need to be maintained.

隐私与安全之间的主要区别在于：隐私涉及您的数据如何被使用和控制，而安全则保护这些数据。

安全可以在没有隐私的情况下存在，但反过来则不然。

计算机安全和隐私对于管理和保护个人及敏感信息和数据都是同等重要的。一般来说，隐私指的是关于您本人的详细信息以及您希望如何分享这些信息。安全则使您免受潜在威胁。因此，网络安全涉及保护数据免遭未经授权的使用或访问。就数据而言，隐私直接关系到公司如何能够收集、管理、存储和控制您提供的数据的使用。个人隐私常常被视为并非每个人都能享有的奢侈品，而安全则长期以来被认为是必需的。

公共安全通常被赋予比隐私更高的价值，然而，缺乏个人隐私可能会成为一个公共安全问题。虽然有所不同，但安全和隐私都需要得到维护。

Rich people can afford their own high walls and closed doors. Privacy has long been a luxury, and it’s still often treated that way; a disposable asset, nice-to-have, not essential. Reinforcing that attitude is the fact that it’s surprisingly easy, even instinctive, for human beings to live in a small community — anything below Dunbar’s Number — with very little privacy. Even I, a card-carrying semi-misanthropic introvert, have done that for months at a stretch and found it unexpectedly, disconcertingly natural.

富人可以负担得起自己的高墙和紧闭的大门。隐私长期以来被视为一种奢侈品，并且仍然经常被这样对待。隐私被认为是一种可以随意处置的资产，有了固然好，但不是必不可少的。这种态度得到了加强，因为人类居住在一个小社区—— 任何低于邓巴数（Dunbar’s Number）规模的社区，几乎没有什么隐私，这是出奇地容易，甚至是出于本能的。

And so when technological security is treated as a trade-off between public security and privacy, as it almost always is these days, the primacy of the former is accepted. Consider the constant demands for “golden key” back doors so that governments can access encrypted phones which are “going dark.” Its opponents focus on the fact that such a system will inevitably be vulnerable to bad actors — hackers, stalkers, “evil maids.” Few dare suggest that, even if a perfect magical golden key with no vulnerabilities existed, one which could only be used by government officials within their official remit, the question of whether it should be implemented would still be morally complex.

因此，当技术安全被视为公共安全与隐私之间的权衡时，就像现在几乎总是那样，人们默认了公共安全的优先性。考虑一下政府不断要求设置“金钥匙”后门，以便能够访问加密手机中的“黑暗地带”。

反对者关注的重点在于这样的系统不可避免地会对不良行为者（如黑客、跟踪者、“邪恶女仆”等）开放漏洞。

很少有人敢提出，即使存在一个完美的魔法般的金色钥匙，没有任何漏洞，只能由政府官员在其官方职责范围内使用，是否应当实施这样的系统在道德上仍然是一个复杂的问题。

—

隐私与安全保护法律

There are several security and privacy compliance laws that exist to protect your data and personal information. Companies that are found to be noncompliant face large fines, suspension of business actions, and even potential prison terms. Privacy laws seek to manage sensitive information, while security compliance laws work to protect data. In the United States, more than 100 federal and state laws exist to protect data of US residents. Here are some examples:

有许多安全和隐私合规法律的存在旨在保护您的数据和个人信息。被发现不符合规定的公司可能会面临巨额罚款、业务活动暂停甚至潜在的监禁处罚。隐私法律旨在管理敏感信息，而安全合规法律则致力于保护数据。在美国，有超过 100 项联邦和州级法律存在以保护美国居民的数据，以下是一些例子：

《格拉姆-里奇-布利莱法案》（GLBA）：保护金融行业手中的信息
《公平信用报告法》（FCRA）：保护信用信息
《健康保险流通与责任法案》（HIPAA）：保护医疗保健提供者手中的信息
《家庭教育权利和隐私法案》（FERPA）：保护教育机构和机构手中的学生记录，并向授权的学生和家长提供访问权限

—

隐私与安全保护的建议

To help keep your information secure, you should protect your privacy and use security measures. Follow these tips:

为了帮助保护您的信息安全，您应该保护自己的隐私并采用安全措施。请遵循以下建议：

限制您的社交媒体曝光度，以及在线分享的数据。
在同意并接受条款之前，完整阅读组织的隐私政策。
保护好您的身份证号码，尽可能避免分发。
使用多因素认证登录安全网站。
安装并使用安全软件。
确保您的路由器安全，并使用防火墙。
考虑使用身份盗用保护服务。
对不同的网站和应用使用不同的密码。让每个密码足够复杂，或者考虑使用密码短语。

Once your data is online, it is no longer in your direct control. Be careful whom you share this information with. Be sure that you know exactly what they are collecting from you, how they intend to secure and protect your private information, and whom they are going to share this data with. Being informed and aware can help protect both your privacy and security.

一旦您的数据上线，就不再完全由您直接控制。小心选择与您分享这些信息的人。确保您确切知道他们从您那里收集了什么信息，他们打算如何保护您的私人信息，以及他们会与谁分享这些数据。保持知情和警觉有助于保护您的隐私和安全。