Professionals working in privacy or security find their domains coming closer and closer together. Industry associations and their respective conferences – once focused solely on their own interests (for example, RSA for Security and IAPP for Privacy) – are now thoroughly interdisciplinary. The upcoming Privacy. Security. Risk. (PSR) 2015 conference, jointly run by IAPP and CSA Congress, is just the most recent example of the ways that security and privacy interests have aligned behind an increasingly unified approach to information protection.
Surely one of the drivers of this convergence is the Privacy by Design movement, which started in the 1990s and has since taken root in both the privacy and security communities. Privacy by Design is identified as a distinct school of thought with clear organizing principles (see here), while parallel “security by design” variants have evolved for designing security into applications. By 2013, Ann Cavoukian, founder of Privacy by Design, could claim with real authority that “the paradigms of privacy and security are converging…It is becoming widely recognized that privacy and security must both be embedded, by default, into the architecture, design and construction of information processes” (see here).