We constantly hear that everything involving humans is relative and context-dependent. Naturally, this relativity and context-dependency governs not only our physical, but also our digital lives. Consider, for example, such phenomenon as privacy. Privacy in the physical and digital sense is perceived differently by the humans. Furthermore, it is not really clear what privacy is, as it not only means different things in different contexts, but also there is a considerable individual heterogeneity in privacy perceptions. In other words, exactly the same thing, say, video surveillance may be perceived perfectly normal in some contexts (e.g., many of us are OK with it in shops, airports, public transport), but not in others (many people would feel uncomfortable to be monitored 24-7).
The Seven Noses of Soho
There are interesting works of modern art displayed on the walls of buildings in Soho area at the London city centre. Labelled by the media as "the London Noses" or "the Seven Noses of Soho", they were created by the artist Rick Buckley in 1997 to highlight and raise awareness about the drawbacks of the “surveillance economy”. Each nose reproduces the artist's nose in plaster, which sticks out of the wall and focuses the viewer's attention on the CCTV cameras. The installation first appeared on the houses of Soho after the City of London installed surveillance cameras around the area. Rick Buckley wanted to show by this installation that the invasion into human privacy with 24-hour surveillance cameras is unacceptable. The installation is one of the most cherished and supported works of modern art in the contemporary London.
Picture Source: Wikipedia
Self-Promotion versus Fear of Mission Out
Let us think about this for a moment – on the one hand, we seem to care about physical surveillance, yet, digital surveillance does not seem to bother us quite as much. While we might be extremely sensitive about our pictures being taken in the street, we are willingly posting rather personal pictures on a wide variety of social networks such as Twitter, Facebook, and Instagram. Despite caring about personal privacy, social network site users may be motivated to disclose personal information as a part of their self-promotion. Yet, at the same time, frequent use of social network sites has been associated with cyber vulnerability, including incidents of data misuse, online harassment, and exposure to inappropriate content. Despite the potential risk, people continue to disclose confidential information on public social networks.
The frequent use of social network sites is usually liked with such behavioural phenomenon as the fear of missing out. The fear of missing out is “pervasive apprehension that others might be having rewarding experiences from which one is absent” and is reflected in the form of online self-promotion in actions of getting online friends and followers as well as in frequent information disclosure. Users experiencing the fear of missing out find themselves in a state of “self-regulatory limbo” investing significant time online building their identity through shared personal data. Research also suggests that being on a social network sites does not make the person directly vulnerable. Rather, vulnerability depends on how the user interacts with the social network sites and their vulnerability is highly dependent on practices such as self-disclosure and having a presence on many sites.
We also observe significant cultural differences in these perceptions. For example, the amount of digital surveillance in China is vast, yet, the population of China is willing to conform to this situation. It is also expected that Singapore will enhance its video surveillance in the next few years. However, it is hard to imagine the same to be the case in the countries of the European Union.
Digital versus Physical
It is not clear whether there is a link between psychological vulnerability and online vulnerability. However, experience of vulnerability online can have a negative impact on the psychological wellbeing of the user. Research also finds that increased use of social network sites is associated with greater anxiety in cyber spaces. All this suggests that social aspects have a direct impact on how individuals perceive and think about cybersecurity.
There are also different expectations with regard to responsibility for cybersecurity- related issues which are rooted in the social norms, which, again are highly relative. For example, it has emerged in April 2018 that Martin Lewis (the MoneySavingExpert owner) became a victim of an online fraud. Online fraudsters used his image to publish a large number of fake advertisements on Facebook. The advertisements invited people to click on links which were leading to malicious websites stealing personal and financial data from the victims, many of whom suffered financial losses. Despite multiple complaints from the victims and Martin Lewis, Facebook allegedly failed to timely take the fraudulent advertisements down. As a result, defamation charges were brought against Facebook by Martin Lewis and his brand. The charges eventually resulted in a settlement.
This relativity principle also affects what we think about cyber security policies and institutions. For example, there is a popular view that since we expect that the government should keep us safe in the physical spaces, it is also the responsibility of the government to keep us safe in the digital space. This, however, may not be feasible. The nature of issues which we face in the cyber security space can only be solved cooperatively. Effective communication and information sharing is necessary in order for us to be able to succeed against cyber criminals. And in this sense, cyber security is not only a matter of public and corporate responsibility, it is also a matter of personal responsibility.
Cyber security issues are difficult to solve not only because we face significant technical, human, and systemic challenges in the space. They also arise because many phenomena we are dealing with are relative, dynamic and context-dependent. Understanding how to deliver acceptable level of security, which would satisfy many heterogeneous perceptions is one of the most important tasks for the future.