Privacy and Security: Maintaining the Appropriate Balance

UK2 Group’s Director of Human Resources, Brian Chambers, talks about privacy and data protection…
Is your personal information secured and safe from the tens of thousands of online hackers and ‘bad guys’ around the globe looking to uncover your financial or banking information? Does the NSA and other government agencies from various countries pry into your personal lives through technology? How has our growing online world of communications and E Commerce impacted our lives as it relates to privacy and security? Are we better off with laws like the USA Patriot Act which was initiated in 2001 following the September 11th attacks, or the Foreign Intelligence Surveillance Act (FISA) of 1977? Or have we gone too far after the Edward Snowden disclosures? We know one thing for certain; the debate is wide spread with plenty of controversy and questions surrounding the role of government in protecting lives versus our personal privacy.
As an employee of a significant player in the in the Internet web hosting space, I have seen the transformation of privacy and security over the past 10 years. I have been personally involved with policy and procedural decisions relating to the protection of customers’ data. Companies are entrusted to maintain this important data, making commitments to their customers that they will do everything within their power to protect customers’ digitally stored assets. As with most Internet-based companies, we place the highest priority on the security and privacy of all our customers’ data. Simply stated, we do not share any subscriber information with any person unless they have authorized permissions through secure passwords and authentication. Physical addresses, email accounts, phone numbers, payment information and other account related information is kept securely within our internal system.  Maintaining secure systems is critical to the growth and stability of any organization, and helps to build trust with your customer base.
With privacy and security at the forefront of most business operations, it is not uncommon to receive subpoenas and court orders requesting subscriber information. These requests are generally submitted by authorized law enforcement agencies representing local, state and federal entities. Only under these unique circumstances, and upon careful evaluation of the validity of the subpoena or court order would a company representative be willing to provide requested customer data. Generally these requests are because of fraud, copyright infringement, child exploitation and other forms of criminal activity that result in law enforcement investigations. These requests are relatively infrequent and represent less than one percent of our company’s total customer base. Regardless of the number of requests, only under these special circumstances would an organization feel comfortable in providing customer data. The laws of our land and a sensitive moral compass help direct the policy implementation and administration within most organizations around the world.
In more recent years I have seen a direct and consistent link with the rise of terrorist activity and the focus of more court orders, subpoenas, national security letters and FISA requests that our organization receives. Privacy may at times need to be compromised when dealing with time sensitive national security alerts. Having developed professional and personal relationships with many law enforcement personnel, I better understand the world they work in. These trained and highly competent professionals are concerned about the safety and welfare of our communities, our friends, and family. Working for a hosting provider, if I can help protect the lives of others through our partnerships with law enforcement, I’m more than willing to promptly assist. In these uniquely critical situations, privacy takes a back seat.
There has also been a rise in online child exploitation. We have zero tolerance for individuals who abuse or exploit children. Our company acts expeditiously to remove pornographic images of children. If we are alerted of customers who are involved in such activity, we promptly work with law enforcement to help identify the individuals responsible for the child exploitation. Developing close partnerships with organizations such as the National Center for Missing and Exploited Children and the Internet Watch Foundation, we have the resources and information necessary to make important decisions regarding the accessibility of our customers’ data.
So, whether the NSA is spying on all of us or not, our commitment to our customers is that we will keep their information protected from the outside world to the very best of our abilities. We respect their privacy, and will work tirelessly to secure all of their data. Under no circumstances will we expose or make available this data unless proper channels are followed by law enforcement. Part of being good corporate citizens is understanding and knowing when to balance the privacy rights of our customers, and the protection of individuals from violent acts of crime and terror.