July 14, 2022
Rolling privacy into collaborative tools for online working
The rise in online working and collaboration wrought by the ongoing COVID-19 pandemic that started in 2020 continues apace. In parallel we see a rise in security issues surrounding the enabling technologies. A team from India describe an innovative framework for boosting privacy in online collaborations in the International Journal of Electronic Security and Digital Forensics.
Aashish Bhardwaj of the Guru Tegh Bahadur Institute of Technology in New Delhi and Vikas Kumar of the Central University of Haryana highlight the privacy features of commonly used online collaboration tools. They also look at the major privacy breaches and technological glitches that have occurred and the implications for users. In the wake of this examination, they have developed a privacy framework built on six important supporting points.
The first is that tools should be designed with user privacy at their core. Second, any tool must comply with privacy laws. Third, there must be strong access control. The tools must also have transparency. The fifth pillar of their framework is that users should be educated and made aware of the risks associated with the use of the technology. Finally, there should be in place, ethical contact tracing that allows follow-up following a breach that does not itself compromise user privacy. This user-centric approach means it can protect both the individual as well as the institutional user rather than it simply serving to protect the organizations hosting an online collaboration.
Online collaboration systems have served well in many ways during the pandemic and will continue to do so even as many people head back to the "offline" world. There are many privacy issues that have come to light with this new trust in online tools and these must be addressed urgently. The team suggests that careful software design built on their framework will allow developers to roll back privacy matters into the very core of the tools we use rather than relying on rules and enforcement after the fact.