Privacy, security, & anonymity are not the same things. While there is some cross over, they are not the same things. When a product or service is promising you privacy, they are not promising security or anonymity (and so on). It’s important to know the difference so that you have the correct expectations when seeking to protect them, & know what questions to ask to ensure you’re actually getting it.
Privacy has many meanings & for much of this explanation I will defer to the experts.
The most general definition is freedom from interference or intrusion, the right “to be let alone,” a formulation cited by Louis Brandeis & Samuel Warren in their groundbreaking 1890 paper on privacy – source.
However, when we’re speaking of informational privacy the definition narrows to speak specifically to the “information processing capabilities of computers”. For this definition I agree with James H. Moor, Professor of Intellectual & Moral Philosophy at Dartmouth College, that privacy is “the right to control of access to personal information.” He goes on to say:
First, it is about information. It focuses on the quest for knowledge about someone, rather than, say, physical proximity or constraint, or any other type of interference.
Second, it refers to personal information. The knowledge intended gives some access to the subject’s person, whether it is his or her identity, thoughts, aspirations, passions, habits, foibles or transgressions.
Third, the issue is one of control. It is not how much or how little is known about the subject, but whether the subject can choose how much of the information is revealed & to whom.
Finally, privacy is defined as a right. Within certain “domains,” as More puts it, the person’s control of personal information ought to be respected & protected.
It seems both domestic & international organizations & governments agree with these definitions, & that privacy is a fundamental human right.
In 1992, the United States ratified the International Covenant on Civil & Political Rights (ICCPR), a human rights treaty that guarantees privacy rights. More specifically, Article 17 of the ICCPR protects everyone from arbitrary or unlawful interferences with their “privacy, family, home, or correspondence.”
No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honor & reputation.
I could go on with more sources & definitions, but you get the picture. Privacy is about protecting your personal & identifying information, & the control you should have as a human right over who should be allowed to access, take, or use it.
Security is a lot easier. When we’re speaking of data & information, security is about the ability to keep information safe from alteration, misuse, & theft.
The state of being unknown, unacknowledged, & undiscoverable.
Why do you need to know this?
A violation of your privacy can lead to a security threat to your well-being physically, financially & many other ways.
A breach of your anonymity can lead to the discovery of your identity, which is a privacy risk.
A breach of information security can violate your privacy, make anonymity impossible, & threaten your physical security.
If you are being promised protection of any or all of these things you need to be able to ask the right questions to determine if you’re getting what was promised, or if they’re marketing BS to you that they have no ability to actually pull off. Knowing the difference can save you from making the mistake of expecting the wrong protection from the wrong resource.