Roger Clarke's Web-Site

© Xamax Consultancy Pty Ltd,  1995-2024
Photo of Roger Clarke

Roger Clarke's 'Security 'vs.' Privacy'

Security vs. Privacy Trade-Off Considered Harmful

Notes of 7 January 2014

In preparation for a Panel on 'Security and Privacy: Beyond the Trade-Off Model', at CDPD in Brussels on 23 January 2014

Roger Clarke **

© Xamax Consultancy Pty Ltd, 2014

Available under an AEShareNet Free
for Education licence or a Creative Commons 'Some
Rights Reserved' licence.

This document is at

The 'security vs. privacy' rhetoric projects the notion that 'you can have security or privacy - choose one'. This is value-loaded polemic that has been foisted on civil society by national security extremists. So civil society should reject it.

An appropriate model distinguishes a number of different scope definitions for security discussions. The scope is defined in terms of:

I've given presentations in Copenhagen (2012) and Oxford (2013) on the topic, the second entitled 'Whose Security? The Politics of Alternative Scope Definitions'. The analysis is also outlined in a short piece about the process to produce a revised version of the OECD's Security Guidelines (2013b).

Adopting this approach, the argument can be mounted that:

  1. there are tensions among the alternative scope definitions
  2. all stakeholders' interests need to be represented
  3. no single alternative scope definition must be permitted to dominate
  4. a rational process is needed to achieve a suitable outcome, e.g.:
  5. a rational process has a set of characteristics. See APF (2013)

I've seen little in the literature that addresses this argument.

Fortunately, that is changing, because this Panel session comprises presentations from several research projects that are examining various aspects of the debate, through multiple case studies.


APF (2013) 'Meta-Principles for Privacy Protection', Australian Privacy Foundation, April 2013, at

Clarke R. (2012) 'Security, for Society: A View from the End of the World' Presentation to the Danish Council for Greater IT-Security and the Danish Society of Engineers (IDA), Copenhagen, 25 June 2012, Xamax Consultancy Pty Ltd, at

Clarke R. (2013a) 'Whose Security? The Politics of Alternative Scope Definitions' Presentation to the Oxford Cyber Security Centre, on 30 January 2013, Xamax Consultancy Pty Ltd, at

Clarke R. (2013b) 'Challenges Facing the OECD's Revised Security Guidelines' Draft for the Internet Technical Advisory Newsletter, Xamax Consultancy Pty Ltd, at

Author Affiliations

Roger Clarke is Principal of Xamax Consultancy Pty Ltd, Canberra. He is also a Visiting Professor in the Cyberspace Law & Policy Centre at the University of N.S.W., and a Visiting Professor in the Research School of Computer Science at the Australian National University. He has been on the Board of of the world's longest-serving privacy advocacy body, the Australian Privacy Foundation, since its foundation in 1987, including 7 years as Chair. He has been a member of the Privacy International Advisory Board since its inception in 2000. He is also Secretary of the Internet Society of Australia (ISOC-AU).

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 65 million in early 2021.

Sponsored by the Gallery, Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 7 January 2014 - Last Amended: 7 January 2014 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2022   -    Privacy Policy