When the question, “What privacy concerns do you deal with-and how do you combat them?” was posted on the CSI Connect Community page, some construction industry professionals asked if privacy even exists in today’s digital age.
Here is what they had to say:
There's virtually no such thing as ‘privacy issues’ in public work, as most documents are a matter of public record. Of course, such concerns do not apply to private work.
Regarding keeping correspondence ‘confidential,’ the only way one can truly do that is to clearly label it ‘privileged and confidential,’ address it to one’s attorney, then maintain the confidentiality. If you label it and do it right, it invokes attorney-client privilege. However, the laws and regulations governing this vary.
Kevin O'Beirne, PE, FCSI, CCS, CCCA
Rather than listing all my concerns, I’ll list security issues I’d like to talk about with more focus.
- Having data in the cloud—everyone does, and some argue our data is safer in well-managed cloud services than it is in our own office.
- Security requirements for nondisclosure agreement clients—cyberinsurance, keeping our work on our office server with good security software and a hardware firewall.
- Security and sharing requirements for our specification software vendor—negotiations continue. Our goal is to be able to collaboratively share with our project teams and tightly control the sharing. Right now, this is our biggest problem.
- Phishing—hang up, report, contact the ostensible sender, vendor or service directly if we’re not sure. This is a bigger problem for my chapter than it is for my small office.
- Kaspersky—not currently a problem because we don’t have any US federal contracts ongoing. But if we were to engage in another one, we'd have to change our security software now that the US government has specifically disallowed it on their work.
- Nondisclosure agreements, part 2: who gets to talk about what, when?—I communicate to my project teams which projects are under NDA, and we let the architect or the owner handle any disclosure to vendors and technical reps.
Email is skywriting. The Internet is forever. Privacy is an illusion.
Cam Featherstonhaugh CSI, CDT, AIA
Here's my take on this issue:
- Privacy is NOT an illusion. We just have the wrong idea of what it is.
- Privacy is not about keeping information from being viewed, it's about tracking who is viewing it and what they are doing with it.
- This correlates well with the 3rd bullet point from Vivian Volz: “Security and sharing requirements for our specification software vendor—negotiations continue. Our goal is to be able to collaborativelyshare with our project teams and tightly control the sharing.”
This suggests we want collaboration, only if we can tightly control who is using our information and control how they are allowed to use it. I think we should only track how it is being used.
Amy Haynes CSI, CDT
Ninety-five percent or more of my correspondence is useless to anyone. The few items that might be useful to someone with bad intentions are buried so deep it would be very hard to find and recognize.
I try to be aware of sensitive correspondence and either mail it or convert it to a phone call.
Joe LoBasso MBA, CSI, CDT, AIA