Design document isn't precise about "Security" and "Privacy".
View options
In Tor Browser, we have a "Security" Slider and various "Privacy" features. But these words are not so easily distinguished. Maybe we could think of a better words?
In any case, we should defined the two concepts very clearly in the Design document, and we should make sure we don't mix them up. For example, section 2.1 is entitled "Security Requirements" but goes on to list what I would consider privacy properties and does not include the sort of security intended to be provided by the Slider.