Celebrating Awareness of the Importance of Data Privacy

Dayne Topkin via Unsplash

What is Data Privacy Day?

 
Everyday people put their personal information out to the world wide web, completely unaware of how it is being used, shared, or abused in the digital world. Data Privacy Day is an international event that happens every year on the 28th of January, to raise awareness and promote companies and individuals to adopt the best practises on data protection. 

Data Privacy Day helps spread awareness about online data abuse and the importance of its privacy, along with educating society on how to manage their personal information. Governments, Parliaments, National Data Protection bodies, and more carry out workshops, provide information and guide people about the rights to personal data protection and privacy. It also encourages existing businesses to respect data and be more clear and concise on their data collection protocols and use of consumer data. 

Data Privacy Day began in the United States and Canada in January 2008, branching off from the Council of Europe which decided on the 26th of April 2006 to launch a Data Protection Day to be celebrated on the 28th January. Data Protection Day commemorates the first legally binding international treaty dealing with privacy and data protection on January 28th, 1981, the signing of Convention 108. 

Convention 108 contains the basic foundation and principles of data protection, enforcing these same rules and regulations 22 years later. Convention 108 was used to build the pillars for the first European Union directive on data protection adopted in 1995, to which succeeded in 2018 the General Data Protection Regulation (GDPR). GDPR is one of the most solid privacy and security laws in the world. Although it was constructed and passed by the European Union (EU), it establishes and enforces obligations onto organisations anywhere, as long as they target or collect data related to people in the EU.

The Council of Europe has created a well-detailed guide for internet users, helping them to better understand their human rights online and what actions to take when these rights are challenged or violated. 

Why is Data Privacy important?

 
According to Pew Research, 81% of respondents feel as if they have little or no control over the data collected, and according to SalesForce, 46% of customers feel they’ve lost control over their own data.

In order for people to feel more protected, especially with the continuous growth of technology; there needs to be specific rules and regulations set in stone. Gaining people's trust is difficult, therefore more needs to be done in protecting data containing people's personal information. Giving individuals control over the data collected and making them aware of how the data is being used is the biggest step in gaining their trust. 

Losing trust in consumers is one of the biggest downfalls in every organisation, therefore implementing the most secure process whilst protecting the privacy of individuals is important.

Data Privacy vs Data Security

 
These two terms can look and sound similar, however, there is a clear distinction between them. 

Data Privacy primarily focuses on the rights of individuals, the use and processing of data collection, privacy preferences, and how an organisation stores and protects data all in accordance with the law. 

Data Security consists of a set of standards and different implementations an organisation is taking to prevent any data challenges or abuse by unauthorised third-party access. This includes access control, encryption, and security all enforced to prevent the exploitation of data. 

If an organisation has the toughest data security methods in place but has failed to collect the data on a lawful basis, regardless of the measures of security taken to protect the data, it is a violation of Data Privacy. This tells us that Data Security can exist without Data Privacy.

How to Protect Yourself

Dan Nelson via Unsplash

Individuals

 
Every button you click generates data, from your activities online, to your interests. There is personal data such as your emails, passwords, bank account details, social security number, and then there is also your physical data, such as how many steps you did in a day. It’s difficult to conceal your data when our lives revolve around technology and always wanting to buy new gadgets. 

It is your duty as an individual to understand and be selective on who you become a consumer for and how your data is handled. To manage your data better, follow these steps:

1. Read and understand the privacy tradeoff 

 
Many organisations ask you for your permission to access your personal information, for example, your location. They ask you this before you start to use their service, as this personal information is efficient data and has a lot of value to organisations. Some may even bribe you with incentives to share this personal information with discounted purchases or free access to their service. 
Weighing out the trust you have for an organisation and making an informed decision about whether or not you wish to share your personal information is important. For example, is the organisation asking a lot of personal questions, more than usual, or is the number of questions being asked weight up with the benefits you provided from them. 

2. Manage your privacy

 
Checking the privacy and security settings on web services and applications is a method that should be practised often. Adjusting the setting to your preference will give you a level of comfort when roaming through the web and using apps. 

3. Protecting your data

 
Using the same password for every account you have is one of the biggest mistakes to make. Once somebody hacks into one account, they have access to all your other accounts. Creating long, unique passwords and storing them safely using a YubiKey for example is the correct measure to ensure Data Security and Data Privacy. 

You can also use Multi-factor Authentication (MFA), which is an electronic authentication method in which users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone

Organisations

 
Organisations need to enforce more methods in gaining consumer trust. According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. 

Protecting consumers' privacy preferences is a beneficial strategy in gaining trust and building your reputation and potential growth in your business. To reap the benefits of this, follow these steps:

1. Follow the rules

 
If you handle small or large data, following the correct rules and regulations of privacy laws is imperative. Put in place security measures to maintain consumer privacy preferences whilst protecting them from unauthorised access. 

If you are not responsible for collecting the data but use the data, you are responsible for overseeing and understanding how the data was collected. 

2. Compliance framework

 
A compliance framework is a structured set of guidelines intended to help organisations identify and manage privacy risks. This allows organisations to build products and services whilst protecting individuals' privacy.

3. Educating

 
During the onboarding process of employment, it is your duty as an organisation to educate new and current employees on the company's privacy policy. If you guide employees to take the correct measures to keep themselves safe at home, they will practice these same security and privacy measures at work. Frequently asking the whole company to change their password after a set period of time and providing them with YubiKeys are examples of how to build a culture of privacy and security in the organisation. 

We are using and exchanging data more than we ever have. Technology is continuously evolving. People are freely entering their personal information online. There are more and more adversaries out there, waiting for their next opportunity to abuse someone’s personal information. It is your duty as an individual and an organisation to protect and safeguard personal data. 

 
 
Nisha Arya is a Data Scientist and freelance Technical writer. She is particularly interested in providing Data Science career advice or tutorials and theory based knowledge around Data Science. She also wishes to explore the different ways Artificial Intelligence is/can benefit the longevity of human life. A keen learner, seeking to broaden her tech knowledge and writing skills, whilst helping guide others.