Every year on this day we celebrate Data Privacy Day, otherwise known as Data Protection Day in Europe. Starting first in Europe in 2007 and two years later in the US, Data Privacy Day commemorates the January 28, 1981 signing of the first legally binding international treaty created to deal with consumer privacy and data protection.
Raising awareness about the importance of online privacy and data protection is an enormous and very important undertaking. In its early days, Data Privacy Day focused on promoting the protection of personal information online. Since then the day has expanded its focus to advocate awareness for families, consumers and businesses.
Thinking back to life in 1981 (when fax machines were oh so cool), do you think people had any idea how life would change because of a little thing called the Internet? With the growth of social media, dating apps, online shopping and banking, cloud-hosted services and big data technologies, to say that our privacy landscape has changed would be an enormous understatement. The way we interact with people and data has radically changed, most of it for the good. But the message is clear: our information is everywhere, and if we’re not diligent about the way we use it, we could quickly find ourselves in deep trouble.
And it’s not just us as consumers who need to be careful. A lot of the personally identifiable information (PII) that we share with service providers, healthcare providers and social media networks, is stored on servers completely outside our control. Knowing how valuable that information can be, hackers and cyber criminals are constantly trying to find and exploit vulnerabilities with the simple goal of stealing and abusing our data.
Naturally, the organizations that store our information have a huge responsibility to prevent data breaches, and although many of them say that the data privacy of their customers is of ‘utmost importance,’ they don’t exactly have a stellar record. Most of them try to learn as much about us as they can, but just looking at some of the most prominent data breaches of 2019, shows that they often don’t live up to those goals. Being hacked is one thing, but issues like poor security, accidental data exposure and allowing insiders to steal data are unacceptable.
Thankfully, governments around the world have started taking consumer data protections more seriously by enacting laws such as General Data Protection Regulation (GDPR) in Europe, and more recently the California Consumer Privacy Act (CCPA) in the US. Other states are working on similar laws, while the UK is working on absorbing aspects of GDPR into its own domestic law framework for a post-Brexit world.
GDPR famously requires a company to report a breach within 72 hours or face a potentially heft fine. CCPA, on the other hand, doesn’t include the 72-hour requirement, but it does give consumers more power over how its data is used. For example, CCPA gives any California consumer the right to see all of the personal information that a company has saved about them. It also allows them to access a full list of any third parties who received their data. And, importantly, CCPA allows consumers to sue a company if the privacy guidelines have been violated, even if a data breach has not taken place.
So, on this Data Privacy Day, why not spend a few minutes checking the security settings on your computer. Change up your passwords (and never ever reuse passwords for work and private applications). One more tip: rethink whether you should store your address and credit card details on every retailer’s website after you purchase something online. Sure, it’s convenient, but is it really worth the added risk? I’d hazard a guess that the answer is ‘no’ most of the time.