It is not always clear how data is being used, collected, or shared in our digital society. Privacy policies are long legal documents not often read by consumers who have put their trust in companies to protect their data and identities. However more and more we find this trust may not be warranted—whether we’re thinking of the Equifax breach that compromised identity information of almost 146 million Americans or the Facebook and Cambridge Analytica scandal that resulted in 87 million people’s data to be improperly shared.
Privacy and security have become hot terms in today’s data driven society, but not everyone understands how these two related concepts differ. Simply put privacy is the legal right to manage data while security is the action of protecting that data.
Despite the very public nature of data breaches in the past, the world of privacy law is still in its infancy. In honor of Data Privacy Day (January 28), we’re sharing some of our best advice to take your privacy into your own hands.
Aren’t There Privacy Laws?
The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. GDPR was groundbreaking as it stated that the “protection of natural persons in relation to the processing of personal data is a fundamental right.”
While GDPR is a European law, many American companies that serve EU residents are still required to comply.
Constitutions in 11 states—Alaska, Arizona, California, Florida, Hawaii, Illinois, Louisiana, Montana, New Hampshire, South Carolina and Washington—have explicit provisions relating to a right to privacy. California has the most extensive privacy regulations thanks to the California Consumer Privacy Act (CCPA).
GDPR and CCPA are often seen as having the biggest impact on companies, but in reality they exist to protect individuals. Despite that, there is no federal law in the United States that guarantees citizens the right to privacy of personal data. So as Americans what can we do to ensure companies protect our personal data? The simple answer is: own your privacy!
Put your accounting on autopilot.
How to Own Your Own Privacy
Identity and data are increasingly intertwined, and while there may not be a federal law explicitly giving us the right to privacy, the truth is that in our digital society we are our data. We all should care for it as if it was our own person. This topic is quickly outgrowing the security and compliance industry, even will.i.am, musician and entrepreneur, has much to say on the subject even coining the term “idatity.”
While the debate over data protection is far from over, the following are simple tips on how to own your privacy—and to help your employees do the same.
- Personal information is like money. Value it. Protect it.
Give careful thought to how your personal information is collected through apps and websites.
- Share with care.
Think before posting about yourself and others online. Consider what a post reveals, who might see it and how it could be perceived now and in the future.
- Keep a clean machine.
Having the latest security software, web browser, operating system, and device is the best defense against viruses, malware, and other online threats.
- Privacy is good for business.
Help all employees understand the role they play in making sure privacy is achieved and maintained. Engage employees with initiatives such as lunch and learns, funny videos and competitions.
As with security, staying educated and aware is key. Data Privacy Day is an international effort held annually on Jan. 28 to create awareness about the importance of respecting privacy, safeguarding data and enabling trust. Data Privacy Day spotlights the value of information and how to “Own Your Privacy”.
For more information about Data Privacy Day, visit staysafeonline.org. And to read more on security and privacy on the ScaleFactor blog, check out our post on creating a security culture in your business.