It’s time to celebrate Data Privacy Week 2022

In 2006, the Council of Europe started “Data Protection Day” that was to be celebrated yearly on January 28.

“Data Privacy Day” was initiated in Canada and the United States in 2008 as an extension of Europe’s Data Protection Day, which commemorates the signing of Convention 108 (the first legally binding international agreement related to privacy and data protection) in 1981.

This year, the National Cybersecurity Alliance (NCA) is expanding Data Privacy Day into “Data Privacy Week”, making it a week-long initiative.

• Microsoft experienced a data breach that leaked 250 million entries that included IP addresses and email addresses.
• Video-conferencing tools like Zoom couldn’t cope with a high volume of new customers, and they couldn’t bulletproof their software in a short time. Therefore, the company had to suffer from Zoombombing.
• Facebook integrated into WhatsApp and changed the app’s Privacy Policy. Now, people are jumping ship under the false belief that a messaging app that they have been using for years is no longer end-to-end encrypted.
• Hackers stole and led data of 1,000 high-profile police officers in Belarus to prevent the crackdown against a group of protestors.
• FireEye, a renowned security firm, ironically experienced a cyberattack and lost crucial hacking tools. Most cybersecurity experts called it a nation-level attack.
• The list goes on and on.

Understand the privacy vs convenience tradeoff:

Many accounts require access to personal information like your contacts list or geographical location before you even use them. It’s critical that you make educated decisions about whether or not to share your data with certain companies.

This can be done by considering the amount of data they’re asking for and weighing it against the benefits you might receive in return. Plus, you need to check if the information being asked for is relevant to the services they’re offering.

Use privacy and security settings:

It’s important that you review the privacy and security settings on apps and web services and adjust them to your level of comfort for data sharing. Each device, application, or browser you use will have its own set of features for limiting how and whom you share information with.

Safeguard your data:

Data privacy and security are closely associated with each other. Here are some tips to keep your data protected:

• Create long and unique passwords for each device and account
• Save all your passwords in a password manager tool
• Perform browser and software updates as soon as they’re available
• Enable multi-factor authentication wherever possible
• Use a virtual private network on public WiFi networks

Assess data collection practices:

Review your data collection practices. Understand which privacy rules and regulations apply to your firm, regardless of whether you’re operating globally, nationally, or locally. Take reasonable security precautions to protect individuals’ personal information from unauthorised and improper access.

Also, it’s important that the personal information you gather is processed fairly and only collected for legitimate and relevant purposes. Don’t forget to keep an eye on your partners and vendors as well.

Use a privacy framework:

By researching and adopting a privacy framework, not only can you manage risk but also encourage a culture of privacy in your organization. Some frameworks worth checking out include ISO/IEC 27701 – International Standard for Privacy Information Management, NIST Privacy Framework, and AICPA Privacy Management Framework.

Teach employees:

Build a culture of privacy in your organization by educating employees about their and your business’ responsibility to protect personal information. This can be done by asking employees to familiarize themselves with your company’s privacy policy and teaching them how to update their security and privacy settings on personal and work accounts, among other things.