Do you really know how your personal information is being collected, shared, and used (or misused) on the internet? While there’s a growing awareness that we need to keep our data private in the U.S. — according to a May 2022 Ipsos survey, an overwhelming majority (84%) of Americans say that they are at least somewhat concerned about the safety and privacy of the personal data that they provide on the internet — many people still underestimate how valuable their personal data is. But the bottom line is that individuals and companies should still be proactive in practicing data protection.
Data Privacy Day was established in 2008 to commemorate the first legally binding international treaty regarding privacy and data protection (Convention 108, signed in 1981). In the European Union, the occasion is called Data Protection Day. Taking place every January 28, it’s an annual call to action for more intelligent and responsible management of personal data.
Data privacy defined
Data privacy involves complying while handling sensitive data through consent, notice and regulatory obligations, while being transparent about how data is shared with third parties and how data is legally collected and stored.
While personal data can provide businesses with insight into their customers’ buying habits, it also provides cybercriminals with the tools needed to commit identity theft, fraud and other crimes. Data privacy is also critical to organizations looking to protect their proprietary research and business-critical data.
Data Privacy Day seeks to educate both individuals and companies on the value of controlling who has access, visibility, and control of their data — sharing the skills needed for smarter data protection.
Data privacy’s growing importance
Threats to data privacy are ubiquitous nowadays, and everyone should be aware of them. However, it may be deemed especially critical for companies regularly handling and storing customer data. In the last 10 years, we’ve seen countless companies lose the trust of their customers after falling victim to data breaches. From Yahoo to Target, each of these companies has experienced devastating backlash from careless mismanagement of personal data, resulting in millions of dollars in damages.
Worse than the financial damage, these companies faced a crippling blow to their reputation. And in the wake of these breaches, executives are more frequently being held personally responsible if their data protection strategy is found lacking. In fact, a recent survey found that this is probably why more than 60% of Americans blame companies instead of hackers when a data breach occurs.
Data privacy regulations increasing
Over the past several years, regulatory restrictions have been promulgated to hold organizations of all kinds accountable in their collection, handling, and protection of customer data: the two most notable examples being the General Data Protection Regulation (GDPR) in the E.U. and the California Consumer Privacy Act (CCPA) in California. Others include the Health Insurance Portability and Accountability Act (HIPAA), the Graham-Leach-Bliley Act (GLBA), and the Federal Information Security Management Act (FISMA).
HIPAA is a law that protects sensitive patient healthcare information by specifying how healthcare providers must secure such data against fraud and theft. The law also sets limits on how organizations can use or disclose protected health information.
GLBA applies to financial institutions and sets out responsibilities and standards to protect the confidentiality and security of consumers’ nonpublic personal information. And FISMA requires federal agencies to develop, document and implement an agency-wide program that provides information security.
And in July 2022, the American Data Privacy and Protection Act (ADPPA) was working its way through the U.S. House of Representatives. It’s an omnibus federal privacy bill that, if enacted, could dramatically increase oversight of how companies use artificial intelligence (“AI”) in their businesses.
Dating from 2018, the GDPR is dedicated to data privacy and protection in the European Union — focusing on the transfer of personal data outside of the E.U. and EEA areas. And the CCPA — which also took effect in 2018 — seeks to provide California residents with information about which personal data is being collected and sold, and for them not to face discrimination for exercising their privacy rights.
These regulations all speak to a heightened awareness by consumers about the necessity to protect their proprietary data. Because according to a 2022 report by LXA:
· 84% of respondents indicated that they care about privacy, care for their own data, care about the data of other members of society, and they want more control over how their data is being used.
· 48% indicated they already switched companies or providers because of their data policies or data-sharing practices.
· 79% of respondents said they are very or somewhat concerned about how companies are using the data they collect about them.
· 64% say they have the same level of concern about government data collection.
· 81% of respondents feel as if they have little or no control over the data collected.
· 46% of customers feel they’ve lost control over their own data.
· 43% of all respondents don’t believe they can adequately protect their personal data today.
· 93% of Americans considered it important to be able to control who could access their personal data.
A #CyberFit strategy for everyone’s data privacy
Looking to 2023 and beyond, a leading strategy in private data security has emerged in the form of comprehensive cyber protection, which helps businesses and individuals in their efforts to become #CyberFit, which in turn will make them resilient in various attempts to compromise their data privacy.
This strategy is certainly more complicated than it was a decade ago, so adapting to new privacy challenges requires a 360-degree approach. Ensuring data privacy is one of the five vectors of cyber protection identified by Acronis, complemented by safety, accessibility, authenticity and security of data, applications and systems.
Designed to address all five of these key vectors, Acronis cyber protection solutions can meet the needs of businesses and individuals, as well as the service providers who deliver critical IT solutions to both groups.
Today’s Data Privacy Day / Data Protection Day serves as an opportunity for us to emphasize the importance of data privacy and the need for transparency in how that data is stored and protected. It’s a moment for us to reevaluate how we’ve been collecting, sharing, and using data — and find new, better pathways toward keeping that valuable data from being exploited, misused, or lost.