Today is Data Privacy Day – An annual day with a focus on raising awareness of best practices for keeping personal data private and confidential along with the techniques and tools that can be adopted by all individuals to better protect them against data theft, identity theft, and other types of fraud.
Data Privacy Day – January 28 – started as Data Protection Day in 2006 and was initiated by the Council of Europe. Two years later, the reach of Data Protection Day was extended to the US and Canada when Data PRotection Day started to be observed as Data Privacy Day. Data Privacy Day was made official by the U.S. House of Representatives in 2009, and by the U.S. Congress in 2014. Data Privacy Day is organized by the National Cybersecurity Alliance and is on January 28 each year. This year, for the first time, Data Privacy Day was turned into a weeklong initiative, running from January 24-28.
Steps Individuals Can Take to Ensure the Privacy of Their Personal Data
Anyone who ventures online generates a data trail, whether that is through engaging with websites, companies, social media networks, or simply surfing the web. Most sites want visitors to create accounts, as the data collected can be extremely valuable. Many businesses are able to provide services for free in exchange for personal data. Facebook is a prime example. It is important to consider the information is being collected and used by a company, and then make an informed decision about whether the service being offered in exchange for access to personal data is a fair trade.
Usage of apps and accounts will vary over time, and privacy policies can change. Data Privacy Day is a good day to check the settings of accounts and apps and review whether the deal is still fair. Bear in mind that when an app is downloaded onto a personal device and permissions are granted, those permissions will continue to apply even if the app is no longer used. The app may continue to collect personal data and the data may still be sold to third parties. It is always a good idea to uninstall any apps that are no longer in use. The National Cybersecurity Alliance has a good resource to help individuals manage their privacy settings across their accounts and apps. – You can find it here.
It is also important to ensure that personal data are protected. Should cybercriminals gain access to your personal data, they can use the information to hijack accounts, steal identifies, and commit fraud. Most accounts are protected by passwords, which are all that stand between a cybercriminal and your data. It is therefore vital to set strong passwords that cannot easily be guessed and to use a unique password for every account. Passwords should be at least 8 characters and should include a combination of upper- and lower-case letters, numbers, and symbols to make them harder to guess.
Since that makes passwords hard to remember, you should consider using a password manager. A password manager encrypts passwords and stores them securely in a vault to prevent unauthorized access. Password managers have strong password generators, which generate complex, unique passwords for all accounts. Those passwords never need to be remembered as they will be auto-filled whenever you visit the appropriate online resource. All you need to do is set a long, complex master password for your password vault. A long passphrase is best for security and will also be easy to remember. You can make a passphrase out of three or four random words, just ensure that the passphrase is over 12 characters in length. Password managers are low-cost solutions, generally costing a few dollars a month, although vendors such as Bitwarden offer a free version of their product. According to Bitwarden, “The Bitwarden password manager has been developed to empower individuals to take responsibility for online security the year-round with tools such as Personal Vaults, end-to-end encryption, and secure text and file sharing.”
In addition to using a password manager, it is important to set up 2-factor or multifactor authentication for all accounts. In the event of a password being compromised, a second factor must be provided before access to the account is granted. While it can make the logging-in process a little longer, it is important for security. Microsoft says multifactor authentication blocks 99.9% of automated attacks on accounts.
Steps Businesses Should Take to Improve Privacy and Security
Data Privacy Day is not only focused on raising awareness of the best practices that individuals can adopt to better protect their privacy. Businesses are also encouraged to take steps to ensure they implement the appropriate tools to protect the privacy of customers online and to be more transparent about how they collect and use their customers’ data.
The Pew Research Center recently reported 79% of adults in the United States were concerned about how their personal data were being used by companies. Being transparent about how customers’ personal data are collected and used helps to build trust with customers and can enhance the reputation of a business. Businesses are encouraged to think about how their customers would view the collection and use of their data, and ensure settings are implemented to protect their information by default. Customers want to know what steps are being taken to protect their privacy and that the companies they do business with are committed to keeping data private and confidential. Businesses should ensure they communicate clearly and concisely the steps they are taking to achieve and maintain privacy.
One of the most important steps for businesses to take is to conduct an assessment of their data collection practices and ensure they are fully compliant with the data privacy and protection laws in the countries where they do business. If a business engages vendors that are provided with access to customer data in order to provide services, businesses should have oversight of those vendors and ensure they too have adopted best practices to protect customer privacy and keep data secure.
It is also important to educate the workforce about data privacy and security and teach all employees about the role they must play in ensuring the privacy and security of data, and how privacy and data security applies to their daily duties.