Time to Focus on Privacy Every Day

This week January 28 was recognized around the world at International Data Privacy Day. Data Privacy Day is the perfect time to think about all things privacy. For example, consider all the computing devices and gadgets you use, including smartphones and tablets.  Many folks don’t realize these devices are continually collecting personal information about the user, such as where you work or attend school, travel, shop … and the list goes on. Everyone should be aware of the information they are putting out there and the data being collected without their knowledge or consent. 

We truly are in a new and expanding ‘Internet of Things’ where numerous amounts of data are being collected every day. All individuals, businesses and government organizations should make privacy a priority by being educated about new, expanding data collection points and put appropriate protections in place to protect personal information.

So, what did you do to raise awareness about privacy issues on Data Privacy Day? What are you going to do next year? It’s never too early to start planning; we should be thinking about privacy during our daily lives whenever personal information and personal activities are involved. Let me give you some ideas.

Official Iowa proclamations

I was very happy that Gov. Terry Branstad once more proclaimed Tuesday, January 28, 2014, as the fifth annual Data Privacy Day in the state of Iowa to coincide with International Data Privacy Day. Since I submitted the request for this day I was grateful to get the actual official proclamation document, on parchment paper and an awesome gold seal, shown below.

January 28 2014 Iowa Data Privacy Day Official Proclamation

Does your state officially recognize January 28 as Data Privacy Day? If not, this would be a great way for your organization to show your sincere dedication to privacy; by getting your state, province or country leader to officially make a proclamation for the day.

For consumers

All consumers should ensure they aren’t giving away too much information when their personal data is collected, and they have the right to demand that the entities collecting their information are protecting it and using it properly. Ask the businesses and organizations that collect information from and about you how they are protecting that information. It is your privacy that they will impact if they do not appropriate safeguard your information, and if they use the information in unethical (even if legal) ways.

Three things

In honor of Data Privacy Day this week, here are three action items to protect the privacy of consumers and businesses from the data collected within the ‘Internet of Things.’

1)    Nothing is truly free, including mobile apps. Be aware of the personal information you provide mobile app providers. Today, the federal government doesn’t govern the security and privacy of mobile apps. Thus, many free apps sell your information to a wide range of companies, some of which may have malicious intents. The recent Snapchat security breach is an example of how a mobile app developer approaches privacy after it was hacked and users’ information was stolen and published. Consumers must be careful of the information shared on mobile apps and demand these developers setup stronger security and privacy provisions to protect their users. In the meantime, be wary of mobile apps, especially ones that are new to the marketplace.

2)    Be cautious with new “smart” devices. A wide range of new and unique gadgets — from socks and tooth brushes, to glasses to watches to smart cars — connect you directly to other entities (and even to the Internet) to share information about your activities, location and personal characteristics. Before using such devices, make sure you know which data they are collecting, how it will be used and with whom it will be shared. One very important tip is to be sure you can turn off data sharing. Some of these devices begin collecting data continuously from the time you start using them and cannot be turned off. Watch for these circumstances, so you can avoid them.

3)    Only share personal information with trusted sources. Personal information should only be shared when it supports the original purpose presented at the time it was collected. Be extra careful not to share more sensitive personal information, such as social security numbers, credit card numbers and driver’s license numbers. The entities asking for the information need to include information about the purpose in their service and product requirements. This is often also found in their posted privacy notices. If they don’t have a posted privacy notice, users should steer clear of them. Consumers should also ask the entities with whom they share their data about the choices they have in how their personal information is used and shared.

Some other ideas

Here are a few additional things I did to help raise the awareness of Data Privacy Day for this year:

  • Created an infographic to show just a few of the many ways in which people give away personal data throughout the day.

 Herold Tracked Throughout Day Infographic

 Security Search

Here are some other ideas for you to consider for the next Data Privacy Day:

  • Post a message to your organization’s intranet site on January 28 letting your personnel know it is Data Privacy Day.
  • Offer to give a short talk or presentation at your child’s school, your neighborhood association, your local philanthropic organizations (e.g., Lion’s club, Kiwanis, etc.), your local ISACA, ISSA, Infragard, IAPP, or other professional organization, about privacy.
  • Pass around a good article about privacy to your personnel, to your friends and family, and/or to your membership organizations. There are many out there to choose from.
  • Arrange a lunch-time event about privacy at your organization. Some of the things you could do include:

–       Give a short presentation

–       Show a film about privacy. There are many options to choose from! PBS has shown some great programs on privacy. Check your library, also. It would cost your organization nothing to check out a film for the day to show to your personnel. Here is a list of other possibilities I provided a few years ago.

–       Hold a trivia game about privacy

–       Arrange an exhibit and provide a table with various privacy tools, such as privacy screen filters, self-encrypting USB drives, etc. and answer questions people may have about them

  • Do a podcast about a privacy incident you were involved with or are concerned about. Share your viewpoints!
  • Film a short video discussing a privacy incident or topic of concern.
  • Infinitely more possibilities…

Bottom line for organizations of all sizes…

Every business, of any size, in any location, that collects, processes, stores or otherwise accesses information from people need to implement appropriate safeguards to protect that information, throughout its entire lifecycle.  Data Privacy Day, January 28, is a good day (along with all other days during the year) to consider privacy, and all the ways in which you can help to make privacy a priority in your organization.

Drop me a line (rebeccaherold@rebeccaherold.com) and let me know what you did, or if you need help with planning for next year!

 IBM



tumblr visitor

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Leave a Reply