Daren Glenister

Data Privacy Day (Cue The Parade)!

Data Privacy Day

On Sunday, January 28, the United States, Canada, India and 47 European countries will celebrate Data Privacy Day, an international day established to raise awareness of the importance of data protection and to promote privacy and data protection practices. But did you know that the roots of this day didn’t first grow in American soil? The Council of Europe initiated the first European Data Protection Day in 2007. Then, in 2009, the U.S. House of Representatives passed a vote declaring January 28 as National Data Privacy Day annually.

The point of Data Privacy Day is to make individuals and companies aware of who is holding personal data and what are they doing to protect it. For companies, it is an opportunity to promote trust between them and their customers to protect data at all times. While this day isn’t yet as well-known and celebrated as some other major holidays, the message behind it is strong: all business and customer data is important and must be protected.

How does Data Privacy Day affect individuals?

Most individuals aren’t aware of what personal data of theirs is being captured and how it’s being used. Data isn’t exclusive to what people are voluntarily sharing online through social media platforms like Facebook and Twitter. Organizations constantly gather data on their customers (i.e. their shopping habits, airline seating preferences, etc.) and their Personally Identifiable Information (PII) (i.e. social security numbers, tax filing and return information, and medical records) – all of which must be protected continuously.

We all click on User Licenses when we install software or check the mailing list button on a website, but how many of us really know what data is being held and how companies are using it? For individuals, Data Privacy Day is a way to educate everyone on taking responsibility for their own data.

Are there misconceptions about cloud-stored data?

Data Privacy Day

One big misconception is that data in the cloud is not secure. In most cases, data in the cloud is more secure than data outside of it. There is a massive, ongoing shortage of cyber and security resources worldwide so all/every resource available needs to be leveraged as part of an organizations’ security portfolio. Some cloud vendors have the security resources that many IT departments don’t have or can’t afford, creating an extra layer of security to protect the data. That said, not all cloud vendors are created the same, so due diligence needs to be performed.

How can cloud providers make sure data stays safe?

With the onset of General Data Protection Regulation (GDPR) in May 2018, organizations that conduct business in Europe have to take a serious look at how they protect PII and how well that data is secured. They are also required to gain permissions before using data for purposes other than the original intent. As a result, many organizations will have to provide more information about what data they hold and how they protect it.

GDPR will force organizations to enact several improvements in the coming months, including:

  • Understanding where PII data is held, how is it processed, how it is protected, and who has access to it
  • Encryption of data in all stages (at rest, in use, and in transit)
  • Revising internal processes to protect who has access to PII data within a company and ensure it is on a “need to know” basis
  • Revising current data retention policies to ensure only the data needed is stored
  • Implementing the ability for a customer to be forgotten. This will be a major undertaking for most companies but will result in substantial fines for organizations found in breach of GDPR.
  • Providing customer service capabilities to respond to customers who call to ask about their data or to be forgotten. This will be a major cost for companies going forward.

Any recommendations for anyone worried about data privacy and safety?

If you’re worried about your data (what’s being held and how it’s protected), you should first contact the vendor holding the data to ask what is being held. Then, take steps when providing your data either in-person or online – make sure you understand what data is being captured and how it is being used. We don’t have to become lawyers and read every contract, but at least be aware of the collection statements when entering data. When you have to provide data, be careful about what you opt to share and – if possible – share the minimum.

Thoughts on Data Privacy Day

Data Privacy Day is a great awareness tool and sparks much needed conversations both for individuals and organizations. Educating individuals and organizations on how to protect data is the first step in the battle for data privacy. The true data privacy lessons will come from enforcing regulations such as GDPR or when organizations attacked by cyber criminals quickly take action to fix the lack of data security practices. We need to take responsibility as individuals to protect our data. For those of us in IT, we need to think data protection in all that we do.

By Daren Glenister

Daren Glenister

Daren is the Field Chief Technology Officer for Intralinks. Daren serves as a customer advocate, working with enterprise organizations to evangelize data collaboration solutions and translate customer business challenges into product requirements.

Glenister brings more than 20 years of industry experience and leadership in security, compliance, secure collaboration and enterprise software, having worked with many Fortune 1000 companies to turn business challenges into real-world solutions.

View Website
Bryan Doerr

Cyber-Threats and the Need for Secure Industrial Control Systems

Secure Industrial Control Systems (ICS) Industrial Control Systems (ICS) tend to be “out of sight, out of mind.” These systems ...
Six Major Data Breach Trends From 2017

Six Major Data Breach Trends From 2017

Major Data Breach Trends It seems like the moment the security industry collectively comes to grips with the latest publicly ...
Cloud Services Are Vulnerable Without End-To-End Encryption

Cloud Services Are Vulnerable Without End-To-End Encryption

End-To-End Encryption The growth of cloud services has been one of the most disruptive phenomena of the Internet era.  However, ...
4 Open Source Business Intelligence Tools For Big Data Reporting

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
Mobile Data Traffic Explosion: Explore IoT, 5G, & VR Opportunities

Mobile Data Traffic Explosion: Explore IoT, 5G, & VR Opportunities

Mobile Data Traffic Explosion The technology revolution of the 21st Century has opened the avenues towards many possibilities. We now ...
Millennials’ Video Obsession

Millennials’ Video Obsession Is Transforming Your Office: Are You Adapting?

Millennials’ Video Obsession In 2016, millennials surpassed the Baby Boomers as the largest generation in American history. As they continue ...
Max Contributor

Cloud and the Convenience Solution

Cloud Mobility Buying a new phone is always an exciting endeavour. Whether you had just broken your phone (ouch) or ...
Opportunities and Pitfalls When Hiring a Chief Data Officer

Opportunities and Pitfalls When Hiring a Chief Data Officer

The Chief Data Officer As part of their digital roadmap, organizations are increasingly taking advantage of big data and making ...
Data Catalog: Enabling Self-Service Analytics

Data Catalog: Enabling Self-Service Analytics

Enabling Self-Service Analytics A Chinese proverb says, “The best time to plant a tree was 20 years ago; the second-best ...
The Path Of Cloud Computing Is Paved With Collaboration

The Path Of Cloud Computing Is Paved With Collaboration

Cloud Computing Collaboration Cloud computing ushers in a new age of collaboration, one that allows an organization to excel at ...