Ahhhh…privacy. Your favorite flavor and mine. Well, at least it sounded good for a moment.
Typically, in these blogs I chat you up about traditional cybersecurity and keep you informed about cool and even some scary things out there pounding on your door. Privacy remains a huge part of our “cyber safety”. I’m not just talking about privacy of data at the office, but of your own, personal privacy information—any of it that is private to you.
Bad guys love it when they get their hands on it. It makes them an easy “buck” and they can use it as a bribery tool so long as it is valid. If you’ve ever been personally victimized by data breach, you know how painful it is initially and in the long term. The value of credit monitoring, the de-facto “gift” when a personal privacy data breach occurs does little to help, console a victim or address the underlying problem.
But really, is any data or information truly private anymore? It depends on what you read or who you ask. We saw some major changes this year surrounding personal privacy, so there is hope. In April, the European Union began enforcing a new regulation, the General Data Protection Regulation to protect EU citizens from privacy and data breaches. This affected many companies all over the world. California and Colorado both passed laws for privacy protections of consumer data. Sound like a trending topic? You better believe it. Canada has the Personal Information Protection and Electronic Documents Act governing use or disclosure of personal information in the course of a commercial activity. It’s a safe bet the United States and/or other individual states will eventually follow with equal or stricter regulation in the future.
As part of these laws, if entities do not make those key privacy investments when required, fines or other penalties can be imposed, or a nasty legal battle may even ensue. Laws such as the examples above hold government, people and other organizations to higher standards of consent and protection of our personal information. If you don’t know much about these, I recommend checking them out. They are there to protect you if you fall under their umbrella.
Think about the below privacy examples that could happen to any one of us:
- A marketing company captures and stores your facial features without your consent in a shopping center
- Your personal credit and sensitive financial information are stored and shared without your consent
- Your consumer purchases at an online retailer are being sold without your consent to another online retailer for marketing purposes
- A company that you authorized to store your personal privacy information was breached and did not notify you or report it to proper authorities
- Your location and passport number are tracked and stored without your consent
- An employment background check conducted for a job you did not accept was not destroyed and was retained without consent
- You give blood and your personal health profile based on that blood is shared with a third-party for results review without your consent
- A company is storing your information with your consent, but refuses to let you delete it and/or opt out later
Why am I telling you all of this? Honestly, many folks don’t understand the nature and depth of what is being collected about them and that they may have certain privacy rights under law or other regulation. As professionals, we are all charged with protecting data as we go about each day. Just as we are committed to the protection of this data at work, your own personal data should be equally important to you.
Take an opportunity to demand privacy and rise to meet your needs; specifically, around collection, use or disclosure. Learn your rights in your jurisdiction, share with others and read any fine print closely when it comes to it. Think about what’s private to you and insist it is protected by those we entrust with it.
Change the way you think about the privacy of your data and be a champion of that change. We can’t exactly jump off the privacy train, but we can fight with the law on our side. Wait….I want to jump off though!
Be safe out there.