Data Privacy Week

January 21-27, 2024 is Data Privacy Week!

What is Data Privacy Week?

Data Privacy Week is an annual campaign to spread awareness about data privacy and educate individuals on how to secure their personal information. It also emphasizes educating businesses on data collection best practices that respect data privacy and promoting transparency.

The National Cybersecurity Alliance (NCSA) expanded the Data Privacy Day campaign into a full week-long campaign. Data Privacy Day began in the United States and Canada in January 2008 as an extension of Data Protection Day in Europe. Data Protection Day commemorates the Jan. 28, 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

This year’s theme is “Take Control of Your Data”.

Take Control of Your Data

Your online activity creates a treasure trove of data. This data ranges from your interests and purchases to your online behaviors, and it is collected by websites, apps, devices, services, and companies all around the globe. This data can even include information about your physical self, like health data – think about how an app on your phone might count how many steps you take.

You cannot control how each little piece of data about you and your family is collected. However, you still have a right to data privacy. You can help manage your data with a few repeatable behaviors. Your data is valuable and you deserve to have a say!

FAST FACTS:

92% of organizations say they need to be doing more to protect their customers’ data (Cisco)
45% of consumers are not confident that their personal data, such as social security numbers, health history and financial information, is private and not distributed without their knowledge (Consumer Reports)
94% of businesses say their customers won’t buy from them if their data is not protected. (Cisco)
Only about 33% of consumers believe that companies are currently using their data responsibly (McKinsey)
Personal customer information (such as name, email, and password) is included in 44% of data breaches. (IBM)

Here are some simple steps for individuals and organizations that will help you manage your personal information and make informed decisions about who receives your data:

FOR INDIVIDUALS

FOR INDIVIDUALS – DATA: THE STORY OF YOU

All your online activity generates a trail of data. Websites, apps, and services collect data on your behaviors, interests, and purchases. Sometimes, this includes personal data, like your Social Security and driver’s license numbers. It can even include data about your physical self, like health data – think about how a smartwatch counts and records how many steps you take.

While it’s true that you cannot control how each byte of data about you and your family is shared and processed, you are not helpless! In many cases, you can control how you share your data with a few simple steps. Remember, your data is precious, and you deserve to be selective about who you share it with!

Here are some simple, easy tips that will help you manage your data privacy:

KNOW THE TRADEOFF BETWEEN PRIVACY AND CONVENIENCE
Nowadays, when you download a new app, open a new online account, or join a new social media platform, you will often be asked for access to your personal information before you can even use it! This data might include your geographic location, contacts, and photos.

For these businesses, this personal information about you is tremendously valuable — and you should think about if the service you get in return is worth the data you must hand over, even if the service is free.

Make informed decisions about sharing your data with businesses or services:

Is the service, app, or game worth the amount or type of personal data they want in return?
Can you control your data privacy and still use the service?
Is the data requested even relevant for the app or service (that is, “why does a Solitaire game need to know all my contacts”)?
If you haven’t used an app, service, or account in several months, is it worth keeping around knowing that it might be collecting and sharing your data?

ADJUST THE SETTINGS TO YOUR COMFORT LEVEL
For every app, account, or device, check the privacy and security settings. These should be easy to find in a Settings section and should take a few moments to change. Set them to your comfort level for personal information sharing; generally, we think it’s wise to lean on the side of sharing less data, not more.

You don’t have to do this for every account at once, start small and over time you’ll make a habit of adjusting all your settings to your comfort. We have indepth, free resources like our Manage Your Privacy Settings page that lets you check the settings of social media accounts, retail stores, apps and more.

PROTECT YOUR DATA
Data privacy and data security go hand-in-hand. Along with managing your data privacy settings, follow some simple cybersecurity tips to keep it safe. We recommend following the Core 4:
- Create long (at least 12 characters), unique passwords for each account and device. Use a password manager to store each password –
  maintaining dozens of passwords securely is now easier than ever.
- Turn on multi-factor authentication (MFA) wherever it is permitted – this keeps your data safe even if your password is compromised.
- Turn on automatic device, software, and browser updates, or make sure you install updates as soon as they are available.
- Learn how to identify phishing messages, which can be sent as emails, texts, or direct messages.

FOR ORGANIZATIONS

FOR ORGANIZATIONS – RESPECT PRIVACY

Respecting the privacy of your customers, staff, and all other stakeholders is critical for inspiring trust and enhancing reputation. According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. By being open about how you use data and respecting privacy, you can stand out from your competition.

Be transparent about how you collect, use, and share consumers’ personal information. Think about how the consumer may expect their data to be used.
Design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization, as well as the steps you take to achieve and maintain privacy.

Here are a few steps toward building a culture of respecting data at your organization:

CONDUCT AN ASSESSMENT
Assess your data collection practices. Understand which privacy laws apply to your business, and remember you will have to think about local, national, and global regulations.

- Generate and follow security measures to keep individuals’ personal information safe from unauthorized access
- Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes
- Don’t forget to maintain oversight of partners and vendors as well — if another organization provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information

ADOPT A PRIVACY FRAMEWORK
Research how a privacy framework can work for you. A privacy framework can help you manage risk and create a culture of privacy in your organization. It is a way to build privacy into your organization’s foundation. Get started by checking out the following frameworks:

EDUCATE EMPLOYEES
Your employees are the frontlines toward protecting all the data your organization collects. Create a culture of privacy in your organization by educating your employees of their and your organization’s obligations to protecting personal information.

Additional Information and Resources on Data Privacy

What is Data Privacy? Infographic, courtesy of Terranova
7 End User Data Privacy Awareness Tips Infographic, courtesy of Terranova
Tips for Parents on Raising Privacy-Savvy Kids, courtesy of NCSA
National Cybersecurity Alliance Online Safety and Privacy Basics Resource
Federal Trade Commission: Privacy and security resources for consumers and businesses.
Consumer Reports: Consumer Reports shares privacy tips, product ratings and news to help consumers protect their privacy.
Mozilla “Privacy Not Included”: With this guide, Mozilla helps you shop for safe, secure devices and presents information on the privacy and security of popular products.

SUNY College of Optometry is

recognized as a Data Privacy Champion!

The Data Privacy Week Champions represent those dedicated to empowering individuals and encouraging businesses to respect privacy, safeguard data and enable trust. Champions include companies and organizations of all sizes, schools and school districts, colleges and universities, nonprofits, government organizations and individuals.