January 24-28, 2022 is Data Privacy Week!

What is Data Privacy Week?

Data Privacy Week is an annual campaign to spread awareness about data privacy and educate individuals on how to secure their personal information. It also works to encourage businesses to respect privacy and be more transparent about how they collect, store and use customer data. This year, Data Privacy Week 2022, spotlights the value of information and how to “Keep It Private” and “Respect Privacy”.

The National Cybersecurity Alliance (NCSA) expanded the Data Privacy Day campaign into a full week-long initiative. Data Privacy Day began in the United States and Canada in January 2008 as an extension of Data Protection Day in Europe. Data Protection Day commemorates the Jan. 28, 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

Why is it important?

Today we conduct much of our lives on the internet and on our connected devices, yet few people understand that enormous amounts of personal information is collected and shared. This data can be stored indefinitely, and our personal information can be used in both beneficial and unwelcome ways. Even seemingly innocuous information – such as your favorite restaurants or items you purchase online – can be used to make inferences about your socioeconomic status, preferences and more.

Many companies have the opportunity to monitor their users and customers’ personal behavior and sell the data for profit. In order to make informed decisions and understand the true value of their data, consumers need to understand how it is collected, used, and shared.


FAST FACTS:

  • 67% of internet users in the US are not aware of their country’s privacy and data protection rules. (LegalJobsIO)
  • 76% of individuals said it’s too hard for them to understand what’s going on and how their information is being used. (CISCO)
  • 62% of Americans believe it is impossible to go through a day without having their data collected by companies. (Pew)
  • 86% of individuals say they care about data privacy. (CISCO)
  • 65% of the world’s population will have their personal data covered under a regional or global privacy regulation by 2023. (Gartner)
printer
ADVICE FOR INDIVIDUALS
printer

ADVICE FOR INDIVIDUALS: KEEP IT PRIVATE

Everything you do online generates data. There’s data about your activities, behaviors, and interests. There’s your personal data, like your social security and driver’s license numbers. And there’s data about the physical you, like health data.

It’s easy to feel a lack of control over the information collected about you. However, there are steps you can take to learn about the types of data you’re generating online, and how it’s collected, shared and used. Consumers are becoming increasingly concerned with data privacy, and companies are realizing this and responding. We encourage consumers to be selective about who they choose to do business with and understand the value of their data.

Follow these steps to better manage your personal information and make informed decisions about who receives your data:

  1. UNDERSTAND THE PRIVACY/CONVENIENCE TRADEOFF
    Many accounts ask for access to personal information, such as your geographic location, contacts list, and photo album, before you even use their services. This personal information has tremendous value to businesses and allows some to even offer you their services at little to no cost.

    Make informed decisions about whether or not to share your data with certain businesses:

    • Considering the amount of personal information they are asking for, and weigh it against the benefits you may receive in return.
    • Be thoughtful about who gets that information and wary of apps or services that require access to information that is not required or relevant for the services they are offering.
    • Delete unused apps on your internet-connected devices and keep others secure by performing updates.
  1. MANAGE YOUR PRIVACY
    Once you have decided to use an app or set up a new account, check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information.

    Get started with NCSA’s Manage Your Privacy Settings page to check the settings of social media accounts, retail stores, apps and more.

  1. PROTECT YOUR DATA
    Data privacy and data security go hand in hand. Keep your data secure by:

    • Creating long, unique passwords for each account and device. Thanks to automation, once a bad actor has compromised one password they can easily bounce it around other sites to gain access to other accounts. Having long, strong, and unique passwords for each account immediately thwarts these “easy hacking” efforts and makes it much harder for hackers to crack a password in the first place.
    • Storing passwords in a password manager. Password managers have redefined cybersecurity for individuals by providing a consolidated and secure hub for individuals to store their information. Password managers can even generate unique, secure passwords for you, and store them automatically.
    • Performing software and browser updates when they become available.
    • Enabling multi-factor authentication (MFA) wherever possible. MFA has been found to block 99.9% of automated attacks when enabled and can ensure your data is protected, even in the event of a data breach.
ADVICE FOR ORGANIZATIONS
printer

ADVICE FOR ORGANIZATIONS: RESPECT PRIVACY

According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business.

Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer may expect their data to be used and design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization and the steps you take to achieve and maintain privacy.

Follow these steps to assess and improve your data collection practices and encourage a culture of privacy in your organization:

  1. CONDUCT AN ASSESSMENT
    Conduct an assessment of your data collection practices. Whether you operate locally, nationally, or globally, understand which privacy laws and regulations apply to your business.
    • Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access.
    • Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes.
    • Don’t forget to maintain oversight of partners and vendors as well. If someone provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information.
  1. ADOPT A PRIVACY FRAMEWORK
    Knowing the risks that your company’s data faces is pivotal to making sure it is safely maintained and used. Researching and adopting a privacy framework can help you manage risk and create a culture of privacy in your organization by building privacy into your business. i.e., NIST Privacy Framework
  1. EDUCATE EMPLOYEES
    Ongoing training and awareness campaigns for employees are a must for businesses today especially as the digital world becomes more and more driven by remote work. Create a culture of privacy in your organization by educating your employees of their and your organization’s obligations to protecting personal information.

2021 was yet another watershed year in terms of business data use. And 2022 is likely to be another. Therefore, it is imperative that businesses put their best foot forward when it comes to data privacy, and these few steps can help them make significant strides in developing better privacy habits.

Additional information and resources on Data Privacy


SUNY College of Optometry is

recognized as a Data Privacy Champion! 

The Data Privacy Week Champions represent those dedicated to empowering individuals and encouraging businesses to respect privacy, safeguard data and enable trust.  Champions include companies and organizations of all sizes, schools and school districts, colleges and universities, nonprofits, government organizations and individuals.

NCSA Data Privacy Week Champion Logo