Led by the National Cyber Security Alliance (NCSA), Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Observed annually on January 28, Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

Each year, data breaches continue to grow in size and scope – exposing consumer’s private data and valuable business information assets. Against this backdrop, Data Privacy Day helps spread awareness about privacy and educates citizens on how to secure their personal information. It also works to encourage businesses to be more transparent about how they collect and use data.

WHY WE SHOULD CARE ABOUT ONLINE PRIVACY

Today we conduct much of our lives on the internet and on our connected devices, yet few people understand that enormous amounts of personal information is collected and shared. This data can be stored indefinitely, and our personal information can be used in both beneficial and unwelcome ways. Even seemingly innocuous information - such as your favorite restaurants or items you purchase online - can be used to make inferences about your socioeconomic status, preferences and more.

Many companies have the opportunity to monitor their users and customers' personal behavior and sell the data for profit. In order to make informed decisions and understand the true value of their data, consumers need to understand how it is collected, used, and shared.

ADVICE FOR INDIVIDUALS: OWN YOUR PRIVACY

Individuals feel an increasing lack of control over their personal data. However, there are steps you can take to learn about the types of data you’re generating online, and how it’s collected, shared, and used. Follow these basic privacy tips to help you better manage your personal information and make informed decisions about who receives your data.

CALLS TO ACTION FOR INDIVIDUALS

PERSONAL INFO IS LIKE MONEY: VALUE IT. PROTECT IT.
Personal information, such as your purchase history, IP address, or location, has tremendous value to businesses – just like money. Make informed decisions about whether or not to share your data with certain businesses by considering the amount of personal information they are asking for and weighing it against the benefits you may receive in return.

KEEP TABS ON YOUR APPS.
Many apps ask for access to personal information, such as your geographic location, contacts list and photo album, before you can use their services. Be thoughtful about who gets that information, and wary of apps that require access to information that is not required or relevant for the services they are offering. Delete unused apps on your internet-connect devices and keep others secure by performing updates.

MANAGE YOUR PRIVACY SETTINGS.
Check the privacy and security settings on web services and apps and set them to your comfort level for information sharing. Each device, application or browser you use will have different features to limit how and with whom you share information. Get started with NCSA’s Manage Your Privacy Settings page: https://staysafeonline.org/stay-safe-online/managing-your- privacy/manage-privacy-settings/

ADVICE FOR ORGANIZATIONS: RESPECT PRIVACY

According to a Pew Research Center study, 79% of U.S. adults report being concerned about the way their data is being used by companies. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business.

CALLS TO ACTION FOR ORGANIZATIONS

IF YOU COLLECT IT, PROTECT IT.
Data breaches can not only lead to great financial loss, but a loss in reputation and customer trust. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access. Make sure the personal data you collect is processed in a fair manner and only collected for relevant and legitimate purposes.

CONSIDER ADOPTING A PRIVACY FRAMEWORK.
Build privacy into your business by researching and adopting a privacy framework to help you manage risk and create a culture of privacy in your organization. Get started by checking out the following frameworks:

NIST Privacy Framework
AICPA Privacy Management Framework
ISO/IEC 27701 - International Standard for Privacy Information Management

CONDUCT AN ASSESSMENT.
Conduct an assessment of your data collection practices. Understand which privacy laws and regulations apply to your business. Educate your employees of their and your organization’s obligations to protecting personal information.

TRANSPARENCY BUILDS TRUST
Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer may expect their data to be used and design settings to protect their information by default. Communicate clearly and concisely to the public what privacy means to your organization and the steps you take to achieve and maintain privacy.

MAINTAIN OVERSIGHT OF PARTNERS AND VENDORS.
If someone provides services on your behalf, you are also responsible for how they collect and use your consumers’ personal information.

Facts and Figures

CONSUMERS ARE CONCERNED ABOUT PRIVACY

  • 46% of consumers feel they’ve lost control over their own data. (Salesforce)
  • 84% of consumers say they want more control over how their data is being used. (Cisco)
  • 81% of consumers say the potential risks they face from data collection by companies outweigh the benefits. (Pew Research Center)
  • 92% of Americans are concerned about their privacy when they use the Internet. (TrustArc)
  • 65% of American voters say data privacy is one of the biggest issues our society faces. (Morning Consult)
  • 63% of consumers say most companies aren’t transparent about how their data is used. (Tableau)
  • 54% of consumers say companies don’t use data in a way that benefits them. (Tableau)
  • 60% of Americans believe there are ethical ways companies can use personal information. (RSA)
  • Only 15% of consumers think companies will use their personal data to improve their lives. (PwC)

PRIVACY IS GOOD FOR BUSINESS

  • 92% of consumers say companies must be proactive about data protection. (PwC)
  • 64% of Americans would blame the company—not the hacker—for the loss of personal data. (RSA)
  • 88% of consumers say the extent of their willingness to share personal information is based on how much they trust a company. (PwC)
  • 39% of consumers are likely to walk away from a company that requires them to provide highly personal data to conduct business with them. (Akamai)
  • 48% of consumers have stopped buying from a company over privacy concerns. (Tableau)
  • 97% of companies have seen benefits like a competitive advantage or investor appeal from investing in privacy. (Cisco)