By Praveen Kannan and Anna Strokolyst The Hotspot Shield team believes the internet should be open and secure …
Data Privacy Day, which takes places annually on January 28, is a day geared toward heightening awareness of data security issues and spurring companies and governments to take action to protect consumers.
So what did Data Privacy Day 2015 accomplish?
The Government Held Accountable
Thanks to Mr. Snowden, the world is abuzz about government spying. Is it ever ethical? What information are the authorities after? How is it possible to find a balance between privacy and security? The issue is complex, but the fact remains that people want to be able to enjoy freedom in cyberspace without worrying about Big Brother.
On Data Privacy Day, two U.S. Senators on the Judiciary committee released a statement affirming their dedication to protecting private information. Their statement points ahead to legislature that will “safeguard the privacy of e-mail and other information stored in ‘the cloud'” and “requires the government to obtain a search warrant, based on probable cause, before searching through the content of Americans’ e-mail or other electronic communications stored with a service provider such as Google, Facebook, or Yahoo!.”
This updated Electronic Communications Privacy Act (ECPA), which updates the original 1986 law, may go from proposal to law later in 2015.
Businesses Held Responsible
The government may sometimes trade privacy in favor of security, but sometimes businesses trade security for convenience and budget concerns. Data Privacy Day 2015 served as a stark reminder that businesses need to take further measures to protect their customers’ private information.
Budding legislation may take steps to hold businesses more accountable for the way they handle consumer data. The call is for a federal law that dictates when and how businesses report data leaks. As things stand, different states have different standards. A federal law to bring all the states to the same page may make for greater peace of mind for shoppers.
However, a new federal law wouldn’t fix everything. As The Washington Post points out, “privacy experts and advocates say that [passing a federal law] actually runs the risk of decreasing privacy for people across the country.” This is because some states already have very strict laws concerning data privacy.
While the issue of how businesses handle data leaks is far from resolved, Data Privacy Day did manage to call attention to it and get people thinking.
Companies Reassure Consumers
Whether or not the law requirs it, the fact remains that businesses should treat customer data as a treasure to be protected. On Data Privacy Day, some companies took the initiative to assure their clients that their data is as safe as possible.
Mozilla, for instance, used its blog to remind users about Mozilla’s “privacy principles” and the browser’s privacy settings. They also gave a brief summary of some of their newest privacy features. While the post is somewhat self-elevating (Mozilla pointed out that they are the Most Trusted Internet Company for Privacy according to the Ponemon Institute), it does serve as a poignant reminder that companies should keep customers informed about what they are doing to enhance security and privacy.
Even if the e-commerce merchants, browsers, and other cyber-realm spaces that you frequently use don’t make a show out of how they protect your privacy, they may be implementing smart new features to protect you. Data Privacy Day is the perfect occasion for you to review your privacy settings and investigate the features that safeguard you from hackers and other prying eyes.
FTC Sends out Best Practice Reminders
A day before Data Privacy Day, the Federal Trade Commission released a report on the Internet of Things. The Internet of Things encompasses a world of devices that may not immediately come to mind when you think of cyberspace; it includes items like thermostats, printers, and fitness monitors, etc. While many Wi-Fi-enabled devices pose little or no risk to privacy, it is still wise to be aware of the connections that make the world a tangled web of inter-device communication.
The FTC’s report provided some sound reminders on best practices that businesses should use to protect consumer data. The reminders admonished businesses to:
- Make security a priority in the design process of new devices.
- Diligently train employees about security.
- Monitor connected devices and acting quickly to provide security patches when needed.
- Scrutinize the security practices of any outside service providers.
Applying these principles may mean that companies have to allocate more funds toward privacy and security, but the end result — that is, enhanced peace of mind for consumers and fewer data breaches — is worth it.
Heightened Public Awareness
One of the most important goals of Data Privacy Day is to heighten public awareness of how vital it is to take measures to ensure that data doesn’t end up in the wrong hands. The Huffington Post pointed out some eye-opening facts about who collects data and how they do it:
- Some websites collect “unknown data.” This is information that you provide without being aware of it, such as your IP address.
- Some bad “cookies” track your browsing activities and build a picture of your likes and dislikes.
- You may end up paying more online because of the device you use or the websites you visit.
Consumers Take Action
Awareness without action is empty. Thankfully, Data Privacy Day came with plenty of practical reminders about what consumers can do to protect their data. A previous post on our blog encouraged you to celebrate Data Privacy Day by doing things like:
- Sharing what you know about data security through your social media accounts.
- Requesting a credit report.
- Updating your passwords.
- Making sure all your computer’s anti-virus and anti-malware programs are up to date and functioning properly.
- Using a VPN when connecting to unsecure public WiFi.
- Talking to your kids about data privacy.
Data Privacy Day is an annual reminder of the need for improved standards when it comes to how the government, businesses, and individuals take care of data. However, data privacy shouldn’t be a once-a-year thing. It should be something that we pursue every month, week, and day.