The 28th of January marks Data Protection Day, as well as its 10th anniversary. The day stands as an opportunity to highlight the importance of both privacy and security.
You could say that this is a great chance for encouraging businesses and users to be aware of laws in this area, but really businesses and general users of technology should by now be aware of the issues surrounding data protection.
The day was launched in 2006 by the Committee of Ministers of the Council of Europe, with the idea that it should be a day to celebrate the right to data protection and to raise awareness of the law.
The reason for the 28th being chosen is because it matches the anniversary of the Council of Europe’s Convention 108 for the Protection of individuals with regards to automatic processing of personal data.
The convention has been the cornerstone of data protection and privacy laws for the last 30 years, and is ever more relevant due to the rise of big data and the desire to analyse more and more personal data.
The Council of Europe said: "The Data Protection Day should be a special occasion, a time set aside by each and every one of us to familiarise ourselves with a largely unknown, yet major, facet of our everyday lives."
CBR has already written about how to avoid breaching data regulations but there are also rules that should be followed for businesses to protect data against threats.
Peter Hannah regional director for UK & Ireland at NETGEAR, says that these should include steps such as making sure data is written across multiple drives for RAID protection, in order to protect against the risk of hardware disk failure, which is inevitable.
Another step taken should be to continuously protect data during normal business operations, as this will allow for data to be easily restored from any point in time.
While trying to protect your data is one important part of the day, the other important part is that of data privacy.
Research from Informatica highlights the fears that consumers have about sharing their data, with 72% of online UK consumers concerned about the level of protection given to personal information that they share with brands and organisations online.
The survey of more than 2,000 adults found that because of these concerns 56% are reclaiming access to it and plan to share less information over the next three years.
This means that brands and organisations need to put more effort into strong data governance policies at the heart of their customers’ digital experience in order to try and win back confidence.
To address this, businesses and brands need to be more open and honest about how they are using personal information. It was found that having a privacy policy in place (50%), quickly responding to any issues (38%) and having a privacy policy in place (43%) are the top three things that enterprises can do to earn consumer trust.
While there are policies and regulations in place as to how data can be used, are businesses following them and do consumers have much say in how their data is used?
Nigel Hawthorn, chief European spokesperson, Skyhigh Networks said: "Britain will be observing data privacy day today but, as the draft Investigatory Powers Bill shows, the UK is failing to put privacy rhetoric into practice. When you compare our recent encryption policies to the likes of the Netherlands, which recently said no to encryption backdoors, it’s clear which country is walking the walk as well as talking the talk."
Data privacy isn’t just an IT department issue; as I have shown already it can significantly impact how consumers feel and act towards a brand or business. The significance of this is that if consumers opt to share less data, then the idea of personalised offerings goes out the window.
With personalised offerings you need to know reasonably high levels of information about a customer in order to properly tailor offers and services to them, but if you’ve already lost their trust and they no longer share their data, then the option of a fully personalised offering won’t be capable.
Consumers not understanding how their personal data is being used is one part of the problem; the other problem is data breaches.
While businesses can do a lot to try and ensure that a data breach doesn’t happen, it is widely accepted that a breach will happen at some point.
When the EU General Data Protection Regulation comes in, in two years time, it will be very difficult to hide data breaches so it is important to be upfront and honest about the situation, while aiming to make sure that they have the correct security processes in place before the regulation comes into effect.
Jason Hart, CTO, Data Protection, Gemalto said: "Being a better steward of customer data is not just good PR, it makes good business sense, too."
Businesses have a long way to go to ensure that consumer privacy concerns are met and there is likely to be on-going issues no matter what they do. Improved security and greater honesty and openness are a must and should be the key take-aways from Data Protection Day.