by Dr. Magda Chelly, S-CISO, CISSP, PhD
There is currently no more popular topic than the pandemic. It has impacted lives – both socially and economically. The situation required governments and public organizations to collect citizens’ data for public safety reasons. The situation raised concerns about data privacy.
Nonetheless, privacy is not a new topic and has needed attention for several years with evolving privacy laws worldwide.
We are living in an era where digital technologies are part of all our activities. Businesses adopt them to perform their activities more efficiently, increase productivity, and improve customer services. Individuals use technologies for convenience, fun, entertainment, and communication with family members and friends. These new technological platforms have resulted in more and more data being collected by the providers. Every time individuals need to use a platform, they must enter to some extend personal information, i.e., email, name, username, date of birth, etc. This information is considered personal data, and it is valuable and should remain confidential. When the individual does not provide a minimum data set, they can’t access the service anymore.
While personal data definitions differ depending on the country, region, and privacy law, in this article, we consider personal data, any information that refers to data about an individual who can be identified from that data.
Are companies taking data privacy seriously?
When using those platforms, users believe that their data must be protected, kept private and confidential. It might be true when the platform is seriously considering data privacy but might be utterly false in cases where data privacy is not yet regulated or enforced. Realistically, data privacy implementation might be a costly endeavour. Companies are required to allocate budgets to ensure measures supporting the end-goal, maintaining confidentiality, integrity, and availability of the data. The CISCO Data Privacy Benchmark Study 2021 indicates an average privacy budget of $2.4 million this year. This amount is non-negligible amount.
Thus, practically, companies without strict privacy regulatory requirements might envision a high cost and no return on investment. They, will not then address data privacy and security as a priority. This misconception is a false belief. Studies show that 60% of consumers would change providers if they consider that their data is not appropriately protected. [1]
Why should personal data be kept private?
Often, users do not understand the data usage and trade privacy for convenience, believing that it will not affect them much.
Initially, no technology or platform was able to analyze or draw valuable conclusions from its collected data. The data was too abundant, too complex, poorly organized and rapidly changing to identify social trends and habits. Nevertheless, solutions quickly emerged, where left behind virtual digital traces and personal data could be collected, processed, and analyzed to search for patterns or make decisions based on automated algorithms. It is a time of unprecedented insight into human behaviors and private lives. Now, the use of this type of information is unpredictable.
When users are using smartphones’ applications, thinking that it is for “free” , they do not realize they are paying for the usage with their data. They are the product.
Almost every day a company abuses individuals’ data. Whether intentionally or erroneously, these abuses might result in dramatic consequences.
Two Metropolitan police officers were sentenced to five years in prison in 2017 to gain access to the force’s intelligence database and reveal a confidential witness’s identity in a 2011 murder trial in which the defendant, Leon De St Aubin, later on was found guilty. [2]
After significant concerns about the reliability of geolocation data collected from cell phone providers, Denmark released 32 prisoners in 2019 as part of an ongoing study of 10,700 criminal cases. Connections data between the phones and the towers was discovered to be one of the many issues. In fact, the software used to convey the information recorded the origins of text messages incorrectly getting the location wrong. Many innocent people may have been wrongfully convicted as a result of these issues, and potential criminals may have gone unnoticed. [3]
Advertisers are able now to influence customers in new ways thanks to cookies and other monitoring mechanisms. For example, with $29 packages, companies can send you a seemingly innocuous connection with an embedded cookie that will allow you to send targeted content to the recipient of your choice, manipulating and influencing their choices. [4]
The previous few examples show that data privacy should be a concern, and while individuals are often trading it for convenience, it is critical to think beyond convenience about the consequences and life implications. Data is valuable and nowadays is a vital asset.
Should Data Privacy become a Human Right?
All the above and further scenarios raised concerns about the criticality of data privacy. At the same time, people started asking themselves questions about the impact of data privacy violations on everyday life. On the one hand, collecting, storing, and analyzing large amounts of information to identify patterns and predict how people will behave – can be of great value to society, increasing its productivity, public sector efficiency, and society’s participation. On the other hand, they pose a considerable challenge to privacy as increasing amounts of personal data are automatically collected and processed in a complex and complicated manner.
CISCO’s report mentions that privacy is much more than just a compliance obligation. It’s a fundamental human right and business imperative.
These are just some of the critical topics addressed at the upcoming LinkedIn Live event lead by Cisco APJ on the 24th of March 2021. Join us: https://www.linkedin.com/events/dataprivacyandtrust-canwehaveit6776004822052286464
References
[1] https://dataprivacymanager.net/100-data-privacy-and-data-security-statistics-for-2020/
[2] https://www.telegraph.co.uk/news/2017/02/10/gangsters-moll-jailed-plot-uncover-identity-anonymous-witness
[3] https://www.theguardian.com/world/2019/sep/12/denmark-frees-32-inmates-over-flawed-geolocation-revelations
[4] https://www.ft.com/content/944d068c-8a99-11e8-affd-da9960227309
