You may have missed Data Privacy Day in previous years, but there is a big push to make sure everyone takes note of Data Privacy Day 2014 (Twitter hashtag #DPD14). It is the perfect time to take a moment to consider the challenges and rewards of data privacy. We wrote about Data Privacy Day a few weeks ago and since then we have been busy with a variety of data privacy-related projects.
One of these projects is a series of panel discussions, of which ESET is a sponsor, taking place at the Pew Institute in Washington, DC. The event has sold out, but it is only one of many Data Privacy Day events going on across North America. Because this event sold out, it will be streamed live by one of the other event sponsors, Facebook.
Another data privacy event to watch for is the free webinar I am conducting tomorrow: What Does Data Privacy Mean for Your Business? With consumers and customers more concerned than ever about their data privacy, you need to be sure your business is doing enough to protect personally identifiable information (PII). I will share my thoughts on this challenging subject and suggest privacy strategies that can protect your company and even help you win more business.
The Privacy Meter
In honor of Data Privacy Day I decided to share a couple of thoughts on privacy to help stimulate discussion on the topic, beginning with a fun way to explore your feelings about privacy. The idea is to rate yourself on a very low tech meter that goes from Closed to Open, as in the expression people sometimes use: “He’s like an open book.”
Ask yourself how you feel about sharing information about yourself in daily life. Maybe you are more of a closed book, reluctant to share information about yourself. I tend to be more of an open book myself, but the point is, there's no reading that is better than another, no good or bad rating. The idea is to understand that society needs to accommodate people who have different views on sharing personal data.
For example, suppose you’re an open book. Is it fair to make others be open about their personal data if they are not comfortable with that. On the other hand, if you are a closed book, have you considered that you might have to provide information about yourself in order to participate in some aspects of society, such as those that require authentication of your identity? These complex questions are well worth pondering as we explore the benefits of data-driven technology and the importance of privacy.
The History of Data Privacy Principles
You might be surprised to learn that the Privacy Act, the first U.S. legislation to consider privacy specifically in the context of computers, appeared 40 years ago, under President Nixon. It was Richard Nixon’s Secretary for Health, Education and Welfare, Elliot Richardson who headed a study into record-keeping practices in the computer age and came up with the first formulation of data privacy principles in America. The report, commonly known as the “HEW Report,” recommended the enactment of a federal “Code of Fair Information Practice” for all automated personal data systems. The code envisioned by HEW contained five principles that would be given legal effect as “safeguard requirements” for automated personal data systems. They make interesting reading today:
- There must be no personal data record keeping systems whose existence is secret.
- There must be a way for an individual to find out what information about him is in a record and how it is used.
- There must be a way for an individual to prevent information about him that was obtained for one purpose being used or made available for other purposes without his consent.
- There must be a way for an individual to correct or amend a record of identifiable information about him.
- Any organization creating, maintaining, using, or disseminating records of identifiable personal data must assure the reliability of the data for their intended use and must take precautions to prevent misuse of the data.
Pretty solid data privacy principles that many would say are still sound fair today, 40 years later. What do you think? We'd love to hear your thoughts on data privacy. Leave a comment and let us know.