January 28th 2019 marks the thirteenth annual Data Protection Day in Europe, aka Data Privacy Day in the USA. This international event commemorates the same date in 1981, when the Council of Europe’s data protection convention, known as ‘Convention 108’, was signed. Whilst many campaigns are run throughout the year on educating consumers and businesses on data issues (e.g. Stop. Think. Connect), Data Protection Day was designed to encourage events and awareness schemes on an issue that has never been more relevant.
Why do we need Data Protection Day?
A story that grabbed my attention recently was that of a group of girl scouts in America earning badges in cybersecurity. While the badge’s primary aim is to prevent gender stereotypes in technical careers, it also puts a spotlight on children as young as five concerning themselves with protecting data online. It’s smart preparation for a world where data is already practically currency. For my generation and older we’ll have to figure this out for ourselves, which is why Data Protection Day is around – to educate us on our rights and the risks associated with using online services.
And it pays to prepare. Fears over data protection are not unfounded. If you haven’t heard of Collection #1 yet, you’ll want to check if your data has been part of this latest breach at haveibeenpwned.com ASAP. Last week, creator of that site and information security journalist, Troy Hunt, uncovered a whopping 773 million record data breach, prompting his advice to consumers to take basic steps to improve their data protection online.
I’ve taken note as a consumer, what about my business?
Data protection is not only a legal issue for businesses, it’s a make-or-break deciding factor for customers in whether to use your services at all. With breach scandals in the news and the success of campaigns such as Data Protection Day, we’re all (hopefully) becoming ever savvier on data protection issues. So trust in your company’s ability to prevent security violations is key to them signing up in the first place. How can you create trust? Make sure you’re being transparent about your data protection practices – including why you’re asking for specific details – and keep reviewing privacy practices to stay one step ahead of hackers.
What happens if the unthinkable happens? Take British Airways, for example. They announced back in September 2018 that around 380,000 card payments to BA had been compromised. The consequences showed the parent company (IAG)’s shares falling over 4% after the announcement; consumer ‘impression score’ plummeting; and speculation on GDPR fines in the region of £500-800 million.
If you’re not familiar with GDPR, it is imperative that you find out more now – wherever your business is based in the world. It’s sure to be a much-discussed topic on Data Protection Day, particularly with the Google €50 million GDPR fine that was announced this week.
What should I do if I’m not already GDPR-compliant? Asking for a friend…
You must act immediately to get your data under control.
Many businesses have found their solution in Customer Identity Access Management (CIAM), as it solves a number of the technical issues associated with GDPR compliance. For example, giving your customers full view of the data your company holds on them and managing their consents. As a next step, download Using Customer IAM to help achieve GDPR.
Let me know if you have any questions/comments below and don’t forget to get involved with Data Protection Day 2019!