Data Protection Day: why it's time to speak up for privacy

Industry experts reveal what would make them celebrate on Data Protection Day

With the looming Investigatory Powers Act and threats from across the pond that the US may not consider privacy all that important to those who aren't American, this year's Data Protection Day is as timely as ever.

Also known as Data Privacy Day, the awareness-raising effort commemorates the signing of Convention 108 the first international treaty dealing with data protection.

To celebrate, we heard from tech and security experts about what they'd like to see companies and indivduals do to improve data privacy in 2017.

Speak up

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Not happy with government surveillance or the Investigatory Powers Act, recently signed into play by the government? Then it's time to speak up and take action.

Lee Munson, security researcher at Comparitech.com, said that "privacy for UK citizens is eroding very quickly," thanks to laws that require comms companies to hoover up personal data such as browsing history.

"If there are ways for the good' guys to access this information at will, you can bet the bad guys aren't far behind," he said. "People have the right to know what information is being stored on them and what steps are being used to secure that information."

To do so, he advises Brits to speak up against the law by writing to your local MP and signing a petition against it, and to take the time to find out what data is held on them. That can be done via a subject access request to your ISP or phone company, which means they'll have to provide all the data they hold on you.

"The hope is that, with enough people showing concern for their privacy, the government will have to consider it. It's not just about names on a list that can be easily ignored these requests will require action," said Munson.

Time for transparency

Advertisement - Article continues below

How can people feel confident about data privacy if they don't know how their data is being held? That question was raised by Emma Butler, data protection officer at Yoti.

"YouGov recently reported that 87% of people are worried, to some extent, about the security of their personal data online," she said. "It's clear that the issue is on the radar of more individuals than ever before."

"This year, I'm especially keen to see the technology industry encourage an environment where transparency and engagement with consumers come first," she added. "With the explosion of digital technologies, organisations are sweeping up vast quantities of data about consumers' activities, often without them being fully aware. Gaining consumers' trust and confidence in the use of their data will increasingly become a vital source of competitive advantage for companies".

Get encrypted

Advertisement
Advertisement - Article continues below

You can't keep customers' data private if your company isn't properly secured take that responsibility seriously, said Jason Hart, CTO for data protection at Gemalto.

"Consumers expect that their data will only be accessed by internally authorised individuals, and be completely secure from external threats," he said.

Advertisement - Article continues below

Because of that, companies should implement encryption as well as two-factor authentication, he advised. "By encrypting the data, and managing the encryption keys properly, the data is useless to the hacker, as well as any unauthorised personnel within the organisation," Hart added. "This means that, even if a breach takes place, consumer data remains private."

Update your devices

Anyone reading this site is surely aware of the necessity of updating their Windows machines and other computers, but don't forget your other connected gadgets particularly smart home and Interet of Things devices.

Robert Miller, head of operational technology at MWR InfoSecurity, cited a recent Ubuntu survey that found 31% of consumers with connected devices fail to update them in a timely fashion and 40% have never knowingly updated them. "As such, consumers are unintentionally leaving themselves exposed to attack, from Distributed Denial of Service (DDoS) attacks to invasions of personal privacy or theft of personal data," he argued, calling on manufacturers to do a better job keeping their users safe and building in privacy and security protections.

In terms of privacy, he said IoT or connected cameras were the biggest risk. "However, recently industrial control systems were shown to allow an attacker to remotely read and write memory, in essence creating a remote file share," he added. "If a similar attack could be designed for IoT, then a user's home could end up sharing files and data on behalf of an attacker."

Get ahead of the curve

Advertisement - Article continues below

The General Data Protection Regulation is looming don't wait for its May 2018 arrival to get your company ready, notes Robert Guice, senior vice president at Shred-it. "This Data Protection Day, we urge businesses to get ahead of the curve and prepare for the requirements stipulated by the incoming GDPR," he said. "These range from stricter rules around securing consent for the use of personal information to, in some cases, the introduction of a designated data protection officer within the workplace."

He added: "Ensuring your organisation is fully compliant with the forthcoming regulations protects your business and employees against the possibility of a damaging data breach, safeguarding against potentially damaging financial penalties that will be issued if a company is not in line with the law. Above all, acting now will reassure customers, partners and employees that you take their data protection seriously."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/security/29068/is-your-company-taking-enough-accountability-on-cybersecurity
Security

Are you taking enough accountability on cyber security?

18 Dec 2019
Visit/security/29204/how-can-you-protect-your-business-from-crypto-ransomware
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Visit/back-up/29084/how-to-enhance-your-backup-strategy
backup

How to enhance your backup strategy

10 Oct 2019
Visit/data-loss-prevention/28864/data-recovery-why-is-it-so-important
data recovery

Data recovery: Why is it so important?

9 Oct 2019

Most Popular

Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/hardware/354584/windows-10-and-the-tools-for-agile-working
Sponsored

Windows 10 and the tools for agile working

20 Jan 2020
Visit/microsoft-windows/32066/what-to-do-if-youre-still-running-windows-7
Microsoft Windows

What to do if you're still running Windows 7

14 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020