Data Protection Day: why it's time to speak up for privacy

Industry experts reveal what would make them celebrate on Data Protection Day

With the looming Investigatory Powers Act and threats from across the pond that the US may not consider privacy all that important to those who aren't American, this year's Data Protection Day is as timely as ever.

Also known as Data Privacy Day, the awareness-raising effort commemorates the signing of Convention 108 the first international treaty dealing with data protection.

Advertisement - Article continues below

To celebrate, we heard from tech and security experts about what they'd like to see companies and indivduals do to improve data privacy in 2017.

Speak up

Not happy with government surveillance or the Investigatory Powers Act, recently signed into play by the government? Then it's time to speak up and take action.

Lee Munson, security researcher at Comparitech.com, said that "privacy for UK citizens is eroding very quickly," thanks to laws that require comms companies to hoover up personal data such as browsing history.

"If there are ways for the good' guys to access this information at will, you can bet the bad guys aren't far behind," he said. "People have the right to know what information is being stored on them and what steps are being used to secure that information."

To do so, he advises Brits to speak up against the law by writing to your local MP and signing a petition against it, and to take the time to find out what data is held on them. That can be done via a subject access request to your ISP or phone company, which means they'll have to provide all the data they hold on you.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"The hope is that, with enough people showing concern for their privacy, the government will have to consider it. It's not just about names on a list that can be easily ignored these requests will require action," said Munson.

Time for transparency

How can people feel confident about data privacy if they don't know how their data is being held? That question was raised by Emma Butler, data protection officer at Yoti.

"YouGov recently reported that 87% of people are worried, to some extent, about the security of their personal data online," she said. "It's clear that the issue is on the radar of more individuals than ever before."

"This year, I'm especially keen to see the technology industry encourage an environment where transparency and engagement with consumers come first," she added. "With the explosion of digital technologies, organisations are sweeping up vast quantities of data about consumers' activities, often without them being fully aware. Gaining consumers' trust and confidence in the use of their data will increasingly become a vital source of competitive advantage for companies".

Advertisement - Article continues below

Get encrypted

You can't keep customers' data private if your company isn't properly secured take that responsibility seriously, said Jason Hart, CTO for data protection at Gemalto.

"Consumers expect that their data will only be accessed by internally authorised individuals, and be completely secure from external threats," he said.

Because of that, companies should implement encryption as well as two-factor authentication, he advised. "By encrypting the data, and managing the encryption keys properly, the data is useless to the hacker, as well as any unauthorised personnel within the organisation," Hart added. "This means that, even if a breach takes place, consumer data remains private."

Update your devices

Anyone reading this site is surely aware of the necessity of updating their Windows machines and other computers, but don't forget your other connected gadgets particularly smart home and Interet of Things devices.

Robert Miller, head of operational technology at MWR InfoSecurity, cited a recent Ubuntu survey that found 31% of consumers with connected devices fail to update them in a timely fashion and 40% have never knowingly updated them. "As such, consumers are unintentionally leaving themselves exposed to attack, from Distributed Denial of Service (DDoS) attacks to invasions of personal privacy or theft of personal data," he argued, calling on manufacturers to do a better job keeping their users safe and building in privacy and security protections.

Advertisement - Article continues below

In terms of privacy, he said IoT or connected cameras were the biggest risk. "However, recently industrial control systems were shown to allow an attacker to remotely read and write memory, in essence creating a remote file share," he added. "If a similar attack could be designed for IoT, then a user's home could end up sharing files and data on behalf of an attacker."

Get ahead of the curve

The General Data Protection Regulation is looming don't wait for its May 2018 arrival to get your company ready, notes Robert Guice, senior vice president at Shred-it. "This Data Protection Day, we urge businesses to get ahead of the curve and prepare for the requirements stipulated by the incoming GDPR," he said. "These range from stricter rules around securing consent for the use of personal information to, in some cases, the introduction of a designated data protection officer within the workplace."

Advertisement - Article continues below

He added: "Ensuring your organisation is fully compliant with the forthcoming regulations protects your business and employees against the possibility of a damaging data breach, safeguarding against potentially damaging financial penalties that will be issued if a company is not in line with the law. Above all, acting now will reassure customers, partners and employees that you take their data protection seriously."

Featured Resources

Top 5 challenges of migrating applications to the cloud

Explore how VMware Cloud on AWS helps to address common cloud migration challenges

Download now

3 reasons why now is the time to rethink your network

Changing requirements call for new solutions

Download now

All-flash buyer’s guide

Tips for evaluating Solid-State Arrays

Download now

Enabling enterprise machine and deep learning with intelligent storage

The power of AI can only be realised through efficient and performant delivery of data

Download now
Advertisement
Advertisement

Recommended

Visit/back-up/29084/how-to-enhance-your-backup-strategy
backup

How to enhance your backup strategy

27 Feb 2020
Visit/security/29068/is-your-company-taking-enough-accountability-on-cybersecurity
Security

Are you taking enough accountability on cyber security?

18 Dec 2019
Visit/security/29204/how-can-you-protect-your-business-from-crypto-ransomware
Security

How can you protect your business from crypto-ransomware?

4 Nov 2019
Visit/data-loss-prevention/28864/data-recovery-why-is-it-so-important
data recovery

Data recovery: Why is it so important?

9 Oct 2019

Most Popular

Visit/infrastructure/server-storage/355118/hpe-warns-of-critical-bug-that-destroys-ssds-after-40000-hours
Server & storage

HPE warns of 'critical' bug that destroys SSDs after 40,000 hours

26 Mar 2020
Visit/software/355113/companies-offering-free-software-to-fight-covid-19
Software

These are the companies offering free software during the coronavirus crisis

25 Mar 2020
Visit/software/video-conferencing/355138/zoom-beaming-ios-user-data-to-facebook-for-targeted-ads
video conferencing

Zoom beams iOS user data to Facebook for targeted ads

27 Mar 2020
Visit/cloud/355098/ibm-dedicates-supercomputing-power-to-coronavirus-researchers
high-performance computing (HPC)

IBM dedicates supercomputing power to coronavirus research

24 Mar 2020