Data privacy is a critical issue that affects every individual in today’s digital age. With the rise of the internet and social media, personal information is being collected, analysed, and shared at an unprecedented rate. This has led to the emergence of what has been called “surveillance capitalism,” where companies monetise personal data for profit.
Often referred to as the “most valuable commodity” in today’s digital age, data can be used to inform business decisions, create new products and services, and target advertising to specific groups of consumers. It can also be used to improve efficiency and reduce costs across industries.
Data alone is not valuable, it’s the insights and the ability to act on that data that makes it valuable. Back in 2018, I remember attending a presentation on data where the speaker claimed; that by analysing a person’s Twitter data, it was possible to create a 95% accurate profile of that person. This would give valuable insight into their behaviour, likes and dislikes, and even predict future actions. At the time, I thought that this was a little sensationalist, but now, with the advent of advanced AI technology like ChatGPT, built on vast amounts of data, that claim doesn’t seem so sensationalist, after all. Twitter was simply used as the example here and does not make any claim as to how Twitter makes use of the data it holds. Predictions based on data are not definitive; they are very accurate educated guesses but cannot and I imagine should not, factor in human emotions and decision-making.
Data privacy involves the protection of data concerning its collection, usage, and distribution. “Data”, in this case, typically refers to any information that could personally identify someone, such as their name, address, phone number, PPS number, credit card information, or username and password.
Shoshana Zuboff, in her book “Data Privacy in the Age of Surveillance Capitalism,”, describes how this system has created a “behavioural surplus” that is being harvested for profit by a small group of companies. This has led to a loss of privacy and autonomy for individuals, as well as a concentration of power in the hands of a few large corporations. She argues that stronger regulations are required to protect individual data privacy and to prevent companies from engaging in surveillance capitalism. She further argues that privacy is a fundamental human right. However, others would argue and maybe legitimately so that general privacy as a human right is ill-suited to the commercial world and that within this context a privacy paradox is observed between the user’s expressed wishes for privacy and their contradictory consumer behaviour. The privacy paradox phenomenon refers to a user’s express wish for digital privacy while willingly revealing personal information online.
Researchers across different fields have formulated different opinions on why consumers’ privacy concerns do not translate into increased protective behaviour, however, generally agree that companies are in a strong position to reduce consumers’ paradoxical behaviour by improving their customers’ informational privacy.
In Europe, the General Data Protection Regulation (GDPR) is in place to protect the personal data of individuals. However, compliance with GDPR alone is not enough to fully protect individuals’ data privacy. Organisations must take a more active role in protecting their data, and that of their customers and partners.
Why Businesses Should Take Privacy Seriously
- 46% of consumers feel they’ve lost control over their own data. (Salesforce)
- 53% of companies have more than 1,000 sensitive files open to every employee. (Varonis)
- 92% of consumers say companies must be proactive about data protection. (PwC)
- 8% of consumers have stopped buying from a company over privacy concerns. (Tableau)
- 64% of consumers would blame the company, not the hacker, for the loss of personal data. (RSA)
The Business ROI of Strong Data Privacy
- 97% of companies have seen benefits, like a competitive advantage or investor appeal, from investing in privacy. (Cisco)
- 84% of consumers are more loyal to companies that have strong security controls. (Salesforce)
- 70% of organisations say they receive significant business benefits from privacy, including operational efficiency, agility and innovation. (Cisco)
5 Ways to Strengthen Data Privacy at Work
- Use a VPN for work-related tasks – A VPN (Virtual Private Network) allows you to create a secure connection to another network over the Internet that obscures your online identity, even on public Wi-Fi networks, so you can browse the internet safely and anonymously.
- Don’t log onto unsecured networks – Using public Wi-Fi when working, such as in a coffee shop, can be risky, as hackers can position themselves between you and the connection point and launch a malware attack.
- Watch out for scams – It’s easy to think that cybercriminals would never target you, but just remember that all staff have access to valuable data that attackers are just waiting to exploit through attacks like phishing.
- Be aware of eavesdropping – With many meetings taking place over conference calls these days, it’s important to make sure sensitive info isn’t shared in public places, as well as to keep devices physically secure.
- Limit backups of devices – While backups are necessary for data recovery, each backup results in additional data proliferation. Ensure that staff are instructed on data privacy and security best practices through regular security awareness training and up-to-date policies.
Cyber awareness training via a Human Risk management service can educate individuals on how to handle sensitive data, such as personal information, and how to spot and avoid scams and phishing attempts. It can also teach individuals how to use privacy settings and other tools to control the amount of personal information shared online. It can be an important step towards creating a more equitable and just digital landscape.
In conclusion, data privacy is a critical issue that affects everyone and requires active participation from individuals, companies, and governments. It is our shared responsibility to handle the data we possess responsibly and ethically, in compliance with data security laws and regulations.