My earliest experience of the need for data privacy was when telemarketing was rampant in mid 2000s. I remember how agitated the experiences used to be whenever I answered a call from an unknown number on my mobile phone. I would often respond with the like of “how did you get my contact number?” or “where did you get my contact information from?” or “Please include me in the Do-Not-Disturb (DND) List”. For a while the calls would stop but only to begin again. The painful cycle repeated. Come to think of it, my contact information was shared (may be sold too), by someone, to several product companies for their marketing efforts. This is an example of a privacy violation.
Remember the Facebook-Cambridge Analytica data breach scandal that happened few years ago? In it, several millions (over 25 million) of Facebook users data were, without consent, harvested by Cambrdige Analytica. This incident shed a whole new, much needed light on privacy highlighting several aspects on why it is important.
So what then is data privacy?
Simply put, Data privacy is the right to have control over how your personal information is collected and used with clearly defined practices which ensure that the data shared is only used for its intended purpose.These practices identify how data is collected, stored, used, protected and shared. Furthermore, data protection is the process of securing data and important information from being compromised or corrupted.
Why should we care about data privacy?
Imagine this. What if the data that should be kept private, gets in the wrong hands?Bad things can happen such as a data breach at a government agency can put top secret information in the hands of an enemy state. A breach at a corporation can put registered data in the hands of a competitor which could lead to misuse or gain an unprecedented market advantage causing massive loss to the organization.
As more of our data becomes digitized, and we share more information online, it is no surprise that data privacy is taking on greater importance. A single company may possess the personal information of millions of customers, data that it needs to keep private so that customers’ identities stay as safe and protected as possible, and the company’s reputation remains unblemished. Clive Humbly said it right in 2006. Data is the new oil.
Benefits of Data Privacy Measures
Owing to the growing importance of the need for data privacy, several regulations were passed recently, most famously the European GDPR Law. Similarly, several nations have also put forth their country specific regulations, some of these are scheduled to go live in the coming months.
1. Data protection measures safeguard valuable information, which is healthy for the organization and its business.
2. Installing security into the systems reduces development and support time which could be allotted in other tasks. When privacy is purposefully addressed within new innovations, it expands and improves innovations.
3. Presence of data protection and security measures make it difficult for hackers to access sensitive information preventing them from executing identity theft, phishing scams or other types of fraudulent activities.
4. Enables businesses to receive benefits such as a boost in return on investment, improved customer loyalty, and more efficient operations.
5. Organizations that demonstrate data privacy and protection gain a significant advantage on competition, trust of their customers, their loyalty resulting in customer, investor and public trust.
Impact caused by absence of data privacy
In recent times, we have seen quite a number of data breaches across several well known organizations. Some of them being:
– TrueCaller, a well-known caller ID and spam blocking app breach resulted in personal information of over 47 million Indian nationals leaked online
- TrueCaller, a well-known caller ID and spam blocking app breach resulted in personal information of over 47 million Indian nationals leaked online
- Nintendo, a video gaming giant also experienced a data breach in April 2020 affecting its more than 150,000 users
- Over 25,000 of GoDaddy, a well know domain registrar and web hosting provider were affected by the data breach, which occurred in October 2019 but went unnoticed till April 2020
- Marriott faced multiple breaches, once in 2018 affecting 380 million records and recently again in January 2020.
- Microsoft’s data breach in January 2020 affected its 250 million customer service and support records exposing customer email and IP addresses.
Failing to implement and demonstrate strong data privacy measures and complying with the required regulations could result one or many of the below listed consequences: Organizations should meet compliance requirements, Organizations that implement such controls do not have to deal with fines, penalties, or civil suits as an after effect of obstacles.
- Deliberate misuse of company data/information wherein inside information could be sold to competition.
- Lack of adequate measures resulting in data breaches could result in loss of revenues, loss of market shares, loss of customer confidence, potential risks of litigation.
- Organizations will not know what data is handled by their third parties.
- Non-compliance to regulatory requirements could result in severe financial penalties.
Despite having several stringent security measures in place, several well-known organizations have faced the wrath of ill intended individuals and organizations. It is time for organizations to inculcate the behavior of data privacy as part of their DNA.
What are some of the benefits that you have seen in implementing data privacy in your organizations? Have you noticed any other consequences of failure to do so? Take a moment and comment below.
Did you notice any corrections to be made on this page? Submit your feedback here. We will take the necessary action.