The idea for a Data Protection Day was put forward by the Council of Europe to correspond with the anniversary of its Convention 108, which protects the right to personal data privacy.
Starting as an annual observation in 2006, it’s known as Data Privacy Day outside of Europe, and aims to raise awareness of the importance of effective data protection.
“Key dates, such as Data Privacy Day, are important for businesses and consumers alike,” said Barry Cook, privacy and group data protection officer at VFS Global. “For the former, they provide an opportunity to reflect on operational practices, while for the latter, they remind us of the significance of our personal information in the world today.
“For us, at VFS Global, a company that handles millions of visa applications each year, employing the highest possible standard of data protection is not just the right thing to do – it’s imperative to our business model.
“We are trusted with highly sensitive information, including fingerprints and other biometric data, which could cause significant harm to the individual if it fell into the wrong hands.
“So, ensuring we have the most robust practices, safeguards, and continued confidence of our customers as “good custodians” of their data, is vital.”
Stewardship in the age of AI
With AI being increasingly common within backend company operations, it is vital that the masses of extra data that comes with training it is kept on top of.
“AI is a promising and powerful technology that is poised to positively change industries from healthcare to financial services and beyond,” he said. “But that requires access to huge amounts of data to train algorithms that deliver the high levels of performance needed to be impactful.
“To realise AI’s potential benefits, organisations often must grant access to data and be able to trust their AI partners. This trust is built upon an ingrained sense of data stewardship that respects consumer privacy and treats their data as a precious resource, not a market commodity.
Data: if it’s the next oil, is it renewable or toxic?
The Economist magazine famously described data as the new oil. It certainly has the potential to grease the wheels of the digital economy, but with that are both opportunities and threats. Some go further, data they say is the new asbestos. Read here
“The success of AI depends on establishing and maintaining consumer trust with ingrained sense of stewardship that treats data privacy as a business requirement.”
The challenge of 5G
The arrival of 5G is now upon us, and this will increase the already vast array of connections between IoT devices around the world.
A recent study by Juniper Research found that the amount of low-power IoT connections worldwide is primed to reach 156 million by 2024, rising from 4 million in 2019, and this is bound to see a great increase in shared personal data that will need protection.
“As 5G continues to roll out globally, everything and everyone will become more connected than ever,” said Stan Lowe, global CISO at Zscaler. “IoT devices in the streets and in the home will all become connected with 5G. Our Alexa, our Google Home, our car and practically everything else will be constantly harvesting data and forwarding it to corporations for marketing purposes and to build your digital profile.
Why digital trust matters in the IoT
“We must become more aware that the advent of a connected, convenient 5G-enabled world brings the risk of creating an Orwellian society, run not by governments, but by corporations.
“As we use more technology, run by large corporations instead of the government, our personal data is utilised in ways we never imagined, to sell us, to sway us and to know us, better than we know ourselves. The more aware we are of this, the better.”
Innovation outpacing regulation
Lowe continued by stating that because government regulation on data protection tends to lag behind the innovation of companies, particularly start-ups, the duty of responsible use data use must be observed.
“It is no secret that up-and-coming companies innovate at a faster rate than governments can introduce regulations, such as GDPR,” he said. “With laws and governmental bodies usually about five to six years behind the innovators, who are constantly innovating on ways to use the data that they harvest, the onus is on these companies to use the data they collect in a safe, fair and ethical way.
“Ultimately, our data is a tradeable commodity, and corporations have a lot of power when it comes to how they use the data they collect. So, it is important that, going forward into the next decade, they use this data responsibly and ethically, as well as being as transparent as possible with us, their customers.”
Technology, regulation and the law: don’t be caught out. An example
Companies need more understanding of PII
In this day and age, there are so many kinds of data within company systems, and it’s important to know the importance of protecting each category.
“Until now, most organisations have focused their efforts on structured information, but they must also be able to understand what PII is located in textual documents. Archived data, in particular, is an especially pressing concern for most enterprises.
“AI-powered solutions will be instrumental in locating sensitive data and managing it through automated workflows. Today, organisations will also need to establish internal data governance practices to determine who is accountable for data security and enterprise-wide policy, which may include creating teams that blend technical and regulatory expertise.”