Your data is important. Businesses collect and analyze data about your buying habits so they can sell more goods. Unfortunately, fraudsters try to steal and sell personal information for financial gain. Whether lost in a data breach or stolen through phishing, details such as your name, date of birth, and even medical status can be used to conduct identity theft and compromise your accounts. As revealed in a recent survey1, many consumers feel they’re not able to adequately protect their privacy online:
- Forty-three percent of consumers feel they can’t protect their data online. For those who were 55 and older, that number rose to 52%.
- Three-quarters of consumers find it hard to determine what companies are doing with their data. Half of respondents were resigned to the sentiment, “If I want the service, I have to accept how my data is used.”
Laws protecting consumer data privacy
Fully implemented across the EU in May 2018, the General Data Protection Regulation (GDPR) requires businesses to protect the personal data and privacy of EU citizens. Any transactions between an EU citizen and a business located outside of the EU also fall under GDPR protection. The GDPR provides protective rights for individuals including the right to access their own data and request that personal data be removed or deleted. Additionally, opt-in/opt-out notices and terms must be clear and precise.
In Canada, the Personal Information Protection and Electronic Documents Act (PIPEDA) went into effect in 2018. It requires organizations to obtain consent to collect, use or disclose personal information. Individuals have the right to know why an organization collects data, who is responsible for it, and how it will be secured. Individuals also have the right to obtain access to their personal information and ask for corrections to it.
The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020 and grants similar rights and protections to California residents as the GDPR gives to Europeans. It may take time for this law (and similar laws in other states) to effectively stamp out the worst privacy infringements, but eventually, regulations like these will force many companies to be more transparent and collect less data.2
Why online privacy awareness and training is important
Since the GDPR came into effect, consumer knowledge and awareness of online privacy has grown. Over the last two years, data privacy complaints increased in France, Germany, and the UK.3 More Americans can correctly identify phishing scams and understand online cookies. However, more education is still needed. A recent survey revealed only 28% could accurately identify an example of two-factor authentication—an important tool to secure personal accounts and protect privacy.4
What you need to know to inform and protect your kids
Good data management is one of the keys to effectively protect your privacy. Just because a Facebook survey asks you to provide your political and religious affiliations on your profile, doesn’t mean you must or should. Similarly, you don’t have to provide your child’s new Internet-connected toy or gaming console with your child’s name, birthday, or location. Keep in mind that while it’s important not to overshare information about your children online, it’s equally vital to educate them about smart online privacy practices.