You probably don’t realize it, but you are constantly producing data on a daily basis. If today you surfed the internet, used a smartphone, logged into social media, or even wore a fitness tracker, you have been sharing your personal information.
What is data protection?
Personal data is any information relating to you, whether it is from your private life or your public life. Data protection is exactly what it sounds like – the process of protecting your personal data. It is directly tied to the collection and dissemination of your personal information. Data protection aims to strike a balance between individual privacy rights while still allowing personal data to be used for business purposes.
Data protection deals with both the integrity of data (preventing corruption and errors) and the privacy of data (making sure it is only accessible to those with certain permissions). Both data integrity and data privacy are usually taken care of by the company who has your data, like Google or Instagram, but it’s often the presiding government that creates the regulations surrounding said data.
There are also different degrees of data protection. For instance, a highly classified government document would be highly protected whereas your purchasing history on Amazon is less protected. The lengths to which your data is protected depends on the country you live in, as well as what your data is involved with. For example, your medical information is a lot more protected than your browser history. There are a lot of variables that go into how protected your data is, and much of it has to do with the laws set by government bodies.
Why is data protection important?
Imagine that someone had access to your entire online life. They could see every search you made, every item you purchased, every place you visited, every video you watched, your emails, chat logs, and even photos and videos of you that had been posted online. That is a lot of information for someone to have.
Now imagine what that person could do with all of that information. They could target you with specific ads, steal your money, show you articles that they know you will engage with, apply for credit cards under your name, limit what information you are shown regarding politics, or even create a deepfake using your image. Some of the things I just listed don’t sound that bad, but they certainly feel insidious, and that’s because they are.
There are countless stories of people feeling like companies have invaded their privacy, and in some cases caused real harm. Several years ago, a story went viral when Target sent a teenage girl coupons for baby items when her family had no idea she was pregnant. Target was analyzing items that customers purchased and from there, ranking how likely they were to be pregnant. A woman with a high “pregnancy score” was likely to receive coupons for baby, nursery, and pregnancy-related items in the mail, which was exactly what happened to the teenager in the story. Kind of creepy, right?
And then there is Facebook, probably one of the worst offenders when it comes to data privacy. The recent Cambridge Analytica scandal, where the company misused users’ personal data to influence the 2016 presidential election and Brexit, is probably the one everyone is familiar with. Cambridge Analytica created personalized messaging for different user types, and gathered all of this user information under the guise of a personality test it ran through Facebook. Of course, this was highly illegal, and Facebook has been under scrutiny ever since. Unfortunately, Facebook also owns WhatsApp and Instagram, making it hard to escape the company.
Your data can also be used by malicious actors to steal your own money, catfish other people, or to sell your information to criminals. Data breaches are a common occurrence, and most of the time they fly under the radar. Just this year there have been over 50 notable data breaches of major and minor companies alike.
There are hundreds, if not thousands, of cases like these. The scary part is that we all knowingly accept privacy policies that we don’t actually read on a regular basis, and blindly trust behemoth companies to adequately protect our information. Sometimes we are handing over our information and allowing it to be sold without even realizing it. This is why, over the years, several countries have introduced legislation in an attempt to protect data privacy.
How is my data protected?
The concept of privacy as a human right has been around for a long time, but was first formally recognized when the United Nations created the Universal Declaration of Human Rights in 1948. In it, the right to privacy was included as a fundamental human right. While only 48 countries adopted the declaration at the time, and the declaration itself was not legally binding, it was an important first step.
With the dawn of the internet, privacy has continued to be a hot topic. In Europe, this led to the introduction of the General Data Protection Regulation (GDPR) in 2018, which aimed to give European citizens more control over their personal data. Included in the GDPR is the right to be forgotten, a landmark law which gives people the right to have search results about themselves removed, but only under specific conditions.
In the United States, data protection is far less regulated. While there are certain laws in place to protect certain types of data (such as HIPAA for medical information and COPPA for data regarding children), there is nothing comparable to GDPR on a federal level. Aside from these few laws, data protection is mostly dealt with on a state level.
Interestingly, the state of California created the California Consumer Privacy Act (CCPA) in 2018, which has been called ‘the US GDPR’. The CCPA creates some of the strongest consumer data protections in the United States and is expected to have a big effect on companies like Facebook and Google, who are headquartered in California. The law does not go into full effect until 2020, but many hope that other states will follow in California’s footsteps when it comes to data protection.
As data protection laws vary greatly depending on your jurisdiction, you can check to see what laws your country has in place regarding your information here.
How can I protect my own data?
There is limited action that you can take as a private citizen to protect your own data, but it is important to take a few extra steps in order to keep your data private. Using a VPN is always recommended and grants you a little anonymity on the internet.
Most internet browsers allow you to use incognito mode or private mode when you surf the web. It sounds like that would protect your data, but all it does is hide your browsing history; different websites can still track your activity.
It is also important to keep all your programs and apps up to date on your phone and/or computer, as most updates are to improve security. It is quite simple to turn on auto updates, which could save you a world of trouble in the event of a hack or data breach.
You should also read our article on how to protect yourself from identity theft, as leaving your personal information unprotected can also allow someone to steal your identity.
Data protection is an ongoing issue, and one that requires you to do your due diligence. It is not enough to trust the companies that you give your data to, as they are vulnerable to data breaches and don’t always follow the law. We need to take proactive measures to protect ourselves when it comes to our personal information.
Data protection and privacy are topics that have been around for a very long time, and will continue to be a hot button issue in the future. It is important that we stay aware of new laws and policies that could change the way our data will be protected and used in the future. While it is certainly an issue that will become more complicated as technology continues to develop, it is one we should continue to fight for.