Data Protection day, or Privacy Day whatever you wish to call it is an ideal opportunity to consider the importance of not only our personal data, but that of others. Every day we are entrusted with others personal data within our work environments and also private lives. This year’s ICO theme, ‘Putting Privacy First’, allows us to take what we want from the concept – whether we wish to continue the focus on accountability of our third parties (see yesterday’s Magrath Sheldrick’s post), or alternatively if we wish to review our own daily practices. Are we collecting client emails within our inbox as it’s quick, ‘a convenient template’ that we can refer when needed. Are we data minimising, reviewing ensuring data is up to date? Are we checking client matters are live, or can they be closed? Do we take that extra minute to encrypt that email. Are we putting our organisation (effectively our own jobs) at risk when we open email links without properly reading senders details?
Helping ourselves is the first step in ensuring our own data privacy is put first. We can do this by conducting our own informal (or formal if you wish) data audit. It’s not as geeky or scary as it sounds – it simply means that you need to think about where your data is, who has it and if you want them to retain control over it. Think about unsubscribing from unused websites. Revisit your passwords, it may be convenient to use the same one for multiple sites, but it takes only a minute to create a secure log of passwords that may just save your time, money, aggravation and most importantly your personal data in the long run.
With the recent advancements in technology, sharing personal data with others not only creates global opportunities, but also risks. Privacy is a fundamental human right (Article 8), essential for the protection of our freedoms and autonomy, also still protected by the only international data privacy treaty protecting our personal data (Convention 108). The Council of Europe has recognised how difficult it is to understand one’s own on-line rights, and so have created some guidance to assist. The guidance which can be found at (CMRec(2014)06E Guide_HR_with_ExplMemo.doc) is useful in guiding you through best practice, including what to do if your rights are being compromised. Well worth a read!
Moving forward data, and so data protection, is more important today than it ever has been. Personal data is invaluable; a commodity to others in it’s own right not just as a potential consumer of goods or services (public or private). It is also valuable to malicious actors for reasons such identity theft/fraud or targeted ransomware / malware attacks.
If you think managing your personal data is difficult now, it is important to bear in mind where technology and data rights are headed. Soon you may need to consider your rights in the fields of neural data and mental privacy. The integration of neurotechnology in various fields such as healthcare and marketing pose unique privacy threats and risks.
It is important than ever before to take ownership, develop good practices and control over your own data. At the very least, stop, read and restrict those cookies. Starting to embed these practices now is essential, so use today to re-evaluate your personal data locations and your own practices.
No matter what you want to take from the day, or data protection week – just taking a moment to reflect upon, your data and your data practices and making some changes to your data management will help to keep yourself, your family and workplace safe.
Data Protection is a fast-moving landscape. Our data team can help your organisation with your data protection journey, whether that is auditing current data practices, advising on policy drafting and implementation, managing DSARs or helping you implement a breach protocol should the worst happen. For further assistance contact our Data Team at [email protected] or our DPO at [email protected].
Author