What is Data Privacy:
Something You Have A Lot Less of Than You Think
Have you ever been having a casual conversation with a friend about really wanting that new pair of jeans or suddenly becoming bombarded with ads for jeans, or maybe you’re getting ready to pop the question to your significant other and are met with a flurry of engagement ring ads? With today's technology, targeted ads are a huge moneymaker for business and much more cost-effective than traditional advertising tactics. Now, rather than having to pay for ad space on a specific TV program or publication, companies can pay for the ads to be on literally whatever medium you are consuming.
How Do They Get My Data in the First Place?
Pun intended, but a lot of people have their hand in your data cookie jar. You've probably seen websites that have a little pop up that says some version of “We Use Cookies.” If you’re not familiar with cookies, they essentially keep track of your activity whether on a singular site or across multiple. Companies utilize these cookies for valuable metrics about the site traffic as well as information about their consumers. These cookies can then be used for targeted marketing so that companies can advertise directly to someone who may already be interested in purchasing their product or service. All in all, cookies are an essential tool for anyone in an e-commerce space for data and analytics. They may seem harmless to some, but the main hang up for others is that the information they gather is their personal information, and they have the right to privacy and often just being left alone.
Many view their social media as a consumer-product relationship where the user is the consumer, but have you ever considered you, the user are in fact the product? We live in an age where social media influencers make their entire living off of monetizing the content they produce and intentional cranking out carefully curated content to be consumed by a target audience. Similarly, companies use your data to carefully target specific advertisements to your specific tastes and interests based on bread crumbs of data you slowly leave behind as you navigate through the digital realm.
Whether we like it or not, we live in an age where our personal information is being tracked, collected, shared, monitored, you name it, they’ve got it. Your Internet service provider and other entities like Google can sell this information to other companies for the purpose of marketing.
One misconception about data privacy is that people have things to hide, when in reality most people just want the right to be left alone. Similarly to how you wouldn’t necessarily want your neighbor in your yard whenever they please. The platitude “good fences make good neighbors” seems to fit here. “Good data security makes good data privacy”. Sure, it’s not the end of the world if someone has your internet browsing history, but it should be your right to share that information with someone. At the end of the day, your data is a product that certain individuals are selling, or if not directly, indirectly profiting off of.
Data Privacy Vs. Data Security
The concept of data security inevitably makes its way into the conversation when discussing privacy. Data security prevents unauthorized access to data from a third party. Security is the means by which privacy is maintained. It’s essentially the measures put in place to protect an individual's rights to their privacy on a very practical level. Security is locking your doors at night, whereas privacy would be the not wanting people to see you inside your house. This doesn’t mean you are doing anything you wouldn’t want someone to see you doing inside your house, but it is a bit intrusive to have your neighbors looking through your window. In a similar fashion, data privacy is mainly identity the rights of the the individual and security measures stand to maintain those rights.
What Does Compliance Look Like
Data privacy compliance is not as cut and dry as having users opt in or out of data collections. From a legal perspective there are quite a few different interpretations of data privacy as well as what it actually means. Across the globe there’s HIPAA, GDPR, CCPA, to name a few. A common theme across the board is an emphasis on regulating the ways in which data is collected, shared, or stored. Each of these different pieces of legislation has their two cents on what privacy means and how it can be maintained. This can cause major headaches for international companies as compliance in one country could mean negligence in another. That being said, most legislation has administrative and technical safeguards that are required to be in place or the entity runs the risk of being fined or penalized.
Consequences of Non-Compliance
According to the Cost of Data Breach Report in 2020 by Ponemon Institute, the average total cost of a data breach is 3.86 million dollars (USD). These fines aren't just some slap on the wrist from Uncle Sam. In 2019 alone, Facebook paid out over 5 billion dollars in fines associated specifically with data privacy. That billion dollars solely for noncompliance related to mistreatment of personal identifiable information (PII). According to the Cost of Data Breach Report in 2020 by Ponemon Institute, the average total cost of a data breach is 3.86 million dollars (USD). While we can all agree we don’t want prying eyes on our data, this does cause major concerns for smaller businesses that can’t necessarily eat a multimillion dollar cost.
As these laws become more and more relevant and companies are being required to uphold certain regulations it’s important to acknowledge the relevance of data privacy to just about everyone with an internet connection. Not only as users does it directly affect our everyday lives, but as many work for companies that operate in an online space, noncompliance is a threat to our livelihoods and ability to maintain a competitive edge in this digital age. As our society becomes more and more reliant on technology data privacy will only become more relevant. It is important to understand how our information is being used and what can be done to make sure our rights are protected and upheld by the products and services we are using. As more and more consumers demand privacy, we will continue to flex to meet these needs to go beyond just compliance itself.