What is Data Privacy Day?
Data Privacy Day is an international effort to empower and educate people to protect their privacy and control their digital footprint. It is celebrated on 28 January each year to commemorate the signing of Convention 108, the first binding international treaty dealing with data privacy. In 2008, it was extended from the original European celebration to include the US and Canada. It is led by the National Cyber Security Alliance, a not-for-profit cyber security education and awareness organisation.
What happens on Data Privacy Day?
There is broad participation by many stakeholders in events and discussion/initiatives. Last year, it earned substantial media attention and discussion in social media and blogs. This year it will include:
- A National Cyber Security Alliance kick off event in Washington bringing together the privacy community to discuss issues facing businesses and consumers.
- Privacy After Hours events around the world facilitated by the International Association of Privacy Professionals.
- A series of webinars on data privacy issues from organisations such as CoNetrix, metriQuality and EDUCAUSE.
- Workshops and symposia around the world from organisations such as Online Trust Alliance, and the US Department for Transportation and Federal Aviation Administration.
- A screening of "Terms and Conditions May Apply", the award winning data privacy documentary by Cullen Hoback, at the Touro Law Center in New York.
What is happening in the privacy world?
- Snowden story: The last 12 months have seen the revelations by Edward Snowdon about monitoring of internet traffic, email and telephone use. This has put privacy and data security firmly on the political agenda. Angela Merkel’s phone was, allegedly, tapped; the European Parliament has called for the suspension of Safe Harbor (which allows the transfer of personal data to the US); while the European Commission has recommended that Safe Harbor be upgraded. Expect more negotiations on and sensitivity to privacy law risks in the remainder of 2014.
- Data breach and enforcement: The recurring story of data breaches continues, most recently with Target and Snapchat who were reported to have lost millions of credit / debit card numbers and users names / phone numbers respectively. Expect companies to implement more data privacy governance to help manage the risks.
- EU Data Protection Regulation: Since publication of the new EU Data Protection Regulation in January 2012, the content has been subject to a huge number of amendments and lobbying. In October 2013, the Committee on Civil Liberties, Justice and Home Affairs of the European Parliament (LIBE) voted on a package of compromise amendments. This includes proposals to increase fines from 2% of annual worldwide turnover to 5%! It is unlikely that the Regulation will be adopted in 2014. The jury is still out as to what happens next.
- New Data Privacy Laws: In 2013, we saw an acceleration in implementation of privacy laws around the world, often based on the EU model. New laws include countries as diverse as Malaysia, Singapore, Kazakhstan and South Africa. Proposals for new law include other countries such as Brazil. The “data privacy club” is growing in size.
- New technologies: Developments such as Google Glass, and the use of mobile location analytics and facial recognition technologies have all made the headlines. Businesses are excited by the possibilities but consumers are (rightly) concerned about the impact on them. Expect to hear more about these and other similar technologies.