What is Privacy & What is Data Privacy?
This brief post tries to clarify often misunderstood terms - "Privacy" and "Data Privacy"
What is Privacy?
When an actor or a celebrity complains about the news media invading their privacy, what do they really mean?
The issue is that they want control over who sees them, when and under what circumstances. Despite their celebrity career they still expect a “private life”.
It’s much the same for the rest of us. We want control over information that we consider private personal information about ourselves. There are times when we choose to reveal personal things and times when we prefer not to. In this article, you’ll find out about your rights over your own personal information as well as your obligations, under privacy policies laws and regulations when handling other people’s personal information at work.
The Privacy laws and regulations typically revolve around 8 principles originally defined by the OECD – the Organization for Economic Cooperation and Development.
The 8 key principles of Data Privacy
Businesses must only collect personal information they actually need
Keep personal information accurate.
Justify why they need personal information when requesting or collecting it
Only use personal information for the things they said they would use it for
Secure the personal information while in their care.
Publish a privacy policy and stick to it.
Provide people with their own personal information if they request it and correct it if they point out errors.
Be accountable for the personal data
Apart from the adverse publicity, reputation damage and business impacts that follow privacy incidents, the data protection authorities can impose huge penalties, fines and additional controls on businesses that do not follow the above principles of privacy.
why is privacy so important?
why is privacy so important that we need laws regulations and policies to protect it?
Part of the problem is that personal information is commercially valuable. Mailing lists for instance are worth a few dollars per name to companies who want to send out promotional materials. Another factor is that personal information is vulnerable. A thief who steals someone’s personal information such as their credit card numbers may commit identity fraud. Also people may be blackmailed by someone threatening to publish highly sensitive medical information.
Organizations prosecuted for privacy breaches face crippling fines in law suits related to EU-GDPR – The General Data Protection Regulation.
The introduction of GDPR has a profound impact on organizations dealing with personal data around the world since it applies to personal information belonging to European citizens regardless of where it is used. For example, an American e-commerce business selling retail goods online is likely to hold personal data on European customers and hence fall within GDPR. They must also need to comply with American privacy laws and regulations.
Information security is a major concern in cloud computing. If you purchase something on Amazon eBay or some other cloud based company, personal information such as your name, delivery address, email address and credit card number could fall into the wrong hands if their cloud security and privacy controls are inadequate. This is a concern for individuals as well as corporations.
Think about your smartphone, for example. Anything picked up by the microphone or camera may be captured and perhaps transmitted over the network. Not just your phone calls, but anything that is stored on the device’s cloud storage. Hence, companies that sell smart phones, the cellular network providers and all the organizations that supply apps for smartphones have privacy obligations towards their customers.
Please remember to read and comply with the privacy policies and procedures and behave appropriately. Be wary of revealing your personal information to people and organizations that you don’t trust. Respect people’s privacy rights just as you expect others to respect yours. Report, if you come across, other people’s personal information at work as if it was your own, as soon as possible, so something can be done about it. Report privacy breaches and concerns as soon as possible so something can be done about them.