We’ve all seen the headlines.
It seems like almost daily a major business makes the news for a data breach. In case after case, we learn that big companies have failed to protect customers’ private and sensitive information.
In our digital age, businesses have the technological ability to collect tons of data about us, their customers — everything from our personal information like age and address, to our banking information like credit and debit card numbers, to more sensitive data like our browsing and purchasing habits. Internet users have a reasonable desire that that data will be kept safe and secure, but we all already know from reading the news that that’s not always how it works out.
So what can you do to protect your data privacy?
As a consumer, the onus is largely on you to understand your consumer data rights and what you can do if they may be infringed. And this guide can help!
Read on to learn about what data privacy is, why it’s important, the laws that are in place to protect you, how companies are using (and abusing) your private data, and what you can do to protect yourself in the digital world as data becomes more and more important — both to businesses and to you.
Data privacy is the concept of maintaining control and limited access to any of your personal information in digital form. This impacts how data should be handled, stored, and protected, with consideration to important or sensitive it is.
Think of it this way: When you introduce yourself to a total stranger, you probably don’t mind telling them your name. But on that first meeting, you typically don’t tell them your age and street address. You definitely don’t introduce yourself with a name tag showing your social security number. And you’re sure as heck not giving them make a copy of your credit card.
But in the digital age, you routinely transmit that information to companies via the internet. That means you’re putting a lot of trust in those companies to keep all that potentially sensitive data safe, secure, and private.
In practical terms, modern data privacy encompasses these things:
How businesses collect and store data
When and how data is shared with third parties
Legislation that dictates data privacy standards, like GDPR, HIPAA, GLBA, or CCPA.
Data privacy rules and regulations generally apply to what’s called critical personal information, which is generally considered to include two different types of data:
Personally Identifiable Information: Anything that can be used to identify you, including your name, address, social security number, banking information, etc.
Personal Health Information: Anything related to your health and medical history, including hospital or doctor’s records.
For consumers, data privacy is important for two main reasons.
First, people have a right to privacy. They have a right to the reasonable expectation that they can control who has access to certain data about them, and what that data can be used for. People should be able to control how personal data about them is collected, stored, and used. They should be able to give consent about how and what data is collected, stored, and used. Data privacy regulations protect those rights.
Second, and on a more practical level, data privacy is intertwined with data security, which is all the practices companies can use to protect data from being compromised by hackers, identity thieves, and other malicious parties. Data privacy regulations exist to try to create a standard of safety to protect consumers from things like identity theft, which can happen if their private data isn’t handled correctly by a business.