Source: Security Magazine
29 Jan 2020

The theme of Data Privacy Day 2020 is “Own Your Privacy.”

Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe and is officially led by NCSA in North America.

With the California Consumer Privacy Act taking effect this year and other states considering similar legislation, data privacy has become a growing concern for businesses and consumers alike, says StaySafeOnline. The organization cites a recent survey by Pew Research Center that found that a majority of Americans think their personal data is less secure now than five years ago and that data collection by businesses and government poses more risks than benefits. “Yet while these concerns increase, few people understand what is being done with the data that is collected and how it is used and shared by businesses, which can monitor, store and sell the data for profit. That is why the theme of Data Privacy Day 2020 is “Own Your Privacy,” notes the organization.

Steve Durbin, Managing Director of the Information Security Forum, notes that, “The requirement for maintaining data privacy has increased as privacy regulations have been adopted by many more jurisdictions since they were first introduced. Fines for breaching data privacy regulations have multiplied, and penalties can be more severe than fines. Increased public awareness and media interest have led to potential commercial and reputational consequences for non-compliance. The risk of private data being compromised has increased as systems are increasingly accessible via connected devices and vulnerable to cyber-attacks.”

“With all of the focus on breaches and the loss of personal data, it is understandable that the main attention for organizations today seems to have shifted to data privacy – after all, we are seeing a growth in legislative requirements to protect personal information along with the associated fines and sanctions for non-compliance,” Durbin adds. “Most governments have created regulations that impose conditions on the protection and use of personally identifiable information (PII), with penalties for organizations who fail to sufficiently protect it. As a result, data privacy and the protection of PII, afforded protection under the General Data Protection Regulation (GDPR) in the European Union (EU) the California Consumer Privacy Act (CCPA) and the New York Privacy Act appear to be here to stay.”

“What is clear is that privacy is becoming more of an issue in the United States,” he says. “And there is a very real need for a Federal law to avoid States introducing their own variations and interpretations on privacy which adds a further compliance burden to already overstretched businesses looking to understand and comply with their obligations across the various regions in which they are transacting business. The good news is that the formal enactment of the CCPA is going to add momentum to endeavors within the United States to formalize a sweeping federal law on data privacy.”

Read Full Article