- You go to a bank, open an account; you hand over your data.
- You go to your doctor, you share your data.
- You go to your lawyer; you share with him your confidential data.
- You pay with your credit card, online or offline, you give your card data there, too.
- You open an email account; you fill out a form with your data.
That’s a lot of data we generate and we give away. It’s doesn’t matter whether we want that or not, but a lot of times we have to.
So, it is a matter of the institutions, companies, professionals that have our data to know how to keep it protected and not to abuse it.
They have a duty to keep our details safe and private and this process is known as data protection.
It is defined as a law that is intended to protect personal information that is collected, stored and processed by any means from corruption and/or loss.
Data protection includes actions that requires:
Data lifecycle management – a process that regulates the collection and transfer of personal data to online and offline storage
Information lifecycle management – process that regulates all aspects of dealing with data, including valuing, cataloging and protecting information assets from application/user errors, malware/virus attacks, machine failure or facility outages/disruptions.
Data controllers: Where are they in the process?
Each organization, that collects user’s data in any way and supervises the contents and use of the personal details users provide are “Data Controllers”. They can either be legal entities such as companies, Government departments or voluntary organizations or they can be individuals such as general practitioners (GPs), pharmacists or sole traders.
In the online world, Data controllers are the creators and administrators of the devices operating systems and apps we use. They most often follow us around both online and offline and include the companies and government departments we knowingly interact with but, also some we know nothing about.
The problem comes when these try to tease data out of us with a check box or a privacy setting or obtain data that we share or generate and do this secretly. When all this is collated and analyzed large dossiers can be produced on us, which furthermore can be sold and shared.
So, the only way citizens and consumers can have confidence in both government and business is through strong data protection practices, with effective legislation to help minimize needless monitoring by government authorities and regulate surveillance by companies.
Personal Information and Privacy
To prevent mass data collection, individuals and companies need to have the means to protect themselves and their data from being collected without their knowledge and what is more, it being abused.
Personal information is any kind of information that can identify an individual, like name, address, date of birth of facial image. Furthermore it can be credit card number, fingerprints, health record, computer IP address… Nowadays, online profiling is what companies do, and use tracking techniques to follow you around the net and build a profile of your behavior and interests in order to present you with advertisements.
So, personal information is the most sensitive data that can be collected and processed and it is what should be in detailed covered with the data protection laws.
Data protection has to be a way that provides methods how to safeguard our fundamental right to privacy, which is enshrined in the Universal Declaration of Human Rights, something that a lot of people are trying to break down with every excuse in law in order to make ruling or money.