What is Data Privacy and Why is it Actually Important?

Twitter's recent fine related to user privacy (Techcrunch, 2022), has made everyone in the cybersecurity industry wonder about how Data Privacy should be appropriately handled, not only at the interior of an organization, but among users and clients.

On May 25,2022, the US Department of Justice announced it had finally come to an agreement with the social media giant regarding a fine of $150 million USD and several commitments to level up its responsibility with users’ private information. According to authorities, Twitter had been hiding from its users, between 2013 to 2019, that it was using their personal information to help companies carefully target them with advertising. Disclosed information included users’ phone numbers and emails, which were obtained by the network when users were asked to secure their accounts through 2MF.

Data Privacy, also known as Information Privacy, is a practice that aims to carefully secure and manage data (including the way it is collected, stored,and shared) by following different types of data protection regulations and privacy laws. These laws and regulations may vary depending on the country, but there are some such as the EU’s GDPR (General Data Protection Regulation) which robustly regulate these data protection initiatives.

Both Data Privacy and Data Security make up the entire system of Data Protection, which is why these terms should not be used interchangeably. Even though there exists no actual definition for Data Privacy, it differentiates from Data Security asit focuses solely on assuring compliance with data protection laws and regulations, while Data Security measures if an organization is taking action to prevent unauthorized parties from accessing the information. Actions may include access control, encryption, and network security.

According to Data Privacy Manager, Data Privacy “focuses on the rights of individuals, the purpose of data collection and processing, privacy preferences, and the way organizations govern personal data of individuals. It focuses on how to collect, process, share, archive, and delete the data in accordance with the law.”

Data Privacy enables individuals to have control over their data, thanks to the Privacy Laws that regulate it. These laws protect the data owner when defining how their information can be used, by who and under which circumstances. Organizations that have access to their users and clients’ information, such as Twitter, have the responsibility to be transparent and compliant with the Privacy Laws established, and must be held accountable if they don’t adhere to such principles.

To start gaining expertise on Data Privacy, whether you are already a cybersecurity professional or an entry-level enthusiast, there are several steps you might want to consider:

1.  Get to know the basic terms andpolicies: Some ofthe most relevant data protection regulations include GDPR and the California Consumer Act Policy (CCPA). Getting to know them, as well as their terminology, will help you understand their foundation, as well as the tools needed to measure their compliance.

2.  Learn how to use technology for compliance: This means translating regulatory requirements found in the Privacy Policies into technical requirements.

3.  Get to know the tools that can be used for compliance: These tools might include environments for data management, data store access control, and cloud IAM.

Sources:

AFP, Le Monde with. “Data Privacy: TwitterAgrees to Pay $150 Million in Fines.” Le Monde.fr, Le Monde, 26May 2022,https://www.lemonde.fr/en/international/article/2022/05/26/data-privacy-twitter-agrees-to-pay-150-million-in-fines_5984691_4.html.

Bellan, Rebecca. “Twitter to Pay $150M Penaltyover FTC Privacy Violations.” TechCrunch, TechCrunch, 25 May 2022,https://techcrunch.com/2022/05/25/twitter-agrees-to-pay-150m-for-breaking-privacy-promises/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAAMfobH9DpcoWj4rDj0KG9O3-cY9Gr2MJq9w0OrsqiNepCvjLcE6Ol4vXim-Dq2sWNivKFvLrAXuqdeQ-0AQ9ySeJivOyYqchbrg9cyiIGa_1J2dlnfPJg6g9LXIyycbZ22ZXVK29gCS_VStGMGFRhIZgB9iO1ECcwGVuSeI78UZi.

Data Privacy Manager. “5 Things You Need toKnow about Data Privacy.” Data Privacy Manager, 17 May 2022,https://dataprivacymanager.net/5-things-you-need-to-know-about-data-privacy/.

Nathan EddyMarch 29, 20218 min read.“Developing Your Data Privacy Skills Is Key to Many Technology Jobs.” DiceInsights, 29 Mar. 2021,https://insights.dice.com/2021/03/29/developing-your-data-privacy-skills-is-key-to-many-technology-jobs/.

‍

‍