Data Protection Day 2021

Data Protection Day 2021 – what is ‘personal data’?

January 29th, 2021 Posted in Data Protection, Evalian News

Yesterday marked the 40th anniversary of Data Protection Day (or Data Privacy Day as our American cousins like to call it). On 26 April 2006 the Council of Europe launched a Data Protection Day to be celebrated each year globally, on 28 January.

What is ‘Data Protection Day’ for?

Data Protection Day serves as a reminder that personal data should always be treated with care and absolute transparency. Data security “health checks” should be an on-going process wherever data may be present to ensure you have appropriate controls in place to safeguard your personal information. Therefore it is important to remember that protecting data is more than just a yearly event. Protecting your personal information should be made a regular priority for individuals and organisations alike.

What is classed as ‘personal data’?

Personal data is at the heart of the GDPR, however, many are still unsure of just what exactly ‘personal data’ is. Personal data is information that relates to an identified or identifiable individual. As a result, if it is possible to identify an individual directly from the information you are processing, then that information may be personal data. There is no definitive list of what constitutes personal data but it could include, for example, name, ID number, location, marital status, ethnic origin, religious beliefs, political opinions, genetic data, health data or even sexual orientation.

That’s a vast amount of information, more so when you take into account just how much information is readily available from a person’s social media accounts. Those may be the obvious culprits, but what about your handheld device? How much do you really know about the personal data you’ve shared unwittingly when downloading an app, do you know what is being done with that information? You’re not alone. For example, in a recent survey by Pew Research Center, they found that four out of five people surveyed, feel they have no control over the data collected about them.

How do they collect it?

Picture this common scenario: You were snowed under all week with work, and now doing the food shopping feels like a mammoth task. You visit the supermarket’s website on your phone to order your weekly shop, but you need to install another app to place the order. Then it pops up, the legalese, the permissions. You click “accept” over and over, just to get it done without a second thought. One of those things you most likely agreed to in your haste, was the app’s privacy policies.

Before you panic, it’s worth being aware that we actually have a lot more control over our personal data than you think. We just need the knowledge to understand the information deep within those lengthy privacy policies.

Under the GDPR, a privacy notice should disclose information such as:

  • the type of data collected
  • purposes of its use
  • how the information is collected (e.g cookies)
  • the validity of the privacy policy
  • possible policy changes and how you’ll be affected
  • what control you have over your data
  • the security measures in place to protect your data
  • whether any third parties will have access to your data
  • the people accountable for the company privacy practices and their contact information

“That seems straight forward enough” I hear you say. But the main challenge lies within understanding the “legalese”. Add to that, some policies are so long that they take time to read – as an example, Facebook’s privacy policy takes over 15 minutes to read through, which is fairly standard. How many people who own an account on Facebook have taken the time to read through it’s privacy agreements? We’re going to guess a small percentage compared to active users.

But thanks to certain requirements in the GDPR, privacy policies may be getting shorter and easier to read. Nevertheless, it is a good idea to learn some of the key data protection terms in order to gain an understanding of your data rights. We have laid out some common terms to guide you, here.

So what is the value of your personal data?

What would it cost you if someone stole your identity by hacking your accounts? If they impersonated you on your social media accounts and isolated your friends and family? What is your reputation worth? All of these are worth securing. Perhaps that’s where we can find the true value of our data, after all, knowledge is power.

Need help?

If you are trying to clarify whether you are at risk of a data breach, or want to discuss what your business needs in order to prevent a breach, we can help. Our highly qualified, expert consultants offer a wide range of data protection services

GET IN TOUCH

KM Headshot

Written by Kate Mingo

Kate is our Digital Marketing Manager. She started out her career in graphic design and eLearning and has a number of years' experience in corporate branding, communications and marketing, predominantly within the Oil & Gas / Energy industry. Her qualifications include a First Class Honours degree in Visual Communication from Robert Gordon University, as well as certificates in Social Media, Digital Marketing and Google Ads.