Commentary by Victor M. Rivers
U.S. European Command
These days there seems to be a National Day for everything. We have National Cheese Day, National Ice Cream Day, even National Tug-of-War Tournament day. But today is a day that everyone should pay attention to all year long — National Data Privacy Day.
Data Privacy Day began in the United States and Canada in 2008 as an extension of the already established Data Protection Day in Europe, which commemorated the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. In 2014, the U.S. Congress adopted a resolution supporting Jan. 28 as National Data Privacy Day.
So why should anyone be interested in National Data Privacy? Well, it is because the vulnerabilities to data theft and misuse are a global issue. National Data Privacy Day has several goals. The first is to raise awareness and educate consumers to better understand how their personal information may be collected and the benefits and risks of sharing personal data. Another is to empower consumers to express their expectations for the use, protection and management of their personal data.
We in the cyber security world want to inspire you through concrete, simple and actionable tips for actively managing your personal data. We want to encourage and motivate you to consider the privacy implications of your online actions for yourselves and others. We want to encourage businesses to be data stewards by being open and honest about how they collect, use and share personal information and clearly communicate any available privacy and security controls.
It’s critical for consumers to understand their rights and importance of protecting their personnel information. Your personal information can be utilized to open consumer accounts for unscrupulous use. Have you ever thought about how many times you’ve given out your Social Security number without thinking about the consequences? Or why so many organizations say they need it? If you haven’t, you’re not alone. Social Security numbers are the most important piece of information a cybercriminal needs to commit identity theft. Yet many consumers don’t worry about handing over their most valuable identity asset until it’s too late. A stolen Social Security number allows a criminal to use your identity to apply for credit or a mortgage, use your health insurance, and even by a home or escape arrest, all in your name, using your information.
Even though they were never intended to be used as universal identifiers, Social Security numbers are the most commonly used record-keeping number in the U.S. They’re linked to your bank account, credit score, residence, employment, and much more. To make matters worse, the unsecure ways social Security Numbers are stored and transmitted make them the prime target of identity thieves. You should challenge or object when businesses and organizations request your social security number. It could save you a lot of grief later.
Are you paying attention yet? Well, maybe you do protect your Social Security number. But what about your social media accounts? Do you know your vulnerability there? When you download a social media application on Internet-connected devices, you may be allowing the app to collect and use your personal information such as your contacts list, family members’ information or your current location and residence. If possible, look at the application permissions before downloading, and make sure you are comfortable with the information it requests and collects.
Facebook alone maintains a plethora of personal information on account users, and the information they collect and sell is growing daily. Before posting online, think about how it might be perceived now and in the future, and who might see it. Think about what you are posting and how it can be used by cybercriminals. Set the application privacy and security settings on web services and Internet-connected devices to your comfort level. It is a good idea to limit how and with whom you share information. Be aware that when you share a post, picture or video online, you may also be revealing information about others unaware. Be thoughtful when and how you share information about others.
My challenge to everyone this National Data Privacy Day — Look at all your devices that connect to the Internet (this includes your smart phone) and ensure they are updated with the latest virus protection software. Review the setting on all your social media accounts, including Facebook, Twitter, Pinterest and Instagram. These are just a few of the most popular sites, but there are hundreds more. Ensure these sites are sharing what you want to share with the world based on your own personal risk tolerance. When sharing critical information across business sites for banking or purchasing, be sure that information is encrypted and the sites are legitimate. National Data Privacy Day is for your situational awareness and protection.
For more information on Data Privacy Day, visit www.staysafeonline.org. For resources on how to protect your data, visit www.staysafeonline.org/data-privacy-day/privacy-library.