Why is Data Protection so Important?

The importance of Data (and Data Protection) to your Company

All companies have data, such as personnel files, customer data, product information, financial transactions, etc. Decisions management makes are based on this data as are the work processes followed by employees to deliver quality products and services. In fact, data is one of the most important assets a company has. For that reason alone, data protection should be a top priority for any company. This includes guarding the availability of the data to employees who need it, the integrity of the data (keeping it correct and up-to-date) and the confidentiality of the data (the assurance that it is available only to people who are authorized).

Regarding customers, ensuring their data is held safe is the minimum people will expect from companies they deal with or invest money in. Adequate data governance builds trust. It safeguards the reputation of your business, establishing you as a brand that people can trust with their data.

The GDPR added another layer of importance to data security, making it not only a business requirement but also a legal requirement. The GDPR requires a controller to ‘implement appropriate technical and organizational measures to ensure and to be able to demonstrate that processing is performed in accordance with the Regulation.’ An important part of those measures is security awareness training: employees need to be aware of the importance of keeping to the data security procedures and processes. Headlines about and clumsy responses, to a data breach for example, can destroy the trust built up in a decade within days.

The Risks of ‘your online presence’

Everything we do online reveals small pieces of our real existence. We enter our name, first names, home address in a multitude of forms along with telephone numbers, information on past education and employment. We search for information about articles we are interested in, we buy online, we enter all kinds of information and opinions on social media. All websites where we enter this data get to know very small parts of us.

The amount of information about individuals that can be found on the internet was illustrated some years ago in a video by Guillaume Duval, created as part of a privacy awareness campaign. The video introduces the extremely gifted clairvoyant Dave, who appears to be able to ‘see’ extremely detailed private data about his clients. The ‘magic’ behind the magic turns out to be even more creepy.

Personal Information Puzzle Pieces

There are companies linking together all of those little tidbits of information about you that you have entered in various websites over the years.  This data leads to a very detailed personal profile, which greatly helps to personalize direct marketing very specifically to you. This way advertising can be directed to the products and services you have thought about, slowly nudging you and seducing you into a purchase. More dangerous is that such a profile can also be used for political purposes. History has taught us that detailed knowledge of people’s ethnic background and political or religious beliefs can, in the wrong hands, literally be life-threatening.

Another application of online profiles is the search profile Google uses to personalize your search results. Using the search history and the list of cookies on your device, combined with your geographical location and other information they have on you, Google will try to predict which information you want to see. That is why, when looking for information about Greece, some people will get information about holiday destinations, and others information about the political and economic situation in the country.

The Filter Bubble

At first glance, this seems very convenient but it is also dangerous. Eli Pariser coined this ‘The filter bubble’ in his book by the same name[1]:

As a result, each of us will live increasingly in our own, unique information universe: the ‘filter bubble’. We will receive mainly news that is pleasant, familiar and confirms our beliefs – and since these filters are invisible, we won’t know what is being hidden from us. Our past interests will determine what we are exposed to in the future, leaving less room for the unexpected encounters that spark creativity, innovation and the democratic exchange of ideas’.

What can we do to protect ourselves?

We all know the security basics, but they only help if you remain vigilant:

• Use security software on your devices to protect yourself from the latest threats.
• Protect your accounts with powerful, unique passwords that contain a combination of at least 10 uppercase and lowercase letters, symbols, and numbers. Don’t write them down, not even in a password protected file, but use a good password manager.
• Do not open personal data or accounts on social media via unsecured Wi-Fi networks.
• Use a spam filter, to filter the most obvious unsolicited e-mail. Note that the filters are not perfect. They can miss some, or mark a message you did want to receive as spam.
• Think carefully before you click on random links or open unsolicited messages and attachments. Often you can see where links lead to by hovering your mouse over the link, without clicking it. If you think to receive an e-mail from your bank with a link to a website registered in some far away country, you should not click the link, and destroy the e-mail.

To minimize your online profile, you should never enter any personal information in a web form which is not relevant for your purpose. If you order something on the internet that must be delivered, the supplier needs to know your address details and transfer that to a courier service. They need your credit card details or bank account number to check payment. If they ask for more personal information, you have a right to ask why. Just call them. If you do not get a convincing answer, or if you cannot reach them during office hours, you do not want to trust them with your personal data or your money.

[1] Eli Pariser. (May 2011). The Filter Bubble. ISBN 9780141969923 (Ebook with DRM)

This article has been written by guest author Leo Besemer.