Data Protection, Data Privacy and the art of thinking before sharing
Your data’s best enemy: a sleeping consciousness.
Data Protection, Data Privacy and the art of thinking before sharing.
It’s part of my job to scan publications online and offline on a daily basis. One of the keywords on my radar: Data protection, and very often the connected one Data Privacy.
Some of the articles are what I would call of general concern, others, over the past few months, talked about the legislative changes in Europe, the end of the current Safe Harbour ruling.
Most recent articles explained the impact of the new European data protection regulations, possible massive hacking attacks but what I’m really missing is a discussion about data responsibility.
Let me start with an example:
I recently purchased an item from one of the big online retailers. When given the expected delivery date I realised I wouldn’t be at home, so I chose the newly opened, conveniently around the corner located pickup franchise.
The good purchased arrived in time and, as I left my mobile number, a text message told me when and where it would be available for collection.
What is it exactly you need my data for?
Arriving at the shop, presenting the collection code I was prompted with an iPad and asked to fill in my details to collect my parcel. Of course, I couldn’t resist asking the shop assistant why I’m supposed to sign up as I already have a valid collection code. Some mumbling and stuttering, something about being able to collect again and drop parcels in the future followed.
I took the liberty to tell the young lady that this is actually already possible since the company I ordered from has a partnership with the company she’s working for. I pressed a bit harder (sorry, that’s me, I’m used to dealing with data for too long), what the data she’s trying to collect will be used for, where the legal requirements for obtaining these details before handing over my parcel is available for review (yes, I wasn’t too nice, but hey, we’re talking about my home address details, phone number, email, birthday, etc.), as I wouldn’t be prepared to disclose personal information without reviewing their T&C’s to make sure my data’s safe with them.
The poor thing blushed, looked rather lost for her manager, and eventually handed my parcel over without me having to leave any additional personal details but simply signing the screen of the barcode scanner that I’ve successfully collected my item.
I don’t blame the young lady; she was instructed by her manager, and he probably by his and so on. I blame whoever in this company is responsible for this process. It’s clearly a sales and marketing effort to collect customer data to subsequently contact these clients (And if it were my company I might consider doing the same – shame on you, Petra!).
Making conscious data sharing decisions
BUT I made the conscious decision not to share my data with yet another data collector. To protect my details. No data privacy act required no source for anyone to hack my account.
Data privacy and data protection are a rather recent development, and looking back only 50 years, espionage was the only place where even individuals felt a bit “odd” when it came to spooks getting too close to them. With the omnipresent digitalisation and sharing of data, things have changed drastically.
It’s not always as simple as in the shop, refusing to sign up but in many cases we’re too quick sharing our personal information for what, some shiny customer club card? Promising us rewards we never manage to get, or taking a closer look at it, being of such poor value that I rather as myself: do I really need this reward or am I better off not sharing my sock size?
Add legal regulations but don’t replace responsibilities
Data privacy starts with actively thinking about how you share your data. In addition, we need laws and regulations making sure those collecting and handling our data do the right thing with it, and above all protect it.
All this applies to all our data, from filling in the tax form, via signing up for a rewards card across to social media (going into these details here might just be topping it for now).
The other solution would be a change in attitude and being “ok” with being a transparent human being. Leaving us with only one headache: How are our financial details, i.e. money being protected. Well, unless we’re getting rid of the current way how we handle payments.
Until then I continue with thinking first and then sharing and keeping the hopes up for more sophisticated data storage structures making intrusion and theft as hard as possible (which means slightly contradicting myself, believing in what you can program you can crack).