January 28 is the official Data Protection Day, a day ‘celebrated’ in most European countries, as well as in the US and Canada.
In general, individuals have been quite unaware of the personal data being processed by businesses and organisations. The purpose of creating this day has been to raise awareness and promote privacy and data protection best practices.
So at DPOrganizer, we are obviously highlighting the importance of this day.
But why do we even want to celebrate such a thing as privacy and data protection?
These are matters of growing importance.
A decade ago, this day was newly introduced. Even a year ago, the value – and potential impact – of one’s personal data was still unknown to many. GDPR and the Cambridge Analytica scandal are some of the events that changed this.
Over the past year, awareness of privacy matters has moved further into everyday consciousness.
Data Protection Day is important.
As individuals, we understand the value of our personal data, and we expect businesses to process it according to our expectations.
And this is what privacy will be about moving forward – businesses being able to process data, not only in accordance with the expectations of the regulations, but also in accordance with those of individuals.
A year ago on this day, we launched Transparency Widget. A tool to help organisations be proactively transparent towards customers, individuals and employees.
2019 has kicked off with CNIL, the French supervisory authority, issuing a fine towards Google.
The fine was not imposed because of a data breach. Not because of lack of security. It was imposed because Google failed to comply with principles of transparency and having a valid legal basis for their processing (in this case, consent).
This confirms that companies need to put data subjects center stage. Businesses need to put effort into thinking about data subjects’ rights, expectations and general understanding of how their personal data is processed.
2019 will be the year data protection and privacy enters mainstream discussion for real. At the core of this, is transparency.
Supervisory authorities now have had time to get their house in order, awareness of individuals is growing, and businesses are maturing in their privacy programs.
As for the Google fine, the complaint was filed May 25th, 2018, and it still took 8 months to impose it. They decided to use the big hammer right away. Many investigations are going on across the EU, so more results are surely to come. This will in practice influence the work of other supervisory authorities as well.
This will probably also escalate the discussions on the use, and expectations, of personal data.
Data Protection Day might not be a day that is widely known today. But potentially it can become a day that grows in importance as a day of celebrating a fundamental human right.