About 34 percent of U.S. consumers have been notified their data was breached during a cyber attack, according to a survey released Thursday by The Hartford Steam Boiler Inspection and Insurance Company (HSB).
The surge in data growth through the convergence of technologies is mind blowing. The enablement of Wi-Fi, mobility services, online digital social interaction, cloud services, and information in general being created digitally instead of paper has knock on effects in our physical world around privacy and security of the data stored about us. (Mellink 2013
- Some figures predict a 10 to 50 fold growth of the digital data world from 2010 until 2020 this is driven by the transformation of our lives and the world we live in. (EMC Corp 2014)
Privacy and Security concerns come hand in hand with the explosion of the new information age and the availability of data. Some of the areas that have particular focus are: medical records, credit and financial, consumer and our personal or social information such as photos. Medical Industry and Medical Records:
- The medical industry collects information at every interaction this information about you can now be captured and stored in an Electronic Medical Record (EMR). The privacy and security comes about how that data is stored, used, is it given to insurance companies, do family members have access to the information, what happens if a screen with a patients information is visible to others and what if diagnoses are incorrectly recorded and communicated and how does this information get changed. (NitroSecuirty FairWarning)
- You might be surprised that once in the EMR system the Doctor or Organisation becomes the custodian of the data. (Potarazu 2013)
Financial and Credit Information:
- The safeguarding of you privacy and security of your data in the USA as an example is regulated by the Gramm-Leach-Bliley Act (GLB) but this is limited to the ability to opt out of sharing information onward with other 3rd parties or outside companies. (Privacy Rights Clearinghouse 2013)
- Privacy is dependent on the privacy notice sent to the customer and has to be sent out at least once a year. The data belongs to the financial organisation and you have rights to object to in accurate information. The GLB act only applies to individual consumers and does not cover business accounts or information. (Privacy Rights Clearinghouse 2013)
- Store loyalty cards might seem a great idea but you sign the rights away for the profile information that is collected to the organisation running the card. These companies are entitled to use that information as there business possibly selling it on to 3rd parties our using it to sell you other products and services. (Beckett 2014)
Personal, Cloud and Social Media:
- Google, Twitter, Microsoft and Facebook have all come under fire for allowing data to be viewed or accessed by 3rd parties. (Sangani 2010)Privacy policies have not been tight enough in the past. The data for example on Facebook is also owned jointly by you and Facebook, Facebook owns any IP you give it because you gave it permission via the Facebook statement of rights and responsibilities. (Facebook 2013). Security is focused around the user protecting the data and access as much as possible themselves.
Summary / Conclusions
Analysts IDC estimate that only 20% of the digital world has protections around privacy and security and the level of protection varies globally, there is also much less protection in emerging markets. (Gantz and Reinsel 2012). The data and information is always owned solely by yourself when it is under your control and until you let it out to a third party. In the new digital world data privacy and security understanding is lagging behind the adoption and use. Information on how companies protect your privacy and security is varied and tends to be in the small print of privacy and security statements. When you have given over your data to a 3rd party in most instances the data is now owned by the 3rd party that is custodian of the data, you might have the rights to obtain a copy of what they hold and adjust in accuracies but not the rights for them to copy or use the data for their business purposes. (Pentland 2014). There is only one way to keep your information private and secure and that is not to share it in the first place, but is that really possible in the connected world we live in today, realistically probably not but could we change the model now?
BECKETT, Louis (2014). Everything We Know About What Data Brokers Know About You. [online]. Last accessed 22 06 2014 at: http://www.propublica.org/article/everything-we-know-about-what-data-brokers-know-about-you EMC CORP (2014). EMC Digital Universe Study. [online]. Last accessed 22 06 2014 at: http://www.emc.com/leadership/digital-universe/index.htm FACEBOOK (2013). Statement of Rights and Responsibilities. [online]. Last accessed 22 06 2014 at: https://www.facebook.com/legal/terms GANTZ, John and REINSEL, David (2012). THE DIGITAL UNIVERSE IN 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in the Far East. Analysts Report, IDC. GANTZ, John and REINSEL, David (2012). THE DIGITAL UNIVERSE IN 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in the Far East. Analyst Report , IDC. MELLINK, Bart (2013). The Nexus of Forces. Analysts Point of View, Gartner Group Point of View. [online]. Last accessed 22 06 2014 at: http://www.himss.org/files/HIMSSorg/content/files/SecurityandPrivacyofElectronicMedicalRecords.pdf O’CONNELL, Nick (2012). Data Protection and Privacy Issues in the Middle East. [online]. Last accessed 20 06 2014 at: http://www.legal500.com/c/united-arab-emirates/developments/17454 PENTLAND, Alex Sandy (2014). Should social media users retain ownership of their personal data? [online]. Last accessed 22 06 2014 at: http://curiosity.discovery.com/question/social-media-retain-ownership-data POTARAZU, Dr. Sreedhar (2013). Who owns your health data? You may be surprised. [online]. Last accessed 22 06 2014 at: http://www.foxnews.com/health/2013/04/03/who-owns-your-health-data-may-be-surprised/ PRIVACY RIGHTS CLEARINGHOUSE (2013). Financial Privacy FAQ. [online]. Last accessed 22 06 2014 at: https://www.privacyrights.org/financial-privacy-faq PRIVACY RIGHTS CLEARINGHOUSE (2014). Medical Privacy. [online]. Last accessed 22 06 2014 at: https://www.privacyrights.org/Medical-Privacy PRIVACY RIGHTS CLEARINGHOUSE (2014). Online Privacy & Technology. [online]. Last accessed 22 06 2014 at: https://www.privacyrights.org/Online-Privacy-and-Technology RIZZO, Mario (2011). Consumer Data: Who Owns It? [online]. Last accessed 22 06 2014 at: http://thinkmarkets.wordpress.com/2011/05/07/consumer-data-who-owns-it-2/ SANGANI, Kris (2010). Who owns your personal data? [online]. Last accessed 22 06 2014 at: http://eandt.theiet.org/magazine/2010/11/trusting-social-networks.cfm SCHAFFER.JONATHAN, L. and RYAN, Jackie (2010). Who owns the data? [online]. Last accessed 22 06 2014 at: http://www.aaos.org/news/aaosnow/apr10/managing2.asp STAFFORD, Nancy (2010). Who owns the data in an Electronic Health Record? [online]. Last accessed 22 06 2014 at: http://www.ehrinstitute.org/articles.lib/items/who-owns-the-data-in TROTTER, Fred (2012). Who owns patient data? [online]. Last accessed 22 06 2014 at: http://radar.oreilly.com/2012/06/patient-data-ownership-access.html