Data privacy is a critical issue that affects every individual in today’s digital age. With the rise of the internet and social media, personal information is being collected, analysed, and shared at an unprecedented rate. This has led to the emergence of what has been called “surveillance capitalism,” where companies monetise personal data for profit.
Often referred to as the “most valuable commodity” in today’s digital age, data can be used to inform business decisions, create new products and services, and target advertising to specific groups of consumers. It can also be used to improve efficiency and reduce costs across industries.
Data alone is not valuable, it’s the insights and the ability to act on that data that makes it valuable. Back in 2018, I remember attending a presentation on data where the speaker claimed; that by analysing a person’s Twitter data, it was possible to create a 95% accurate profile of that person. This would give valuable insight into their behaviour, likes and dislikes, and even predict future actions. At the time, I thought that this was a little sensationalist, but now, with the advent of advanced AI technology like ChatGPT, built on vast amounts of data, that claim doesn’t seem so sensationalist, after all. Twitter was simply used as the example here and does not make any claim as to how Twitter makes use of the data it holds. Predictions based on data are not definitive; they are very accurate educated guesses but cannot and I imagine should not, factor in human emotions and decision-making.
Data privacy involves the protection of data concerning its collection, usage, and distribution. “Data”, in this case, typically refers to any information that could personally identify someone, such as their name, address, phone number, PPS number, credit card information, or username and password.
Shoshana Zuboff, in her book “Data Privacy in the Age of Surveillance Capitalism,”, describes how this system has created a “behavioural surplus” that is being harvested for profit by a small group of companies. This has led to a loss of privacy and autonomy for individuals, as well as a concentration of power in the hands of a few large corporations. She argues that stronger regulations are required to protect individual data privacy and to prevent companies from engaging in surveillance capitalism. She further argues that privacy is a fundamental human right. However, others would argue and maybe legitimately so that general privacy as a human right is ill-suited to the commercial world and that within this context a privacy paradox is observed between the user’s expressed wishes for privacy and their contradictory consumer behaviour. The privacy paradox phenomenon refers to a user’s express wish for digital privacy while willingly revealing personal information online.
Researchers across different fields have formulated different opinions on why consumers’ privacy concerns do not translate into increased protective behaviour, however, generally agree that companies are in a strong position to reduce consumers’ paradoxical behaviour by improving their customers’ informational privacy.
In Europe, the General Data Protection Regulation (GDPR) is in place to protect the personal data of individuals. However, compliance with GDPR alone is not enough to fully protect individuals’ data privacy. Organisations must take a more active role in protecting their data, and that of their customers and partners.
Cyber awareness training via a Human Risk management service can educate individuals on how to handle sensitive data, such as personal information, and how to spot and avoid scams and phishing attempts. It can also teach individuals how to use privacy settings and other tools to control the amount of personal information shared online. It can be an important step towards creating a more equitable and just digital landscape.
In conclusion, data privacy is a critical issue that affects everyone and requires active participation from individuals, companies, and governments. It is our shared responsibility to handle the data we possess responsibly and ethically, in compliance with data security laws and regulations.