With constant headlines about data privacy, and the sheer volume of data breaches and cyberattacks that prompt much of this coverage, you’d be forgiven for having privacy fatigue. But being savvy and alert to the dangers online and knowing how to protect your personal data are not only your best defense they’re really your only defense.
Of course, the ideal scenario is to not give out your personal information in the first place, but that’s near impossible in a digitally driven world unless you use a tool like MySudo. Keeping up with the facts about privacy and cybersafety is also a sensible strategy. Here we present six facts you might not know about data privacy but should.
1. Data privacy and data security are different.
These terms are similar but not the same and it’s important to know the difference. Data privacy deals with the proper handling of data. It’s concerned with data sharing with third parties, data storage, and regulatory requirements on companies handling your personal information and digital exhaust. It focuses on your right to control your personal information plus others’ handling of it.
Data security, on the other hand, is about protecting data from any unauthorized use or malicious attack. Data security helps ensure data privacy, but also considers issues of data integrity, accuracy, reliability, and availability to those authorized to access it.
You can have an impact on your data privacy, and you can lobby the companies you do business with to do better with their data security.
2. Privacy may never be perfect.
There’s no such thing as perfect privacy. A data privacy nirvana just doesn’t exist. Instead, we must all do our best with the knowledge and tools we have at our disposal and keep taking steps to protect our personal data and privacy as best we can. That’s not to say the future of privacy is bleak; on the contrary, the regulatory landscape is progressing and more privacy-first consumer products, like MySudo, are hitting the market. The future is in fact bright.
But when the military refers to ‘containing the blast radius’, they’re confirming there’s no perfect scenario in an attack—damage is often inevitable, so the best strategy is to limit the harm. This is also the thinking behind compartmentalization, widely regarded as the most powerful data privacy strategy available today and an approach MySudo makes easy for consumers. Compartmentalization means ‘siloing’ your information and activity into different compartments or ‘profiles’ so if one compartment is breached, the others aren’t affected. You need to be agile and resilient in protecting your personal data and privacy so you can minimize the harm and recover quickly if your personal information is compromised.
3. Privacy laws are catching up to the risks (but there’s still a way to go).
If you live in California or elsewhere in the United States, the California Consumer Privacy Act (CCPA) may be on your radar. Residents of California directly benefit from this new law in three ways:
- You can decide whether businesses can sell or share your information.
- You retain control over your personal information once a business collects it.
- Businesses are required to safeguard your personal information.
CCPA puts you in charge of your personal information and gives you more rights, including the right to opt out of allowing a business to sell your personal information to third parties, and the right to have a business delete your personal information upon request (with some exceptions).
Beyond the US, there is also solid progress being made in consumer privacy legislation, with the General Data Protection Regulation (GDPR) and Brazil’s new General Data Protection Law, for example. We believe by 2030, we will see a simplification of the current patchwork of privacy regulations. A mooted US national privacy law would provide a common set of requirements for US businesses, rather than state-by-state laws that are mostly similar yet subtlety different. For consumers this might mean better privacy from some companies, since it makes it more difficult for a company to avoid meeting the state-by-state laws, putting that in the ‘too hard’ basket. It could also mean a stronger or more well-funded enforcement agency.
That said, while years from now it would be great to reflect on this period as a time when fair balance was established between your privacy rights and a productive environment for businesses, but we are not there yet. CCPA and its amendments help. A US national privacy law, if enacted, could help further. But you’re still going to need your personal privacy toolkit and stay vigilant.
4. Consumers’ trust in brands is generally low.
Given the rise in surveillance capitalism, the increasing frequency of massive, high profile data breaches, and the growing laundry list of cybersafety risks facing consumers, it’s no wonder consumer trust in brands is generally low across the globe.
McKinsey’s 2020 survey of US consumers found a general lack of trust for brands across all industries, and levels of trust differed by industry. It reports consumers are becoming more careful about where and with whom they share their personal data and are more likely to want to share it with health care and financial services providers during what they perceive as a ‘necessary transaction’. Consumer-packaged goods and media and entertainment industries rated lowest on trust (10 per cent), and retail didn’t fare much better (18 per cent).
On top of all that, about half of the McKinsey respondents said they are more likely to trust companies that ask for minimal personal information and only information related to the product they’re purchasing. They also are more likely to trust brands that don’t collect passive data (e.g. browsing history), and those that promote privacy within their products. Is that how you feel too?
5. Your phone number is the most important piece of personal information.
Your phone number is now one of the most valuable pieces of personal information you own. If a person has your phone number, it’s not difficult for them to access more of your personal information. MySudo has real, alternative phone numbers that offer many privacy and security benefits to users. We’d say your email address is similarly valuable. Read more about private and secure email accounts in MySudo. And if you’d like to protect the privacy of your browsing and search history and your online payments, MySudo offers those capabilities too.
6. Cybercriminals value your medical records more than your credit card.
Medical records can be worth up to $50 each while credit card numbers tend to fetch from $2 to $5. Cybercriminals are attracted to medical records for obvious reasons: they tend to contain loads of personal information, much of which can be used for identity theft to fraudulently obtain medications, medical services, and medical benefits. Breaching healthcare data can have adverse medical outcomes for patients (e.g. medication mix ups or failure to receive care) and can cause critical infrastructure chaos—these are other motivations beyond financial for criminals.
Symantec reports many servers hosting healthcare records are unprotected or easily accessible, and the situation is worsening. The healthcare industry is struggling to protect patient records: in 2019, data breaches and ransomware attacks cost the US health sector about $4 billion. Other countries, such as the United Kingdom and Singapore, are experiencing the same issue.
Consider setting up a Medical Sudo in the MySudo app to secure your medical information and communications with healthcare providers.
MySudo is available for iOS and Android. Download it today.