Powered By Blogger

Guide to Digital Data Privacy & Data Loss Preventions

 Guide to Digital Data Privacy

&

Data Loss Preventions


Privacy is one of the top user concerns in the digital age. The circulation of personal data on the Internet has given rise to phenomena such as spam or phishing that can put the personal information of Internet users at risk. That is why in this article we will talk about digital privacy and how to protect it.

What is Digital Data privacy?

A huge amount of information circulates on the internet, including the personal data of users. By doing actions as simple as using a browser, posting a photo on a social network or leaving a comment on a blog or forum, we are leaving personal information that leaves a trace on the network. Therefore, it is very important to know what digital privacy is and how we can increase the security of our data on the internet.

Meaning and concept

We start by looking at the meaning of digital privacy. This term refers to the right of users to protect their data on the network and decide what information is visible to others.

In the same way that a person wants privacy to be respected at home or at work, they also have the right to prevent others from accessing their personal data on the internet without their consent.

The concept of digital privacy is relatively young, since it is linked to the emergence and development of the internet and telecommunications. In fact, until recently there was no clear regulation in this regard.

Features of digital privacy

 

Digital privacy is defined by a number of characteristics:

 

·         It refers to all the information of a user that circulates on the internet. In addition to personal data such as name, ID, telephone number, address, etc.

 

·         The particularities of the internet also mean that privacy refers to images, videos, email, geolocation, browsing history, IP or any other data that allows the identification of a user on the network.

 

·         It is not limited to the use of web pages or social networks, but also refers to the transmission of data through online stores, applications, instant messaging services, etc.

On the other hand, it is worth mentioning that digital privacy in Spain is regulated by the Organic Law on Data Protection and Digital Rights Guarantee (LOPDGDD), which adapts the General Data Protection Regulation (RGPD) to Spanish regulations, which it is applied at European level.

Spanish regulations establish a series of very important concepts to guarantee people's digital privacy, such as the ones we see below.

Data Protection

In order to collect user data on the Internet, a series of requirements are required that we will see in depth later. For now, we anticipate that among the requirements is the identification of those responsible for the treatment, obtain explicit consent from the user or communicate the purpose for which the information will be used, among others.

Digital identity

The digital identity or fingerprint is defined as the trace that a person leaves on the internet. When publishing a photo, writing in a blog, leaving comments on a website ... in short, almost any action that is carried out on the internet leaves a trace. It is related to digital privacy , which assists users with the aim of safeguarding the information they want to keep private, out of the reach of the internet.

The law establishes that the person must have control of the personal information that circulates on the network, which brings us to the next point.

Right to be forgotten

The user has the right to request that information that he does not want to be seen by other users be removed from the internet. This is what is called the right to be forgotten on the internet . The requirement to proceed with its elimination is that it is outdated, irrelevant or excessive information, regardless of whether it was true at the time.

For example, a person appears on Google as the author of a crime committed many years ago, for which he has already paid and is fully rehabilitated. This information can harm you, for example in order to get a job, so you can make use of this right.

Protection of data of minors

The minimum age for minors to give consent to process their personal data on the internet is 14 years . Before that age, consent must be given by their parents or guardians.

Digital testament

The relatives or heirs of a person can request that the personal information of the deceased be deleted , as long as the latter has not expressly prohibited it while alive. This includes any type of data, from photos or social media profiles, to bank accounts or passwords to access web services.

Digital disconnect

Digital privacy also extends to the workplace. The digital disconnect means that workers are not required to answer calls or e - mails once you have finished your work schedule

Internet service providers

For their part, service providers must offer users access to the network without any discrimination. Likewise, they must guarantee that access to the network is carried out under the maximum security conditions.

Advantages and disadvantages

Advantages of digital privacy :

  • Increase information security and protect against fraud, cyber attacks such as hacks or identity theft .
  • Decide what our digital identity is, that is, the image that the internet projects of us to other users
  • Allow only those users, companies or service providers to whom we have given our consent to access our data.
  • Adapt the content, products or services offered to us to our profile and our interests.
  • Increasing awareness of the importance of protecting personal data on the internet.
  •  

Disadvantages of digital privacy:

  • The Internet is a huge network, in which a huge amount of data circulates. Therefore, trying to control all this flow of information is not a realistic goal. As they say, it would be like putting doors to the field.
  • It conflicts with the interests of large companies and corporations. Many of these companies have enormous power and prefer to face the payment of fines rather than heed the privacy regulations dictated by governments.
  • There are still many people who do not understand the importance of protecting digital information. Many people continue to accept terms and conditions of use without reading them.
  • Past generations have a hard time adapting to the new demands in this field, as the digital age is rapidly advancing and waiting for no one.

Problems and risks

Posting sensitive information on the internet can lead to various problems related to digital privacy.

  • Personal data : providing information such as the real name, telephone number or ID is a big mistake as it could lead to identity theft.
  • Email : Leaving the email address anywhere increases the chances of receiving a large amount of spam or junk mail.
  • Bank details : You should never give your bank details to anyone you don't trust, or you could put your money at risk.
  • Geographical location : other data such as your home address or whether or not you are at home could put your home at risk, as well as your safety and that of those who live with you.
  • Photographs and videos : you must be very careful with what type of photographs are sent and where they are published. It would not be the first time someone has been extorted with photos of a sexual nature or that someone has lost their job due to compromised images.

Speaking more of specific terms and practices, these would be some of the main risks of digital privacy:

  • Phishing: It is a method of computer abuse that consists of fraudulently obtaining confidential information to impersonate a user.
  • Spam: it is defined as the massive reception of spam e-mails.
  • Viruses and Trojans: these are programs that sneak into the user's computer to carry out unsolicited actions: theft of information, erasure of data, etc. They can be camouflaged within seemingly harmless programs or applications.
  • Cyber bullying: cyber bullying or virtual harassment consists of the use of the internet or social networks to threaten harass or blackmail a person.

Internet privacy

The LOPDGDD is the regulation that establishes the obligations of any user or company to collect information through the internet. In this sense, to comply with digital privacy requirements it is necessary to provide certain information to the recipient of the treatment.

Below we see how to meet these requirements on web pages, social networks, applications or messaging services.

Websites

To comply with the regulations on digital privacy, the web pages that collect personal information from users must inform about their Privacy Policy, Cookies Policy and Legal Notice.

Privacy Policy

The privacy policy is the legal text that informs the user about the way in which their personal data will be processed. It must be placed in a specific and clearly visible section of the web.

The privacy policy should inform about:

  • Identity of the data controller
  • User information to be collected
  • Purpose for which said information is collected
  • Period during which user data will be kept in the database
  • If the user's data is going to be transferred to third parties
  • If there is a security breach
  • The way to carry out the ARSULIPO rights (former ARCO rights), that is, the rights of access, rectification, deletion, limitation of treatment, portability or opposition.

Privacy in emails

Current regulations on data protection require the inclusion of a legal text in emails of a corporate or commercial nature. This legal text must be included in the signature of the email and inform about the identity of the issuer, the purpose of the mail, the transfer of data or the ways to exercise ARSULIPO rights .

On the other hand, in cases where private or secret information is communicated, it will be necessary to include a notice or confidentiality clause (although in many cases this clause is already agreed by contract.

Email is another tool that can compromise digital privacy. Despite the fact that many of these systems use partial (STARTTLS, STS or SMTP) or advanced (SPF, DMARC or DKIM) encryption systems , it is still highly recommended to take a series of precautions when using them:

  • Use a strong password (uppercase, lowercase, mixed alphanumeric characters) and encryption systems
  • Employ a two-layer authentication system, if the tool allows it.
  • Do not provide personal information by email.
  • Delete unopened emails from unknown origin.
  • Avoid opening suspicious emails, even if they come from someone you know.
  • Make backups or backup copies of emails.

On the other hand, one of the big doubts about digital privacy in this case refers to email at work. The latest sentences establish certain limits to this access. A boss will not be able to access a worker's personal email, but they will be able to access corporate email, as long as the worker has been previously notified.

 

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Necessity of a Secure Data Wipe

  Necessity of a Secure Data Wipe According to projections from  The Radicati Group , in 2021 we will be sending 320,000 million emails pe...