Happy Data Privacy Day

I'll bet you didn't even know we had one. That Canada, the United States, and 27 countries in the European Union officially distinguish a particular day, January 28, to raise awareness about the importance of data privacy is a sign of the times.

Marshall McLuhan said "publication is a self-invasion of privacy." Even with his remarkable foresight in mass media and its future, including his eerily accurate description of the Web some 30 years before its arrival, I wonder if he saw coming the breadth and depth of the personal information we now "publicize" to function in this Web-connected society. So much of what makes us unique, our education, personal health, finances, social activities, buying habits, are all stored in a multitude of servers and systems available for slicing, dicing, analysis and targeting. We are well publicized. And businesses today can barely operate without it.

While we are apt to publicize, the issue of control is implicit in McLuhan's statement. McLuhan's words still echo an effect on each of us when something we value is taken from our control. We feel invaded. While the Internet and technology has become an extraordinary medium for commercial and personal publication, and we embrace it with abandon at times to satisfy our varying degrees of narcissism, or as we must in the course of work and play, we really don't like it when we lose control of what we think is ours and ours alone.

People care about privacy; evidence the effect of miscalculating that principle on some of the most successful companies in recent times. In 2011 Mark Zuckerberg of Facebook declared the age of privacy at an end. Facebook loosened up a few controls as to who could see what, as he publicly grappled with the balance between social disclosure on Facebook, and the amount of control offered the discloser. Wrath ensued from many users and privacy commissioners, not the least of which was our own Federal Privacy Commissioner Jennifer Stoddart, who in my mind rather successfully led the charge. It culminated with some "coaching" from both Stoddart and the U.S. Federal Trade Commission causing Facebook to retrace some steps and tighten user privacy controls, as well as 20 years of biennial audits. That can't be happy.

I'm willing to bet if Zuckerberg had his time back he would save himself some grief and put privacy where it belongs, in the hands of the owner, while still executing his social media and advertising mission. How much more loved would Facebook be.

Eric Schmidt, former CEO of Google, also made a rather curious statement about privacy in late 2009 saying "If you have something you don't want anyone to know, maybe you shouldn't be doing it in the first place." Google's $22.5 million fine in 2012 for bypassing web browser privacy controls to harvest ever valuable user data for ad targeting, while chicken-scratch for Google, might now also cause them to re-think how they manage the trust placed in them by those who use their service.

If you run a business that collects pretty much anything more than name, address and phone number, today's a good day to think about how you manage that trust you have been given. Using information security strategies, robust privacy compliance, and a healthy respect for who owns the darn stuff in the first place can be a key to an untroubled, successful business, and not just because legislatively we get asked to. As McLuhan suggested, self-invasion of privacy may be OK, but no one wants anyone else doing it for them.

If you would like something to put up around the office or send to the staff, here's an infographic on data security attitudes and behaviors we created for just this occasion that can be instructive to you and your staff about protecting private data.