The theme of Data Privacy Day 2020 is “Own Your Privacy.” 

Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe and is officially led by NCSA in North America. 

With the California Consumer Privacy Act taking effect this year and other states considering similar legislation, data privacy has become a growing concern for businesses and consumers alike, says StaySafeOnline. The organization cites a recent survey by Pew Research Center that found that a majority of Americans think their personal data is less secure now than five years ago and that data collection by businesses and government poses more risks than benefits. "Yet while these concerns increase, few people understand what is being done with the data that is collected and how it is used and shared by businesses, which can monitor, store and sell the data for profit. That is why the theme of Data Privacy Day 2020 is “Own Your Privacy," notes the organization. 

To celebrate the 13th annual Data Privacy Day on January 28, NCSA and a range of privacy experts will be ’Live from LinkedIn’ for the third consecutive year in San Francisco. This year’s event, titled “Data Privacy Day 2020: A Vision for the Future,” will bring together data privacy experts from industry, government, and non-profit for a morning of TED-style talks and panels on global and national data privacy regulations, says StaySafeOnline. Click here to join the live stream. 

“With new privacy legislation going to effect this year, Data Privacy Day 2020 couldn’t be a more timely opportunity for helping businesses and consumers understand the importance of respecting and protecting personal information,” said Kelvin Coleman, executive director of NCSA. “With the amount of consumer data collected and stored online, Data Privacy Day encourages businesses to improve data privacy and security practices and educate consumers about the many ways they can make their personal information more private.”

Steve Durbin, managing director of the Information Security Forum, notes that, “The requirement for maintaining data privacy has increased as privacy regulations have been adopted by many more jurisdictions since they were first introduced. Fines for breaching data privacy regulations have multiplied, and penalties can be more severe than fines. Increased public awareness and media interest have led to potential commercial and reputational consequences for non-compliance. The risk of private data being compromised has increased as systems are increasingly accessible via connected devices and vulnerable to cyber-attacks."

"With all of the focus on breaches and the loss of personal data, it is understandable that the main attention for organizations today seems to have shifted to data privacy – after all, we are seeing a growth in legislative requirements to protect personal information along with the associated fines and sanctions for non-compliance," Durbin adds. "Most governments have created regulations that impose conditions on the protection and use of personally identifiable information (PII), with penalties for organizations who fail to sufficiently protect it. As a result, data privacy and the protection of PII, afforded protection under the General Data Protection Regulation (GDPR) in the European Union (EU) the California Consumer Privacy Act (CCPA) and the New York Privacy Act appear to be here to stay."

"What is clear is that privacy is becoming more of an issue in the United States," he says. "And there is a very real need for a Federal law to avoid States introducing their own variations and interpretations on privacy which adds a further compliance burden to already overstretched businesses looking to understand and comply with their obligations across the various regions in which they are transacting business. The good news is that the formal enactment of the CCPA is going to add momentum to endeavors within the United States to formalize a sweeping federal law on data privacy.”

Joseph Carson, chief security scientist at Thycotic, says,"The reality today is that almost everyone is being tracked and monitored 24/7 with thousands of cameras recording your expressions, fashion, interactions and speech to determine what you need, what you might be thinking and who you are meeting. Algorithms can even determine what your next action might be."

"Privacy should be universal," Carson adds. "However, we tend to have different definitions of privacy in the digital world as opposed to physical world. EU GDPR has been a ground-breaking change that set new regulations around digital privacy, empowering citizens with clear cut rights around consent and transparency of their personal information online. It was a step in the right direction and has drawn a line in the sand into what’s acceptable and what’s not acceptable in terms of data privacy, collection and processing. Some governments are looking to abolish privacy from their citizens altogether - citing terrorism as the reason. Ironically, these same governments have also stated the need for end to end encryption to protect against new risks; with Huawei’s involvement with 5G being a prime example. Encryption is a citizen’s right to have digital privacy just as we do in the physical world." 

"Privacy, security and trust must come as a package; they are all related and needed in order to build a cyber resilient society. If you sacrifice privacy you are also sacrificing security and ultimately ends in a lack of trust," Carson says. "We hear the term ‘data is the new oil’ however I disagree with this. Humans are the new oil - we are the ‘product’ and data is the commodity which is transacted to create value, so it stands to reason that technology companies are data hungry and want as much of this information as possible.”