The IT world has many celebratory days throughout the year and you could be forgiven for not noticing that today, 28 January, is Data Privacy Day. Unlike many of these days, it is notable for being sanctioned by nearly all countries (including the EU, China, Russia and the USA) and so being celebrated on a truly global basis.
The Council of Europe is taking the credit for starting the celebration ten years ago, confirming that, “the date corresponds to the anniversary of the opening for signature of the Council of Europe’s Convention 108 for the Protection of individuals with regard to automatic processing of personal data.” Convention 108 was remarkable in being the first legally binding international treaty dealing with privacy and data protection and is the cornerstone of data protection legislation and regulatory compliance worldwide.
The aim of the European Data Protection Day is to give European citizens the chance to understand which of their personal data is collected and processed and why, and what their rights are with respect to this processing.
Born in the USA
In the USA, the good folks at the National Cyber Security Alliance picked up on the European Data Protection Day in 2008 and declared a global Data Privacy Day for the good of the world (yes, it’s the American way!). On 27 January 2014, the 113th US Congress adopted S. Res. 337, a non-binding resolution expressing support for the designation of 28 January as National Data Privacy Day.
Why is it data protection important?
Data protection is an issue that affects all organisations. With developments in technology permeating all facets of society and business, there has come an increase in the incidence of criminal hacking, data breaches and data loss. There has also been a significant increase in the awareness of the individual’s rights in all markets.
All organisations in the UK must comply with the Data Protection Act 1998 (DPA) and face stiff penalties if they breach it. The DPA will soon be superseded by the EU General Data Protection Regulation (GDPR), which is expected to be fully adopted in late 2016.
How can we help?
IT Governance provides a range of products and services that help organisations of all sizes address the key issues of data privacy best practice and regulatory compliance. For a practical approach to achieving the minimum legal compliance in the UK, I can recommend that you attend our one-day DPA Foundation training course. The next session is running in London on 11 March 2016.