27 January 2021

Data Privacy Day: best practices for data protection and privacy

Woman looking at her digital footprint online via mobile

World Data Privacy Day is the 28th of January each year and is an opportunity to consider best practices for Data Protection and Privacy both in the workplace and our private lives.

“So, what?” I hear you say, “It doesn’t affect me; I don’t work with personal data and I’ve nothing to hide!” 

Well, if you think about it, we all handle personal data in one way or another whether it is our own or someone else’s. 

In our personal lives we are monitored, tracked, and analysed every time we click on a link, post to a social network, or generally transact on-line. Unless you set your privacy settings to lock all this down, it goes on without you knowing, or possibly even caring? 

When you post a photo or comment about your children or grandchildren you introduce them to the world of data capture and analytics, often without understanding that they then have a digital footprint from birth, whether they want it or not. 

So, our online presence is monitored, but how? 

Well, that’s through cookies. Cookies are tiny files that sit on your computer and collect information that is then sent to the AdTech providers who within milliseconds have sold your data to the highest bidder to allow them to serve you adverts about the latest thing that you searched for. 

That is how you suddenly get very targeted adverts pop up on your social media networks, because that’s how they make their money and can give you a free service…. But Facebook and other social networks are not alone in this, there is a similar model in many online platforms. 

In our work lives we deal with personal data in many ways - even if you are on a production line! We have personal data entrusted to us by our colleagues: how they feel, issues that they are facing, what is happening in their family life, for example. All this is personal data and needs to be treated with a level of respect and confidentiality. For instance, if a colleague or friend at work told you that they had been abused at home, would you think that it was right to share that with the whole shop floor? My guess is not, as this is information has been given to you in confidence. 

The pandemic has also changed the way that we think about privacy. Increased people are sharing personal experiences and losses with a wide audience, to reinforce the message that the government and the medical profession are promoting, to reduce the infection rates. The Track and Trace app from the NHS is another example of where people are voluntarily giving up their privacy to help others, as this tracks geographical location and the proximity to other people, to highlight who might be at risk of being exposed to the virus. 

Employers have also had to adapt due to the pandemic with the rise in remote working bringing several challenges. Some of these adaptations have been invasive, including an increase in employee monitoring and keystroke logging that has been instigated on no real grounds other than a lack of trust in the employee, or a manager’s fear of losing control. On the other hand, there have been some positive initiatives taken by employers to address mental health issues that arise from the isolation that working from home can bring.  

What could we be doing to stay vigilant?

So for your part on Data Privacy Day you can think about how to protect yourselves and others with these simple steps: 

  1. Think about reviewing your privacy settings on online platforms. 

  2. Review your location settings on your mobile phone, it does not have to be on all the time for every app. 

  3. Think before you “post” about others – would they want you to? What are the longer-term implications? 

  4. As an employer, trust your employees, support them, and maintain a balanced approach to performance monitoring. 

Blog tags

Lesley Holmes

Lesley is an experienced Data Protection Officer (DPO) and former Senior Information Management and Governance Consultant with a sustained record of delivering success in Information governance (IG) and front line services, Lesley is extremely experienced in data protection law.

Back to previous