Data Privacy Day

Data Privacy Day 


Data Privacy Day is an international effort held annually on January 28 to create awareness about the importance of privacy and protecting personal information. The goal of Data Privacy Day 2021 is to empower individuals to “Own Your Privacy” and organizations to “Respect Privacy”. Learn more about protecting your privacy at staysafeonline.org/data-privacy-day

 


 

magnifying glass on a computer keyboard

 

Data Privacy Digital Scavenger Hunt Jan 20-22, 2021

We're hosting a Data Privacy Digital Scavenger Hunt. Sign up to receive the clues via email. Registered participants will receive a digital prize. Registration form: https://go.illinois.edu/ScavHuntSignUp

 

 


We are a Privacy Aware Champion organization

We are a Data Privacy Champion

The National Cybersecurity Alliance offers many resources that help you to better understand and safeguard privacy. Tips include Online Safety Basics, Managing Your Privacy, Checking Your Privacy Settings, Free Online Security Checkups and Tools, and more.

Data Privacy Day Archives - Stay Safe Online


Data Privacy Day National Events

ISACA Kansas City
Data Privacy Day 2021
Jan 15

Educause Webinar Data Privacy Panel Discussion
January 26 from 12-1pm Central 
Educause Data Privacy Panel Registration Link

Meeting data privacy compliance isn’t always as pretty and neat as the regulators think. Join us for a lively panel discussion with an attorney, an information security officer, and a cybersecurity professional as we talk about how to “win ugly” when it comes to compliance. We’ll discuss GLBA, FERPA, HIPAA, and other regulations and showcase real-world examples from legal and higher education perspectives. Joining the panel are Ben Nixon, Director of Information Security at Point Loma Nazarene; Christian Auty, Partner at Bryan Cave; and Thomas Coke, Chief Strategy Officer of BitLyft Cybersecurity. After a guided portion of the discussion, webinar participants will have the opportunity to ask live questions to any panelist.

Outcomes:

  • Learn about overcoming compliance challenges
    Hear real-world examples of navigating data privacy
    Take a look into the future of data privacy for higher education

More About Privacy

Quick-links to relevant University of Illinois privacy policies

Quick-links to relevant University of Illinois data privacy regulation-related resources

Personal (and Identifying) Information:

Student (and Academic) Information:   

Health (and Medical) Information:         

Financial (and Consumer) Information

Other Applicable Laws:                              

Data Privacy is a Process!

The Data Privacy Life Cycle is a simple process flow (represented here as a diagram) to show the vital points where privacy decisions need to be considered. This is often used by organizations, but consumers also can use this to help understand privacy policies and questions they may have about use and maintenance of their personal information. It is vital to pose the following questions at every decision point in the data privacy life cycle: Who? What? When? Where? Why? How?

The diagram of the Data Privacy Life Cycle

Collection –This is the point at which the data is collected from the data subject (e.g., consumer). A privacy policy should state why specific data is being collected and for what purpose.

Use – Also called Processing, this stage is what the data controller does with the data within their own organization once collected. The purpose of using the data should be in keeping with the privacy policy’s purpose statement.

Disclosure – Also called Sharing, this the stage when the data is provided to another organization outside the purpose of its internal business processes. It can include trading data or selling of data for monetization purposes. Sharing of data should only take place with established business partners under the law and the partners should be specified in the privacy policy.

Retention – Sometimes called Storage or Archiving, is where personal data is stored for a time during or after its intended use, per business or legal requirements. This can include archiving where data is stored digitally--sometimes offline--for a time before it is determined that it is no longer wanted or needed. Archived data often contains aggregated personal data and should be protected very securely.

Destruction – Also called Disposition, is where the data is destroyed because it reached the end of the data life cycle. Sometimes hardware holding the data still may be usable, so the hardware may be set aside (dispositioned) to be used again but without granting the new user access to the old user’s data. Some new laws such as GDPR grant users the ability to request destruction of their personal data by organizations that may have it.

What additional steps can I take?

At Illinois, we want to help students, faculty and staff make wise choices about their personal data and provide applicable knowledge in order to protect such data. Below are some tips, tricks and hacks one can take to safeguard themselves when using popular technologies.

Review your location data.

  • If appropriate delete your historical data. Review which apps can access your phone’s GPS features and consider whether you want to provide this history of your daily movement to them.
  • Cell phones are great at providing directions and recommendations for restaurants nearby. To do this they use GPS and poll your phone every few minutes. Most cell phone makers and cellular providers keep a record of this data. Individual mobile apps and even games, if GPS permissions are given, can also track this data. In many cases there is no limit to how long this data can be stored or shared.  

Google:

See Your Google Maps Timeline
Check Your Location Settings (Android)

Apple:

See Your Frequent Locations
Check Your Location Settings (iPhone)

Rethink the messages and content you share publicly. Understand that not all “deleted” messages are deleted.

  • Any social media post that is public is often indexed by third parties including researchers, media, and government entities. Even after deleting content the content can be retained. Other social media companies claiming “private messaging” are sometimes found not to be private or anonymous. Before sending that private message check your platform and consider whether you really want to send it.

Snapchat Doesn't Delete Your Pictures
Snapchat May Keep Your Photos For 30 Days

Review apps that offer ‘secure’ messaging to see if their platform has been endorsed by a trusted third party:

Protect Your Digital Privacy
Use Secured, Encrypted Messaging Apps

Cover your webcam and double check which software and apps have access to your microphone.

Many security professionals cover their cameras and safeguard access to their microphones. There are numerous exploits that allow hackers to turn those devices on--often with no indicators.

Protect Yourself From Hackers
Why The FBI Director Puts Tape Over His Webcam

 

More Privacy Information and Resources

American Library Association
https://chooseprivacyeveryday.org/resources/