Data Privacy Day is January 28Data Privacy Day occurs annually on January 28.. It began in the U.S. and Canada in 2008 as an extension of the Data Protection Day celebration in Europe. Many organizations host Data Privacy Day events in-house at their facilities and some broadcast live events or record events for later viewing.
BE SURE TO STOP AT ONE OF TWO LOCATIONS TO PICK UP A WEBCAM COVER
AND ASK ADDITIONAL QUESTIONS ON JANUARY 28!
Illini Union Southeast Vestibule 9am-1pm
Ikenberry Commons 10am-2pm
The University of Illinois is increasing resources in support of its Data Privacy Program. Expect to see more information about data privacy in months and years to come.
The Data Privacy Day survey will take 5-10 minutes to complete. We will not collect user information only the results of questions which will be aggregated only for use by the Data Privacy Office. Thank You for your participation!
Links to free Data Privacy Day events and data privacy resources from fellow higher education institutions and industry that address current topics surrounding data protection
- University of Michigan
- Carnegie-Mellon University
- International Association of Privacy Professionals
- Privacy Rights Clearinghouse
- Electronic Privacy Information Center
- Electronic Frontier Foundation
- Restore Privacy
- The Privacy Coalition
- Center for Digital Democracy
Quick-links to relevant University of Illinois privacy policies
- University of Illinois System Web Privacy Notice
- DAT-01 Data Security Standard
- DAT-02 Information Access Control
Quick-links to relevant University of Illinois data privacy regulation-related resources
Personal (and Identifying) Information:
- Illinois Personal Information Protection Act
- UIUC Tech Services PIPA Statement
- Illinois Identity Protection Act
- U of I IIPA Statement
- U of I OBFS Social Security Number Policy
Student (and Academic) Information:
Health (and Medical) Information:
Financial (and Consumer) Information:
- Cardholder Information (PCI-DSS)
- Gramm-Leach-Bliley Act Privacy Rule
- FCRA/FACTA Red Flags Rule
- U of I OBFS Red Flags Rule
Other Applicable Laws:
Data Privacy is a Process!
The Data Privacy Life Cycle is a simple process flow (represented here as a diagram) to show the vital points where privacy decisions need to be considered. This is often used by organizations, but consumers also can use this to help understand privacy policies and questions they may have about use and maintenance of their personal information. It is vital to pose the following questions at every decision point in the data privacy life cycle: Who? What? When? Where? Why? How?The diagram of the Data Privacy Life Cycle
Retention – Sometimes called Storage or Archiving, is where personal data is stored for a time during or after its intended use, per business or legal requirements. This can include archiving where data is stored digitally--sometimes offline--for a time before it is determined that it is no longer wanted or needed. Archived data often contains aggregated personal data and should be protected very securely.
Destruction – Also called Disposition, is where the data is destroyed because it reached the end of the data life cycle. Sometimes hardware holding the data still may be usable, so the hardware may be set aside (dispositioned) to be used again but without granting the new user access to the old user’s data. Some new laws such as GDPR grant users the ability to request destruction of their personal data by organizations that may have it.
What additional steps can I take?
At Illinois, we want to help students, faculty and staff make wise choices about their personal data and provide applicable knowledge in order to protect such data. Below are some tips, tricks and hacks one can take to safeguard themselves when using popular technologies.
Review your location data.
- If appropriate delete your historical data. Review which apps can access your phone’s GPS features and consider whether you want to provide this history of your daily movement to them.
- Cell phones are great at providing directions and recommendations for restaurants nearby. To do this they use GPS and poll your phone every few minutes. Most cell phone makers and cellular providers keep a record of this data. Individual mobile apps and even games, if GPS permissions are given, can also track this data. In many cases there is no limit to how long this data can be stored or shared.
Rethink the messages and content you share publicly. Understand that not all “deleted” messages are deleted.
- Any social media post that is public is often indexed by third parties including researchers, media, and government entities. Even after deleting content the content can be retained. Other social media companies claiming “private messaging” are sometimes found not to be private or anonymous. Before sending that private message check your platform and consider whether you really want to send it.
Review apps that offer ‘secure’ messaging to see if their platform has been endorsed by a trusted third party:
Cover your webcam and double check which software and apps have access to your microphone.
Many security professionals cover their cameras and safeguard access to their microphones. There are numerous exploits that allow hackers to turn those devices on--often with no indicators.