28th January – Data Protection Day
What is Data Protection Day?
In 2007 the Council of Europe held the first “Data Protection Day”, known as “Data Privacy Day” outside of Europe, to increase awareness about rights to personal data protection and rights. In 2009 The USA joined this drive by declaring the 28th January to be National Data Privacy Day.
This annual event, now in its 13th year, is an international day to promote and raise awareness of the importance of data privacy and celebrating our rights to data privacy. Celebrated in 47 European countries as well as the USA, Canada, India and Israel this day is timed to coincide with the anniversary of the signing of Convention 108, which took place back on this day in 1981. Respecting Privacy, Safeguarding Data and Enabling Trust are themes to the day - themes that those of us in CyberSec are doubtless all too familiar with. This day is celebrated worldwide by consumer rights associations, educational establishments, businesses and individuals in order to raise awareness of and highlight our rights and protections.
What is Convention 108?
Convention 108: The Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data is the only international treaty safeguarding the right to data protection.
Convention 108 was the first legally binding international data protection law covering private personal data. Introduced in 1981 this convention protects individuals against any abuses of the collection, storage, sharing and processing of their data. It outlines what can and cannot be processed, especially with regard to data designated as sensitive, and ensures that individuals have a right to know about, and if needs be amend/correct, any data held on them.
That’s not to say it has stood still, it has been updated in this time – most recently in June last year with the introduction of “Convention 108+”, the result of 7 years spent on modernizing the law to in order to take into account new technologies and challenges.
The first Data Protection Day since the GDPR regulations came into effect.
Data Privacy was thrust further into the public consciousness in 2018 with the introduction of the GDPR (The General Data Protection Regulations) laws which ensured that EU residents and their data are to be protected from their data being shared, abuses and put at risk. In Europe at least, this meant that far more people HAD to pay attention to this, in order to ensure compliance for their companies and to avoid regulatory fines if their past data security and privacy practices were continued yet not compliant.
These regulations benefited not only EU residents, but people worldwide as any business which deals with EU residents data must comply and secure their data. That’s not to say it was only Europe that introduced laws to protect us and our data - in June California passed The California Customer Privacy Act, due to go into force in just under a year’s time on Jan 1st 2020. I’m not fully familiar with the specifics of this law, but to say that it is generally similar to the GDPR regulations is fair. Other US states and lawmakers worldwide are looking at updating laws, which hopefully will result in a greater amount of people having legal protection for their private data from abuse by whoever holds it.
https://rm.coe.int/convention-108-convention-for-the-protection-of-individuals-with-regar/16808b36f1 - Council of Europe page about Convention 108
http://europa.eu/rapid/press-release_STATEMENT-19-662_en.htm - Joint Statement by EU First Vice-President Timmermans, Vice-President Ansip, Commissioners Jourová and Gabriel ahead of Data Protection Day
https://www.cybrary.it/skill-certification-course/introduction-general-data-protection-regulations - Cybrary ‘Intro to GDPR Regulations’ Course
https://staysafeonline.org/data-privacy-day/ - More information about the day, events and supporters of it.