We share a staggering amount of personal information online, from purchases and posted photos to the sensitive data that government demands of us in return for access to essential services. Citizens should be able to expect that this information will be collected and used legally and respectfully. However, public trust in organizations and institutions diminishes with each new report of a privacy breach or data scandal.
A recent Insights West survey reveals significant mistrust among British Columbians when it comes to online data privacy. Concerns included the targeting of browsing behaviour and the theft of financial data. Some 75 per cent of British Columbians, for example, are worried that the financial data they share online will be stolen.
The growing urgency to address these questions is further underscored by the nearly 25-per-cent increase in privacy breaches reported to our office between 2015 and 2018 under the Freedom of Information and Protection of Privacy Act and a 56-per-cent jump under the Personal Information Protection Act (PIPA).
This week is Privacy Awareness Week, a global observance and opportunity to ask hard questions about what should be done to address this trust deficit. What must businesses do to improve their privacy management programs? How do all of us become better informed about and empowered by our privacy rights? And are there proper and effective legal safeguards in place to protect and enforce the public’s privacy rights?
Last year, the Harvard Business Review published research into hundreds of data breaches in the U.S. The findings showed that companies with strong privacy policies emphasizing transparency and control fared much better after breaches than those without safeguards. These measures reduced potential monetary damages and instilled customer trust.
The message is simple: Privacy is good for business.
My office works with businesses and organizations to build strong privacy policies and meet their legal obligations under PIPA.
PrivacyRight offers businesses tools to answer these questions, privacy-proof their processes and prevent breaches before they happen. Consumers can also empower themselves by better understanding their privacy rights and what actions they can take when they feel a business or organization is asking for too much information or they’re unclear on how the data will be used.
Did you know, for example, that it’s your right, with some exceptions, to access the personal information that an organization holds about you upon request? Or that there are limits to the types of information and uses that can be legally collected under PIPA?
However, citizens may not know if their personal data is being abused because often it takes place behind a veil of secrecy. This is one very good reason why British Columbians deserve strengthened privacy legislation that allows my office proper audit and inspection powers. This way, we can pull back the curtain of secrecy surrounding data-processing practices. Reform of existing legislation must also allow us to administer proper penalties for companies that abuse the law and public trust. This is especially important when it comes to global social-media giants who have already demonstrated disregard for their users’ data.
B.C. has fallen behind other jurisdictions when it comes to protecting privacy rights. Our citizens deserve better. We must take action to get privacy right.
Michael McEvoy is B.C.’s information and privacy commissioner.
Is there more to this story? We’d like to hear from you about this or any other stories you think we should know about. Email email@example.com.