Do you know that data protection is a growing global concern since we left the era of rotary phones in our homes to smartphones in our pockets? I mean, as technology advances.  

You may wonder why? Well, the estimated 3 billion Yahoo accounts that were impacted by a data breach in 2013 is a good example to reference. Considered as the largest known data breach, the 2013 data breach resulted in users’ email addresses, telephone numbers, dates of birth and passwords being stolen. Do we really need privacy to protect this information? Yes! 

“Privacy is not something that I’m merely entitled to, it’s an absolute prerequisite.” – Marlon Brando. 

A data breach poses threats to international organizations, small and mid-sized businesses (SMBs), and individuals as there’s no silver bullet to the many dangers that individuals face when they have internet access. A single click on your smartphones to perform a series of activities or transactions, from applying for a job, signing up for online accounts, to subscribing to websites - all of which require that you give out your personal information at some point can make you vulnerable to a data breach. 

Always remember this: 

“Be a little suspicious. A very large number of attacks rely on simple social engineering. Ask yourself next time you receive an e-mail claiming you have won an iPad or received a FedEx package — is this probably real? Would it happen to me walking down the street? Scams today aren’t all identifiable by poor grammar and spelling mistakes, as they once were” - James Lyne, Cybersecurity Expert 

Companies also have to be cognizant of consumer expectations about their privacy while meeting their business goals.  How can companies have a win-win use of individuals’ personal data while complying with global privacy regulations? The answer would be to have a well-structured privacy program.  

A privacy program is a framework for businesses to mitigate privacy risks while fulfilling privacy regulatory requirements. A privacy program helps an organization comply with global privacy laws such as the General Data Protection Regulation (GDPR). It also enables organization to identify weaknesses, reduce privacy risks and ensure mitigate privacy risks. Data is of strategic importance in the digital economy, with social, economic and governmental activities increasingly carried out online. As a result, the flow of personal data is expanding fast. For instance, take a look at your phone, how much information about you is stored on it, and how safe do you think that information is? Do you shop online, exchange messages on social media, and search for information online? Of course, you do as it's almost impossible to participate in modern life without accessing the internet, and you probably lock your phone and keep it safe because you would hate for all that information about you to be in anyone else's hands. If you are an organization, you would hate for the data collected from your customers to be stolen or misused. 

 Current trends show that more privacy regulations that give consumers control over their personal data will be enacted. In 2020, the California Consumer Privacy Act (CCPA) and the Brazilian Data Protection (LGPD) Regulation became effective. South Africa’s Protection of Personal Information Act (POPIA) will take effect on July 1, 2021 and Thailand’s Personal Data Protection Act which has a grace period of 12 months will take effect next year. A study by Gartner shows that by 2023, 65% of the world’s population will have their personal data regulation by a privacy regulation.  Organizations will therefore need a privacy program to comply with all these regulations as non-compliance results in financial penalties for an organization.    

Privacy program is no longer a business choice. Creating and implementing privacy programs is already required under privacy regulations such as the GDPR and LGPD. As more privacy regulations are passed, it makes sense for businesses to develop privacy programs for compliance.  If you need more information about a privacy program or its components, please enroll in the following Udemy Courses: How to build a Privacy Program for your Organization and The Main Components to include in your Privacy Program.