National Cyber Security Alliance Encourages Businesses to Support Data Privacy Day on January 28
Annual Day of Awareness Reminds Companies of the Critical Importance of Respecting Consumers’ Privacy and Safeguarding their Personal Data
WASHINGTON, Jan. 13, 2015 - To launch the eighth annual Data Privacy Day on January 28, the National Cyber Security Alliance (NCSA) urges all businesses to create a culture of privacy by initiating more transparent data collection and usage practices and, where possible, offering easy-to-use controls for consumers to manage their information. NCSA ‒ the nation's leading nonprofit public-private partnership promoting the safe and secure use of the Internet ‒ assumed leadership of Data Privacy Day in 2011 and works to uphold the basic tenet of “Respecting Privacy, Safeguarding Data and Enabling Trust." In addition to developing business-focused initiatives, Data Privacy Day is dedicated to helping the public better understand how to protect personal information and navigate the online world.
“Consumers are becoming increasingly aware and concerned about their privacy online ‒ specifically how information is being used and how it’s protected. We can only build a safer, more trusted Internet if everyone works in collaboration to make respecting and protecting personal information a priority,” said Michael Kaiser, NCSA’s Executive Director. “Businesses play a critical role in the privacy landscape. The more they do to strengthen privacy and security practices, the closer we will be to recognizing the full potential of the Internet. Looking ahead, there are tremendous opportunities to improve our lives. Just think about emerging technologies such as the Internet of Things (IoT) or how we manage personal health information. It is imperative that businesses immediately implement good data stewardship practices in these areas and across the Internet to achieve the full potential of such remarkable innovations.”
To help companies build trust with consumers about how their personal information is collected and used, NCSA convened a multi stakeholder group to develop simple, actionable, concrete tips specifically for businesses to initiate. The following Privacy is Good for Business tips were created by privacy experts in civil-society, non-profit, government and industry and aspire to help business address the public’s growing privacy concerns:
Privacy is Good for Business Tips
- If you collect it, protect it. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access.
- Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer may expect their data to be used.
- Build trust by doing what you say you will do. Communicate clearly and concisely to the public about what privacy means to your organization and the steps you take to achieve and maintain privacy.
- Create a culture of privacy in your organization. Explain to and educate employees about the importance and impact of protecting consumer and employee information as well as the role they play in keeping it safe.
- Don’t count on your privacy notice as your only tool to educate consumers about your data practices.
- Conduct due diligence and maintain oversight of partners and vendors. You are also responsible for how they collect and use personal information.
“Nearly every company is a data company today, and we all have a role to play in accelerating progress and respecting privacy freedoms,” said David Hoffman, Director of Security Policy and Global Privacy Officer of Intel. “The pursuit of both goals must be the defining value of our work. Privacy AND progress, not privacy OR progress. Let Data Privacy Day remind us all to respect privacy and safeguard data.”
“Data Privacy Day sparks an important dialog about privacy and security,” said Andrew Lee, CEO of ESET North America and Co-Chair of the San Diego Cyber Center of Excellence. “With a staggering 43 percent of companies having experienced a data breach, and personal information of nearly half of the U.S. adult population exposed by hackers last year, it is now more important than ever to educate the public about the reality of the vulnerabilities of our data.”
The following presents an assortment of business-focused resources created to educate companies about transparent online practices:
- In addition to the tips above, more Privacy is Good for Business tips can be found on the NCSA portal http://staysafeonline.org/data-privacy-day/privacy-tips/businesses.
- Download NCSA’s Privacy is Good for Business infographic, which showcases new research from Andy Serwin, CEO & Executive Director of the Lares Institute. (http://dprivacyd.info/1Cf1F6f).
- Read Andy Serwin’s “Cyberside Chat‒The Business Case for Privacy,” http://www.laresinstitute.com/archives/4571.
- Visit http://www.staysafeonline.org/data-privacy-day/ for a library of Data Privacy Day materials including collateral, information about becoming a Champion, additional tips and other valuable resources.
- Visit http://go.bbb.org/data-privacy-day for the Better Business Bureau’s “Data Privacy Day Message for Business.”
- The Department of Homeland Security (DHS) is dedicated to helping businesses improve their cybersecurity posture. Businesses can access the following resources for more information:
- The DHS Stop.Think.Connect.™ Campaign provides cybersecurity materials and tips for businesses of all sizes. Materials can be downloaded and distributed to employees to help establish a more educated staff and workforce.
- The DHS Critical Infrastructure Cyber Community C3 Voluntary Program supports industry in increasing cyber resilience, promotes awareness and use of the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and encourages organizations to manage cybersecurity as part of an all-hazards approach to enterprise risk management.
- The Federal Small Biz Cyber Planner is a tool for businesses to create custom cybersecurity plans. Developed in partnership between the Federal Communications Commission, DHS, the National Cyber Security Alliance (NCSA), and private sector partners, the Small Biz Cyber Planner includes information on cyber insurance, advanced spyware, and how to install protective software.
- Safeguarding sensitive data is just plain good business. Are you taking steps to protect personal information? Check out the Federal Trade Commssion’s interactive tutorial to find out.
- Download the International Association of Privacy Professional’s Privacy 101 for SMEs: The Best Defense Is a Good Offense for tips to help small businesses safeguard consumer data, build trust and “avoid boosting newspaper sales with sensationalist business titles.”
So that critical information about data protection is delivered to mainstream audiences, NSCA has teamed with various groups to host privacy events ‒ open to the general public ‒ in several cities nationwide and virtually. Business-focused events taking place in honor of Data Privacy Day are:
- #ChatDPD Twitter Chat: Privacy is Good for Business (Virtual – Twitter Chat; Date: Jan 14, 2015; Time: 3pm-4pm EST) A 2014 privacy study found the most important issue for the majority of Americans is transparency: to understand how a business collects, uses and shares personal information. This #ChatDPD will provide tips to help businesses better address consumer privacy concerns and avoid privacy practices that are perceived as bad or “creepy” and that can also harm a company’s reputation.
- Data Privacy Day San Diego - The Future of IoT and Privacy (AMN Healthcare Inc., 12400 High Bluff Drive, San Diego, CA.; Jan 28, 2015; Time: 9am ‒ 6pm PST) Join the Lares Institute, Morrison & Foerster and the National Cyber Security Alliance for Data Privacy Day in San Diego. This event will bring together privacy luminaries to discuss fundamental issues facing consumers and businesses, including in-depth panel discussions on privacy, the Internet of Things (IoT) and many other critical topics. Speakers include chief privacy officers from eBay, ADT and Farmers Insurance and many other privacy thought leaders. Lunch will be provided and a networking cocktail hour will follow the event. For more information and to register, please visit www.mofo.com/SDPrivacyDay.
- IAPP Privacy After Hours (Date: Jan 28, 2015; Multiple locations and cities) The International Association of Privacy Professionals (IAPP) is holding its next Privacy After Hours night in recognition of Data Privacy Day. Privacy After Hours nights are fun, member-organized gatherings that welcome anyone interested in the subject of privacy. These events will be taking place in cities around the world. For more information and to register for a Privacy After Hours event near you, please visit https://privacyassociation.org/connect/privacy-after-hours/.
- Kick Starting a Privacy Program (Virtual Webinar. Date: Jan 28, 2015; Time: 12:00pm ‒ 1:00pm EST) This webinar is hosted by PRIVACY REF in conjunction with the Chamber of Commerce of the Palm Beaches. The webinar will share information on how to start a privacy program as well as further develop and maintain it. Questions about specific aspects of a privacy program and policies are encouraged. For more information and to register, please visit http://palmbeaches.chambermaster.com/events/details/kick-starting-privacy-program-part-of-the-knowledge-series-3793.
- Data Privacy Day San Francisco – Open Forum: Data Privacy Trends 2015 (W Hotel, 181 Third Street, San Francisco, CA.; Jan 28, 2015; Time: 5:30pm ‒ 8:30pm PST) The ever-growing demand for big data. Increasingly effective "bad actors," leading to the worst year on record for data breaches. Privacy practices designed only to deal with compliance or breach response; conflicting global privacy laws; a growing concern among consumers about who's doing what with their data: these and other factors are impacting corporate and consumer needs and behaviors around data privacy like never before. Forrester Research predicts that privacy will be a top business technology agenda item for 2015. Here is your chance to learn candid, up-to-the-minute views from an impressive panel of leading thinkers about what matters most in data privacy for the year ahead. This event is presented by Churchill Club, TRUSTe and NCSA in support of Data Privacy Day. Be the first to gain access to recently released NCSA and TRUSTe research with thought-provoking insights into consumer attitudes about privacy.
Businesses can also get involved by becoming a Data Privacy Day Champion – an initiative that provides companies and organizations the opportunity to officially show their support and commitment to Data Privacy Day’s basic tenet: "Respecting Privacy, Safeguarding Data and Enabling Trust." Champions can include companies of any size, educational institutions, non-profit organizations and government entities. Registering as a Champion is easy and does not require any financial support. Please visit NCSA’s Data Privacy Day Champions page to submit registration and learn more. A full list of Data Privacy Day’s current Champions, which now number 200, can be accessed here. In addition, a variety of business-focused events, webinars and informational “happy hours” will take place nationally. Visit http://www.staysafeonline.org/data-privacy-day/events/ for a complete listing.
About Data Privacy Day
Led by the National Cyber Security Alliance, Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. The Day commemorates the 1981 signing of Convention 108 – the first legally binding international treaty dealing with privacy and data protection. On January 27, 2014, the 113th U.S. Congress adopted S. Res. 337, a nonbinding resolution expressing support for the designation of January 28 as "National Data Privacy Day." Ghostery is the Leading Sponsor of Data Privacy Day while ESET and Intel are Contributing Sponsors. Participating Sponsors are Alston & Bird LLP, Lockheed Martin and Morrison & Foerster. Small Business Sponsors include the Churchill Club, the Georgia Tech School of Interactive Computing and Scheller College of Business, Golden Frog, PRIVATE WiFi, PRIVACY REF, Reputation.com and SnoopWall. The official hashtag of Data Privacy Day is #DPD15.
About The National Cyber Security Alliance
The National Cyber Security Alliance is a non-profit organization. Through collaboration with the government, corporate, non-profit and academic sectors, the mission of the NCSA is to educate and empower a digital citizenry to use the Internet securely and safely protecting themselves and the technology they use and the digital assets we all share. NCSA board members include ADP, AT&T, Bank of America, Comcast Corporation, EMC Corporation, ESET, Facebook, Google, Intel, McAfee, Microsoft, Raytheon, Symantec, Verizon and Visa. Visit www.staysafeonline.org for more information and join us on Facebook.