The Evolution of Internet Privacy Laws and How They Are Shaping the Future of You & Your Data

More than four billion people around the world use the internet every single day. Concerns about the loss of privacy need to be dealt with. With the help of social media and complex data mining algorithms, information can spread quickly and grow by leaps and bounds; Reed Elsevier LexisNexis (RELX) is a Frankenstein's monster of a company made up of several publishers and data brokers. They not only publish content, but they also sell our personal information.

Communication and trade are conducted online in this borderless utopia. In the Web 2.0 age, hundreds of millions of people utilize social media like Facebook, Instagram, Twitter, Google, and LinkedIn. Privacy and security procedures are becoming more important. Security breaches threaten consumer data in all businesses, large and small (which may include sensitive personal data). Personal identifying information (PII) is information that can be found in personal data. A person's PII comprises their name, address, birthday, SSN, fingerprints, and photograph. Interests, purchases, and Internet use are all "sensitive" factors (i.e., likes and dislikes, as provided or obtained through social media). In addition to financial losses, data breaches can harm credibility, confidence, and public trust.

What exactly is Internet privacy?

Internet privacy, sometimes referred to as "online privacy," is a subset of data privacy and a fundamental human right. In the press and elsewhere, online privacy is a hot topic. It basically refers to your right to privacy when displaying, storing, or disclosing information about oneself on the Internet. Privacy and safety are intrinsically linked. When people have greater privacy, they feel safer.

What are the issues with internet privacy?

Many people are keeping an eye on your internet activities (including websites and marketers). Cookies and other technologies track your online actions and build a profile of your browsing behavior. To facilitate law enforcement, certain governments monitor internet behavior. Even if you have nothing to do with the documents, the government can access them. Fortunly,?forecasts 49 million identity thefts until 2021. Cybercriminals steal your identity by using malware, spyware, and phishing. Cybercriminals use information that has been given or stolen to create new credit card accounts, purchase electronic or physical things, and commit financial fraud. Money and credit repair might take years.

What about the laws in different countries about privacy?

Let's acquire a bird's-eye view of the international legal system.

In terms of protecting individual privacy, California has led the way among the states of the US. The California Consumer Privacy Act (CCPA) was recently revised by the California Privacy Rights Act (CPRA), allowing Golden State residents more control over the commercial use of their personal data. As more states, such as Virginia, Connecticut, Colorado, and Nevada, implement comprehensive privacy legislation similar to California's, it becomes increasingly important to comprehend California's privacy standards.

The California legislature and governor enacted the California Consumer Privacy Act (CCPA) in 2018. On January 1, 2020, it was officially implemented. The majority of Californians for Consumer Privacy, who pushed to pass the CCPA, are concerned that it does not go far enough to protect customer privacy. They initiated a movement to protect individuals' data from unauthorized access and usage.

In 2020, voters decided on a bill (the California Privacy Rights Act, or CPRA) that revises the CCPA with new text and addresses issues with its application and enforcement.

The California Consumer Privacy Act (CPRA), which is essentially an updated version of the California Consumer Protection Act (CCPA), has all the information you need concerning the state's privacy laws. Also, most of it goes into effect on January 1, 2023, so get ready. The CPRA applies to data collected as of January 1, 2022, so in many ways, we are now in the CPRA era. The new CPRA stands out because it requires all businesses that handle customer data to adhere to the same "privacy principles."

a). Information about data subjects may only be used for the purpose for which it was acquired (purpose limitation).

b). For data protection purposes, information regarding children under 16 may only be collected with their parents' or guardians' consent. Another change is that there will be a 12-month wait before parents are asked again for permission to collect a child's personal information after they have already given it.

c). After data has been utilized for its intended purpose, it must be erased or otherwise discarded.

d). The level of security employed should be determined by the privacy risks associated with unauthorized access, and no additional steps should be implemented to protect against these risks.

The General Data Protection Regulation says that every country in the European Union(EU) must follow its rules.

As a piece of legislation of the European Union (EU), the General Data Protection Regulation (GDPR) imposes rigorous standards on how businesses and other organizations must manage the personal information of consumers to ensure its security.

What defines "personal data" is any information that, alone or in connection with other information, can be used to identify a specific individual. Name, telephone number, and address are examples of the most basic sorts of personal data.

Also considered private information are a person's likes and dislikes, purchases, health, and internet usage. The term "data processing" comprises all actions involving data, including collecting, storing, utilizing, sharing, erasing, and destroying. The General Data Protection Regulation (GDPR) mandates that all businesses that interact with customers or workers must assure the accuracy of the data they collect and use.

In Australia, privacy, security, and data protection concerns are on the rise, and this bill was a smart first step in addressing these issues. After recent cyber events, it is reasonable to expect that concerns about personal data loss would be at the forefront of people's minds. The Australian parliament passed the Privacy Legislation Amendment Bill 2022 on November 8, 2022. If the privacy measure is to be adequately understood, it must be improved, clarified, and justified more extensively than what is offered in the first reading. Section 13G of the Privacy Act requires clarification in the following areas: (a) what constitutes "severe interference" in existing paragraph 13G(a); (b) the meaning of "benefit" in proposed subsection 13G(3); etc.

How does the organization manage privacy concerns while adhering to laws and standards?

The Privacy Framework, issued by the United States National Institute of Standards and Technology (NIST), can assist your business in establishing privacy-related objectives. It can assist you in identifying possible privacy concerns and maximizing personal data while limiting privacy breaches. According to NIST, the Privacy Framework will assist firms in identifying and dealing with emerging privacy issues. Determine who will be subjected to data collection and how they are related to the organization. Geographic factors have the most influence on how privacy rules are administered. You may be able to establish which privacy rules to apply if you know where a person lives, works, and travels.

What are your suggestions or quick methods for improving personal online privacy?

First, cut down on the number of online collections you maintain. Use complex, random passwords and two-factor authentication for all of your online accounts. Someone who gains access to your Wi-Fi network might potentially steal your personal data. Turn off the social network feature that identifies users' whereabouts in posts, images, and comments. Even if you just visit a site periodically, using a browser is preferable to installing an app.

second,Bing and Google respectively own the Chrome and Edge web browsers. Sites that support HTTPS Everywhere are encrypted, protecting users' financial data when using public Wi-Fi. The use of an ad/tracking blocker prevents tracking by websites. A virtual private network encrypts your web traffic so that it cannot be intercepted by hackers. In terms of privacy, the Tor browser is unrivaled.

Third, encrypt all of your files so that no one, not even you, can access them without a password on Windows or Mac. You should always delete all data and return a device to its factory settings before selling or giving it away. If your phone's lock screen shows previews, an attacker can bypass two-factor authentication even if they know your PIN.

"Privacy rules must prohibit arbitrary or unlawful intrusion, but privacy is not absolute," argues Five Eyes, an intelligence alliance made up of the governments of the United States, the United Kingdom, Canada, Australia, and New Zealand. When a court or independent authority has permitted access to normally private information based on a court order or other legal basis, "it is an established principle that proper government agencies should be able to seek access to such information."

Further Reading:?

Regulation/Law reference across regions:?

• United States: California Privacy Rights Act (CPRA):?https://iapp.org/media/pdf/resource_center/ca_privacy_rights_act_2020_ballot_initiative.pdf ?
• California Privacy Protection Agency: https://cppa.ca.gov/ ?
• California Consumer Protection Act(CCPA):https://leginfo.legislature.ca.gov/faces/codes_displayText.xhtml?division=3.&part=4.&lawCode=CIV&title=1.81.5 ?
• European Union(EU): General Data Protection Regulation(GDPR):https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN ?
• Australia:?https://www.aph.gov.au/Parliamentary_Business/Bills_Legislation/Bills_Search_Results/Result?bId=r6940
• China: Personal Information Protection Law(PIPL): https://digichina.stanford.edu/work/translation-personal-information-protection-law-of-the-peoples-republic-of-china-effective-nov-1-2021/ ?

General Reading:?

• Privacy Framework: https://www.nist.gov/system/files/documents/2020/01/16/NIST%20Privacy%20Framework_V1.0.pdf ?
• International Association of Privacy Professionals (IAPP): https://iapp.org/about/ ?
• Privacy Tech Vendor Report: https://iapp.org/media/pdf/resource_center/2022TechVendorReport.pdf ?

Certification:?

• CIPT - Technology: The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements: https://iapp.org/certify/cipt/ ?
• CIPM - Operations: The first and only privacy certification for professionals who manage day-to-day operations: https://iapp.org/certify/cipm/ ?
• CIPP- Laws and regulations: The global standard for the go-to person for privacy laws, regulations and frameworks: https://iapp.org/certify/cipp/ ?

#privacy #cybersecurity ?#security ?#technology ?#dataprotection ?#infosec ?#hacking ?

#datasecurity ?#tech ?#hacker ?#informationsecurity ?#cybercrime ?#data ?#dataprivacy ?

#cyber ?#cyberattack ?#linux ?#cybersecurityawareness ?#malware ?#gdpr ?

#ethicalhacking ?#internet ?#programming ?#hackers ?#encryption ?#databreaches ?

#business ?#computerscience ?#coding ?#protection #iapp #ccpa #cpra #nist

Disclaimer: This blog or post is written by an individual. Unless otherwise stated, any views or opinions expressed on this site are only those of the author and not those of any other people, institutions, or organizations with which the author may or may not be professionally or personally connected. Any ideas or comments made are not meant to be mean to any religion, ethnic group, club, organization, company, or person.