In today’s digital age, online privacy has become a commodity. Every day, our personal data is shared – knowingly, but oftentimes unknowingly. In the last two years alone, 90% of the data in the world was generated. The amount of data being created is absolutely mind-blowing and only continues to grow:
- Over 2.5 quintillion bytes of online data are created per day
- More than 4 billion people use the internet (about half of the world’s population)
- Almost 2 billion people will make an online purchase this year
- 4 million blog posts are published per day
- 500 million tweets are sent per day
- 100 million photos are uploaded on Instagram per day
- 5 billion searches are performed per day (Google receives over 63,000 searches per second on any given day)
Why does data privacy matter?
With the monumental growth of a global information economy, companies find tremendous value in using and exchanging data. Gathering information is fast, easy and cheaper than ever. And much of this data consists of personally identifiable information (PII).
While we may have little control over the data economy, it is still critical to be aware of how our personal information is being monitored, collected, used and quite frequently sold. It seems as if there’s a new headline every day about a data breach.
In recent months, data breaches have occurred at multiple healthcare companies, mobile network operators, social networking websites and even the Los Angeles Police Department. Compromised data included names, birth dates, social security numbers, email addresses, credit card information and users’ locations. Over 90,000 websites are hacked every day and one in three data breach victims later experience an identity crime.
Is anything being done?
There is growing public concern with how our information is being stored and used. As a result, the demand to address data privacy has grown.
In 2018, the European Union (EU) introduced significant reform with the General Data Protection Regulation (GDPR) aimed at protecting privacy. In the U.S., the California Consumer Privacy Act (CCPA) was passed aligning with GDPR principles to provide individuals more control over their personal data.
There has been an increasing number of calls for U.S. federal data privacy legislation. Some congressional members are working together to propose a plan. But unless and until the federal government passes a bill, we anticipate states to step in and draft their own legislation, as is the case with California.
So far, in 2019, over £330 million in GDPR fines have been issued. The French National Data Protection Commission imposed a penalty of £50 million, about $57 million, against Google for not properly disclosing to users how data is collected across its services. Marriott International received a £99 million ($123 million) fine resulting from a major security breach where more than 339 million guest records were exposed to hackers and cybercriminals. In the same week, British Airways was issued a £183million ($230 million) fine for exposing payment details and personal information of 500,000 customers.
Where do we go from here?
As information becomes increasingly prolific, organizations face an uphill battle to protect their employees and company. And while it will be challenging to balance your organization’s need for data and a person’s right to data privacy, it’s not impossible.
At Ultimate Software, we’re developing technology to help our customers apply an ethical and compliant approach to data management. After all, in an information economy, maintaining people’s trust to safeguard their private data is all of our responsibility.
This is part one of a three-part series on data privacy and compliance. Stay tuned for more insights about how Ultimate is handling this crucial issue and how we’re leveraging data to support “People First” AI technology.