By Dodeye Ebri
The present-day digital landscape is quite complex: while offering unparalleled connectivity and convenience, it simultaneously exposes individuals to heightened cybersecurity risks. Individuals increasingly navigate a digital landscape intertwined with their personal lives. As online activities overrule daily routines, concerns regarding data privacy and security escalate. This blog post examines the importance of data privacy, explores common online threats, and outlines best practices for safeguarding personal information in the digital realm.
What is Data Privacy and why is it important?
To understand the concept of data privacy, the distinction between data privacy and data protection has to be addressed. Cloudflare defines, “Data privacy as the ability of a person to determine when, how, and to what extent personal information about them is shared with or communicated to others. This personal information can be one’s name, location, contact information, or online or real-world behaviour.”
Data protection, on the other hand, is having legal control over access to and use of data stored in computers. While data privacy provides the opportunity for online users to manage how their data is used and shared, data protection provides the legal backing for when data is misused.
The 2024 Data Privacy Day theme, “Take Control of Your Data,” emphasizes the responsibility individuals hold in safeguarding their personal information. However, it’s crucial to acknowledge that data protection laws and individual control exist within a complex ecosystem. While legal frameworks aim to ensure responsible data handling by organizations, absolute control remains difficult to achieve. The effectiveness of these laws can vary depending on jurisdiction, and enforcement mechanisms may have varying degrees of success. Additionally, the ever-evolving technological landscape continuously challenges the scope and reach of existing legal frameworks.
While recognizing the limitations of data protection laws as discussed above, it’s encouraging to see regulations like Section 28(1) of the Nigeria Data Protection Act (NDPA) taking proactive steps toward individual data control. It states that “data controllers are obligated to perform a data privacy impact assessment where processing personal data could potentially pose a substantial risk to the rights and freedoms of a data subject, taking into consideration the nature, scope, context, and purpose of the data.”
This section mandates data controllers to perform a data privacy impact assessment (DPIA) whenever processing personal data as it poses a high risk to individuals’ rights and freedoms. This requirement empowers individuals by shifting the responsibility onto data controllers. By requiring a DPIA, the law compels organizations to proactively evaluate potential privacy risks and implement necessary safeguards before processing data.
Data breaches, unfortunately, extend beyond the digital realm. Offline breaches can occur due to improper physical document disposal, and exposing sensitive information to unauthorized individuals. Additionally, mishandling sensitive data, even within authorized access, can lead to unintentional disclosures. This highlights the multi-sided nature of data security and the need for vigilance across all areas.
Therefore, individual empowerment through responsible online behaviour and informed choices remains paramount. Understanding data collection practices, adjusting privacy settings, and employing robust security measures like strong passwords and multi-factor authentication are crucial steps individuals can take to mitigate risks and reclaim ownership of their data within the boundaries set by the legal landscape.
Photo source: https://its.hku.hk/news/information-security-and-personal-data-protection-awareness-week-2022/
How can you protect your data?
- You can protect your data by using services with encryption features. Encryption entails putting a secret code on a message so that only those with the right “key” can understand or decipher the original content. It helps protect sensitive information, such as personal data, passwords, or financial details, by making it unreadable to anyone who doesn’t have the proper decryption key.
Social messaging platforms like Signal, WhatsApp, and Telegram use end-to-end encryption.
- Multi-factor and Two-factor Authentication (2FA) are security processes that add an extra layer of protection beyond just a password. In simple terms, it requires two or more different types of identification before granting access to a system or account.
Amazon Web Services (AWS) distinguishes MFA and 2FA to be;
- Something You Know (Password): The first factor is something you know, like your password. This is the standard way most systems authenticate users.
- Something You Have (Authentication Code): The second factor is something you have, typically a temporary code sent to your mobile device or generated by an authentication app. You need this code in addition to your password to log in.
- Something You Are (Features): This involves biometric factors like fingerprints, retinal scans, or facial recognition.
By requiring all factors, even if someone knows your password, they still need the second piece (the code from your phone, for example) to gain access. Multi-factor and Two-factor authentication significantly enhance the security of online accounts by making it more challenging for unauthorized individuals to access your information.
- Avoid using free Wi-Fi: When you are in a public place, avoid connecting your mobile phones or computers to public Wi-Fi. If you must, do not use it to make financial transactions or send messages that have personal/private details in them. Another mechanism you can adopt is to use VPNs. Virtual Private Networks (VPNs) allow you to connect to the internet through an encrypted tunnel, ensuring that your online activities remain private and secure.
- With so much of our information online, oversharing on social media can be a contributor to getting hacked. While posting on social media, be sure to take into cognizance the specifics of the information (e.g. personal details like favourite color, favourite pet, or childhood home). All of these are pertinent information to hackers that can be used to create your identity and persona to aid their malicious activity.
- Profile Trees’ 2023 Recent Statistics of the Most Common Attacks, states that Phishing attacks have increased by 130.5% since 2017, and they are still on the rise. Phishing is another means through which hackers and scammers attempt to gain unauthorized access to someone’s data. Phishing entails deceptive tactics aimed at tricking individuals into divulging sensitive information, such as usernames, passwords, or other confidential details.
You fall for a phishing scam when you open spam links on texts, emails, or links that lead to fake websites. To protect yourself from phishing attempts, avoid clicking on links or messages you don’t know who the sender is. Also, double-check the legitimacy of emails you’re unsure of before opening their attachments (e.g., Nigerian Prince emails proposing money to be claimed).
Conclusion
In today’s world, the digital landscape plays a significant role in our daily lives, taking control of your data is more than a safe choice. It’s a crucial responsibility. Implementing the practices outlined in this blog post, such as encryption, multi-factor authentication, and mindful online behavior, forms the foundation for individual cybersecurity and protection against potential threats.
However, individual vigilance alone cannot adequately address the challenges of the digital age. This is where organizations like the Public and Private Development Centre (PPDC) play a crucial role. PPDC’s commitment to good governance and individual empowerment fosters collective action and promotes responsible data practices through collaborative initiatives and targeted advocacy. By championing transparency, accountability, and robust legal frameworks, PPDC empowers individuals and organizations to navigate the online environment with greater confidence and security.
Remember, safeguarding your digital footprint is not just self-protection; it’s about contributing to a safer, more trustworthy online ecosystem for all. By adopting proactive measures, and advocating for responsible digital citizenship, we can collectively build a secure and sustainable digital future for everyone. The journey toward effective data governance begins with individual awareness and action, but its success hinges on collaborative efforts and shared responsibility.