As consumers and governments become increasingly knowledgeable about data privacy, the importance and relevance of this topic continues to grow. In fact, there is now a global Data Privacy Day to celebrate the passage of the Data Protection Act in 1984. This international event is celebrated every year on the 28th of January to raise awareness and promote privacy and data protection best practices. In this article, we will explore the history and evolution of data privacy.
The beginnings of data privacy
Although data privacy is a relatively recent notion in human history, people’s rights to privacy can be traced back to the drafting of the United States Constitution. Since its inception, tensions have existed between the need for privacy and that for security in American society. The Fourth Amendment to the Constitution states that “the right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures.” This amendment was created as a protest against British dictatorial behavior.
1973 – The Data Act, Sweden
The 1970s saw the rise of computers, which became increasingly common in homes across the world. The first modern data privacy legislation was established in Hesse, Germany, in response to concerns over computer progress and privacy.
Sweden’s 1973 Data Act (“Datalagen” in Swedish) soon followed and was the country’s first comprehensive data protection law, establishing penalties for data theft while also allowing individuals access to their records.
1981 – Data Privacy Day, Europe
On January 28th of 1981, the Council of Europe signed the Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data. In 2007, the custom of celebrating Data Privacy Day on January 28th began, with the intention to raise general understanding of personal data security and rights and duties.
1984 – Data Protection Act, UK
The rest of the Western world swiftly followed suit, the UK government enacted The Data Protection Act of 1984, which established basic rules for data users and access to that data by people to which it pertained.
The regulations of The Data Protection Act of 1984 were updated and replaced with the Data Protection Act of 1998, taking effect on March 1st, 2000.
1999 – Gramm-Leach-Bliley Act aka GLBA, USA
Meanwhile, in the US, the Gramm-Leach-Bliley Act (GLBA) was passed by Congress in 1999. It was a federal law that forced financial firms to disclose how they shared and protected personal customer information. Following this act, financial companies would need to detail how customer data was shared, and offer customers a choice not to have their information shared, and implement security measures.
The GLBA’s Safeguards Rule forms the centerpiece of data protection laws. The act was implemented and enforced by the Federal Trade Commission’s Privacy of Consumer Financial Information Rule (Privacy Rule), as well as other regulatory bodies at the federal and state levels, in addition to insurance supervision agencies.
2000 – International Safe Harbor Privacy Principles, EU-USA
In 2000, the International Safe Harbor Privacy Principles were created. This was a set of regulations intended to regulate the flow of information between the United States and Europe by addressing their many data privacy rules. The European Court of Justice declared invalid the International Safe Harbor Privacy Principles in 2015 because U.S. legislation permitted American intelligence agencies unlimited access to E.U. citizens’ data. In 2016, the EU-US Privacy Shield was adopted as a replacement to the International Safe Harbor Privacy Principles. However, the EU-US Privacy Shield is also no longer valid as of the year 2022.
In 2003, California was the first state to implement data breach notification regulations. Businesses and government agencies in California were required by new legislation to disclose when their clients’ personal information had been exposed as a result of a security incident. The majority of the other states in the United States and several foreign nations have followed suit with this bill.
The plan to develop the GDPR was first announced in 2012 by the European Commission as part of its initiative to strengthen data protection across the EU.
2016 General Data Protection Regulation (GDPR), Europe
In 2016, the General Data Protection Regulation (GDPR) was passed, and it went into force in 2018.
What is the GDPR, and what does it do? The General Data Protection Regulation (GDPR) is a law in the European Union and European Economic Area that covers data protection and privacy. This was designed to take the place of the E.U. Data Protection Directive. When an European Union citizen searches for their name on a search engine such as Google, they have the right to request that their personal information be deleted from search engine results if they submit inquiries to this effect.
Data Privacy in 2022
To keep your data safe in 2022, you should use clearly GDPR compliant services that state specifically how they will or will not be using your data.
cloudHQ’s own GDPR-compliant privacy page is an excellent example of what a company should be displaying when you read their privacy declaration.
Here are some useful tools:
- A browser extension like Get Ad Block blocks ads and the collection of data from websites. Just be sure that necessary pop-ups are not blocked, like those from cloudHQ.
- Install the HTTPS Everywhere extension. HTTPS Everywhere automatically directs you to the most secure version of any site you are trying to visit.
- Enable DNS to determine how to connect to websites over a secure connection. In the Chrome Toolbar, click on your profile pic and then click on the pen icon to edit your Chrome settings. Then navigate to Security and Privacy > Security > Scroll down to “Advanced.” Ensure you enable DNS by clicking on “Use secure DNS“.
Here are some useful articles to explain why you need to be extremely vigilant with ad blockers and VPNs:
If you select an ad blocker to use, don’t just look at verified ad blockers. Make sure you read their blog post too. This is a famous blog post from Get Ad Block. It explains that many ad blockers are actually malware, using its name to trick consumers into installing their extension to steal their data.
Most VPNs are owned by shady companies, so for the time being, we don’t suggest you use any VPNs. If you follow the 3 steps above, you’ll have safe(r) online data privacy than most.
As our digital lives continue to grow, it’s more essential than ever to understand your digital privacy rights and how to safeguard yourself, friends, and family.