If the FBI, the UK Information Commissioner and the New York State Attorney General Office all knocked on your door you’d be forgiven for letting out a rasping sound of shock and slamming the door in their face while quickly trying to figure out the reason. If you bolted for the back door it would also be understandable. And if, as more likely, you stood there with your jaw hanging down while your mind worked faster than a super computer, it would be equally comprehensible.

Of course, it’s never going to happen unless you happen to have hacked the blueprints for a stealth fighter or long-range hypersonic missiles. However, this trio of organisations are just a few among many knocking on virtual doors on the 28th of January. This is the annual date for the increasingly important international Data Privacy Day.

It’s not just any old day in the calendar. It’s a serious affair. Tech developers, privacy advocates, officers of the law, regulators and more use it as a focal point to report on privacy issues and projects and agree on ways forward to ensure your information doesn't fall into the wrong hands. Having so many heavyweights on your side may be flattering but data privacy is a huge issue. A data breach costs organisations millions of euros to put right.

What does it mean to you?

But what is the cost to an individual? It’s difficult to pin an accurate average figure but some people have been left out of pocket to the tune of €40,000 or more when their data is breached. Others have had to endure the misery of attempting to convince a bank that they didn't authorise a transfer from their bank account.

But breaches of data privacy don’t stop at fraud. The wider issue includes opaque mega-scale data gathering the consequences of which were recently and markedly highlighted by the New York Times.
  • A single file anonymously given to the newspaper held more than 50 billion mobile phone location pings from the phones of more than 12 million Americans.
  • Using the data, the newspaper was able to gain an open book view on individuals by watching mobile pings move across a map. This sometimes revealed hints of faltering marriages, evidence of drug addiction and records of visits to psychological facilities.

Pernicious and invasive

This wholesale sweeping up of an individual’s private information is pernicious and invasive. Before it was busted for political manipulation, the now defunct Cambridge Analytica, openly boasted that it could gather 5,000 data points on any given individual.

This included everything from names and addresses, phone numbers, family members, political leanings, music tastes, shopping habits, medical concerns and treatments, dating preferences and a whole lot more. There are many other organisation doing similar things. A case in point is 23andMe which provides home testing DNA kits.
  • When users signed up for its service they signed a privacy policy, a lot of fine print that looked like any other privacy policy.
  • At a later date, 23andMe then took $300 million from GlaxoSmithKline and in return handed over its customers’ genetic treasure trove to the pharma giant.
  • Did they ask the individuals who had submitted their DNA? Of course not, because they had signed a privacy policy which, buried deep among the fine print, handed ownership of their genetic blueprint to 23andMe.
But such is the typically opaque, often deceptive and sometimes disingenuous world of data collection that this type of practise is not uncommon.

Ultimately Data Privacy Day aims to stem this tidal wave of privacy abuse and by marking this day it signals a fight, among other things, for a more honourable and transparent use of data. But a battle is brewing given that data gatherers, data brokers, and global corporations have so much invested in harvesting and using your personal data.