Privacy Law Update: January 31, 2022
Friday, Jan. 28, is Data Protection Day (in the EU) or Data Privacy Day (in the U.S.). But how did this day originate? The history of January 28. The day was initiated by the Committee of Ministers of the Council of Europe in 2006. Often synonymous and confused with the EU, the Council of Europe formed in the wake of World War II. Resolutions from the Council of Europe on the privacy of individuals preceded and even served as partial catalyst to the earliest national data protection laws in Austria, Denmark, France, Germany, Luxembourg, Norway, and Sweden.
To stay apprised of the hundreds of data protection laws that exist across the globe, the IAPP Westin Research Center announces the creation of a single indexed resource of these laws — the “Global Privacy Law and DPA Directory.” The interactive map identifies those countries with data protection laws and within each country’s listing, you can link to a resource containing the data protection law, the data protection authority and relevant IAPP resources (if available).
European Data Protection Supervisor Wojciech Wiewiórowski wrote a blog post discussing the state of EU data protection ahead of Data Privacy Day 2022 celebrations 28 Jan. Wiewiórowski noted steps forward through Convention 108 and the EU General Data Protection Regulation, but added there is “still more to strive for, to achieve for data protection to work for all of us in Europe’s digital future.” Notably, he called on EU data protection authorities to “work together to promote the consistent application of data protection rules according to the EU’s values and principles.”
The collection and use of personal data have grown at an unprecedented rate in recent years, accelerating even faster during the pandemic amid the digital shift. Heather Paunet, senior vice president at Untangle, noted: “In today’s connected era, people disclose personal data during dozens of daily interactions, from online shopping, healthcare portals, social media, wearable devices to streaming services. This data is used to create profile-specific experiences across a multitude of devices and mediums, resulting in personalized, effective marketing campaigns.” Unfortunately, this information is also viewed as highly valuable by those with nefarious intentions, from cyber-criminals motivated by financial gain to governments wishing to use this data as a means of surveillance and control.
“Privacy’s Return on Investment (ROI) remains high for the third straight year, with increased benefits, especially for small-to medium-size organizations and higher ROI for more privacy-mature organizations,” says the report, which was based on a survey of 4,900 respondents in 27 geographies who indicated they are familiar with the privacy processes at their organizations. Asked to estimate the financial value of the benefits from their privacy investments, the average estimate was up three per cent from US $2.9 million last year to US$3 million in 2021.