Everything we do online through our smartphones, tablets and personal computers produces data that can be collected by websites and businesses. This data can include personally identifiable information like our Social Security and drivers license number, our email address, in addition to gender information, information on the device we use, our IP address and geolocation. Our health data and financial information can be collected as well, in addition to information on how many times and which websites we visit, and our online purchase history.
This data is invaluable to businesses, as it can help them to improve customer experience, refine their marketing strategy, and tailor ads specifically to customers' interests. Digital technologies have made collecting data easier than ever before, both in the legal and illegal sphere. This has led to concerns over how data can be used, or misused, and to important debates on internet users' right to privacy.

Data Protection Day
First established in 2006 by the Council of Europe, Data Protection Day is celebrated every year on the 28th January. This date was chosen as it marks the anniversary of the signing of The Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data, in 1981. Also known as Convention 108, this convention is the first legally binding international instrument when it comes to data protection, and it applies both to the private and public sector, to protect individuals and to regulate the flow of personal data across borders.
Data Protection Day is now celebrated worldwide, including in over 47 European countries, the US, Canada and Israel. The event made its way in the US and in Canada in 2008, where it became known as Privacy Day. This year in the US, the National Cybersecurity Alliance (NCA) is expanding the event into a week-long campaign, known as Data Privacy Week.
The aim of this day is to spread awareness on the importance of data privacy, and to educate the general public on how to successfully manage their personal data to keep it safe. The event also encourages businesses to focus their attention on safeguarding and respecting users' data, and to increase the transparency on how users' data is collected, stored and handled. The topic of data privacy has become particularly important since the onset of the Covid-19 pandemic, as more Internet users than ever have resorted to the digital world for work, financial, health care and entertainment purposes.
In occasion of Data Protection Day, every year on the 28th January the Committee of Convention 108 grants the Stefano Rodotà Award, to honour innovative academic research projects in the field of data protection. The award bears the name of Italian law Professor and politician, Stefano Rodotà, who worked to promote fundamental rights, especially in the field of the implementation of data protection in Europe, throughout his life.

What is Data Privacy?
There is often confusion when talking about the topic of data privacy, as this term is often incorrectly used as a synonym of data security. While data privacy and security are closely connected, they focus on different issues. Data Security is an important element to protect data from internal and external threats, especially when it comes to unauthorised accesses, for instance by the hands of a hacker or a malicious internal source. Data Privacy instead seeks to govern how data is collected, shared and used online. In particular it concerns how and where data is stored, who has authorised access to this data, which third parties can this data be shared with, and how data should be handled to protect its confidentiality and immutability.
Data security is essential for data privacy, since if a malicious actor can gain access to users' data, for instance through a cyberattack, then this data is no longer private. On the other hand, even if data is protected via technological means from unauthorised accesses, this does not necessarily ensure that its privacy is respected, as this data could still be vulnerable to misuse by individuals who have the authorisation to access it.

Important lessons from Data Protection Day
Data Protection Day is an important wake-up call, to remind all users the value their personal information can have. The public can also learn more about their rights when it comes to the privacy of their data, and on the ways they can exercise their rights. On the internet there are an infinity of services that ask to access users' data, for instance contact lists, photo albums, and email addresses, to use the service at hand. Internet users should make an informed decision on whether they want to share their data with the specific service, by considering the trade-off of what information is being requested and what benefits the user will get in return. Users should also track which information they have already given access to in the past through apps and websites, and change their privacy settings to match their preference on how much data they are willing to share. It is also important to focus on data safety, by using unique strong passwords to prevent unauthorised access that could compromise personal information.
Data Protection Day also focuses on making businesses realise that protecting their customers' data is in their best interest. With more and more users worried about how their data is being handled, businesses that are clear and transparent about their data privacy policies can inspire trust, enhance their reputation and attract more customers. It is also worth noting that non-compliance with data privacy regulations can lead to fines and legal issues. It is therefore essential for businesses and websites to make sure users' data is processed in a fair manner and collected only for legitimate purposes. Businesses are also responsible for, and should place particular attention on how their vendors and partners collect and use the customer information they are given. Educating employees, vendors and partners on the obligation to respect and protect customer information is recommended to create a culture of privacy within a business or organisation.

The information contained in this article is provided by White Blue Ocean, part of CRIF Group, a global company specializing in credit & business information systems, analytics, outsourcing and processing services, as well as advanced digital solutions for business development and open banking.

Reference List
https://www.businessnewsdaily.com/10625-businesses-collecting-data.html

https://www.coe.int/en/web/data-protection/stefano-rodota-award

https://www.coe.int/en/web/data-protection/data-protection-day

https://edps.europa.eu/data-protection/our-work/publications/events/european-data-protection-day-0_de

https://iapp.org/news/a/an-obscure-brief-and-unfinished-history-of-data-privacy-day/

https://www.ipswitch.com/blog/data-privacy-vs-data-protection#

https://medium.com/golden-data/what-is-coe-108-3708915e9846

https://www.priv.gc.ca/en/about-the-opc/what-we-do/awareness-campaigns-and-events/privacy-education-for-kids/fs-fi/choice-choix/

https://staysafeonline.org/data-privacy-week/about-dpw/#:~:text=January%2024%20%E2%80%93%2028,Data%20Protection%20Day%20in%20Europe

https://www.wired.com/story/wired-guide-personal-data-collection/

The information contained in this article is provided for informational purposes only and does not constitute professional advice and is not guaranteed to be accurate, complete, reliable, current or error-free.