I try to think of myself as a realist because pessimism sounds negative. I'm a realist. And that's why I had to get real for a moment last night on Twitter. I've been trying to come up with a way for Osano to celebrate Data Privacy Day, which is coming right up on Jan. 28. And everything I thought of just felt disingenuous. Or weird.
It led me to send an SOS tweet. But it turned out I wasn't the only one feeling that way.
Sending my slightly pessimistic (again, I say realist) sentiment, I felt a bit worried I'd hurt some feelings. What about the person who has their Data Privacy Day routine on lockdown? What about the person who looks forward to the day all year, ripping pages from the desk calendar like a Christmas countdown? Would I hurt them if I said the day feels like a strange exercise? But I was relieved to find that at least 50 people felt comfortable indicating they think the same.
Listen I have to admit something: I really don’t like Data Privacy Day. I can NEVER think of a way to get people “excited” about it. “hey there’s no food or gifts or Mardi Gras beads. But you should just put a party hat on and delete some stuff alone at your laptop. You in?!”— Angelique Carson (@privacypen) January 20, 2022
But let's step back for a second: What is Data Privacy Day anyway? Dan Caprio had an answer.
Data Privacy Day began 15 years ago with the noble aspiration to put consumers privacy first every day.— Dan Caprio (@dwcaprio) January 21, 2022
Dan is right. It's a noble aspiration. And it's nice to feel like the thing you spend 40-80 hours a week trying to operationalize actually has an international day of recognition. Data Privacy Day in the U.S. started in 2008, but it's been celebrated in Europe ever since the 1981 signing of Convention 108, an international treaty that codified individuals' data protection. Convention 108 is an important instrument, for sure. I don't make light of it.
Plus, I dig that there are people out there making it work for them. Of course, privacy and data protection still need evangelizing. The more we can all do to spread some awareness on the better. Jolynn here is crushing her Data Privacy Day aspirations. Or she was until COVID.
Well…. Pre-Covid I always brought my privacy law class donuts on privacy day. Covid indoor Food rules cramping the celebration. 🍩🍩🍩 I remain a fan of DPD though. International collaboration and privacy awareness both things to celebrate 😃 @hofftechpolicy #dataprivacyday2022— Jolynn Dellinger (@MindingPrivacy) January 21, 2022
Christy had some interesting takes on how to make Data Privacy Day 2022 work for her.
Maybe it should be Data Privacy PROFESSIONALS' Day and then people can give *US* gifts of data deletion confirmations, opt-out assurances, and webcam covers. And everyone will clamor to be privacy experts just like us so they can have their own special day, too!— Christy Harris (@TooDistracted) January 21, 2022
And it could be an official global holiday where we won't have to do extra work to be recognized! Who's my congress person to make this happen??— Christy Harris (@TooDistracted) January 21, 2022
Then things started to get colorful. I was gone doing a webinar for literally 60 minutes and came back to some outside-the-box suggestions on how to celebrate Data Privacy Day.
Perhaps the answer is to make it more like St. Patricks pick a color for your beer and go at it… says the non-drinker…— J. Esquenazi @ privacy (@JEsquenaziMX) January 20, 2022
A special beer for data privacy day? Hmmm.— Cobun Zweifel-Keegan (@cobun) January 20, 2022
I like my data processed just like my beer:
- small batches
- quality inputs
- well filtered
- something something right to be forgotten
If you get tossed beads on data privacy day you have to show your IP Address— Michael Rose (@Michael_ARose) January 20, 2022
In the end, I think we all have to decide for ourselves what kind of Data Privacy Day we choose to observe.
That's a fair assessment - maybe data privacy day is more about a moment of awareness of this crazy profession we're in ? 🤷♀️🎉🙏— Heather 🔮 Federman (@FedaHeda) January 20, 2022
We should be celebrating surviving it. :)— Brandi Bennett (@bbennettesq) January 20, 2022
Cheers to that, Brandi. I can definitely get down with celebrating surviving another year in an industry that is constantly changing and in flux. GDPR fines are increasing, data-transfer agreements overseas are uncertain, and new privacy laws are emerging everywhere from Virginia to Saudi Arabia. We should take a moment to recognize ourselves. This is hard, complicated work. And we're getting it done in the middle of a pandemic, which shouldn't be overlooked, even now.
If you celebrate formally or decide to lay low, I hope we all pour a spritzer or a seltzer and cheers ourselves in the mirror this Data Privacy Day.
Imagine I'm clinking your glass when you do, ok? And enjoy a round-up of this week's major privacy news. I'll see you next week!
This week's top privacy news
Google pushes harder for data-transfer agreement post 'Analytics' decision
Google is putting its lobbying teams to work, pressuring U.S. and European lawmakers to come up with a solution to cross-border data transfers. Ever since Privacy Shield was dismantled as a legal solution to export EU data to the U.S., companies have eagerly awaited diplomatic negotiations to bear fruit. But last week, Austria's data protection authority decided a website's use of Google Analytics violates the GDPR because it's unsafe from U.S. law enforcement's prying eyes once it's transferred. So the urgency of a legal negotiation just turned up a dial or two.
Apple and Google to Congress: Antitrust bill would harm users' privacy and security
This week, Apple and Google told lawmakers that bipartisan antitrust legislation that aims to level the tech space by limiting big companies' market power would threaten users' privacy and security. Apple, for example, said a mandate that Apple would allow users to install apps outside the App Store would expose users to risks. But a Congressional spokesman said such arguments are "a desperate attempt to preserve their app store monopoly, which they use to charge huge fees from businesses they are competing against."
GDPR fines increased sevenfold in 2021
Fines for violating the GDPR increased sevenfold in the last year, CNBC reports. According to a DLA Piper report, since Jan. 29, 2021, EU data protection authorities have fined companies a total of $1.25 million. The year prior, the fines totaled $180 million. Big tech companies took the brunt of the fines last year: Luxembourg fined Amazon $850 million, and Ireland fined WhatsApp $266 million, among others.
New bill would forbid targeted advertising with personal data
U.S. lawmakers have introduced the Banning Surveillance Advertising Act to forbid advertisers from using personal data for targeted advertising except for "broad location targeting to a known place," reports the Jurist. The bill would protect data including communication content, browsing history and customer lists from targeting. It would give the Federal Trade Commission and state attorneys general to enforce new regulations.
Maine bill would amend Constitution to include a right to privacy
Rep. Margaret O'Neil, D-Saco, has introduced a bill that would explicitly grant Maine citizens the right to privacy in the state's Constitution. It would also require law enforcement to get a warrant before searching or seizing an individual's electronic data or electronic communications. O'Neil submitted the bill in last year's legislative session but has amended the version the Judiciary Committee will workshop this week.
Facebook loses bid to get US privacy lawsuit dismissed
A California judge granted consumers suing Facebook a partial win when she denied the company's request to dismiss the claims. The lawsuit alleges Facebook "exploited user data to thwart industry competitors," Reuters reports. Judge Lucy Koh ruled that consumers can continue to pursue allegations that Facebook falsely represented its data privacy practices, including that it wasn't sharing users' data with third parties.