It may not compare to New Year’s Eve or Valentine’s Day, but Data Privacy day should be noted, if not celebrated. 

Data privacy is about how the technological world cares for the myriad of data that exists in hard copy, electronics systems and on the internet -all over the world. 

The thing about data is, that it does not recognize a border.  To paraphrase an old saw- “data can get around the world before a gatekeeper can get its boots on.”  Once data is lost- that is it.  It can be retrieved-but it is out there and there is no reliable system for getting it all back.  One can never know how many times the data has been copied, saved or sent somewhere else.  So data lost is truly lost.

This can also be said of privacy protection and the protection of privacy rights.  Once a right of any sort is eroded- the road to getting it back becomes very bumpy. 

Just for a moment think about all the personal information that is “out there” that belongs to you-and it does indeed belong to you.  Credit information, HR data, health records, insurance claims, passwords, email...it becomes quite a list.  Now think about all the systems that must be in place for that data to remain safe and secure. 

From another perspective- what about the data managers?  What kind of rules need to be in place to ensure that the custodians of our personal information manage it responsibly?  How do we work with technology innovators to think about privacy and build it in to the technological design?

So on Data Privacy Day celebrate how far we have come and consider how far we have yet to go.

Show me your Licence

When in the last few months have you been asked to produce your driver’s licence by a company with which you are trying to transact business?  Think about that for a moment.  If you have rented a car, stayed in a hotel, returned an item to a retailer, rented a movie you have more than likely been asked to produce your licence.  More often than not, the information on your licence has been copied down or photocopied.  Next question, do you ever ask why they need to see your licence?  Does the retailer really need to see proof that you are a licensed driver in order for your purchase to be returned?  What kind of security do these organizations have in place to ensure that the personal information that they have collected is secured?  What kind of assurances do you have that once they have used the information they have collected, that the collected information will be destroyed and not used for another purpose to which you have not consented?   What happens if, like millions of Canadians, you do not have a driver’s license?  Are you unable to return purchases,  stay in a hotel, or get a video rental card?

These are all questions that have been considered in recent months by the Privacy Commissioners of Canada, Alberta and BC.  In response to complaints received by all of these privacy agencies they have consulted together and released Collection of Driver’s Licence Numbers Under Private Sector Privacy Legislation-A Guide for Retailers.  This document can be found on the web sites of all three agencies. 

The focus of the document states first and foremost, a driver’s licence is proof that you can legally operate a motor vehicle not a universal Id card.   Retailers find it desirable because it is a government issued document because it has a variety of unique identifying information, neatly collected on one card.  As such it is also extremely attractive to those wishing to perpetrate identity theft.

The new Collection of Driver’s Licence numbers Privacy document outlines when and how organizations can use and record driver’s license information.  Both customers and organizations can benefit from reading this outline and considering why and how we use this documentation on a daily basis. 

Protecting your personal information means staying informed.