Few years back I used to give out my email address for anything and everything that retail/marketing companies put out for. But today, all these promotional messages/phone calls are becoming a nuisance.
Here’s the breakdown on the promotional SMS’s that I get to my phone within a period ofa week;
- 2 -3 messages Pizza promotions every Wednesday and Friday
- Deals for electronic items – which I do not even remember giving my phone number to.
- 2- 3 messages Deals for travel/dine ins etc.
- At least 2-3 dialog messages for promotions and a phone call upselling products and services
For some institutions I call them and usually unsubscribe but the texts still comes in (Such as Sizzles in Colombo!). Please do not spend any marketing budget on me, it is your good money; hope you guys understand.
However, I was concerned about how vulnerable I am with all my accounts at these places, as I have carelessly given my email and passwords which can be easily decrypted by a 5 year old.
These are easily cracked with one or two line of codes in any programming language.
“It is your information. You have the right to choose who gets what and who does not”
However, my rant stops here and let’s get serious about the laws of data protection.
There are laws for protecting user data,implemented successfully in 1 st world countries such as Canada’s The Personal Information Protection and Electronic Documents Act (PIPEDA or the PIPED Act) is a Canadian law relating to data privacy.
“The law governs how private sector organizations collect, use and disclose personal information in the course of commercial business.”
With malicious attacks of hackers not only through the internet, but even through social engineering private data is at stake nowadays more than ever.”
Especially when big data is corporate world’s new found diamonds, we as common people should have the right to know what is done with our information.
In a business standpoint, customers having confidence in their information being secured at any point within their transactions/exchanges will increase trust in that particular engagement. Therefore, institutions should make the collection and retention of user data encrypted, backed up to an offshore site or outsource to third party security companies who are extremely competent in what they do.
Organisation policies should be updated in line with the above said security measures and every stakeholder/employee should be well trained and practiced with changes.
In a country like Sri Lanka, this might still be at an infant stage, but being a leading technology outsourced service providing country in the world, IT professionals need to look into this privacy matters and its policies in detail.
10 Privacy Tips for Companies : (courtesy of Big Data University)
- Proactively invest in data security.
- Sign non disclosure agreements (NDAs) where applicable and strictly adhere to the terms of signed NDAs.
- Avoid file-sharing programs.
- Avoid malware and phishing messages.
- Restrict the use of USB memory devices or use encrypted ones.
- Be responsible with social media.
- Data should be backed up daily to a secure cloud service or remote server.
- On completion of projects, all materials relating to the project (including backups) should be deleted.
- Use an Secure Sockets Layer, SSL, an encrypted link between a web server and a browser.
- Use strong unique passwords.
ICT Workforce Study of 2013
ICTA workforce survey of 2013