Protection of personal data is a human right

0
204

In this time of increased digitisation, people are becoming more aware and concerned about the protection of their personal data.

The processing of personal data has become increasingly valuable and lucrative for businesses. It offers opportunities for economic growth, social advancement, and research.

However, it can also pose risks to the rights of individuals, their basic human rights. This article discusses how personal privacy is affected and how it can be protected. Data protection is concerned with the processing of personal data, which carries particular risks in terms of how it is collected, stored and disseminated.

Risks to a person’s basic human right to privacy

Personal data can reveal who a person is, their relationships, health status, financial details, sexual preferences, and beliefs. Its processing can therefore pose serious risks to a person’s basic human right to privacy.

Businesses have more responsibility than ever to use data ethically, compliantly and securely. The role of the Protection of Personal Information Act (POPIA), due to come into effect in South Africa in July, is aimed at doing just that.

While there is much hype around the penalties and how the Act will be enforced, the goal of the POPI Act is to ensure the lawful processing of personal information.

The intentions of the Act are two-fold. Firstly, the legislation was brought about to facilitate everyone’s right to privacy as enshrined in South Africa’s constitution. Secondly, from an economic standpoint, the Act ensures that adequate internationally-recognised data protection legislation is in place for when South African entities trade with international partners.

– Francis Cronje, Industry Expert in Corporate Governance, ICT Law and Privacy

Data protection, or rather a lack of, continues to grab headlines. The onus is increasingly on data protection and cybersecurity technologies to protect the integrity of our human rights, which include the right to freedom of expression and the right to non-discrimination.

The right to freedom of expression

The right to freedom of expression includes the freedom to seek, receive and impart information, ideas, and opinions.

The ability to remain anonymous can sometimes be critical. In societies where certain statements can lead to retribution or persecution, often individuals can only express themselves freely anonymously. In many parts of the world, however, this ability is being undermined.

The right to non-discrimination is essential, because information about a person could directly or indirectly reveal their personal characteristics which they may not want known. For example, the privacy of their religion, sexual orientation, gender, or health status may be fundamental in ensuring protection from discrimination.

In addition, unauthorised access to an individual’s personal data may also result in discrimination. It is not just the existence of personal data that may result in discrimination, but also its processing, particularly where individuals are profiled on the basis of their personal data.

Profiling can be used by companies and other institutions to make decisions which affect how a person is treated, what services they are offered, and under what conditions.

Countless violations of human rights

A lot has been said about technology’s role as an enabler for spreading disinformation and inciting cyber information warfare, but it’s vital to remember that technology is also our biggest weapon in the fight against cybercriminals, especially in guarding against the choice weapon of cybercriminals.

Ransomware is a maliciously created malware that encrypts files and storage. It is one of the most intractable and common threats facing organisations across all industries and geographies. But more damaging still is the countless violations of human rights as ransomware attackers increasingly threaten to leak stolen data.

To combat this – and the rising challenges of cybercriminals working together – it is important for technology to form its own armies and alliances, such as the ransomware protection alliances we have formed.

Of course, cybercriminals are always seeking new and innovative ways to steal data, and since the start of COVID-19, businesses haven’t been the only ones accelerating their digital transformation.

It is more important than ever to work with technology partners that not only prioritise the data management needs of today, but are also looking to the cloud and security solutions of tomorrow, all the while remaining one step ahead of cybercriminals. But still, too many businesses are inadvertently aiding the efforts of cybercriminals with their lackadaisical approach to data security.

Curbing the plight of data protection

Fines and reputational damage are, of course, deterrents; however, we’re still seeing too many data breaches, and businesses must do more to curb the plight of data protection. To this end, technology is once again a key enabler.

Data is the driver of the 4th Industrial Revolution (4IR) and as with all drivers of previous revolutions, it’s important to ensure that these are regulated.

While there is much emphasis on the organisations that are required to comply with the Act, many don’t know what it means for individuals whose data is being processed by various organisations.

Article 72 of POPIA is in line with the EU’s General Data Protection Regulation (GDPR) – the standard which many of South Africa’s European partners abide by.

The legislation prohibits the transfer of personal data to a country that does not have adequate data protection legislation in place. Being POPIA-compliant will allow South African entities that want to trade in Europe to be recognised should they want to host ICT-related platforms, such as cloud services.

In conclusion

Regardless of your business size, it is imperative to find a solution that ensures data security, compliance and customer privacy requirements.

Don’t just take a vendor’s word that their solutions are secure – read customer testimonials, do your research and look to respected rewards bodies.

With the dawn of the new legislation imminent, it is imperative that organisations ensure all data collected remains secure as well as compliant, and that people’s human rights are protected. By partnering with a trusted provider, this can be effectively achieved.


Edwin Weijdema | Global Technologist | Product Strategy | Veeam | mail me


 



LEAVE A REPLY

Please enter your comment!
Please enter your name here