Why you should care about data privacy

People love the Australian children’s show “Bluey,” which tells the story of Bluey Heeler, her family, and friends. One night, Unicorse, a puppet unicorn-horse without manners or a filter, shows up when Bluey has trouble falling asleep.

While Bluey’s mom reads her a story to help put the pup to bed, Unicorse constantly interrupts them, responding “Aaaaand why should I care?” whenever the Heelers call out his bad behavior. At first, Bluey believes she can make Unicorse behave, but over the course of the episode, Bluey realizes that she’s powerless to control him. Instead, she decides to ignore the puppet’s antics and go to bed.

Ignoring a problem might work in a cartoon, but ignoring what happens to the data you generate online is not a good approach. Like Unicorse’s unfortunate antics, the companies and malicious actors that collect, compile, sell, or misuse data are not something consumers have the power to control on their own.

What does Unicorse have to do with your data or online privacy? Assessing information privacy through the lens of this children’s story can help guide your reaction to a situation that may feel uncontrollable. Reports about malicious threat actors, data leaks, the risks of artificial intelligence, and best practices for online privacy are frequent, unnerving, and can be scary. We often feel overwhelmed and powerless about potential threats and tend to ignore the risks for the convenience of a new app or device, not taking the basic steps to protect ourselves.

The hard truth is we leave a treasure trove of data in our interconnected world, and not just from searching online. Companies use credit reports, loyalty programs, the data we upload to dating profiles and fitness devices, and more which they use to create consumer profiles and targeted advertising. Even worse, data breaches expose sensitive and identifiable data to malicious actors who spam, scam, phish, smish, and vish us.

Data Privacy Week (January 21-27, 2024) and Data Privacy Day (January 28, 2024), an international event first held in the U.S. and Canada in 2008, aim to increase awareness about the importance of protecting privacy online. With this year’s theme, “Take Control of Your Data,” the National Cybersecurity Alliance (NCA) hopes to empower consumers, providing accessible content with direct links to manage privacy settings. Most consumers have more power than we realize or exercise.

If you find yourself asking “Aaaaand why should I care?”, try thinking about your online activities. For example:

• You’re an online gamer
• You have minor children
• You use “smart” devices
• You read the news online
• You make online purchases
• You use social media

No matter your “why,” you can do a few things to take control of your data. It’s helpful to remind yourself that the landscape of information privacy changes rapidly and your data requires maintenance. The Markup, a nonprofit news organization, is promoting gentle online privacy tips in honor of Data Privacy Week to get you started.

• Consider a calendar reminder to clear cookies
• Accept only “strictly necessary cookies” when you have the option
• Choose strong passwords and update them routinely
• Use a password manager
• Pursue credit monitoring (and change your passwords) if you’re notified your sensitive information has been part of a data breach
• Enable multifactor authentication (MFA) on accounts when available
• Limit the identifiable information you post and share on social media profiles

Even these small steps will keep your data safer, so you can sleep better at night like Australia’s favorite cartoon dog.

Need help?

Concerned about a University of Utah or University of Utah Health data security incident? Contact the campus IT Help Desk at 801-581-4000, University of Utah Health ITS Service Desk at 801-587-6000, or the Information Security Office’s Security Operations Center at SOC@utah.edu for immediate assistance.

Did you receive a malicious or suspicious email? Use the Phish Alert button in UMail or forward the email as an attachment to phish@utah.edu.

Want to learn more? Reach out to the offices below.

• Office of General Counsel: Contact ogc-admin@lists.utah.edu if you are evaluating a service for your organization and are provided with a contract for goods or services.
• Privacy Office: Contact baa@utah.edu if a third-party vendor will be accessing, viewing, storing, or using university protected health information (PHI). If the terms of service or contract suggest data collection, a business associate agreement (BAA) or other data use agreement (DUA) may be legally necessary. Contact privacy@utah.edu with general inquiries about information privacy and your rights and responsibilities.
• IT Governance, Risk & Compliance: Contact ISO-GRC@utah.edu if you are assessing a software or hardware service for your organization. The U’s Information Security Office must evaluate the security of new software.
• Technology Licensing Office (formerly PIVOT): Call 801-581-7792 or fill out this form if you have an idea for innovating systems using apps or software.

Have an information privacy topic you’d like to know more about? Contact Bebe Vanek, information privacy administrator for University of Utah Health Compliance Services, at bebe.vanek@hsc.utah.edu.

 

Node 4 Search