Data Privacy

In 2022, National Cybersecurity Alliance (NCA) is excited to expand the Data Privacy Day campaign into Data Privacy Week, a full week-long initiative January 24-28, 2022. Data Privacy Day began in the United States and Canada in January 2008 as an extension of Data Protection Day in Europe. Data Protection Day commemorates the Jan. 28, 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. 

Data Privacy Week helps spread awareness about online privacy and educates citizens on how to manage their personal information and keep it secure. Data Privacy Week also encourages businesses to respect data and be more transparent about how they collect and use customer data.

The National Cybersecurity Alliance will also be busy with presentations for Data Privacy Week. You can find a full listing and register for events on their site - National Cybersecurity Alliance - Data Privacy Week

Personal Privacy

Everything you do online generates data. There’s data about your activities, behaviors, and interests. There’s your personal data, like your social security and driver’s license numbers. And there’s data about the physical you, like health data. It’s easy to feel a lack of control over the information collected about you. However, there are steps you can take to learn about the types of data you’re generating online, and how it’s collected, shared and used.

The following tabs include helpful tips on how you can help keep your data private both at home and work.

What information is collected?

When you visit a website, a certain amount of information is automatically sent to the site. This information may include the following:

  • IP address - Each computer on the internet is assigned a specific, unique IP (internet protocol) address. Your computer may have a static IP address or a dynamic IP address. If you have a static IP address, it never changes. 
  • software details - It may be possible for an organization to determine which browser, including the version, that you used to access its site. The organization may also be able to determine what operating system your computer is running.

If a website uses cookies, the organization may be able to collect even more information, such as your browsing patterns, which include other sites you've visited. If the site you're visiting is malicious, files on your computer, as well as passwords stored in the temporary memory, may be at risk.

How can you limit what information is collected?

  • Be careful supplying personal information - Unless you trust a site, don't give your address, password, or credit card information. Look for indications that the site uses SSL to encrypt your information (see Protecting Your Privacy for more information). Although some sites require you to supply your social security number (e.g., sites associated with financial transactions such as loans or credit cards), be especially wary of providing this information online.
  • Browse safely - Be careful which websites you visit; if it seems suspicious, leave the site. Also make sure to take precautions by increasing your security settings, keeping your virus definitions up to date, and scanning your computer for spyware.

How do you know if your privacy is being protected?

Privacy policy – Before submitting your name, email address, or other personal information on a website, look for the site's privacy policy. This policy should state how the information will be used and whether or not the information will be distributed to other organizations. Privacy policies sometimes change, so you may want to review them periodically. Organizations will typically include a link at the bottom of their site for their Privacy Policy. The image below is from the bottom of the USNH homepage.

Privacy Policy link
  • Evidence that your information is being encrypted – To prevent attackers from stealing your personal information, online submissions should be encrypted so that it can only be read by the appropriate recipient. Many sites use Secure Sockets Layer (SSL) or Hypertext Transport Protocol Secure (HTTPS). A lock icon in the url indicates that your information will be encrypted. 
secure site

Why isn't "more" better?

Maybe there is an extra software program included with a program you bought. Or perhaps you found a free download online. You may be tempted to install the programs just because you can, or because you think you might use them later. However, even if the source and the software are legitimate, there may be hidden risks. And if other people use your computer, there are additional risks.

These risks become especially important if you use your computer to manage your personal finances (banking, taxes, online bill payment, etc.), store sensitive personal data, or perform work-related activities away from the office. However, there are steps you can take to protect yourself.

  • Use and maintain anti-virus software and a firewall
  • Keep software up to date
  • Avoid unused software programs
  • Use passwords and encrypt sensitive files
  • Follow good security habits

Visit the Cybersecurity & Infrastructure Security Agency- Safeguard Your Data site for a full list and descriptions of how you can safeguard yourself at home and work.

Want to view/edit your privacy settings but don't know where to look? The National Cybersecurity Alliance has provided a site to help you find how to update your settings for popular devices and services, as well as the privacy policies associated with but not limited to the following:

Privacy at Work

According to the Pew Research Center, 79% of U.S. adults report being concerned about the way their data is being used by companies. Respecting consumers’ privacy is a smart strategy for inspiring trust and enhancing reputation and growth in your business. The University System of New Hampshire and its component institutions address some of these concerns with the USNH Privacy Policy - which outlines what information we collect, how we use the data, and how we share collected information.

Another way we strive to maintain the privacy of USNH community members is by reviewing the Privacy Policies of external organizations during our Third Party Security Assessment Reviews. We ensure external vendors will not sell or share your personal information without your consent, and we will never share your information without understanding how it will be used.

Lastly, our USNH Cybersecurity Awareness Training includes a module regarding Data Privacy. Educating the USNH community on how they can keep their own data as well as the data of the entire USNH community safe promotes a true community mentality. Community members are encouraged to practice the tips they learn during training not only at work, but also at home. By learning how to defend ourselves, we defend each other.

For more information and tips on how to protect your data privacy, visit the National Cybersecurity Alliance 'Managing Your Privacy', and the Cybersecurity & Infrastructure Security Agency tips sites.