Apparently it's Data Privacy Day tomorrow (January 28th) which, if you will allow me to quote the Stay Safe Online website blurb, is an "international effort to empower and educate people to protect their privacy and control their digital footprint". Given the Edward Snowden NSA spying revelations that broke during the course of last year, and the fallout from the recent Adobe and Target breaches which is ongoing, I don't happen to follow the flock and agree that Data Privacy Day is a timely and important event. More quotes from Stay Safe Online simply fuel my anger on the subject: "Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is now a celebration for everyone, observed annually on January 28."
Celebration? Seriously, a celebration of what? A celebration of abject failure? A celebration of how the vast majority not only don't possess the slightest idea of how to truly protect their data but nor could they, if I may be frank, give a damn. Actually, it's not anger that this kind of rubbish fuels but rather despair. Despair that such days of celebration or awareness, whichever way you paint it, ends up revealing a drab and depressing portrait of a technology culture that doesn't care. Let's take the PR surrounding the event, for example. I'm a fairly well known technology journalist in the UK where I am based, having been contributing editor of the best selling monthly IT magazine (PC Pro) for two decades as well as presenting TV and radio shows about technology, writing numerous books on the subject and writing for national (and international) newspapers and specialist journals alike. Yet has my inbox been inundated with details of Data Privacy Day celebration or awareness campaigns? Erm, no, it has not. I've counted a total of three messages relating to the 28th January event, all of them from IT security vendors looking to gain some potential column inches off the back of any coverage. Sorry folks, that's obviously not going to happen as there are no column inches. Unless you count these, of course, and you probably wouldn't want to be associated with such a negative rant.
The truth of the matter is that the aim of empowering and educating people to better protect their privacy and regain control of their digital footprint is, it almost goes without saying, obviously a good one; but it has failed, and failed miserably. The Online Trust Alliance apparently reckon that 2013 was the worst year ever for reported breaches, with more than 740 million data records being exposed; and that's just the reported cases of course. The true figure will be much, much higher I can assure you. Yes, you can take these kind of stats with a pinch of salt and they can always be countered with arguments of there being more people online than ever before, more regulatory requirements globally to report data breaches than ever before, and the list goes on. However, the fact remains that with four of the biggest data breaches of all time happening last year it is clear the message of Data Privacy Day isn't getting heard. At least not where it counts and that's in the corporate boardrooms and IT departments of enterprises the world over. There will be no celebrations at Adobe or Target, of that you can be sure, and nor should there be.
Yes, something needs to be done but this is not it. What is needed is not an international 'Hallmark Day' for want of a better phrase, with some superficial nod to the problems of privacy in our increasingly inter-connected world. What is needed is 365 Data Privacy Days, one for every day of the year, where the message is relentlessly pounded home and the consequences of ignoring it made explicitly and trouser-browningly clear.