The importance of data privacy and security in today’s world is quite crucial. Malicious people looking for easy ways to access data and information about any company abound, and they try to access this data by hacking into the computer systems of organizations or institutions.
Many threats can affect a data system anywhere in the world. Thus, the protection of digital infrastructures has become a priority in many industries. However, many of the biggest companies in the world still had to deal with massive data breaches—and it seems like hackers aren’t stopping anytime soon. One of the most recent ones involves the Twitter data breach of 2020, wherein hackers targeted the public Twitter accounts of over 45 well-known influential figures around the world in a Bitcoin scam. Some of these personalities included former US President Barack Obama, businessman Elon Musk, and Amazon CEO Jeff Bezos.
As evident from these events, digital infrastructures need to be beefed up more. However, one crucial defense against such attacks should also come from the governments of the world. Thus, many have now enacted laws and policies surrounding data privacy and security.
Pertinent Data Privacy And Security Laws
With the growing number of people accessing the Internet daily, people may not know certain laws and regulations that cover their transactions. The laws put in place ensure the protection of their data. Digital security in such transactions needs to be strictly followed by businesses and companies to comply with government requirements. But as citizens, one should also be aware of these laws for their protection.
With the myriad of industry-specific and even region-specific laws out there, what are the pertinent ones to know for an average citizen? Here are a few of them.
1) Computer Fraud And Abuse Act
The Computer Fraud and Abuse Act (CFAA) is a law that was passed in 1986, which makes it a crime to access any computer without some form of authorization or in a way that exceeds certain kinds of authorization. This law is commonly used to hold computer hackers accountable for their crimes.
The CFAA has also been one of the most cited laws used in recent years to prosecute cybercriminals. The CFAA punishes first-time offenders who could land a five-year prison sentence, while second-time offenders could get up to 10 years.
2) Cybersecurity Maturity Model Certification Policies
The Defense Industrial Base (DIB) sector is responsible for all things that have to do with military weapons, systems, and parts. Any individual or company that has to work or be contracted through the DIB must have the Cybersecurity Maturity Model Certification (CMMC). The process of having CMMC compliance is the Department of Defense’s way of making sure that top secret military information would be under strict protection inside these contractors’ computers and networks.
These policies were passed on January 31, 2020; what they do is allow the Department of Defense to assess their contractor’s security measures and ensure that the security provided is always adapting to the ever-changing threats of cybersecurity.
3) Children’s Online Privacy Protection Act
The Children’s Online Privacy Protection Act of 1998 or COPPA was passed by US Congress to give parents and guardians more control over what information is collected from children who are age 12 and under. The COPPA covers any website or merchant with a product aimed at children under the age of 13 and collects personal information during transactions. This act gives parents full control over what kind of information is collected and what it’s used for, and it also gives parents the option to delete such data or prevent any more details from being collected.
There are many pieces of personal information protected under this act, including:
- Full name
- Physical address
- Contact information
- Social Security
- Photograph, video, and audio files
4) Driver’s Privacy Protection Act Of 1994
The Driver’s Privacy Protection Act (DPPA) was passed in 1994, protecting and forbidding the release of any personal information collected by the Department of Motor Vehicles (DMV). This act has severe penalties for acquiring and releasing personal information through the DMV records, and it applies to officers, employees, and contractors of the DMV, too.
The law was passed due to many cases of stalkers acquiring personal information of their victims through the DMV using their license plate numbers. Before it was passed, anyone could walk into the DMV with someone’s license plate number and a couple of dollars, and later leave with any individual’s name, address, birthday, and other data. Unfortunately, this led to several cases of stalking and even murders.
With the digital era upon us, it’s crucial for us to have laws to protect our data privacy and security. Any company that mishandles your personal data should be held accountable for any damage it might cause. Countries are working hard to pass legislation that will help citizens feel safer. Thus, it’s also useful for people to know the basic laws that protect them from data privacy and security breaches.