Today, 28 January, is Data Protection Day, an annual celebration of privacy and data protection commemorating the date that Convention 108 of the Council of Europe was first opened for signature. This year, however, I would invite all data protection practitioners, academics, business leaders, educators, politicians, security experts and human rights and privacy activists to take a pledge to not simply pay homage to the Convention. I am asking you to raise awareness about the rights to privacy and personal data protection, to make a commitment to foster socially responsible behavior and the perspective that data protection is not just about protecting data, but about upholding fundamental rights, creating a fair digital society and sustainable economy, furthering trust, and most of all, safeguarding people.
My personal efforts to positively contribute to privacy and data protection on Data Protection Day (and every other day in 2021), will be seen in the finalization of the Maastricht University Data Protection as a Corporate Social Responsibility (MU DPCSR) Framework at the European Centre on Privacy and Cybersecurity. My goal with this project is to find a way to inspire and support, through a clear framework, data protection and data security practices that will ensure responsible corporate behaviors when it comes to personal data (in terms of ethics, fairness and social sustainability).
In this respect, in 2021 a crucial focus of my research group will be ‘transparency’. Here our main goal is to further sustainable and transparent data processing, stimulating the provision of comprehensive, manageable, and meaningful information to individuals. Communication and information hurdles must be overcome and the ways in which individuals are informed about processing activities that concern their data must be improved. Based on extensive literature-based research, we have reached the conclusion that icons, together with layered privacy notices, can give users an immediate understanding that certain high-risk processing activities are taking place. We have therefore developed a set of data protection icons that would actively provide a signal to users, potentially making individuals more aware of what happens to their data.
Five MU DPCSR Icons and mouseovers
Testing will be carried out in the form of an online survey directed towards EU citizens age 13 and older. According to the outcome of the testing phase, further actions may be taken by the researchers and designers to improve the relevance and effectiveness of the icons for users. In their final iteration, the icons will be machine-readable. When displayed on websites, mouseovers will provide for both accessibility and comprehension of the meaning of the icon.
HAPPY DATA PRIVACY DAY!