Embedded Files
Introduction
Digital Privacy vs. Security
“Whereas privacy concerns mainly the protection of one’s own information and that of others, identity management is being in control of our online profile, and security relates more to a person’s awareness of how online actions and behaviour can put both at risk." (Council of Europe)
Data privacy, at its core, is about the collection and use of an individual's data. This includes, email addresses, passwords, financial information, browsing history, and personal preferences.
Data security involves the overall safety and protection of systems, networks, and devices. This includes, implementing firewalls, antivirus software, intrusion detection systems, access controls, encryption, and regular security updates to prevent and mitigate cyber attacks.
Both privacy and security are essential to maintaining a safe and trustworthy digital environment. There are three domains that can be used to organize digital citizenship for students: being online, well-being online, and rights online. Privacy and security are important for anyone who engages in activities online and are intertwined. Educators and students are not just needing to be protectors of their own data, but the data of others as well, to ensure privacy and security.
Data Privacy & Consent
Listen in to Fred Cate, Professor of Law and Senior Fellow at the Center for Applied Cybersecurity Research at Indiana University.
Meaningful Consent
According to PIPEDA, a user must understand the nature, purpose, and consequences of data collection in order for consent to be considered, "meaningful".
Complex Statements
The speaker compares the length of privacy agreements to the length of Shakespeare plays. Explore more about the "20 most difficult to read privacy policies on the internet". Anything surprise you?
Illusory Consent
When you are not presented with certain options, such as the inability to avoid an app or software update, then meaningful consent is just an illusion. You have no choice. Did you catch our "Deceptive Design" banner on the home page? If not, go check it out!
Consenting to Privacy Loss
Consent leads to poor privacy protection because we are often agreeing to terms that will effectively reduce the privacy we have.
Governing Privacy and Security
The following resources are shared to demonstrate there are both national and provincial laws and guidelines on security, privacy, and consent. Depending on your location, it might be important to check out your local guidance to inform the connections between your organization and its policies.
Office of the Privacy Commissioner of Canada
Oversees compliance with privacy laws in Canada, particularly the Personal Information Protection and Electronic Documents Act (PIPEDA). The OPC works to protect and promote the privacy rights of individuals by investigating privacy complaints, conducting audits, and providing guidance on privacy-related issues to organizations and the public.
Information and Privacy Commissioner of Ontario
Includes guidance for individuals, guidance for educators, and other resources.
MFIPPA is the Municipal Freedom of Information and Protection of Privacy Act
Canada’s Digital Privacy and Security Supports
The Digital Privacy and Security program offers research and collaborative support to assist solution providers and corporate users in understanding, addressing, and looking for risks and opportunities related to digital privacy and security.
Offers policy framework and recommendations for privacy and security
Strategies for Protecting Digital Privacy and Security
Implement Strong Authentication
Use multi-factor authentication (MFA) or two-factor authentication (2FA) and strong passwords to secure access to digital accounts and devices. This adds an extra layer of protection against unauthorized access. Examples include: Microsoft Authenticator, Duo
Encrypt Sensitive
Data
Encrypting sensitive data both in transit and at rest ensures that even if data is intercepted or accessed by unauthorized individuals, it remains unreadable and secure. Examples include: Google Solutions, Microsoft Solutions, Signal Messaging
Update Software and Systems
Keep all software, operating systems, and devices up to date with the latest security patches and updates. This helps protect against vulnerabilities and exploits that cyber attackers may target.
Educate User
Enrol in training and awareness programs for users on cybersecurity best practices, such as identifying phishing attempts, practicing safe browsing habits, and recognizing potential security threats. Can you identify if you’re being phished?
Google Sites
Report abuse