Please enable JavaScript to view the comments powered by Disqus.

We use cookies on our website to give you the best online experience. Please know that if you continue to browse on our site, you agree to this use. You can always block or disable cookies using your browser settings. To find out more, please review our privacy policy.

COVID-19 RESOURCES AND INFORMATION: See the Atlanta Fed's list of publications, information, and resources; listen to our Pandemic Response webinar series.

About


Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.

Comment Standards:
Comments are moderated and will not appear until the moderator has approved them.

Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.

In addition, no off-topic remarks or spam is permitted.

January 25, 2021

Resolve for Better Data Privacy

On the heels of a year that saw, among other things, ransomware attacks occurring about every 11 secondsOff-site link and a significant supply chain breachOff-site link affecting 18,000 public and private entities, better data privacy should top our collective list of New Year's resolutions. But if this wasn't among our resolutions, we still have National Privacy DayOff-site link on January 28 to remind us of the need to be vigilant.

Frank Sinatra sang to us in "Love and Marriage" that you can't have one without the other. Likewise, you can't separate data privacy from data protection. Organizations that place a high value on data privacy implement strong data protection measures. Without doing so, privacy can't be assured.

The National Cyber Security AllianceOff-site link, sponsor of National Data Privacy Day, has created calls to actionOff-site link employing a few basic privacy concepts that individuals and businesses can follow to keep data safe online.

For individuals: Own Your Privacy

  • Personal info is like money: Value it. Protect it. Beyond personally identifiable information, this extends to e-commerce purchases, IP address, and location.
  • Keep tabs on your apps. Don't just click "OK" on those pop-ups asking to access your location, contact lists, photos, and other personal data. Consider why it is needed and how it will be used and stored. Also, closely examine links and attachments in text messages and emails to keep malware and viruses off your mobile device.
  • Manage your privacy settings. Revisit the data access permissions on your apps and web services.

For businesses: Respect Privacy

  • If you collect it, protect it. Consider the data your business collects, the business purpose it serves, the way it is stored (such as data encryption), and the length of time it is stored.
  • Adopt a privacy framework. Establish a privacy culture in your organization that manages risk and promotes transparency.
  • Conduct an assessment of your data collection practices. Evaluate their adherence to applicable privacy regulations.
  • Remember that transparency builds trust. Promote transparency with customers in the collection, use, and sharing of their personal data.
  • Maintain oversight of partners and vendors. Ensure that third-party service providers share your priority for data privacy and protection.

As many of us will likely continue to work remotely well into 2021—and will likely continue our heavy use of the internet and e-commerce adopted last year—the new year provides a good opportunity to examine apps and behaviors that could put your data privacy at risk. For me, this includes reviewing locations where my payment information and other personal data are stored.

How will you resolve to better protect your data in 2021?