Photo by Towfiqu barbuiya on Unsplash
NEW YORK – In recognition of Data Privacy Week, which started January 22, Governor Kathy Hochul announced steps New Yorkers can take to safeguard themselves from having their data compromised online.
According to the Hochul administration, Data Privacy Week aims to spread awareness about online privacy among individuals and organizations. The goal is to educate the public on how to safely manage their personal information online and help businesses and other organizations understand the importance of respecting their users’ data.
This year, New York State was named a Data Privacy Champion by the National Cybersecurity Alliance, a non-profit organization that promotes cyber security, privacy, education, and awareness. This designation, officials said, recognizes the State’s commitment to supporting the principle that all organizations share the responsibility of being conscientious stewards of personal information. The State Office of Information Technology Services has teamed with other state agencies to promote techniques for protecting private data, including raising awareness of phishing schemes, using strong passwords, and exhibiting greater caution with information shared on social media.
“All too often, New Yorkers fall victim to online criminals because they don’t take basic steps needed to protect their personal data,” Governor Hochul said. “During Data Privacy Week, we are raising greater awareness of these schemes and urging all New Yorkers to protect themselves and their personal information to avoid becoming a target of these unscrupulous actors.”
As part of statewide efforts to guard against potential data breaches, Governor Hochul appointed Michele Jones as the first chief privacy officer at the State Office of Information Technology Services. She is responsible for driving the State’s strategy in protecting New Yorkers’ personal and confidential data amid a rise in digital service offerings and new data privacy laws and regulations.
Jones said, “I’m very excited about the opportunity to lead and coordinate New York’s efforts around data privacy as the State deals with new and emerging privacy standards. During Data Privacy Week and every day, I will continue to encourage all New Yorkers to stay vigilant with their personal online security and follow our best practices and tips.”
Online activity generates vast trails of data. Websites, apps, and services collect information on behaviors, interests, purchases, and other sensitive data such as Social Security and driver’s license numbers or health information.
Keeping personal information private and secure
Failing to take adequate safeguards can expose this information and increase the likelihood of it falling into the wrong hands. New Yorkers can keep their sensitive personal information private and secure by:
- Being wary of unsolicited emails and telephone calls asking for personal information. If the email or call claims to be from a company with which you do business, call it first to confirm the contact is legitimate. Never share personal information, such as your Social Security number, in response to unsolicited emails or telephone calls.
- Keeping devices updated. Enable automatic updates for your devices and applications, including mobile devices. Use security features built into the device, such as a passcode and programs that encrypt data and remotely eliminate contents if the device is lost or stolen.
- Be careful with Wi-Fi hotspots. Public wireless hotspots may not be secure and can potentially allow others to monitor online activity, especially if it is unencrypted – ensure your connection to your website is secure, and for extra protection, use a virtual private network.
- Limiting personal data collected by mobile apps. Limit the data you allow to be collected to the minimum required, such as by limiting location services to “only when using the app” and not allowing personal information such as email to be shared with third parties. Consider the app’s privacy policies before downloading.
- Being cautious about the information shared on social media. Avoid posting birthdates, telephone numbers, home addresses, or images identifying employment or hobbies. This information may often reveal answers to security questions used to reset passwords and can be utilized by scammers looking to access accounts and personal information.
- Using strong passwords. Create different complex passwords for every account. Consider passphrases made up of multiple short words which are easy to remember but difficult for a computer to guess, like “Correct-Horse-Battery-Staple!”. Consider using a password manager who can help generate and securely store passwords.
- Using hard-to-guess security question answers. Select security questions with answers that cannot be guessed or found by searching social media or the internet.
- Using multifactor authentication to access accounts. A password and another factor, such as a code from an app on your phone, make it much harder for your account to be hacked.
- Being aware of phishing schemes. Don’t click on links, download files or open attachments in emails from unknown senders. Open attachments only when they are expected and the contents are known.
“New York is taking a leadership role in privacy and cybersecurity under Governor Hochul’s direction,” said Chief Cyber Officer Colin Ahern> “The recommendations provided can help New Yorkers protect their private data.”
Secretary of State Robert J. Rodriguez noted the rise of consumers using the digital marketplace to buy essential goods and services. He cautioned consumers to remember that the convenience of shopping online has an inherent risk of cyber criminals lurking online seeking to steal money and their identity for their benefit. He reminded New Yorkers to safeguard their online privacy.
“Even small steps such as frequent password changes, go a long way to remaining vigilant in thwarting cyber criminals and identity theft,” he said.
Data Privacy Week began as Data Privacy Day in the U.S. and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates January 28, 1981, the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.
–With Jay Domingo/PDM
