The Importance of Owning Your Digital Twin: Taking Control of Your Online Identity

Before the advent of websites and apps, human beings placed a premium on privacy. Since the proliferation of apps, humans have “opted-in” for the sake of convenience. However, as more data is digitized and shared online, data privacy is becoming more crucial.

An organization that gathers, maintains, and processes personal data is accountable for data protection, regardless of the value of the data or the size of the business and in most cases is legally liable. Such an institution must get consent from a person before collecting such personal data by outlining the information’s nature, intended use, and protection measures.

Your data is your identity. No one should access or use your data without asking you. Data privacy is rapidly evolving to be a basic human right and as such:

● It is protected along with all other Human Rights

● You deserve payment if a business is using your data

● You can request your data be returned to you from any company at any point of time.

It is crucial to protect sensitive data and private information. Information about finances, health, and other private consumer or user data can put people in danger if it falls into the wrong hands. Individuals maybe at risk for fraud and identity theft due to a lack of access control over personal information.

Studies have also shown that every 14 seconds, someone becomes a victim of identity theft in the US alone.

● Several famous people claimed that their photos had been stolen from their Apple iCloud accounts in September 2014.

● Early in July 2015, it was made public that there had been a breach in databases controlled by the US government’s Office of Personnel Management, which had exposed almost 22 million people’s private information.

● According to reports, 885 million individuals’ private information, including wire transfers, social security numbers, and other mortgage documents, was exposed in May 2019 by First American Financial Corporation.

● In a Dark Web site, information about 700 million LinkedIn members was advertised for sale in June 2021. 92% of the 756 million users of LinkedIn were affected by this vulnerability.

● In 2022, A customer database containing information on up to 9.8 million consumers was made available to cybercriminals after they gained access to Optus’ internal network.

This short list of cyberattack incidents serves as a stark reminder of the terrifying sophistication of certain phishing criminals. Phishing emails are not always sent with bad grammar and carelessness. Some are so sophisticated that the fake representation of the organization in the email hardly serves to identify them.

According to its perceived importance, data should be managed according to data privacy regulations. When it comes to the privacy of their data, people have a lot at risk; it’s not just a business issue. The more you know about it, the better you can protect yourself from various threats. Critical personal information, also known as personally identifiable information (PII) and personal health information (PHI), is where the notion of data privacy is most commonly used in this digital age.

 

Data Privacy laws and regulations

Governments across the globe are rapidly expanding their regulations around data privacy and companies are scrambling to meet those regulations to protect data privacy. Some of the laws implemented in the past few years include:

1)California Consumer Privacy Act(CCPA):– The first comprehensive data privacy law (in the USA?) was the California Consumer Privacy Act (CCPA). On June 28, 2018, the CCPA was ratified, and it became effective on January 1, 2020.

2)EU General Data Protection Regulation(GDPR):- Recent privacy regulations in the US and other countries were influenced by and revised by the General Data Protection Regulation (GDPR), which has altered the privacy landscape. The GDPR was years in the making and finally became effective on May 25, 2018. The IAPP has a fairly extensive timeline of privacy developments leading to the adoption of GDPR.

3)Protection of Personal Information Act (POPI Act):- The Protection of Personal Information (POPI) Act raises South Africa’s standards for data protection legislation to parity with those of other countries. It strives to safeguard personally identifiable information (PII), uphold people’s privacy rights, and offer instructions for appropriately handling sensitive data and informing regulators and data subjects in the event of a breach.

4)China Personal Information Protection Law (PIPL):- The most recent Personal Information Protection     Law (PIPL), which was adopted on August 20, 2021, is the country’s first comprehensive data privacy law based on Chinese law. It will take effect on November 1, 2021, and is hailed as a “game-changer for Chinese companies.”

5)Brazil’s General Data Protection Law (LGPD):- The GDPR served as the model for the LGPD, which is Brazil’s first comprehensive data privacy law. While the LGPD and GDPR have many parallels, there are some noticeable distinctions, particularly with regard to the definition of the data in scope, extraterritoriality, the criteria for data protection officers, or the requests for consumer privacy rights (DSARs).

6)California Privacy Rights Act (CPRA):- Many people have dubbed the California Privacy Rights Act (CPRA), sometimes known as CCPA 2.0, as the second iteration of the CCPA. The creator of CCPA, Alastair Mactaggart, proposed CPRA in the fall of 2019 and amassed enough signatures to draught a ballot initiative and circumvent the legislature. California voters overwhelmingly approved Proposition 24 on November 3, 2021, creating the CPRA. On January 1st, 2023, the CPRA will come into force.

7)Virginia Consumer Data Privacy Act (CDPA):- The CPRA served as a major inspiration for the CDPA, which was the second comprehensive data privacy law to be approved in the US.

8)Personal Data Protection Bill (PDPB):- The Indian parliament is still debating this law, which is noteworthy because it is similarly modeled after GDPR.

Although it’s far from a comprehensive list, it does demonstrate how data privacy is becoming a more important concern for consumers, businesses, and policymakers. Countries have shown that they care about protecting people’s privacy, and there are more than 120 countries that have international data privacy laws

Your rights + Your action = Your privacy

The relevance of these digital rights into human rights through various evolving regulations has empowered the digital citizens to multitude of things including the below

• Right to know– The right to know under the GDPR is a cornerstone of the regulation’s overall goal of protecting the privacy and personal data of individuals in the EU. By giving individuals the right to access and control their personal data, the GDPR helps to promote transparency, accountability, and trust in the processing of personal data

• Right to be forgotten- The right to be forgotten has been recognized in several countries, including the European Union (EU), where it is enshrined in the General Data Protection Regulation (GDPR). Under the GDPR, individuals have the right to request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected, when the individual withdraws their consent for its processing, or when the data has been processed illegally.

• Right to choose– The right to choose is an important aspect of data privacy law, as it helps to ensure that individuals are in control of their personal data and that their privacy rights are respected. By giving individuals the right to choose what personal data they provide and how it is used, data privacy laws promote transparency, accountability, and trust in the processing of personal data.

Examples of data privacy laws that include the right to choose include the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) in the United States, and the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada.

Irrespective of these powerful rights that have been enabled the ability to exercise these rights have been impractical as the means of using them have been manual, exhaustive and varying. An individual trying to exercise their rights against the 100’s of properties that they have digital presence, takes months if not years. In this day and age with all of our busy lives it has not been a tenable option. The market needed a solution for digital citizens to work with their digital enterprises to manage their data and privacy in a holistic manner. The ability to have a single application that manage your digital rights across the digiverse in a simple, configurable and automated manner is the need of the hour.

ODE addresses each of these issues by providing a comfortable user experience and enabling reliable ecosystems.  Ode has launched Personal Data Vault – “Coconut” for consumers. Coconut is consumer “container” technology that establishes an encrypted personal data vault allows companies to collect, control, and manage customer data during its entire lifecycle.

Conclusion

ODE caters to the need of the digital enterprises and their customers by enabling data sovereignty, privacy and monetization in the web3.0 world. If you are digital enterprise or a digital customer who like for your digital enterprise to provide your digital rights in a understable manner please check out our solutions at ODE Infinity