Data Privacy Day: The Origin Story
Celebrated annually around the world on 1.28, Data Privacy Day was created to to raise awareness and encourage best practices for ensuring data protection and privacy.
There’s a reason for this day! It is to celebrate the recognition of privacy, data protection, and freedom of expression. In 2007, the Council of Europe and the US House of Representatives each declared that the original signing date of a very important international convention would be recognized as Data Privacy Day. This was the date the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (‘Convention 108’) was signed on the 28th of January in 1981.
The backstory: many years ago, there were several events which contributed to the recognition of this important day. In 1948, The United Nations General Assembly adopted the Declaration on Human Rights, which included references to the rights to a private and family life, freedom of expression, and respect for correspondence. In 1950, the Council of Europe members signed an international convention to protect human rights and fundamental freedoms, again referencing the UN Declaration on Human Rights and adding on to it, the right to share information and ideas across national boundaries.
In the 1960s through the 1980s, there were a series of data protection and privacy laws throughout Europe which coincided with the use of personal computers and automatic processing of data. In 1980, the Organization of Economic Co-operation and Development (OECD) published the first set of global guidelines: the OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data. The OECD Guidelines set forth basic rules regarding trans-border data flows and data protection to make it easier to send information across international borders. When we hear about data privacy or data protection principles, such as data minimization or data quality, they reflect the original principles found in the OECD Guidelines.
To broaden the perspective and application of the OECD guidelines and principles, the Council of Europe (the EU member states plus several countries outside the EU) signed the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (‘Convention 108’) on 28 January 1981 which became the first legally binding international instrument regarding data protection. This Convention set forth standards on protecting individual personal data, safeguards to facilitate the free flow of personal data across international borders, and harmonization of previous national approaches to data protection.
At Kuma, we maintain focus on protecting data privacy 365 days a year. If you want to learn how to better understand and protect your organization from potential privacy and security problems, check out our Privacy and Security Training program.