Tutorial 10 von 10: Information about data protection
Since digital information processing began its triumphal march in the 1970s, data protection has been regulated in individual countries and at the international level by laws and agreements (e.g. in Germany the Federal Data Protection Act and in the EU the Data Protection Directive 95/46/EC).
European Data Protection Basic Regulation (DSGVO)
As of 25 May 2018, the Regulation (EU) 2016/679 will become applicable law in all EU member states and will replace all regional data protection directives (Federal Data Protection Act) and the old data protection directive 95/46/EC. With the European data protection basic regulation (DSGVO) it should be achieved that comparable data protection conditions apply in all member states when processing personal data of natural persons.
The Privacy is a broad term and is intended to protect citizens from the misuse of their private data. The basic right to informational independence covers the following areas: personal data, address, letter traffic, telecommunications, internet and relationships and prohibits arbitrary and unlawful interference from outside. In order to protect personality and privacy, every person should be able to determine for himself in all areas which of his personal data is collected and what happens to it.
Government data collection
The state has a great interest in personal data for statistical collection and prevention of punishment. In Germany, the Federal Statistical Office collects citizens' data by means of population censuses and censuses. Security and financial authorities are increasingly using techniques such as raster detection, profiling, telecommunications surveillance and inventory data information to prevent crime as far as possible in advance.
Information as business model
Since the meteoric rise of Google®, everyone has seen that information has immense financial value. But Google® is from the pure
Information collection now also very interested in personal data. This evaluation has its continuation in the
Social Communities and advertisers want to deliver their advertisements as targeted as possible without wastage to the relevant interested parties.
Company Data Protection
The data collection is made possible by legal bases or the consent of the owner. A passing on is impossible thereby. In addition, the collectors must do everything possible to ensure that this data does not fall into the hands of others. In companies, the legally prescribed data protection officer is responsible for this. Not only since the disclosure of Monitoring programs Prism and Tempora should every company owner be aware of the danger of Industrial espionage. In the case of illegal data collection, personal data is also of interest in addition to technical company internal information. In order to protect this data, a coordinated concept should be used with encryption and limited authorizations.
Data protection in the treatment room and sales rooms
Computers are often required in shops or at the doctor's office in the treatment room and registration area. According to the Basic Data Protection Ordinance (DSGVO), it must be ensured that customers or patients do not gain access to an unattended PC in the absence of personnel. To prevent unauthorized access to personal data, the Windows logon should be secured with a sufficiently complex password. However, logging in with a long password is often cumbersome and can also be spied on by the customer or patient. Therefore, an alternative method should be considered. The Login-Software from abylonsoft offers the possibility to log on to the computer with a so-called hardware key. Thus a highly secure password can be used and since this does not have to be entered via the keyboard, a spying is not possible.
Independent responsibility and self-determination
As the term informational self-determination already expresses, everyone has the possibility to determine his personal data himself. But this also requires a conscientious handling of it. Because beside obvious data collection with purchases in the Internet or conclusions of a contract there are a multiplicity of not quite so obvious traps. Here are a few examples to strengthen the sensitivity of each individual:
Competitions are the classic case for collecting addresses. Since the prizes are to be sent, the real name and address must be entered. Sweepstakes offer dubious providers an easy way to collect addresses in order to send advertisement for their own products to potential customers. With a competition one should think in the apron whether the profit justifies the risk of data utilization.
Bonus programs are not always free of the provider's own interests. Beside the customer connection in simple way the preferences of the customer are determined. This facilitates the offerer if possible adapted and price-optimized offers to provide. Everyone should consider itself whether the discounts or gifts are to Einem the Durchleuchten of its purchase behavior value. Also the use of credit and EC-cards holds comparable risks.
Recently, Networks such as Facebook®, Xing® or Wer-kennt-wen® have changed communication and public image. Social Communities offer a number of advantages, such as self-expression, finding old friends again and staying in contact. However, it must be clear to everyone that once statements have been made and uploaded images can in principle never be removed from the vast expanse of the World Wide Web. In addition, far-reaching rights to the texts and images are often left to the portal provider, who can further exploit them. This category also includes communication programs, such as Skype® or WhatsApp®.
mobile phones offer optimal conditions to receive data from the owner. Especially because today you always have your mobile phone with you, which offers the standard function GPS functionality for localizing the location. The criminal investigation uses besides so-called still SMSs for location monitoring. Using such tricks or corresponding apps, movement profiles can be created. The best protection is to remove the battery or store it in a shielding metallic container. Also stored contact data and address books on the mobile phones are a desired commodity, which are evaluated gladly. The use of address books makes it easier to make contact with friends or acquaintances via services such as WhatsApp® or Facebook®, but also offers extensive evaluation and monitoring options. Here everyone must think in advance whether he uses services which automatically evaluate the contact data and create links to email addresses and phone numbers or alternatives, where the contact is made manually via pseudonyms.
The mentality of people regarding Software is changing. Today more and more software and apps are expected to be offered for free. However, the development of programs is always associated with costs. However, providers want to continue earning money, even with software offered free of charge. Therefore the user has changed from software to a product and profits are achieved by the evaluation of data and behavior. As a user you should read the license conditions in advance. The rights granted by the software are usually listed here. In case of doubt, the use of a questionable application should be avoided or, for example, it should only be executed in a virtual system. The rule still applies today: "Nobody has anything to give away."
Since mobile phones started making high quality high quality photos the flood of images is increasing rapidly. From a data protection point of view, it should be remembered that in addition to the pure image data, numerous additional Meta data are stored in the image file. The storage of unique Camera IDs and GPS coordinates, which enables the assignment of the images to the recording location and the person, is to be seen as critical. With the software abylon EXIF-CLEANER the meta data can be completely deleted in EXIF-Format. Especially when uploading to the Internet or Cloud the image files should be cleaned before. In addition, photos can be evaluated biometric. In the meantime, facial recognition has overcome the teething troubles and enables further cross-references and assignments.
Themenbezogene Software zu: Information about data protection
Encrypted file storage for multi-user access in networks