Governor Hochul Urges New Yorkers to Take Steps to Safeguard Their Private Data

 

New Yorkers Encouraged to Educate and Protect Themselves Against Having their Personal Information Compromised Online During Data Privacy Week

State's First Chief Privacy Officer Partners with State Agencies to Raise Awareness; Guard Against Personal Data Breaches

 Governor Kathy Hochul today announced steps New Yorkers can take to safeguard themselves from having their personal data compromised online. In recognition of Data Privacy Week, the State Office of Information Technology Services has teamed with other state agencies to promote techniques for protecting private data including raising awareness of phishing schemes, using strong passwords, and exhibiting greater caution with information shared on social media.

"All too often, New Yorkers fall victim to online criminals because they don't take basic steps needed to protect their personal data," Governor Hochul said. "During Data Privacy Week, we are raising greater awareness of these schemes and urging all New Yorkers to protect themselves and their personal information to avoid becoming a target of these unscrupulous actors."

Starting on January 22, Data Privacy Week is aimed at spreading awareness about online privacy among individuals and organizations. The goal is to educate the public on how to safely manage their personal information online and to help businesses and other organizations understand the importance of respecting their users' data.

This year, New York State was named a Data Privacy Champion by the National Cybersecurity Alliance, a non-profit organization that promotes cyber security, privacy, education, and awareness. This designation recognizes the state's commitment to supporting the principle that all organizations share the responsibility of being conscientious stewards of personal information.

Governor Hochul also announced an expansion of state investments in cybersecurity initiatives in her State of the State address, which will further secure and protect New York's critical infrastructure.

ITS Chief Privacy Officer Michele Jones said, "I'm very excited about the opportunity to lead and coordinate New York's efforts around data privacy as the State deals with new and emerging privacy standards. During Data Privacy Week and every day, I will continue to encourage all New Yorkers to stay vigilant with their personal online security and follow our best practices and tips."

Online activity generates vast trails of data. Websites, apps, and services collect information on behaviors, interests, and purchases, as well as other sensitive data such as Social Security and driver's license numbers or health information.

Failing to take adequate safeguards can leave this information exposed and raise the likelihood that it will fall into the wrong hands. New Yorkers can keep their sensitive personal information private and secure by:

• Being wary of unsolicited emails and telephone calls asking for personal information. Never share personal information, such as your Social Security number, in response to an unsolicited email or telephone call. If the email or call claims to be from a company with which you do business, call it first to confirm the contact is legitimate.
• Keeping devices updated. Enable automatic updates for your devices and applications, including mobile devices. Use security features built into the device, such as a passcode, and programs that encrypt data and remotely eliminate contents if the device is lost or stolen.
• Being careful with Wi-Fi hotspots. Public wireless hotspots may not be secure and can potentially allow others to monitor online activity, especially if it is unencrypted - ensure your connection to your website is secure, and for extra protection use a virtual private network.
• Limiting personal data collected by mobile apps. Limit the data you allow to be collected on to the minimum required, such as by limiting location services to "only when using the app" and not allowing personal information such as email to be shared with third parties. Consider the app's privacy policies before downloading.
• Being cautious about the information shared on social media. Avoid posting birthdates, telephone numbers, home addresses, or images that identify employment or hobbies. This information may often reveal answers to security questions used to reset passwords and can be utilized by scammers looking to access accounts and personal information.
• Using strong passwords. Create different complex passwords for every account. Consider passphrases made of up multiple short words which are easy to remember but difficult for a computer to guess, like "Correct-Horse-Battery-Staple!". Consider using a password manager which can help generate and securely store passwords.
• Using hard to guess security question answers. Select security questions with answers that cannot be guessed or found by searching social media or the internet.
• Using multifactor authentication to access accounts. A password and another factor, such as a code from an app on your phone, make it much harder for your account to be hacked.
• Being aware of phishing schemes. Don't click on links, download files, or open attachments in emails from unknown senders. Open attachments only when they are expected, and the contents are known.

About Data Privacy Week

Data Privacy Week began as Data Privacy Day in the U.S. and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the Jan. 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.