70% of Ukrainians did not pay attention who they provided their personal data to, and 50% disclosed the security word in banking — their mother’s maiden name.
The GigaCloud cloud operator ran a social experiment to test Ukrainians’ awareness of the personal data protection issue and how easily they share their data.
For this, the operator’s employees went to one of the Kyiv city mall. Mall visitors were asked to answer three questions about personal data and fill out an anonymous questionnaire using a Google form. In the questionnaire, they were asked to state their place of residence, phone number and mother’s maiden name. The experiment had been conducted till February 24.
“We have shown how fraudsters act when they collect sensitive data,” the GigaCloud company reported. “We offered to take part in an anonymous survey and asked to provide personal data. It didn’t surprise anyone. We want to tell all Ukrainians — never do this! Protect your data and be careful about who you disclose it to.”
10 people participated in the experiment:
- 10 out of 10 entered data into the questionnaire.
- 7 out of 10 ignored the fact where they entered their data.
- 5 out of 10 stated their mother’s real maiden name.
The results of the experiment show that people do not fully understand the value of their personal data and what the consequences may be if they end up in the hands of fraudsters. At the same time, all interviewed people believe that data should be protected by business and the state. But there is another, no less painful side of the issue — businesses can store data improperly, which makes them easy prey for criminals. According to the IT Governance portal, in January 2022 alone, hackers stole 66 million files, which included email addresses, passwords, phone numbers, etc.
“Businesses must securely store the personal data of its customers. Firstly, it is their responsibility, and secondly, it protects against large fines if the company operates in the EU,” according to Artem Kokhanevych, GigaCloud CEO. “That’s why it is in the interests of Ukrainian companies to bring personal data management processes in line with the ISO/IEC 27701:2019 standard. In addition, it confirms compliance with the GDPR requirements — the general data protection regulation within the framework of EU legislation. In this way, companies will have official confirmation that they have done everything possible to protect personal data, and customers will be sure that their data are stored and processed in accordance with the best global practices. It is for our peace of mind and that of our customers that GigaCloud has passed ISO/IEC 27701:2019 certification.”
How can customers know that the company complies with information protection standards?
There are signs that will help customers know that a company is ISO 27701 compliant. The main one is when businesses are honest about the processing of personal data, since before collecting data, they must obtain permission from the owner. They do it different ways: Set up pop-up cookies on their websites, inform that the conversation may be recorded during a phone call, or if the customer buys something on the website, ask for consent to the processing of personal data.
“Ukraine has become an EU membership candidate. To become a full-fledged member, our country needs to institute a number of reforms and integrate into European standards. You have to start with yourself and your business,” Artem Kokhanevych sums up.