The invisible threat: Protecting your organisation from online data tracking

Data tracking is an invisible process that can impact your company’s privacy and security. It’s crucial for business leaders to understand this often-overlooked cache of data leak possibilities. Learn about the the hidden mechanics of data tracking, and practical strategies to shield your organisation.

Digital footprints and it’s risk to organisations and employees

Each digital interaction—be it a website visit, online purchase, or social media engagement—leaves a trace. These digital footprints create a comprehensive record of your employees or company’s online behaviour, including device types, network details and even what software or fonts you have installed. This data, is a goldmine for cyber criminals.  

Cookies and analytics

Cookies, which are small data files stored on devices, serve a dual purpose: remembering user settings and tracking browsing habits. These, along with analytics tools, construct detailed profiles of user interests, a practice often invisible yet critical to understand in a business context for user experience. Search engines and browsers for example track not only websites visited, but the search that led you there, tracking decision making processes and relevancy. While they aren’t used in isolation by cyber criminals, they are used to track your movements, and can also contain malware if the site you have accepted cookies from has been compromised. The reflex to ‘auto accept’ all cookies is a dark pattern – most users won’t think twice about clicking yes.

Data Brokers, the invisible market

Even outside of the dark web there is a data marketplace, and in many countries, it’s perfectly legal. Data brokers play a pivotal role by collecting and selling personal information. Although they are regulated by the Australian Privacy Principles (APPs) under the Privacy Act 1988, the effectiveness of these regulations is debatable, especially considering the global reach of data brokers. For businesses, this poses a unique challenge in data privacy and protection. It also serves as a reminder of obligations to keep your customer data private and not to sell it to third parties. The CDR framework from 2020 gives consumers more rights over their data and how and whom it should be shared with.

The impact on privacy

The common collection of data poses significant privacy risks, as highlighted by the Australian Competition and Consumer Commission (ACCC). Small and medium businesses are not immune; in fact, their perceived lack of data security makes them appealing targets for cybercriminals. To counter these risks, adopt these proactive strategies:

• Privacy-focused browsers and blockers : These plugins can significantly reduce tracking.
• Social media settings: Platforms like Facebook offer customisable privacy settings to control data sharing, but consider having a policy about use on organisation machines.
• Informed policy understanding: Knowing the ins and outs of the privacy policies of the services you use, and the government requirements that apply to you.
• VPN utilisation: Virtual Private Networks anonymisze online activities, adding a layer of security when working remotely.  
• Regular data audits: Periodically reviewing access to your company’s data and customer data is crucial.

With data breaches becoming common, particularly in data-intensive environments like Australia, understanding and managing online data tracking is not just advisable—it's essential. As technology evolves, your approach to digital privacy and security must also advance. Data security training for employees will help empower your business with this knowledge and provide the first step towards robust digital health and sustained success.

Check out our course catalogue for courses on information privacy, intro to information security and data privacy.

‍