According to the nonprofit organization International Association of Privacy Professionals, Data Privacy Day originated in 2007. It was started by the Council of Europe with support from the European Commission, to encourage citizens to be more aware of data protection rights and responsibilities. Some organizations, like the National Cybersecurity Alliance (NCA), celebrate not just the day but Data Privacy Week; this year, the theme for the week is “Take Control of Your Data.”
In the past, the day has been commemorated through legislative proposals, the release of security benchmarks, survey results on security sentiment, and privacy tips.
This year, New York City published updated citywide privacy policies, a revised agency privacy officer toolkit, and a list of safety tips to inform city residents about how to protect sensitive information. New York City Chief Privacy Officer Michael Fitzpatrick said in a statement that the new policies and toolkit reflect the city and its partners’ work to balance innovation and privacy protection.
The NYC Office of Technology and Innovation held an event this week in partnership with the Brooklyn Gigabit Center to inform older adults about data privacy and protection online.
At the state level, the New York State Office of Information Technology Services (ITS), the departments of Taxation and Finance, Financial Services, and State, and the Division of Homeland Security and Emergency Services encouraged constituents to protect their personal information online.
The agencies compiled steps New Yorkers can take to keep their information private and secure, such as keeping applications and devices up to date and using complex, unique passwords for every account.
“We believe that Data Privacy Week is not just a reminder, but also a call to action: empowering individuals and organizations alike to prioritize privacy, safeguard personal information, and ensure that trust remains the foundation of our digital future,” state Chief Information Officer Dru Rai, who is also ITS director, said in a statement.
In Oregon, a new toolkit and handouts from the state Department of Justice aim to help constituents protect their online information by informing them about their rights under the Oregon Consumer Privacy Act, which took effect last July.
“This law allows parents and teens to request that a website delete information about a child or themselves,” Oregon Attorney General Dan Rayfield said in a statement, underlining that the goal is to ensure all constituents know they have these privacy rights.
Other states, such as California and Minnesota, took the opportunity with Data Privacy Day to bring attention to existing data privacy policies and resources. Minnesota also included a list of privacy protection tips, such as using multifactor authentication and monitoring credit reports.
At the federal level, the U.S. Department of Veterans Affairs (VA) used Data Privacy Day to inform veterans about upcoming changes to the department’s platforms, including va.gov, VA apps, and other VA online services. After Friday, veterans will have two sign-in account options: a Login.gov or ID.me account. The changes are intended to protect veterans’ information and benefits, simplify the user experience, and meet federal standards for account security.
NCA held several events this week to share best practices and provide education about privacy as it relates to data, artificial intelligence, and legislation. NCA’s webinars can be viewed on demand for free online.
Another consortium of cybersecurity-focused professionals, the Security Industry Association (SIA), this week released resources and programs to support data privacy. These include a new Data Privacy Pro Certificate course covering important privacy topics, which is free to members and $99 for nonmembers. SIA also released a 2025 edition of its reference guide to understand state laws on biometric information.
In related news, a coalition of trade associations and the U.S. Chamber of Commerce urged action on the development of a national privacy law in a letter Tuesday to the U.S. Senate Committee on Commerce, Science and Transportation and the U.S. House Committee on Energy and Commerce. The coalition includes SIA, the Information Technology Industry Council, and the National Business Coalition on E-Commerce and Privacy.
The letter argues that “a national privacy standard will help start-ups and main street businesses compete on a broader scale, helping to lower prices and widen consumer access to goods and services,” noting the increasing importance of such a standard in the face of rapid AI advancement.
