Volume 17, Number 3

A Framework for Securing Personal Data Shared by Users on the Digital Platforms

  Authors

Nirjhor Anjum ¹, Lamia Islam ², Md Rubel Chowdhury ³ and Ariful Alam ⁴, ¹ University of the Cumberlands, USA, ² Washington State University, USA, ³ London Metropolitan University, UK, ⁴ Trine University, USA

  Abstract

Public disclosure of private data such as mobile phone numbers, dates of birth, identity card information, and financial data on social websites represents a significant threat to cybersecurity. Both external and internal intrusions infringe on users' privacy, and the available security practices are not preventing unauthorized access. Substandard encryption, poor access controls, and weak policy enforcement form the core deficiencies of handling private data in this study. An in-depth analysis, comprising industry surveys, interviews with experts, and case studies of eCommerce and digital service companies, is carried out to assess the prevailing practices and their shortcomings. It is seen that most of the companies do not have adequate policies and technical measures, and user data is extremely susceptible to misuse. To fill this gap, a Citizen Digital Identity Portal (CDIP) is envisioned as an eGovernance project sponsored by the government. This solution combines encryption, access controls, and API-based identity confirmation to enable companies to confirm user identities without revealing or holding personal information. The threat of abuse by both internal and external entities is therefore greatly minimized. The study concludes that companies cannot guarantee data security alone and that a policy-driven centralized model must be in place. The CDIP model helps bridge the gap between technology and cybersecurity rules. It offers a flexible and powerful way to protect personal information in today’s digital world.

  Keywords

Personal Data Security, Cybersecurity Framework, e-Governance and Data Protection, Data Privacy Regulations, Secure Digital Identity