Privacy is the choice of an individual to keep the information about him/her or any other data related to him secluded from third-party access.
In this era of interconnected lives, privacy is one of the most debated topics around the world, regarding how much user data is collected and for what purpose this collected data is used for.
A complete blanket protection of your privacy from prying eyes on the internet is impossible, to be honest.
The Internet is more like a give and take marketplace where you trade some, get some in return.
This mutual benefit factor is what drives the internet as we know it. Companies rely on our data for better personalized service recommendations.
But the point to discuss here is how much data and what type of data does these corporations capture and how secure is the whole process.
In this article, we aim to give our readers a rough idea on the invisible data abysses on the internet and how to evade them, while not compromising on your productivity and user experience.
Data Protection
Data protection consists of a set of rules and laws maintained for safeguarding the user from malicious use of personal data for financial or emotional gains by adversaries.
In the earlier days of computing, people didn’t care about the “data” much as they were busy reaping the benefits of these technological innovations.
But as the rate of advancements rapidly skyrocketed, people started using the internet for each and everything ranging from searching for their favourite recipe to financial transactions.
This made the service providers like Google and Facebook know a lot more about you, to be precise even more than what your parents or friends might have known.
This large swath of personal data can be used to manipulate you in whichever manner these giant corporations may please.
Not only the major players in the market, small time online services and smartphone apps too have the habit of collecting user data.
These untrusted companies may sell your data to a third party for money, or may even get hacked by malicious guys to reveal your sensitive data that can be used for anything – from account compromise to blackmailing.
Need for Privacy and Data Protection
Anyone who uses the internet is essentially a sitting duck for target practice to the bad guys out there. Most of us aren’t aware of these issues to an extent that might even worry us a bit.
For an average netizen in India, the term data protection might just be implying the safety of his/her login details such as username and password.
The finer details like permission requests from the apps he/she installs on a smartphone, personal data that’s entered for signing up to a social network etc remains “not” a big deal.
Let’s talk about privacy at first before delving into details about the methods to ensure privacy and data protection.
Privacy issues on the internet
Multinational corporations such as Google, Facebook and Twitter collects your data for serving the best content that you might prefer.
For example, a social network such as Facebook does dig deeper into your privacy for getting you connected with other like-minded people and pages.
The data pulled by Facebook is very personal and even tracks keywords on your chats for not only suggesting you friends, but also advertising products for you to purchase.
To defend the company, your personal data is the real currency for them which in return provides these services free of cost.
The issue arises when the company collects data obscurely, without the knowledge of the user.
While signing up for a product or an online account, most of us don’t bother going through pages and pages of fine print detailing the legalities.
But when a company goes beyond this limit to collect personal data without the user’s knowledge or consent, it becomes an infringement towards the basic human rights.
Hackers and spammers
The internet is a seamless playground with no perceivable immediate borders.
Since every online service is interconnected to one another in one way or the other, your data and privacy pass through multiple hoops daily, even if you have not given consent for this.
The lack of adequate security in any one of these hoops will make you vulnerable.
There are dedicated groups lurking in the net for hacking into your accounts for financial as well as personal gains.
If the sensitive data that you had explicitly given permission to a trustworthy corporation ends up in wrong hands, things can go bad to worse in a matter of hours.
For example, Cybercriminals can carry out malicious actions such as ransomware attacks to secure your data and later demand ransom for unlocking the same.
The sensitive information that these hackers seize as a middleman between the trusted websites and the user, might be used for illegal purposes or even for blackmailing you to extort more money.
Government surveillance
Surveillance has become a major part of the defence intelligence strategy followed by many countries around the world.
Not only does the Government spy on foreign targets, but also keeps track of the actions of its own citizens without them having any idea about it.
With whistleblowers such as Edward Snowden revealing about super secret surveillance programs conducted by the US government and Julian Assange of Wikileaks, we now know that we are all under some form of surveillance, one or the other.
Since the Government never publicly acknowledges its actions, we can only hope that they won’t misuse the sensitive information in their kitty.
Safeguarding Privacy
Data protection is one of the trickiest issues we have to tackle with the Internet in the coming days.
There is no outright method to safeguard your data to the last bit and enjoy the same web experience as you enjoy now. However, you can take some measures to ensure that the data leakage is minimal.
Let’s discuss some of the ideas which we think might offer you better privacy and safeguard you from future threats.
Use open source alternatives for popular applications
Most of the apps we use on our smartphones and laptops are built by large tech companies using their own proprietary technologies.
Even though there may be some open source code fragments in them, much of the underlying code doesn’t come under the GNU/GPL policy, making it impossible to audit.
Open source apps have their codes uploaded to a repository such as GitHub for the public to take a look.
It is impossible for an open source product to sneak in malicious code that will sneak your sensitive data out with many researchers testing the code thoroughly.
Ditch Google search for something less personalized such as Duck Duck Go!
Google has a complete suite of online application ecosystem that knows you better than anyone else.
Like a double-edged sword, this makes Google extremely helpful at times and not so sometimes.
Personalised search results may bug you with unwanted ads along with your search results, emerging from the keywords pulled by the company from your emails or chats.
Search engines like Duck Duck Go doesn’t track you like Google does, and provides you with a clean search result, devoid of your past search influence.
And yes, the quality of search results from Duck Duck Go is nowhere near comparable with the Google, so that’s a major tradeoff for more privacy.
Use Linux OS for better data protection
Windows isn’t an incapable operating system at all. In fact, it’s one of the most intuitive OS around with a lot more flexibility and a smaller learning curve.
Being widely used by billions around the globe, the popularity of the Windows OS makes it the primary target of hackers and other malicious actors.
Linux being an open source platform, is quick to patch all the vulnerabilities in time and stays secure almost always, thanks to the vast pool of contributors, unlike Windows on which only Microsoft engineers work.
Be aware of your online needs
We all have that habit of signing up for accounts and services unnecessarily, which is sure we won’t use after a day or so.
Avoid such needs and learn to use the internet sensibly.
Sign up for what is absolutely necessary and while signing up, read the terms and conditions instead of just ticking the accept column.
Many a time, we all have faced this issue of installing bloatware while installing a legit application.
Yeah, that!
The consent for such installs is hidden in the terms and conditions page of the legit applications.
Think twice when you fill up an online form. Ask yourselves if this data is necessary for the service to function. Such vigilance will save you from a lot of troubles.
Never ever install applications from an untrusted source
We all like free services.
If there is a paid application on the online store and a there is cracked file of it available on a hosted web server, most of us would go the wrong way to save few bucks.
The applications hosted on the online store such as Google Play Store and Microsoft store are scanned for vulnerabilities and malware and are made sure that they won’t do any harm to you.
The cracked applications available free of cost might have malware embedded inside which once installed on your smartphone or laptop, will syphon off the data to a malicious actor.
The next time you’re about to do the same, think twice.
General Data Protection and Regulation (GDPR) – a step in the right direction
The GDPR law is a set of practices which the European Union has imposed on the companies operating within its boundaries to ensure that the end user is in total control of his data and not the companies.
The GPDR law succeeds the 1995 EU data protection directive and came to effect starting this May 2018.
Some of the clauses of this regulation are as follows:
- Absolute necessary data should only be collected by a service provider or a vendor from the end user.
- Personal data collected by the company should be encrypted and pseudonymized.
- The end user can always request a copy of his/her data stored on the company server and has the right to delete the records altogether if he/she decides so.
- The data storage period is to be kept a minimum. Under no circumstance, a company can store the data of customer forever.
If the user deletes his/her account or he/she terminates the service with the company, the data associated with him/her shall also be removed instantaneously.
A data protection officer has to be appointed by each and every company which operates within EU to strictly monitor that these guidelines are followed and the user data is safe and secure.
Companies who fail to follow the GDPR guidelines will be fined heavily. The fine will be in tune of up to 4% of their annual global revenue.
Conclusion
Data privacy and protection is of paramount importance for a user who always interacts with the internet on a day to day basis.
Having strict guidelines and rules for protecting the user data and safeguarding the privacy of the users must be prioritized by the authorities to keep a check on the power these multinational companies wield.
We hope the privacy and data protection frameworks like GDPR will soon be implemented worldwide and the governments will take an upper hand to make sure the world wide web remain a level playing field – for the companies as well as the users.