Have you ever had a conversation with your friend about going to a restaurant and the very next day there is an ad for the same restaurant on your phone? Spooky, isn’t it?
Data privacy concerns are growing amongst netizens in the modern age where lives are lived equally in both the physical and digital realms.
Data Analytics and Data privacy are closely interlinked, and the risks surrounding the former begs questions regarding the latter’s importance.
Many believe that in today’s online era, where everybody is caught in the interweb, data privacy is a relic of the past, a myth.
So, how safe are we online? Let’s find out.
- Understanding data privacy
- Biggest concerns surrounding data privacy
- How to safeguard yourself against data leaks
- Existing and upcoming laws to protect your data
What is Data Privacy?
Data privacy tackles issues surrounding the collection of data online – How it is collected, why it is collected, who can access it and what it is used for.
It teeters on a subtle balance between the usage of user’s data while upholding Privacy Preferences and protecting Personally Identifiable Information.
What is Personally Identifiable Information (PII)?
Personally Identifiable Information (PII) is any information that can directly lead back to you.
Most of the information is grouped and your data is just a single point in a database of millions.
PII however can be traced directly back to the specific individual it pertains to and can put the individual at certain risks.
List of Personally Identifiable Information
- Full name
- Home address
- Email address
- Aadhar number
- Passport number
- Driver’s license number
- Credit card numbers
- Date of birth
- Telephone number
- Login details (Username, Password)
- Processor or device serial number*
- Internet Protocol (IP) address*
- Device IDs*
Risks of disclosure of personally identifiable information:
Dwight was spot on, as 2 out of every 5 Indians are subject to Identity theft and it remains the biggest risk online.
People can pose as another individual to post sensitive information as an attack on their reputation. They can also pose as others to access Bank accounts and credit cards.
The leak of private information without consent is another big concern as no one wishes to be exposed on the internet. This raises several questions.
Let us dive into these important questions
What are the main concerns surrounding Data Privacy?
The obvious concern is how it is being used. Many users aren’t even aware of how much data they agree to share when they sign user agreements and privacy policies.
This looms like a dark cloud of concern over the heads of users, who cannot understand the complex user agreements and the carefully worded privacy policies.
What are user agreements and privacy policies?
Privacy policies usually map out all the data a user willfully shares with an app or a website, which can be used by the App/Website for their marketing purposes.
These policies are always mandatory and the only way to avoid entering the agreement is to choose not to use the App/Website.
That becomes a problem as the services of Apps/Websites such as Google, WhatsApp, Facebook, Instagram, etc have slowly become indispensable parts of our lives.
How concerned should you be about collected data?
None of the collected data is used for nefarious purposes. It is usually shared with other companies who wish to advertise their products to the users.
Patterns of usage are tracked and recognised by algorithms and AI to suggest more content which a user might like based on the content he/she already consumes.
Targeted marketing allows companies to cut costs on large marketing campaigns by finding more likely customers to try their product/services.
Companies can view the user’s data on a website through data analytical tools.
Data analytics and Data sciences are the fastest growing industries in the modern era and every click of the mouse on the internet ties into it.
Also read: Top 6 Free Data analytics courses
List of data collected by Google:
- Contact info (physical and email address)
- Audio data
- Search history
- Browsing history
- User identifiers (user ID and device ID)
- Usage data (including product interaction and advertising data)
- Crash and performance data, and ‘other data types’
How safe are your messages?
Whatsapp has 2-billion users worldwide who share private conversations and sensitive information through the app daily.
This raised questions about the End-to-end encryption that was promised by WhatsApp.
What is end-to-end encryption? Can WhatsApp read my messages?
The answer is no and always will be no, as the messages sent on WhatsApp are ‘End-to-end encrypted’.
This simply means that between the time you hit send on a message and the time the person receives it on the other end, it is encrypted.
Encrypted means that your message is converted into a format that can be interpreted only by the intended receiver’s device/account.
This ensures that third parties cannot intercept your messages and make any sense of them.
WhatsApp stated that they can now use certain user information from their private chats with business accounts. (Business accounts have to be registered separately and users are alerted before chatting with a business account)
Signal’s popularity surged after a straightforward promotional tweet from Elon Musk that read “Use Signal”.
The signal is an app that completely protects private data and personally identifiable information by providing multiple layers of protection.
To find out more read: Signal vs WhatsApp
What is in the control of the users?
Privacy policies and End-user agreements are mandatory to avail the services of most Apps/Websites. This begs the question, what real choices do users have to restrict the access of their private data?
Safety measures individuals can take:
- Control cookie access on Google. It stops websites from following your web activity while browsing
- Use search engines that do not track your usage e.g. Duckduckgo
- Only use trusted websites
- Avoid Facebook and Google sign-ups, instead create a separate account.
- Carefully check the website domain to ensure it is the original site to avoid the risks of phishing.
- Make profiles private and monitor who has access to your profile on Social Media sites.
- Refrain from posting pictures and personal information publicly
- Use Private messenger services that do not use information from chats
- Never save passwords on devices. Also, ensure that only you have access to your personal devices.
- Do not upload sensitive information on Cloud services. Keep it offline.
- Use VPNs while browsing the net to mask your I.P address
- Be careful discussing sensitive information in the vicinity of devices as they have control over audio recording.
(This is how they send spooky ads to your phone)
What are VPNs?
Virtual private networks or VPNs are intermediary servers that mask your I.P Address online. VPNs can be downloaded on mobile phones, PCs and laptops as apps or software. It allows you to browse the web discreetly without detection and reduces the exposure of personally identifiable information.
How do they work?
VPNs encrypt your address along with the data you send and receive. It does so by accessing a separate server online which cannot be tracked back to you. It hides your browsing data from ISPs (Internet service providers) and local users.
It also protects your data while using public Wi-Fi networks
Are VPNs legal?
Yes, it is perfectly legal to use VPNs. VPNs facilitate access to business networks from anywhere and it is the primary use for VPNs. Businessmen who travel need the services of VPNs to seamlessly use their networks. However, utilising VPNs to access blocked websites is illegal.
What are the policies in India to protect Individual Data?
Policymakers and Lawmakers in India realised that the realm of the online world cannot be governed by the same laws that exist in the real world.
The advent of the Internet age presented them with issues that they never had to deal with earlier.
This meant a new set of separate laws had to be made to regulate things online.
Old Policy: Information Technology Act 2000
For the past two decades (till date) the Internet space in India has been regulated by the IT Act.
As the law was passed long before the advent of Social Media and Data analytical tools, it contained very minimal regulations on the collection of private data.
Section 43A and Section 72A were later added as amendments to the act; giving people the right to compensation for improper disclosure of private information.
New Policy: Personal Data Protection Bill (PDP)
Since the European Union enforced General Data Protection Regulation (GDPR) in 2018, many countries have been following suit, despite concerns over GDPR affecting businesses, AI and Machine learning in a negative manner.
India drafted its own version in the form of the PDP bill. The new bill, if enacted, will increase the requirements necessary to use personal data.
Notices and prior consent from users will now be required to access the data.
Only the data necessary to provide the service to the individual can be collected; to prevent excess data leaks.
It also mandates the requirement for data localization and appointment of data protection officers to ensure proper regulation within organizations.
You now have a broad understanding of data privacy, privacy policies (of companies) and privacy laws.
Privacy is not just a privilege but also a responsibility. So, at the end of the day, your online security comes down to you. Hopefully, we’ve made that clear.
If you wish to learn more about Cyber Security and Ethical Hacking, then Verzeo has the perfect course for you. Check out: Cyber Security Course
Ensure you follow the precautions suggested above and you should be as safe as one can be on the internet.
Now you are free to browse the net without getting tangled in the web!
Frequently Asked Questions
Is Data Privacy a personal right(in India)?
Ans: Though rights to privacy are not explicitly mentioned in the constitution, the courts maintain that “Right to privacy exists under the right to life guaranteed under section 211”
Which site shares the most personal information with third parties?
Ans: Instagram tops the list of apps that share personal information sharing up to 79% of personal data collected.
Read here for the full list: 52% of apps share your data
How can I prevent hackers from stealing my information?
Ans: Hackers employ a lot of techniques to steal, change or destroy personal information. Read how they do it and how to prevent it here: Internet security 101
What are the safe alternatives to Google?
Ans: Duckduckgo is one such browser that allows users complete privacy while surfing the web. It also does not provide personalized search results which give access to a broader spectrum of information.
For more information on secure browsers read here: Alternatives to Google
How to stop my device from listening to me?
Ans: Here are three ways to stop your android devices from listening to you:
Disable the “Ok Google” feature from your phone settings
Turn off listening while driving and
Disable Google Search’s mic
Here’s a step-by-step guide to help you do the same: How to stop your android device from listening to you