The Internet has grown a lot and now more than 4.1 billion users are online on the Internet. While it is true that the Internet provides information and entertainment to netizens. However, there’s a catch.
Organizations collect data by your permission in the form of browser history, social media accounts, like and dislike to thrive and continue their business.
Organizations collect data, it doesn’t matter if it’s online or offline. Intelligence agencies, Internet Service Providers, and Marketers are the top-dogs in data collection.
Data is at the core of any organization’s decision cycle. According to a Helical IT survey, if a decision is made relying on data collected increases the chances of succeeding by 79%. Analysis, quality, and quantity of data help businesses and organizations to gain a competitive advantage.
Whether you’re surfing the web or scrolling through social media feeds from the comfort and privacy of your home. You aren’t really private at all, companies such as Google and Facebook are known to track and monitor information about you.
What is online data privacy?
Data privacy is a branch of data security. Online privacy mainly revolves around the concerns relating to the proper handling of data which includes, consent, notice, and regulatory obligations.
Keeping the definition of data privacy aside, practical data privacy concerns revolve around:
- If and how data is being shared with third-party organizations.
- How data is legally being collected and stored.
- Regulatory restrictions such as GDPR, HIPAA, GLBA, or CCPA.
Data privacy is a fundamental part of information technology. It helps an organization or an individual to determine what data within an infrastructure can be shared with others and which should be kept secret.
Why is online data privacy Important?
There are two major driving reasons why data privacy is one of the most significant issues in the online community.
Quality and Quantity are the two characteristics of data that determine how important it is as an asset to a company. Companies are involved in practices that include collection, sharing, and using data. This process is also known as the data economy.
There are a lot of companies including, Google, Facebook, and Amazon that have built empires following the data economy scheme. Every organization makes data-driven decisions. Data retention laws such as GDPR has made it compulsory for businesses to be transparent in their privacy policies.
Secondly, privacy is the right of every individual that exists on the planet. It was never a privilege and should never be considered one. Data that you share online in the form of statuses, pictures, opinions are, in fact, a medium of freedom of speech and nobody should be able to record or use it against your will.
With all that monitoring and tracking of data, there’s no way to determine what message transmitted on the internet will be taken out of context and will land you in trouble.
Why organizations are tracking me?
As mentioned above, there are many different organizations that rely on your data. It doesn’t have to be an organization that essentially exists on the internet. Recent statistics show that 47% of people living in the United States are concerned about their privacy.
The list of data collecting organizations along with their motivations behind it are as follows:
- Intelligence Agencies.
- Internet Service Providers.
- Companies like Google and Facebook.
What data Intelligence Agencies are collecting?
Data privacy is probably the only issue that has stayed relevant for a long time and will continue to be a significant issue. On the first look, it should be obvious that intelligence agencies such as the National Security Agency (NSA) are involved in mass surveillance.
The motivation behind collecting data is nearly transparent. Intelligence agencies just want to keep the people safe from another 911 attack. However, collecting mass data won’t help.
NSA’s PRISM program taps into companies such as Google, Apple, Microsoft, and many others with ease. It can sniff out all the information and then use it to spy on people over a mass geographical area.
The aforementioned problem is not restricted to just the United States. There are intelligence alliances formed with the intention of sharing data gathered in different regions to generate new insights.
Role of 5 Eyes / 9 Eyes / 14 Eyes intelligence Alliance
Intelligence alliance can be defined as a pact between different intelligence agencies located globally. Getting spied on by your own intelligence service is one thing, but a foreign one is just off-limits. To tackle this problem, alliances were formed to share gathered intelligence with each other.
The countries currently involved in the 5 Eyes Intelligence alliance are:
- United States
- United Kingdom
- New Zealand
- Canada
- Australia
Nine Eyes Intelligence Alliance makes up by adding up the FVEY and four more countries:
- Denmark
- France
- Netherlands
- Norway
Lastly, the fourteen eyes intelligence alliance comprises of the countries in nine eyes intelligence alliance and five more countries:
- Germany
- Belgium
- Italy
- Spain
- Sweden
Another thing to note is that these intelligence alliances cover up a major percentage of the globe and can easily spy and gather intelligence on the people residing in these countries.
The intelligence agencies share a variety of information with each other.
- Signals Intelligence (SIGINT): As the name suggests, SIGINT is any intelligence derived from electronic signals and systems. For instance, data gathered from communications systems, radars, and weapons systems.
- Human Intelligence (HUMINT): Intelligence gathered by a human is known as HUMINT. In this scenario, it’s the duty of well-trained spies to get reliable information. Interrogations, debriefings and media exploitation is also involved.
- Geospatial Intelligence (GEOINT): The information gathered through the use of satellite is known as Geospatial Intelligence. The intelligence may include, maps, blueprints, and information about human activity.
However, some might think forming an intelligence alliance gives them the upper-hand in terms of control and intelligence. Which is true to some extent.
How Metadata retention is used to monitor netizens?
In simple terms, Metadata is data about data. In other words, Metadata describes a set of data. It holds information that explains how and when data was collected and by whom. Metadata summarizes basic information about data which makes it easier to work within some scenarios.
Government agencies are pushing forward for mandatory data retention laws. This will allow telecommunication companies to store data over a long period of time, which can be utilized by the intelligence agencies.
What data is included in metadata?
Metadata isn’t information about what you type on a handheld device or on your computer. It’s rather an information that identifies you as a unique individual. It is a trail of digital footprint that you leave behind on the internet:
- When you visit websites.
- Download files.
- Surf the internet in general.
Unfortunately, it gives the ISPs, government agencies, telecom companies, and snoopers to build a profile atop of that information.
Impact of Metadata Retention
The impact of Metadata retention on the citizens is exactly the same. The fundamental right of privacy is stripped off. This makes you an open-book for the companies and relevant authorities.
Using Metadata they can predict your behavior and may impose punishments. It can be in the form of ISP throttling. In the case of a law agency, Metadata can be used to track down individuals involved in suspicious activities online.
Why does the Internet Service Provider collect data?
Internet service providers were held responsible for their actions until net neutrality was in place. The situation changed drastically when the court allowed FCC to kill net neutrality. Internet service providers can now exploit their powers, on will.
Motivations behind the invasion of privacy from the ISPs’ perspective are way different from that of an intelligence service. Where the intelligence service was collecting data for the benefit of the citizens, ISPs’ are doing it for their own benefit.
Monitoring and tracking done by ISP cause a lot of major issues. One being, Internet throttling. ISPs exploit their power to slow down internet speeds.
What data does the ISP collect?
They use special filters, that are designed to monitor and track all your online activities. It’s the kind of tracking which occurs when you make a request through their network.
Every time you enter a query whether it’s a domain name of just a random keyword. The browser sends a request to a domain name server (DNS) which then serves you your requested webpage.
There’s a limit to what information ISPs can gather on you. The credit goes to the protection provided by certain privacy laws.
However, that information shouldn’t be taken lightly as it can still identify you as a unique individual on the internet. Here’s what the ISPs can gather on you:
- The URLs that you surf online.
- The web-pages that you visit most frequently.
- How much time you spend on certain webpages.
Private companies such as Google & Facebook
With over 2.4 billion monthly active users on Facebook and Google dominating the search engine market share by 92%. It’s clear that the data streams on these websites are way higher than any other on the internet.
Both of these organizations have made tons of revenue by monetizing the data they’ve collected on a daily basis. While the platforms are free to join and use, advertisement revenue has made Google and Facebook a tech giant.
Advertisers pay to advertise on the platforms, keywords can be specified to target a certain audience. Which can only be done when Google and Facebook are actively analyzing data.
It was always a battle between tech giants and privacy activists. They’ve enough data gathered on you that they can predict your routine easily. Here’s how much data they’ve gathered on you by your permission.
Right now we’re only at the tip of the iceberg. There’s a lot more to cover in online privacy and there are certainly more threats online.
Online privacy threats
As we are progressing towards a high-tech future, there’s a constant problem that stands against us. Introduction of the Internet of Things has already started the fourth industrial revolution and online privacy threats will increase in numbers exponentially.
There are different calibers of the threat you face on the internet. Without knowing how they work will not only put your privacy at risk but also your data.
What data does Search Engine Collects?
Search engines are like the phonebook of the internet, they have all the information you need to communicate and get your requests.
Without search engines, it would be impossible to learn about new stuff. Billions of netizens use the search engine without giving it a second thought.
It’s no lie, that search engines store a variety of information about you. Some of the information that the search engine store is as follows:
- Your Internet Protocol (IP) Address
- The date and time of your visit
- Keywords that you search for
- Cookie-ID which is a unique identifier.
The information stored is passed onto advertisers that market different products to you. You would’ve noticed that after visiting a certain website, you started getting ads for the specific product that you searched for.
Browser Vulnerabilities
Browers come packaged with various plugins that accomplish different tasks. Some of the vulnerabilities are caused by the plugins and features themselves, while others are caused by the websites you visit.
The issues caused by the plugins are as follows:
- ActiveX is a plugin that comes built-in with Microsoft Edge and Internet Explorer and only works on these browsers. It acts as the middleman between your PC and websites with Java or Flash-based connections.
- JavaScript is a programming language that is used by many popular websites to show different types of dynamic content. However, it is used by hackers to infect your system or browser with malware and unsolicited, harmful ads.
The issues caused by surfing online are as follows:
Browser Fingerprinting
In the past few years, a technique called browser fingerprinting has gained a lot of unwanted attention due to the risks it can pose to online privacy.
The technique uses an “agent-header” that is stored in the browser that contains information about your system. The header was used to tackle problems with the optimization of web-pages. Agent-header is sent to the server where it sends a webpage config according to your specifications.
Agent headers are still being used in 2019, but have changed a lot since then. It is used to offer an experience that is optimized for every device but you’d have to share configuration information with the relevant server.
The method allows websites to gain information that can identify you. The collected information consists of the following:
- Browser type and version
- Operating System Information
- Active plugins
- Timezone
- Language
- Screen resolution
There’s no requirement for cookies to be on the computer for this technique. Websites utilize the information provided by browsers to identify unique users and track their online activities.
Cookies
Cookies are small pieces of files that can contain information, such as a username and password. The information transmitted identifies a specific user and improves the browsing experience.
There are different kinds of cookies in the online world. One is a session cookie and the other, persistent cookie.
Persistent cookies are used for two primary purposes, one is authentication and the other is tracking. Which is why it’s a threat to privacy. The tracking cookie gradually tracks all your online activities and then builds a profile about your likes and dislikes.
Insecure Websites
Secure locks have the green padlock before the URL, this shows that the site that you’re currently on is secure. If there’s no padlock, just leave the website immediately.
Hackers exploit insecure websites to gain access to sensitive credentials. The credentials might include your passwords and or credit card information.
According to GlobalSign, 80% of buyers leave insecure e-commerce websites. Which is the right thing to do in any scenario!
If you’re surfing an insecure website, please note that there are third-parties that can track and monitor your activities on those websites. Third parties can include:
- Internet Service Providers (ISP)
- The Government
- Hackers with ill intent
Why shopping online anonymously is essential?
Electronic commerce or e-commerce has taken the whole internet by a storm. Almost 76% of residents in the United States shop online. The increase in eCommerce stores is directly proportional to the increase in cybercrimes.
The need for shopping online anonymously has skyrocketed in recent years. Perpetrators carefully execute an attack to gain sensitive information which can include credit card information, bank statements, address, etc.
Shopping online anonymously doesn’t mean evading sales and other eligible taxes. It just means using a throwaway card or currency that is expandable.
In the following example, you’ll hopefully understand the difference b/w the two. Decide which one is the better scenario.
- Perpetrator steals your credit card credentials with over $5000 in cash.
- Hacker steals your prepaid debit card information that had the amount relative to the price of the product you were going to buy.
There are a lot of ways you can adapt, to shop online anonymously. Albeit, Some are digital while some require you to make some effort in the physical world.
- Prepaid cards
- Use a masked or virtual credit card
- Bitcoin
Cloud Storage
As technology has progressed, we’ve left the old traditional software and adapted to the Cloud infrastructure. Cloud may have solved many problems at once but at what cost?
Privacy is still under-threat when using cloud services. Even though they encrypt your files, you can’t rest easy because they’re the ones with the private key and can decrypt it without your permission.
In case of an emergency, tech companies will surrender all their data to the relevant authorities no matter what they promise.
Insecure Voice Conversations
Who doesn’t like voice conversations? It reduces the distance b/w people quite easily. Before you hop in on a voice call, let me remind you of the following. These government agencies record voice conversations.
- National Security Agency (NSA)
- Government Communications Headquarters (GCHQ)
Apparently, the agencies are very keen to hear what an average person has to say. According to the agencies, mass surveillance is the solution to all terrorist attacks.
It makes no sense, how will they determine which one is a real threat and which isn’t? Buying disposable phones won’t make a difference either if the person you’re talking to isn’t using one.
How Emails are Insecure?
Emails have made it easy for us to communicate with each other. However, the security email vendors provide isn’t enough at all.
NSA has tapped into Google and Microsoft before. This reason should be enough for you to ditch and adapt to email services that provide end to end encryption.
End-to-end email encryption is where the sender encrypts the email message and sends it, it can only be decrypted by the person who was intended to receive it.
Online Privacy Guide and Best Practices
Ever since Edward Snowden revealed that the government bodies are able to track and monitor activities of internet users as well as non-internet activities. It is important to protect your privacy online as it is the fundamental right and not a privilege.
Here are some of the best practices you can follow to keep your presence online anonymous. No one will be able to gather information about you online unless of course, you aren’t following the practices mentioned below.
End-to-end encryption
E2EE is the most recommended way to improve security and privacy in any scenario. It protects your privacy by encrypting messages at both ends of the communication pipeline.
When you use end-to-end encryption in any scenario, whether you’re texting your friend or sending emails or browsing the internet, no one can see your activities. E2EE turns your requests into gibberish, only the intended person can see those messages.
By using end-to-end encryption on your phone, email, and computer you are protecting yourself from the following threats:
- Internet Service Providers (ISP) can’t pry on your activities
- Government agencies are unable to hoard your metadata
- Hackers can’t steal your sensitive information
End-to-end encryption solves two aforementioned problems.
- Insecure Voice Conversations
- Insecure Emails
End-to-end text messaging and VOIP encryption
The introduction of WhatsApp and other VOIP applications made it easy to voice chat with friends and family without additional cost. However, these applications do not have to have the necessary encryption to protect your privacy and security.
As mentioned above, E2EE can solve pretty much the security and privacy issue without additional costs. Platforms that values privacy and security should be the one being used.
Here are three messengers to choose from, which allow users to text and voice chat with the added benefit of end-to-end security.
All of these platforms are open-source and support end-to-end encryption. By switching to these platforms you are getting rid of the privacy issues concerned with voice calling and texting over IP.
End-to-end encrypted emails
The importance and how end-to-end encryption works is already aforementioned. Some people use emails for malicious activities, while others use it to advertise.
Security agencies, however, have no limit. NSA is known to collect millions of email addresses from all over the world. This means whether you’re communicating with a friend or involved in a fairly heated argument, the agencies can read all your thoughts.
Using end-to-end encrypted emails can solve the following problem. These are the top E2EE services on the internet:
Virtual Private Network
A virtual private network (VPN) serves as a secure tunnel that sends a request to the domain name server on your behalf. By completing the following task, a VPN protects your IP address, your online identity and protect your internet connection from a lot of threats.
It protects your identity by masking your IP address and location to the one provided by the VPN. It uses end-to-end encryption and has features that will let you browse the internet without fearing anyone.
However, one thing to note is that there are a lot of VPN vendors out there promising high speeds and a hundred percent security.
There are free VPNs available as well claiming the same kind of security and anonymity online. Every free VPN has a premium version, which can be tested by using the free version first. However, there are drawbacks to free VPN.
Drawbacks of a free VPN:
- Bandwidth limit. Limits vary depending upon the service provider.
- Low amount of servers to choose from.
- Compatibility issues may persist on different platforms.
- Internet speeds can be inconsistent due to low server choices.
Here are our top-rated VPNs that’ll keep grant you immunity from spyware and hackers online.
With that out of the way, there are many problems that a VPN solves. Among them are:
- Protects you from unwanted spyware and hackers
- Masks your IP address and location and prevents ISPs, government agencies to collect your metadata
- You can bypass geo-restrictions on content
- Browser Fingerprinting
Proxy Servers
A proxy or ‘Proxy Server’ is a server that goes about as a go-between the web server and the site to be gotten to. This is another method through which internet users enhance their Online Privacy.
It works by interfacing through one of these servers, your PC sends your demand to the middle server which by then makes your demand and returns your requested site.
Looking for a way to stay anonymous and secure online? A rotating proxy can mimic an IP Scrambler and can keep you safe online.
Use Tor Browser to Gain Anonymity
Tor is the best in the game when it comes to online privacy. It still is, but when it comes to security, the Tor browser isn’t the right choice.
Since the agenda is about keeping your online identity anonymous, the security aspect of it doesn’t matter as long as you’re not involved in anything shady. Many pro-privacy enthusiasts use Tor to further enhance their privacy.
What are the benefits of Tor Browser:
- A lot of servers to choose from.
- Multiple servers are used to route traffic through.
Drawbacks of Tor Browser:
- It does not encrypt your traffic.
However, that doesn’t mean it’s impossible to pin down your location and or recognize you on the internet. Agencies can identify an individual based on their activities online because the Tor browser doesn’t encrypt traffic.
If the privacy rumors relating to Tor concern you, you can start using Tor alternatives.
Why anonymity is essential while shopping online?
Your search history is directly related to your privacy. Using search engines like from companies like Google, Yahoo is like throwing away your privacy.
If you’re not aware search engines have a lot of algorithms and a wide range of arrangements that use your search history to generate analytics. Organizations use data to serve targeted ads and can use it to report an individual to the authorities.
In the coming future, everything will be dependent on data. Which is why you should consider switching to private search engines.
- DuckDuckGo
- SearchPage
- DisconnectSearch
These search engines are considered the best and they do not keep track of your search history or use it against your will.
Install Privacy Extensions
There are certain plugins or extensions that can be installed in a browser, to further improve privacy and security over the internet.
These extensions have offered a lot of advantages, it stops spying by governments and ISPs. Above all, they have the capabilities to prevent certain cyber attacks.
The extensions include:
- Privacy Badger
- HTTPS Everywhere
- uBlock Origin
Do not keep cookies, set your configurations to delete cookies upon closing browsers. Therefore, there is no monitoring happening on your system.
Conclusion
Internet service providers and security agencies have made privacy a privilege, which it shouldn’t be. Not to mention, privacy isn’t something one should buy but is a necessity.
If you’re looking to maintain anonymity online, the best way would be to opt for a VPN. If you’re not concerned about slow speeds you can pair a VPN with the added security of the Tor browser. You can rely on a VPN to fulfill your privacy needs without the use of the Tor browser.
The biggest rebuttal that I get from a lot of my clients is that “So, what if anyone gets hold of my browsing history?” I say, it’s just not about that. The real damage begins when the attack goes beyond that, which is already paved by you because you didn’t prevent it in the first place. So, I recommend my clients to use a VPN like Ivacy at all times to protect their digital information at all times.