John is ‘Failing his Semesters’
Emmy is cheating on her husband and going on a date with bald Tinder guy
Mr. Alison has $300,000 in his bank account
What if, you are John or Emmy or Mr. Alison and all of this information is posted on the internet accessed by millions of people from around the world? Will you want this to happen with you?
Take out a second from your highly busy life and think:
How much personal information do we upload on the internet every day? Every information about us is out there for everyone to access.
Unfortunately, the idea of online privacy is misunderstood. Most internet users don’t understand what is online privacy and how to secure it? Today, we will put together a brief and easy guide to help our readers understand the concept of online privacy and online security, and how to make your internet life more private and secure.
So, let’s start with the basics first:
Does ‘Online Privacy’ Really Exist?
Online privacy refers to the security level of personal data uploaded on the internet including your name, age, gender, nationality, religion, address, financial information, etc. Online privacy is a broad term comprising of a number of factors, technologies, and techniques used to secure personal and confidential information.
Experts and journalist reached on the conclusion that an all-seeing Big Brother rules the world, and the masters of technology have sacrificed the world and our privacy.
We as internet users mixed the terms online privacy with online security. Both the words are different with a different meaning. Let’s have a look at the difference between both terms.
Online Privacy vs. Online Security – The Difference!
Online privacy refers to any right that you have on the internet to protect personal data and share it only with people you approved. Think about all those privacy policies which you never read and signed anyway while downloading apps and buying services.
Online security refers to how your online information is protected. Your data and personal information on the internet can be accessed by many. The steps you take to protect your device and your identity on the internet is called online security.
To better understand the concept of online privacy and security, here’re some facts we have gathered about the cyberworld.
How Much Information We Share on the Internet Everyday?
According to Internet World Stats, there are 4,208,571,287 people using the internet around the globe which is almost 60% of the total world population.
As per a research conducted in 2018 and published in an infographic by Cumulus Media, a leading radio broadcasting company, here’s what happen in one minute on the internet.
- Google performs 3.7 million searches each minute
- 973,000 Logins each minute on Facebook
- 18 million messages sent over Viber every minute
- 3 millions videos viewed every 60 seconds on YouTube
- 266,000 hours of videos watched on Netflix
- 4 millions snaps created every minute on Snapchat
- 38 million messages sent via Whatsapp
- 187 million emails sent every minute
- 1 million swipes on Tinder
- $862,823 spent online every minute on the internet
A Minute on the Internet – An Infographic Overview
Share this Image On Your Site
A Point to Notice: Under the General Data Protection Law, users are legally eligible to request a copy of all personal data that an organization holds on them. An organization is bound to provide the list within 40 calendar days and can charge a fees of ten ponds.
Edward Snowden’s revelation is like the 10 commandments of the cyber world. It brings a revolution among internet users. If you have no fear of losing your online privacy, you must read the ‘10 Biggest Revelations of Edward Snowden.’
There are very few countries giving a constitutional right of privacy to its citizens; rest have some surveillance implied in the country. Let’s move further and check in details, what are your legal rights to privacy.
Laws Protecting Online Privacy In Different Countries
Law: Argentina Personal Data Protection Act
Date of Enforcement: October, 2000
The Law states that:
“All entities are bound to protect the personal information of the user including name, occupation, address, or date of birth. Browser cookies are also considered as personal information. According to the PDPA law of Argentina, organization, websites and government can only use browser cookies if the user has provided informed consent. An entity must have informed the purpose of gathering information. A user also has the right to demand personal data deletion at any given time.”
Law: Australia’s Privacy Principles (APP)
Date of Enforcement: 2014
According to the Australian law:
Date of Enforcement: 2014
According to the act:
“Organizations must take written consent of its users before collecting any personal data. In case of users under the age of 16, assistance from their parents or legal guardian must have been taken.”
Law: Personal Information Protection and Electronic Data Act (PIPEDA)
Date of Enforcement: 13 April 2000
This law states that:
Law: Act on Processing of Personal Data
Date of Enforcement: 2000
The law was appointed by the Danish Data Protection Agency. According to the law:
“Organizations should take prior consent from users to collect data and further consent if disclosing the data to any third party for marketing purpose. Failing to do so, organizations can face a permanent ban or license cancellation.”
Law: European Union Data Protection Directive of 1998
Date of Enforcement: 1998
The law states that:
“Organizations can only collect users’ data for a specified and legitimate purpose only. There should be clear details of the purpose provided for users. Users consent must be received explicitly and unambiguously.”
Law: Personal Data Ordinance
Date of Enforcement: #0th June, 1997
The law states that:
“Collecting of data from users should be clearly defined with prior concern, and it also indicates clear policies on how the data can be shared. Violating the law can cost you a fee that goes up to HK$50,000, or even spends two years in prison.”
Law: Personal Information Protection Act
Date of Enforcement: 30th June, 2000
“The best part about this law is that it draws a broad line about the data that can be collected. All other information is pretty much the same as all the organizations need prior concern before sharing the users’ data to any third party.”
Law: Privacy Act of 1993
Date of Enforcement: 1993
The law states that:
“Organizations need to share complete details of their existence before asking users for their data. As well as, mentioning the purpose of collecting data is also must. Any complaint by a user can start an investigation against the organization.”
Now let’s talk about the enemies of the internet Privacy.
The Villains Of The Internet – Countries & Laws Killing Online Privacy
If any country badly rapped the privacy rights of its citizen that would be the USA and UK. NSA Prism Program and GDPR are the two biggest enemies of internet privacy. Let’s have a look at some of the bills and amendments that have reshaped how businesses and federal government can obtain the users’ details.
NSA Prism Program
Since the year 2001, the US government has increased its efforts in collecting the electronic information of the US and non-US citizens no matter if they are or not a suspect of any connection to terrorism or any wrongdoing.
NSA Prism Program collects private electronic data from companies like Google, Microsoft, Apple, Yahoo, Gmail, Outlook and others.
What data NSA Prism Program Collects?
The data collected via the Prism Program can be classified into two categories:
It is a set of communication data such as phone calls records, participants of the call, the time duration of the call and what time the call is made.
This category includes all the content data including email content, messenger chats, text messages, VoIP calls conversations, stored files on cloud and more.
Electronic Communications Privacy Act (ECPA)
Electronic Communications Privacy Act (ECPA) allows the government to obtain any digital information including emails, Facebook messages, Tweets, information in Cloud-based services or any such information related to any citizen without needing any warrant if the information is 180 days old. If the information isn’t old as 180 days, then a government can still access it via only a subpoena.
Cyber Intelligence Sharing and Protection Act (CISPA)
According to Mark Stanley, head of campaigns and communications for the non-partisan Center for Democracy & Technology (CDT), the information companies hand over to the federal government goes to National Security Administration (NSA). It raises the privacy issues when companies handing over USA Citizen information to NSA and have no idea what it will be used for.
Why Online Privacy & Security Is Essential?
There are three types of information; you will never want to broadcast to the world that is your income, bank account details, and medical records. Hiding information is not a crime, especially if it is personal. If we ourself do not understand the value of our online data, we will never be able to protect our right to privacy.
A Story to Explain the importance of Online Privacy and Security?
I remember reading a sad story about a girl who bought some nondescript items online including cotton balls, vitamins and some lotions. Based on her purchasing pattern, the company created a profile and predict that she is pregnant. Company started sending brochures and discount pumpflat on same address regarding pregnancy.
What was the Issue?
The father of the girl received the promotional stuff and it all made him alert. The girl was a teenager and indeed pregnant. She face embarrassment, hate and god know what kind of attitude of her family.
The important thing to learn from this incident is to be extra cautious about your privacy. Because it is YOUR PRIVACY.
Moral of the Story:
Online Privacy at times, become the question of life and death!
What Happen to Your Data if Online Privacy and Security Compromises?
Have you heard about ‘Data Brokerage Companies’? These companies collect millions of users data including email addresses, online habits, income and age details, which they analyze and categorize to sell it to third parties without users’ knowledge or permission. Companies pay millions of dollars to buy this data for many purposes, including targeted marketing, risk assessment, direct advertising, and political advantages.
A prominent incident of such a data breach happened with Facebook. Cambridge Analytica, a British Political Consulting firm, involved in Trump’s election campaign, collected millions of Facebook users’ data without any consent. However, Facebook denied the allegation of handing over the data to Cambridge Analytica itself and the founder Mark Zuckerberg was prosecuted in a Senate Hearing for giving access to Apps that collect information of users and sell it to other companies.
Facebook, alone, hold so much information about us that we cannot imagine. And, who provided that data to Facebook is the primary concern? It’s me, you and all of us. Our very personal details are uploaded daily on this one single platform. To know a person and judge his character, his Facebook account itself is enough.
How can we expect to stay private, when we ourself, exposing every single detail of our lives. Here comes the main motive of this guide. Why do we need to secure our online Privacy? So, let begin the discussion!
First, let’s dig a little about the threats that compromise users’ data.
Common Threats That Break Users’ Online Security
Let’s get some acquaintance with the tactics hackers use to attack your online security.
According to CSO Online research, 92% of malware is delivered by email. Email pose threats both ways when you are a sender and receiver. Opening emails from unnamed and unknown accounts can compromise your device with malicious threats. Unencrypted emails which you send to your friends and colleagues can be easily monitored and read by your employer and ISP.
In Phishing, the hackers create an imitation of a legitimate institution or website and contact the targets via email to provide valuable information like credit card number or passwords. The data can be easily used against the targets for various purposes like identity or financial theft.
According to a survey conducted by CyberArk Global Advanced Threat Landscape Report 2018, 56% of the 1300 IT experts contacted claimed ‘Pishing’ is the worst threat they have ever faced.
Other than email and website, there are several different techniques hackers are introducing to target users including Vishing (where fraudster call targets to collect information on your landline or mobile) and Smishing (where you receive an SMS asking you to apply or claim a prize by providing your information).
Spyware is kind of a malicious malware design to steal your internet usage data and valuable online information. It is directed by software which installs itself on the computing device without asking users permission. A most common technique of Spyware attack is website pop-ups or emails, where the user is asked to click on a specific link. Once the user clicks on the link, Spyware software starts installing in the background without the user even noticing.
There are four kinds of Spyware; each one of them uses a unique tactic to steal users’ information. They are commonly known as:
- Tracking Cookies
- System Monitors
Every internet user knows about WiFi, but not all of them know the fact that 90% of the free WiFi networks are highly insecure. Anyone connected with the same WiFi network can easily access your details.
WiFi is a secure haven – let me complete first – It’s a haven for hackers and data thieves. Always protect yourself with an online security tool like a VPN.
Unsafe Websites (HTTP)
Using unsecured or unverified websites is one of the most dangerous online threat. Always access sites with URL starting from ‘HTTPS’ as those URLs are SSL certified. Especially, when you are doing online banking or making online purchases.
A weak password is like an old rusted lock that can be broken with just a simple hit of a stone. A strong password is like an iron-wall between your private information and the outside world. Your password security can easily threaten your online safety.
Keystroke Logger or sometimes refer as Keylogger is a type of surveillance which records each keystroke typed on the computing device’s keyboard. It can be a physical keylogger or software. The software version is available for spying smart gadget users.
What Can I Do To Secure Online Privacy And Protect Online Security?
Just imagine, a sign on your room door saying, ‘knock before entering.’ Similarly, your home is secure via CCTV or electric locks. But how secure is your data online? What measure have you taken? Is there any lock on your social profiles? Is there any CCTV available so you can see who is entering your cyberspace? No, there’s none of it available.
In this age of highly vulnerable cyberspace, protecting your online security and securing your online privacy is the need of the hour. Here’re some protective measures that will help you achieve the utmost privacy and tight security.
Strong Passwords = Better Online Security
Your Facebook relationship status says: ‘Complicated,’ but your profile password is your last name, how crazy it sounds? Your password is the central lock on the door of your Cyberworld. It should be strong and highly complicated.
According to a survey conducted by a Software Company named “Digital Guardian” password habits are improving among internet users. In this survey, the company contacted 1000 people from different age groups and regions and asked them particular questions. Following are the findings:
Here’re some good and bad habits, you should always remember for your ‘Password Security.’
- A strong password should be a minimum of 8 characters long
- It should contain upper and lower case alphabets + numbers + signs
- Two Factor Authentication (2FA), if available, should be enabled for an extra layer of protection. 2FA is comprised of something you know (such as a password), something you have (a mobile phone where code can be sent), or something you are (like your fingerprint).
- Save your passwords using a reliable password manager.
- Keep updating your password every week or at least once in a month for each profile you have on the internet.
- Always clear the cache of any device which you have used to login your profile and do not belong to you.
- Never use your name, date of birth, phone number or GF/BF name as a password.
- Plain password with a combination of letters and numbers are a big ‘NO.’
- Don’t use the same password for all your profiles. It is hard to remember a new password for each profile, but it is also hard for hackers to get a hold on your privacy.
- Never save your passwords on the same device you are usually used to log in.
- Don’t share your passwords with anyone via email or WhatsApp or text message. It is highly dangerous.
If you adopt good habits and avoid the bad ones, you have nothing to worry about.
Get Acquainted with Privacy Settings
Whether it’s your laptop, mobile or any smart gadget, if you have an internet connection, then it is at risk. Every social media platform and apps offer a specific privacy setting to its user. These privacy settings give you the option to select what amount and kind of information you want to share. Always choose the least amount of information to share with others. Following are some of the pointers you should always keep in mind:
- Never share your name and location at untrusted sources
- Always keep your location services turned off
- Don’t give camera access to every app, especially where it is not needed
Social media sites like Facebook and Twitter gives you the option to select who you are sharing your information with. Always set the preferences to friends and trusted individuals only. After signing in to any website or social platform, always set your privacy settings and never believe the ‘Default Settings’ as they allow your information to be shared publicly.
Your Digital Footprints Remains Forever
I am not sure if ‘True Love’ lives forever or not, but your digital footprint will surely do. Once you post anything online, it is there for forever, even if you delete it from your timeline, profile or device. Your digital footprint is like a paper trail that leaves traces of information about you online.
Always be cautious about sharing information online. One prank video showing you nude could do a disaster for your reputation if you turned out a big celebrity in the future. Your sexting on messenger and WhatsApp is proof about your characters in someone’s device. So be extra vigilant before typing what you typed and to whom.
A Reliable Security Tool is all You Need
As mentioned earlier, your digital footprint is like a paper trail. Anyone with access to it can easily track you down with your original IP. It is suggested by the security experts to keep your identity hidden, and when I say hidden, I don’t mean by using a fake profile, but by hiding your real IP.
The best and most reliable tool that can do this job superbly is VPN. VPN helps you hide your IP behind one of their IP as well as encrypts your data and route it safely from one point to another point without being trespassed.
Don’t forget that phones need as much online security as any other device. There are many free VPN services available both on desktops and mobiles, but they are highly risky as they mine data to sell it to third parties. We suggest using a premium VPN service. Here’s a list of top 5 VPNs that are best in doing what they claim.
Also, to double the protection of your device and level up your online security, a reliable Antivirus is also needed.
Bluetooth is Convenient, yet Highly Risky
Bluetooth gives you convenience while traveling or doing other stuff, but it also opens doors for security weaknesses. Always keep your Bluetooth turned off when you are not using it. There’s one another option available on each device to put your Bluetooth on an invisible or undetectable mode.
As per the experts’ opinion, there are malicious apps that can change the mode of your Bluetooth without you noticing it get access to your device. Hence, it is one another reason why you should keep your online security intact.
Always Run the OS Updates as they Appear
Updates on your device and individual apps appear now and then, don’t ignore them and perform it ASAP. These updates deliver a multitude of revisions to your device and app, adds new features, remove outdated features, update drivers, fix bugs, and most importantly, it fixes the security loopholes found.
Use WiFi Hotspot Wisely and Safely
Using a WiFi is like walking on the street, talking to colleagues or sipping coffee every day – means it has become so crucial for us that we can’t think of spending a day without it, although we can. On the other hand, the wise move is to secure your home network. Change the password of your WiFi router now and then. Always turn on the firewalls on both hardware and software to stay protected. And, still, use a VPN when connected to Public WiFi hotspots.
Say Goodbye to Unnecessary Data
If you are not using any app and still there on your device, you should uninstall it. If you have too many documents which are of no use, delete them. All these documents may be of no use to you, but if you lose them, it can be harmful to your online security. Similarly, apps you are not using for months must be outdated and have chances to open doors to loopholes which can compromise your online safety.
Get Familiarized with Phishing
Phishing is the worst kind of cyber attack which is very hard to identify. As mentioned earlier, Phishers generally impersonate a well-known organization or service in to order to trap you to provide personal information. These attacks aim to deliver malware to your device via a suspicious link.
Always keep your hands off the mouse when a pop-up appears on screen attracting you with too-good-to-be-true offers. It is suggested not to click on any link which you don’t trust.
If you strictly follow these tips, you have nothing to lose. Your online privacy will stay intact and your online security remains unbroken.
Now, let’s have a look at the state of ‘Online Privacy’ and ‘Online Security’ in the business world.
Online Privacy & Security in the Business World
A data breach in a firm or corporation doesn’t only affect the business badly, but it also harms the consumers. Every company is operating digitally, having a website or ecommerce store for the convenience of its users. In the entire process of selling good and services online, one thing is common, and that is the personal and financial information of buyers.
In the last two decades, the digital world has seen a lot of data breaches which exposed not only the financial information of users but personal as well. Let’s have a look at the biggest disasters of this century.
Yahoo – Biggest Data Breach of the Century
Time Duration: Year 2013-2014
Approx Number of User Affected: 1 billion and above
Type of Data Stolen: Users’ names, addresses, phone numbers and date of births
Financial Loss: The amount of money at the end-use has not been reported by any authorized body, but Yahoo company has lost around $350 Million dollar due to the privacy breach.
Marriott International Chain of Hotels
Time Duration: Year 2014-2018
Approx Number of User Affected: 500 Million
Type of Data Stolen: Names, travel information, credit card numbers and expiration date
Financial Loss: No financial damage has been reported so far associated with the Marriott data breach.
eBay – Biggest Ecommerce Data Breach
Time Duration: May 2014
Approx Number of User Affected: 145 Million
Type of Data Stolen: Names, email IDs and passwords of all 145 million users
Financial Loss: The revenue of the company declined by 13% in the preceding year.
Adult Friend Finder – Dating App
Time Duration: October 2016
Approx Number of User Affected: 412.12 Million
Type of Data Stolen: Names, email IDs and passwords
Financial Loss: 20 years of data has been stolen from the Company’s database.
Equifax – Largest Credit Card Bureau
Time Duration: July 2017
Approx Number of User Affected: 143 Million
Type of Data Stolen: Names, social security numbers, licence number, address, phone details, and date of births
Financial Loss: No financial loss has been reported.
TJX Companies, Inc – Biggest Corporation Data Breach
Time Duration: December 2006
Approx Number of User Affected: 94 Million
Type of Data Stolen: Credit card details
Financial Loss: $200 million loss was reported by the banks, insurance and companies
Target Stores – Most Expensive Data Breach
Time Duration: December 2013
Approx Number of User Affected: 110 Million
Type of Data Stolen: Credit and Debit card details
Financial Loss: Estimated cost of the breach is reported by the company is $162 million
Heartland Payment Systems – Biggest Data Security Breach
Time Duration: March 2008
Approx Number of User Affected: 134 Million
Type of Data Stolen: Visa and Mastercard details
Financial Loss: Estimated cost of the breach is $145 million
Uber – Largest Ride Hailing Data Breach
Time Duration: 2016
Approx Number of User Affected: 57 Million
Type of Data Stolen: Names, email IDs and mobile numbers
Financial Loss: The data breach cost $20 billion to the company
Sony’s PlayStation Corporation – Largest Online Gaming Community Data Breach
Time Duration: April 2011
Approx Number of User Affected: 77 Million
Type of Data Stolen: Names, purchase history, home address, PSN/Qriocity logins and passwords
Financial Loss: The data breach cost the company $15 million to settle a lawsuit over the breach
Haunting, isn’t it?
These are only a few of many data breaches took place over the last two decades. Million other incidents are losing personal data of users in the account of hacking attacks.
According to a researched performed by the ‘Headway Capitals – Credit for Small Business’, following are the questions, a small business should ask to themselves and based on experts recommendations, Headway Capital also suggested the possible solutions for each question. Let’s have a look at the infographic.
Cyber Security Questions Every Small Business Should Ask
How can a small business stay protected and keep its online privacy and security safe from hackers attack? Well, here’re the answers:
Questions # 1: Do your employees using strong passwords?
Questions # 2: Do you ask your employees to change passwords regularly?
Questions # 3: Do your employees using 2FA?
Questions # 4: Do you allow employees to use a smartphone at the workplace?
Questions # 5: Are you backing up your data?
Questions # 6: Does all your business devices have a VPN and Antivirus installed?
Questions # 7: Do you restrict employees with ‘Admin Rights Only’ and give it to those only who need it?
Questions # 8: Do you train your employees regarding online security and its threats like Phishing attacks?
Questions # 9: Do your employees know that passing sensitive information via personal and unsecured email is not safe at all?
Questions # 10: Do you encrypt your business database and users’ information?
Questions # 11: Is your business website adequately protected?
Beware! Your Online Privacy Is In Your Hand
From the beginning of this article, it is loudly clear how governments are spying on their citizens and violating privacy by collecting personal information. So does social media platforms and websites. All of this information is used for many purposes, some are harmful, and some are not.
On top of all, the biggest enemies of your online privacy and security are hackers and scammers. These culprits breach your privacy and collect your information to harm you financially.
Without knowing how easy it is to giveaway our personal information online, we posted everything about us on the internet via social media, we sent confidential information via email, and by giving information to website even when we know it is not necessary.
It is you who needs to be cautious and vigilant about handling your devices and data. Without thinking, do not post anything on your social profiles. Do not post every moment of your day on your Facebook profile, or tweet about it to everyone. Let’s start taking your online privacy seriously.
With this guide, if not a pro, but you still got the basic idea about online privacy and security and how to keep it safe.
This is for today. We will get you educated on more privacy and security-related topics, so don’t forget to sign up.