John is ‘Failing his Semesters’
Emmy is cheating on her husband and going on a date with bald Tinder guy
Mr. Alison has $300,000 in his bank account
What if, you are John, Emmy or Mr. Alison and all of this information is posted on the internet accessed by millions of people around the world? Do you want this happen to you?
Take out a second and give this a shot!
How much information we upload on the internet every day? Be careful! Every information is out there for everyone to access.
Unfortunately, online privacy is highly underestimated and greatly misunderstood!
Most internet users don’t understand what is online privacy and how to secure it? Today, we are putting together a brief yet easy guide to help our readers understand the concept of online privacy and security, and how to make your internet life more private and secure.
So, let’s start with the basics:
Does ‘Online Privacy’ Really Exist?
Online privacy refers to the security level of your personal data uploaded on the internet. It’s a broad term comprising a number of factors, technologies, and techniques, to secure personal and confidential data.
Experts and journalists reached on the conclusion that an all-seeing Big Brother rules the world, sacrificing our privacy.
On the other hand, we as internet users didn’t even get the exact idea of the terms online privacy and online security; we are not even aware what laws are being practicing in the realm of cyber security.
Don’t worry! Your queries will not be challenged anymore, let’s start with the terminology that we mistakenly using inter-relatably; both online security and online privacy are two different concepts, let me ponder.
Online Privacy vs. Online Security – The Difference!
Online privacy refers to a right that you have on the internet to protect and share your personal data with people you approved. Think of all those privacy policies which we never read and signed anyway.
Online security refers to how your online information is protected. Since your personal information can possibly be accessible by many, so the steps you take to protect your identity is called online security.
You share what you want, so does others, do you know what happens in a minute on the internet? If not, check the following infographic; you will be amazed!
How Much Information We Share on the Internet Everyday?
According to Internet World Stats, there are 4,208,571,287 people using the internet around the globe which is almost 60% of the total world population.
As per research conducted in 2018 and published in an infographic by Cumulus Media, a leading radio broadcasting company, here’s what happens in one minute on the internet.
- Google performs 3.7 million searches each minute
- 973,000 Logins each minute on Facebook
- 18 million messages sent over Viber every minute
- 3 million videos viewed every 60 seconds on YouTube
- 266,000 hours of videos watched on Netflix
- 4 million snaps created every minute on Snapchat
- 38 million messages sent via Whatsapp
- 187 million emails sent every minute
- 1 million swipes on Tinder
- $862,823 spent online every minute on the internet
A Minute on the Internet – An Infographic Overview
Share this Image On Your Site
Be it government departments, financial institutes, insurance companies, search engines like Google, social media platforms, and even email services also holds our information that we intentionally pass onto them.
The list of data-logging entities is endless; thanks to the Data Protection Act (Replaced by General Data Protection Regulation in May 2018), see what it says:
A Point to Notice: Under the General Data Protection Law, users are legally eligible to request a copy of all personal data that an organization holds on them. An organization is bound to provide the list within 40 calendar days and can charge a fees of ten ponds.
But don’t forget the Edward Snowden’s NSA Spying revelations -the 10 commandments of the cyber world, bringing awareness among global netizens of the fact that the ‘Right to Privacy’ is no longer exist.
There are very few countries giving a constitutional right to privacy; rest have impeded surveillance. Let’s check them out!
Laws Protecting Online Privacy In Different Countries
Date of Enforcement: October, 2000
The Law states that:
All entities are bound to protect the personal information of the users, including browser cookies. According to the PDPA law of Argentina, organization, websites and government can use browser cookies only with the user’s consent; purpose needs to be shared. A user also has the right to demand personal data deletion at any given time.
Law: Australia’s Privacy Principles (APP)
Date of Enforcement: 2014
According to the Australian law:
Date of Enforcement: 2014
According to the act:
Organizations must take written consent of its users before collecting any personal data;for user under the age of 16, assistance from their parents or legal guardian should be taken.
Law: Personal Information Protection and Electronic Data Act (PIPEDA)
Date of Enforcement: 13 April 2000
This law states that:
Law: Act on Processing of Personal Data
Date of Enforcement: 2000
The law was appointed by the Danish Data Protection Agency. According to the law:
Organizations should take prior consent from users to collect data and further consent if disclosing the data to any third party for any purposes. Failing to do so, organizations can face a permanent ban or license cancellation.
Law: European Union Data Protection Directive of 1998
Date of Enforcement: 1998
The law states that:
Organizations can only collect users’ data for a specified and legitimate purposes only with a prior consent; that must be received explicitly and unambiguously.
Law: Personal Data Ordinance
Date of Enforcement: #0th June, 1997
The law states that:
Collecting data from users should be clearly defined with prior concern, and it also indicates clear policies on how the data can be shared. Violating the law can cost you a fee that goes up to HK$50,000, or even two years jail time.
Law: Personal Information Protection Act
Date of Enforcement: 30th June, 2000
The best part about this law is that it draws a broad line in data collection; other information is pretty much the same as others like prior concern before sharing anything to a third party.
Law: Privacy Act of 1993
Date of Enforcement: 1993
The law states that:
Organizations need to share complete details of their existence before asking users’ data. As well as, mentioning the purpose of collecting data is also a must. A user complaint can start an investigation against the organization.
Now let’s talk about the enemies of the internet Privacy.
The Villains Of The Internet – Countries & Laws Killing Online Privacy
If we would call countries who badly whacked the privacy rights of their citizens, I would count the USA and UK for sure.
How could someone forget the two biggest enemies of internet privacy – NSA Prism Program and GDPR?
Let’s look at some of the bills and amendments that have reshaped how businesses and federal governments are obtaining the users’ details.
NSA Prism Program
Since 2001, the US government has increased its efforts in collecting the electronic information of the US and non-US citizens no matter if they are or not a suspect of any connection to terrorism or any wrongdoings.
NSA Prism Program collects private electronic data from companies like Google, Microsoft, Apple, Yahoo, Gmail, Outlook and others.
What data NSA Prism Program Collects?
The data collected via the Prism Program can be classified into two categories:
It is a set of communication data such as phone calls records, participants of the call, the time duration of the call and what time the call is made.
This category includes all the content data including email content, messenger chats, text messages, VoIP calls conversations, stored files on cloud and more.
Electronic Communications Privacy Act (ECPA)
Electronic Communications Privacy Act (ECPA) allows the government to obtain any digital information including emails, Facebook messages, Tweets, information in Cloud-based services or any such information related to any citizen without any warrant if the information is 180 days old. If the information isn’t old enough, then a government can access it via only a subpoena.
Cyber Intelligence Sharing and Protection Act (CISPA)
According to Mark Stanley, head of campaigns and communications for the nonpartisan Center for Democracy & Technology (CDT), the information companies hand over to the federal government goes to the National Security Administration (NSA). It raises the privacy issues when companies handing over USA Citizen information to NSA and have no idea what it will be used for.
All the information recorded by NSA is tracked with user IP address. If you want a safe internet for all your data all you need is an encryption tool to get the best security online and keeping your private information strictly private.
Why Online Privacy & Security Is Essential?
There are three types of information; you will never want to broadcast to the world that is your income, bank account details, and medical records. Hiding information is not a crime, especially if it is personal; to protect our right to privacy, first we have to value our online data.
A Story to Explain the importance of Online Privacy and Security?
I remember reading a sad story about a girl who bought some nondescript items online including cotton balls, vitamins and some lotions. Based on her purchasing pattern, the company created a profile and predict that she is pregnant. Company started sending brochures and discount pumpflat on same address regarding pregnancy.
What was the Issue?
The father of the girl received the promotional stuff and it all made him alert. The girl was a teenager and indeed pregnant. She faces embarrassment, hate and god knows what kind of attitude of her family.
The important thing to learn from this incident is to be extra cautious about your privacy. Because it is YOUR PRIVACY.
Moral of the Story:
Online Privacy at times, become the question of life and death!
What Happen to Your Data if Online Privacy and Security Compromises?
Have you heard about ‘Data Brokerage Companies’? These companies collect millions of users data including email addresses, online habits, income, age, and whatnot; they analyze and categorize to sell it to third parties without users’ knowledge or permission. This mostly happen with iPhone and Android smartphone users who give access to not only their contacts but also the current location and the camera. It can be pretty dangerous. Smartphone users must need security tool on both iPhone and Android all the time.
But why they do so? For millions of dollars. Companies spend millions to buy this data for as many purposes as they could; including targeted marketing, risk assessment, direct advertising, and it could also be used to cash political advantages.
A prominent incident of such a data breach happened with the involvement of the world’s largest communications platform – Facebook. Cambridge Analytica, a British Political Consulting firm, involved in Trump’s election campaign, collected 50 millions Facebook profiles without any consent. However, Facebook denied the allegation of handing over the data to Cambridge Analytica itself and the founder Mark Zuckerberg was prosecuted in a Senate Hearing for giving access to Apps that collect information of users and sell it to other companies.
Facebook, alone, hold so much information about us that we cannot imagine. And, who provided that data to Facebook is not the concern, as it’s you and me, who else could do that. The primary concern is who allowed such platforms to share our data?
How can we expect to stay private, when the platforms we are using are harvesters of our data and selling them for millions of bucks. We cannot stop them to do so, but at least restrict them to fetch our very personal info.
Let’s pledge to secure our online presence. So, shall we begin?
To combat the shortcomings, we should know all the possible threats that could possibly compromise our data.
Common Threats That Break Users’ Online Security
Let’s get some acquaintance with the tactics hackers use to attack your online security.
According to CSO Online research, 92% of malware is delivered by email. Email can pose threats to both; either you are a sender or receiver. Opening emails from unnamed and unknown accounts can compromise your device with malicious content. Unencrypted emails which you send can be easily monitored and read by your employer and ISP.
In Phishing, the hackers create an imitation of a legitimate institution or website and contact the targets via email to provide valuable information like credit card numbers or passwords. The data can easily be used against the targets for various purposes – identity or financial theft.
According to a survey conducted by CyberArk Global Advanced Threat Landscape Report 2018, 56% of the 1300 IT experts contacted claimed ‘Pishing’ is the worst threat they have ever faced.
Other than email and website, there are several different techniques hackers are introducing to target users including Vishing (where fraudster call targets to collect information on your mobile or landline) and Smishing (where you receive an SMS asking you to apply or claim a prize by providing your information).
Spyware is a malicious malware designed to steal your internet usage and valuable information. It is directed by software which installs itself on the computing device without asking users permission. A most common technique of Spyware attack is website pop-ups or emails, where the user is asked to click on a specific link. Once the user clicks on the link, Spyware software starts installing in the background without the user even noticing.
There are four kinds of Spyware; each one of them uses a unique veil to steal users’ information.
- Tracking Cookies
- System Monitors
Every internet user knows about WiFi, but not all of them know that mostly free WiFis are highly insecure. Anyone connected with the same WiFi network can easily access your details.
WiFi is a secure haven – for hackers and data thieves. Always protect yourself with an online security tool like a VPN.
Unsafe Websites (HTTP)
Using unsecured or unverified websites is one of the most dangerous online threats. Always access sites with URL starting from ‘HTTPS’ as those URLs are SSL certified. Especially, when you are doing online banking or making online purchases.
A weak password is like an old rusted lock that can be broken with just a simple hit of a stone. A strong password is like an iron-wall between your private information and the outside world. Your password security can easily threaten your online safety.
Keystroke Logger or sometimes refer as Keylogger is a type of surveillance which records each keystroke typed on the computing device’s keyboard. It can be a physical keylogger or software. The software version is available for spying smart gadget users.
What Can I Do To Secure Online Privacy And Protect Online Security?
Just imagine, a sign on your room door saying, ‘knock before entering.’ Similarly, your home is secure via CCTV or electric locks. But how secure is your data online? What measures have you taken? Is there any lock on your social profiles? Is there any CCTV available so you can see who is entering your cyberspace? No, there’s no such cases.
In this age of highly vulnerable cyberspace, protecting your online security is the need of the hour.
Here’re some protective measures that will help you achieve the utmost privacy and tight security.
Strong Passwords = Better Online Security
Your Facebook status says: ‘Complicated,’ but your profile password is your last name, how crazy it sounds? Your password is the central lock on the door of your Cyberworld. It should be strong and highly complicated.
According to a survey conducted by a Software Company named “Digital Guardian” password habits are improving among internet users. In this survey, the company contacted 1000 people from different age groups and regions and asked them particular questions. Following are the findings:
Here’re some good and bad habits, you should always remember for your ‘Password Security.’
- A strong password should be a minimum of 8 characters long
- It should contain upper and lower case alphabets + numbers + signs
- Two Factor Authentication (2FA), if available, should be enabled for an extra layer of protection. 2FA is comprised of something you know (such as a password), something you have (a mobile phone where code can be sent), or something you are (like your fingerprint).
- Save your passwords using a reliable password manager.
- Keep updating your password every week or at least once in a month for each profile you have on the internet.
- Always clear the cache of any device which you have used to login your profile and do not belong to you.
- Never use your name, date of birth, phone number or GF/BF name as a password.
- Plain password with a combination of letters and numbers are a big ‘NO.’
- Don’t use the same password for all your profiles. It is hard to remember a new password for each profile, but it is also hard for hackers to get a hold on your privacy.
- Never save your passwords on the same device you are usually used to log in.
- Don’t share your passwords with anyone via email or WhatsApp or text message. It is highly dangerous.
If you adopt good habits and avoid the bad ones, you have nothing to worry about.
Get Acquainted with Privacy Settings
Whether it’s your laptop, mobile or any smart gadget, if you have an internet connection, then it is at risk. Every social media platform and apps offer a specific privacy settings to its users. These privacy settings give you the option to select what amount and kind of information you want to share with. Always choose the least amount of information to share with others.
Keep these pointers in mind;
- Never share your name and location at untrusted sources.
- Always keep your location turned off.
- Don’t give camera access to every app, especially where it is not needed.
Social media sites like Facebook and Twitter gives you the option to select who you are sharing your information with. Always set the preferences to friends and trusted individuals only. After signing in to any website or social platform, always set your privacy settings and never believe the ‘Default Settings’ as they allow your information to be shared publicly.
Be Aware! Your Digital Footprints Remain Forever
I am not sure if ‘True Love’ lives forever or not, but your digital footprint will surely do. Once you post anything online, it is there forever, even if you delete it from your timeline, profile or device. Your digital footprint is like a paper trail that leaves traces of your online information.
Always be cautious about sharing anything online. One prank video showing you nude could do a disaster for your reputation if you turned out a big celebrity in the future. Your sexting on messenger and WhatsApp is a proof about your characters in someone’s device. So be extra vigilant before typing what you typed and to whom.
Most people take their privacy very lightly and consider they have nothing to loose. Just for the sake of slow internet, they don’t prefer to use security tools which can compromise their speed. In this terms, the fastest security tool can do the magic.
Similarly, gamer needs a perfect security tool to protect their online identity as well as their gaming experience from deadly DDoS attacks.
A Reliable Security Tool is all You Need
As mentioned earlier, your digital footprint is like a paper trail. Anyone with access to it can easily track you down with your original IP. It is suggested by the security experts to keep your identity hidden, and when I say hidden, I don’t mean by using a fake profile, but by hiding your real IP.
The best and most reliable tools that can provide maximum security and privacy are Antivirus, Tor and VPN.
Bluetooth is Convenient, yet Highly Risky
Bluetooth gives you convenience, but also opens doors for security weaknesses. Always keep your Bluetooth turned off when you are not using it. There’s one another option available on each device to put your Bluetooth on an invisible or undetectable mode.
As per the experts’ opinion, there are malicious apps that can change the mode of your Bluetooth without informing. Hence, it is another reason you should keep your online security intact.
A VPN also keep the users IP address hidden from authorities while Torrenting.
Always Run the OS Updates as they Appear
Updates on your device and individual apps appear now and then, don’t ignore them and perform it ASAP. These updates deliver a multitude of revisions to your device and app, adds new features, remove outdated features, update drivers, fix bugs, and most importantly, it fixes the security loopholes.
Use WiFi Hotspot Wisely and Safely
WiFi is becoming next to basic necessities; we can skip a meal but cannot live for more than 10 mins or less if our WiFi stops working. We are not discouraging your internet connectivity, rather suggesting you to take the wise move/s to secure your home/office network.
Follow these three principles;
- Change the password of your WiFi router now and then.
- Always turn on the firewalls on both hardware and software to stay protected.
- And, still, use a VPN when connected to Public WiFi hotspots.
Say Goodbye to Unnecessary Data
If you are not using any app and still there on your device, simply uninstall it. If you have too many documents which are of no use, delete them. All these documents may be of no use to you, but if you lose them, it can be harmful to your online security. Similarly, apps you are not using for months must be outdated and have chances to open doors to loopholes which can compromise your device’s safety.
Get Familiarized with Phishing
Phishing is the worst kind of cyber attack which is very hard to identify. As mentioned earlier, Phishers generally impersonate a well-known organization or service in order to trap you to provide personal information. These attacks aim to deliver malware to your device via a suspicious link.
Always keep your hands off the mouse when a pop-up appears on screen attracting you with too-good-to-be-true offers. It is suggested not to click on any links which you don’t trust.
If you strictly follow these tips, you have nothing to lose. Your online privacy will stay intact and your online security remains unbroken.
Now, let’s have a look at the state of ‘Online Privacy’ and ‘Online Security’ in the business world.
Online Privacy & Security in the Business World
A data breach in a firm or corporation doesn’t only affect the business badly, but also harms the consumers. Every company is operating digitally, having a website or ecommerce store for the convenience of its users. In the entire process of selling goods and services online, one thing is common, and that is – the personal and financial information of buyers.
In the last two decades, the digital world has seen a lot of data breaches which exposed not only the financial information of users but personal as well. Let’s have a look at the biggest disasters of this century.
Yahoo – Biggest Data Breach of the Century
- Time Duration: Year 2013-2014
- Approx Number of User Affected: 1 billion and above
- Type of Data Stolen: Users’ names, addresses, phone numbers and dates of birth
- Financial Loss: The amount of money at the end-use has not been reported by any authorized body, but Yahoo company has lost around $350 Million dollar due to the privacy breach.
Marriott International Chain of Hotels
- Time Duration: Year 2014-2018
- Approx Number of User Affected: 500 Million
- Type of Data Stolen: Names, travel information, credit card numbers and expiration date
- Financial Loss: No financial damage has been reported so far associated with the Marriott data breach.
eBay – Biggest Ecommerce Data Breach
- Time Duration: May 2014
- Approx Number of User Affected: 145 Million
- Type of Data Stolen: Names, email IDs and passwords of all 145 million users
- Financial Loss: The revenue of the company declined by 13% in the preceding year.
Adult Friend Finder – Dating App
- Time Duration: October 2016
- Approx Number of User Affected:12 Million
- Type of Data Stolen: Names, email IDs and passwords
- Financial Loss: 20 years of data has been stolen from the Company’s database.
Equifax – Largest Credit Card Bureau
- Time Duration: July 2017
- Approx Number of User Affected: 143 Million
- Type of Data Stolen: Names, social security numbers, licence number, address, phone details, and dates of birth
- Financial Loss: No financial loss has been reported.
TJX Companies, Inc – Biggest Corporation Data Breach
- Time Duration: December 2006
- Approx Number of User Affected: 94 Million
- Type of Data Stolen: Credit card details
- Financial Loss: $200 million loss was reported by the banks, insurance and companies
Target Stores – Most Expensive Data Breach
- Time Duration: December 2013
- Approx Number of User Affected: 110 Million
- Type of Data Stolen: Credit and Debit card details
- Financial Loss: Estimated cost of the breach is reported by the company is $162 million
Heartland Payment Systems – Biggest Data Security Breach
- Time Duration: March 2008
- Approx Number of User Affected: 134 Million
- Type of Data Stolen: Visa and Mastercard details
- Financial Loss: Estimated cost of the breach is $145 million
Uber – Largest Ride Hailing Data Breach
- Time Duration: 2016
- Approx Number of User Affected: 57 Million
- Type of Data Stolen: Names, email IDs and mobile numbers
- Financial Loss: The data breach cost $20 billion to the company
Sony’s PlayStation Corporation – Largest Online Gaming Community Data Breach
- Time Duration: April 2011
- Approx Number of User Affected: 77 Million
- Type of Data Stolen: Names, purchase history, home address, PSN/Qriocity logins and passwords
- Financial Loss: The data breach cost the company $15 million to settle a lawsuit over the breach
Haunting, isn’t it?
These are only a few of the many data breaches took place over the last two decades. Millions of other incidents are losing personal data in similar attacks.
According to a research performed by the ‘Headway Capitals – Credit for Small Business’, following are the questions, a small business should ask themselves and based on experts recommendations, Headway Capital also suggested the possible solutions for each question. Let’s have a look at the infographic.
Cyber Security Questions Every Small Business Should Ask
How can a small business stays protected and keep its online privacy and security safe from hackers attack? Well, here are the answers;
Questions # 1: Do your employees using strong passwords?
Questions # 2: Do you ask your employees to change passwords regularly?
Questions # 3: Do your employees using 2FA?
Questions # 4: Do you allow employees to use a smartphone at the workplace?
Questions # 5: Are you backing up your data?
Questions # 6: Does all your business devices have a VPN and Antivirus installed?
Questions # 7: Do you restrict employees with ‘Admin Rights Only’ and give it to those only who need it?
Questions # 8: Do you train your employees regarding online security and its threats like Phishing attacks?
Questions # 9: Do your employees know that passing sensitive information via personal and unsecured email is not safe at all?
Questions # 10: Do you encrypt your business database and users’ information?
Questions # 11: Is your business website adequately protected?
Come on Netizens! Your Online Privacy Is In Your Hand
From the beginning of this article, it is loudly clear how governments, social media platforms, and websites are spying on their citizens and violating privacy by collecting personal information. All of this information is used for many purposes, some are useful, rest are harmful.
Without knowing the alarming effects of giving away our personal information online, posting everything about us on the internet via social media, sending confidential information unsecurely, and giving information to website, even when we know it is not necessary.
It is you who needs to be cautious and vigilant about controlling your devices and data. Without thinking, do not post anything on your social profiles; do not post every moment of your day on your Facebook profile, or tweet about it to everyone.
This is all for today. We will keep our privacy-consciousness high and keep updating you with latest workarounds and experts’ opinions, so don’t forget to sign up.