“I have nothing to hide” was once the standard response to the occasional surveillance experience by way of cameras, border checks, or casual questioning by law enforcement.
Privacy used to be considered generally balanced in many countries — at least, in the West — with a few changes to rules and regulations here and there often made only in the name of the common good.
Things have changed, and not for the better.
China’s Great Firewall, the UK’s Snooper’s Charter, the US’ mass surveillance and bulk data collection — compliments of the National Security Agency (NSA) and Edward Snowden’s whistleblowing — Russia’s insidious election meddling, and countless censorship and communication blackout schemes across the Middle East are all contributing to a global surveillance state in which privacy is a luxury of the few and not a right of the many.
As surveillance becomes a common element of our daily lives, privacy is in danger of no longer being considered an intrinsic right.
Everything from our web browsing to mobile devices and the Internet of Things (IoT) products installed in our homes have the potential to erode our privacy and personal security, and you cannot depend on vendors or ever-changing surveillance rules to keep them intact.
Having “nothing to hide” doesn’t cut it anymore. We must all do whatever we can to safeguard our personal privacy. Taking the steps outlined below can not only give you some sanctuary from spreading surveillance tactics but also help keep you safe from cyberattackers.
Data management is at the heart of privacy
Data is a vague concept and can encompass such a wide range of information that it is worth briefly breaking down different collections before examining how each area is relevant to your privacy and security.
PERSONALLY IDENTIFIABLE INFORMATION
Known as PII, this can include your name, physical home address, email address, telephone numbers, date of birth, marital status, Social Security numbers (US)/National Insurance numbers (UK), and other information relating to your medical status, family members, employment, and education.
Why does it matter? All this data, whether lost in different data breaches or stolen piecemeal through phishing campaigns, can provide attackers with enough information to conduct identity theft, take out loans using your name, and potentially compromise online accounts that rely on security questions being answered correctly. In the wrong hands, this information can also prove to be a gold mine for advertisers lacking a moral backbone.
BROWSING HABITS AND WEBSITE VISITS
Internet activity is monitored by an Internet Service Provider (ISP) and can be hijacked. While there is little consumers can do about attacks at this level, the web pages you visit can also be tracked by cookies, which are small bits of text that are downloaded and stored by your browser. Browser plugins may also track your activity across multiple websites.
Why does it matter? Cookies are used to personalize internet experiences and this can include tailored advertising. However, such tracking can go too far, as shown when the unique identifiers added to a cookie are then used across different services and on various marketing platforms. Such practices are often considered intrusive.
MESSAGE AND EMAIL CONTENT
Our email accounts are often the pathway that can provide a link to all our other valuable accounts, as well as a record of our communication with friends, families, and colleagues.
Why does it matter? If an email account acts as a singular hub for other services, a single compromise can snowball into the hijack of many accounts and services.
ONLINE PURCHASES, FINANCIAL INFORMATION
When you conduct a transaction online, this information may include credentials for financial services such as PayPal, or credit card information including card numbers, expiry dates, and security codes.
Why does it matter? Cybercriminals who steal financial services credentials through phishing and fraudulent websites, who eavesdrop on your transactions through Man-in-The-Middle (MiTM) attacks or who utilize card-skimming malware can steal these details when they are not secured.
Once this information has been obtained, unauthorized transactions can be made, or this data may also be sold on to others in the Dark Web.
MEDICAL RECORDS AND DNA PROFILES
A relatively new entrant to the mix, hospitals now often make use of electronic records, and home DNA services store genetic information belonging to their users.
Why does it matter? The loss of medical information, which is deeply personal, can be upsetting and result in disastrous consequences for everyone involved. When it comes to DNA, however, the choice is ours whether to release this information — outside of law enforcement demands — and it is often the use of ancestry services that release this data in the first place.
Businesses that handle data belonging to their customers are being scrutinized more and more with the arrival of regulatory changes such as the EU’s General Data Protection Regulation, designed to create a level playing field and stipulate adequate security measures to protect consumer privacy and data.
Companies will often encrypt your information as part of the process, which is a way to encode information to make it unreadable by unauthorized parties….Read More>>>