It used to be that we thought of government surveillance as something that happened under authoritarian regimes. Yet in recent times, there has been an explosion of surveillance and intrusion in even the most liberal democracies. That surveillance can take many different forms, from CCTV coverage to internet monitoring. For example, London has almost one million cameras across the city as a whole.
For internet users, your data may be tracked by government agencies, corporate entities, and cybercriminals. Of course, a large part of government surveillance is identifying criminal activity but for organizations, data harvesting is more about identifying consumer trends, building buyer personas, and increasing their reach. For cybercriminals, they want data that allows them to commit fraud or identity theft.
Mapping your digital footprint can be an essential step in ensuring as much privacy as possible. How safe – or unsafe – is your data and information when you are just browsing the web? Do you really have any privacy left and, if you do have any left, how do you protect it as much as possible? Can you secure your privacy to even a minor extent or is internet surveillance here to stay?
What data do companies and cybercriminals want?
The main thing to note is that organizations work within legal frameworks when collecting data while cybercriminals are breaking any relevant laws. However, the actual data both parties want have several crossover points.
1. PII (personally identifiable information)
This is the most basic type of personal data and is valued by both organizations and cybercriminals. It can include information such as name, address (home and email), date of birth, phone numbers, and so on. While businesses may use this info for legitimate reasons, cybercriminals can use it for identity theft and commit a number of offenses, such as obtaining loans, accessing your bank accounts, etc.
2. Browsing habits
All your internet activity is monitored by your ISP (internet service provider). Some of that monitoring may be shared (or even undertaken) by government agencies looking for users who visit ‘dubious’ websites that promote extremist views, but the majority are used for commercial purposes. Commercial surveillance uses cookies to identify your browsing habits and can lead to advertising tailored to your tastes.
3. Emails
Companies collect data from emails legitimately and with your consent and participation. That can include surveys and questionnaires. However, cybercriminals may use phishing emails to collect data, such as passwords and other identifiers that allow them to access your financial details and accounts or commit other cybercrimes. The financial services sector remains the biggest target for cybercriminals.
4. Financial transactions
Think for a minute about how many financial transactions you do every month, from buying a new appliance to ordering a meal. In some cases, you may have your card or account details on the site; in others, it may be a one-off transaction. Whatever the scenario, you could be vulnerable to cybercrime attacks through fake websites, man-in-the-middle (MITM) attacks, or malware designed to harvest sensitive data.
5. Medical data
With more and more medical organizations switching to electronic records, it can mean that your data may be accessed by unauthorized persons. While there is less opportunity for fraudulent activity when this data is stolen, it can be upsetting for those whose information may be put into the public domain. This can be an area where data protection is crucial.
Data breaches
While a lot of focus is placed on individual targeting via phishing or malware, the biggest threat to your online privacy comes from major data breaches. For example, an Australian telecoms company, Optus, recently revealed that about 10 million customers had data stolen in a major cyber-attack. In cases like this, that data is often sold to cybercriminal gangs via the dark web.
Legal protection
As far as commercial entities and government agencies are concerned, there are usually laws and regulations on how they collect and use any personal data. For example, in New Zealand, The Privacy Act 2020, is the principal law that protects your personal information and governs how agencies and organizations should protect that data and how they can use it. Of course, cybercriminals operate outside these laws and will take any opportunity to infiltrate your data.
What can you do to protect yourself against internet surveillance?
Internet surveillance is not going to go away, and neither is cybercrime. With the latter, there is an ongoing battle between cybercriminals and cybersecurity experts. When a solution is found to one type of cyber-attack, then the cybercriminals are immediately looking for new ways to hack systems or expose vulnerabilities. Good cybersecurity is crucial when it comes to protecting your privacy.
Completely ring-fencing your privacy is likely impossible, but there are steps you can take to protect your data as much as possible. For example, if you use a video chat app, then ensure it offers end-to-end encryption.
1. Browsers
Browser choice can significantly contribute to protecting your privacy. The most secure option is to use the Tor project browser. This is an open-source option and very much focuses on privacy by creating ‘tunnels’ rather than direct connections to any website you visit. This helps prevent hackers (and other entities) from tracking you through IP addresses or traffic analysis.
If you use other browsers, you can still take some steps. Regularly clear out your cookie cache and browser history so fewer data can be harvested. Most browsers should also offer you options to adjust cookie preferences so that no cookies are collected and stored at all.
2. HTTP v. HTTPS
Many people will not look closely at the address bar, yet what is contained in that bar could be crucial in protecting your privacy. If you are making any financial transaction or submitting sensitive data, you should ensure that the address is a Hypertext Transfer Protocol Secure (HTTPS).
While there is still a small chance that data could be stolen on the organization’s side, it is far less likely than with a Hypertext Transfer Protocol (HTTP) site. Of course, HTTP still has its place. If you want to know how to optimize a blog post, you will be more likely to use HTTP as you are usually not asking for sensitive data from your readers.
3. Search engines
Yes, it is all too easy and common to use Google. However, Google is a major component of internet surveillance and monitors your searches, browsing history, clicks, and so on. You can consider using more private search engines or consider adding privacy protection bolt-ons to your browser.
4. VPNs
You can choose to use a trustworthy VPN which will protect much of your privacy by masking your IP address while browsing. While your ISP (or government agencies) can see that you are using a VPN, in most cases, they cannot see what websites you are visiting or what information you are entering by encrypting your activity. It is not a 100% foolproof method, but it can offer your data a high level of protection.
The takeaway
If you are thinking about online privacy and internet surveillance, then you should be considering every online touchpoint you have, from using a virtual mobile number to what search engine you use. Internet surveillance is greater than ever before and that is only likely to increase as we move forward so taking steps to protect your data is crucial.
Privacy is less guaranteed than at any point in human history but that does not mean you cannot take some steps to protect your data. It is not just a case of wanting privacy, but also a case of offering as much protection as possible against cybercrime and your data being compromised for nefarious purposes.
