20th Sep2019

Is your privacy being compromised online?

by James Smith

You may be one of the many people who has suffered a cyber attack – personally or at work – through viruses, phishing or social engineering. Less sensational, but equally worrying, are data breaches and misuse of the data we willingly hand over. While we may be fiercely protective of our bank details for obvious reasons, sometimes we are less protective of our personal data: age, address, gender, our online behaviours and personal preferences, from hobbies and lifestyle choices to political sympathies. But our personal and behavioural data is valuable to a range of organisations, and some use unscrupulous means to get it.

This article examines the different ways in which your privacy can be compromised online, how you can find out, and the steps you can take to protect yourself.

online-privacy

What is online privacy?

Privacy is a broad term, especially in relation to the internet. Aspects of privacy lie on a continuum. The illegal invasion of mobile phones to extract intimate images via the internet is an obvious infringement of privacy, but what about when a web browser collects data on your online behaviour? Or when an app on your phone shares information on your weekly running route with a third-party service provider, without making it explicitly clear that this will happen?

Private data is understood to include any of the following:

  • Data/information that you don’t want known or seen (often other than by specific people/organisations, for example, video calls)
  • Data/information that you have not agreed to share. This becomes more complex when someone you have agreed to share certain data with, shares with a third party without your consent.

The importance of the IP address

The key to online privacy is often your IP address – a unique number that identifies any particular device. By seeing your IP address, a web browser, website or app knows things like where in the world you are located, and can track which other sites or services your device has visited and interacted with.

Why compromise our privacy online?

Those who want to compromise your privacy do so for a variety of reasons. For example:

  • Businesses
    Companies may want to know what you’re watching online or the sites you visit so that they can drive their own business or marketing strategies. They might also want to know where you are, so that they can control access to various geo-locked services. Many companies collect your data simply to sell on to other organisations. This was made clear by the furore surrounding the US presidential election in 2016 in which it was alleged that Russian ‘agents’ influenced the outcome by targeting specific voters with specific messages on Facebook. Meanwhile, while Cambridge Analytica secretly extracted data from Facebook to inform Donald Trump’s own presidential campaign.
  • Governments and official bodies
    It’s not just totalitarian regimes that ‘spy’ on their citizens, In 2014, the British Government drafted what was known as ‘The Snoopers Charter’ which would require internet service providers and mobile phone companies to store records of each user’s internet browsing and social media activity, emails, voice calls, texts and more, for 12 months. Police forces around the world use facial recognition technology to find and trace individuals.
  • Individuals
    Individuals may want to invade your privacy to extort money or influence by accessing your personal, private and often sensitive data, information or files.

How is online privacy compromised?

  • There are a variety of ways in which privacy can be compromised online:
  • Rogue apps that collect data from elsewhere on your device, or share data you input into it with third-parties
  • Free and rogue wi-fi in public places can allow cybercriminals to see all your correspondence, leaving you open to breach and attack
  • Internet browsers such as Internet Explorer and Google Chrome collect behaviour data that they can use to create targeting for advertisers
  • Websites use cookies to track users to other sites, often using the data to ‘re-market’ products you have looked at. Many websites deploy hidden ‘history sniffing’ codes to find out what sites you have visited.
  • As well as the data you input, social media monitors your messages. This includes ‘private media’ such as Whatsapp who can use message content to allow advertisers to target particular groups
  • Webmail servers ‘read’ emails that pass through them
  • Internet service providers (ISPs) monitor sites that you visit
  • Virtual private networks (VPN) sprang up to help people protect their identities by hiding the IP addresses as they used the web. Many disreputable VPNs in turn then harvested user data and sold it to third parties

While much of the above is legal, and usually concerned with selling audiences for targeted and more effective advertising, cybercriminals have a different agenda.

Many organisations will securely hold your private and sensitive data, from bank details and credit ratings to medical records. This only becomes a problem when hackers breach security and release or steal that data – as happened to the UK’s National Health Service in 2018, when hackers exposed the passwords of 10,000 care home and hospital staff.

connected-devices

Simple ways to protect your privacy

A popular way to protect your privacy online is to use a legitimate VPN service, which masks your IP address and enables you to browse the web via one of the virtual private network’s own IPs. As well as encrypting your data to protect it from hackers, VPNs hide your geographic location and prevent advertisers and other bodies from being able to track your movements and behaviours online.

Other measures you can take include:

  • Avoid public or unsecured Wi-Fi, which is generally easy for hackers to access – especially for sensitive activities such as internet banking
  • Install antivirus on your devices – including your phone, to prevent spyware downloads
  • Use the ToR browser, which uses a distributed network to hide your identity online
  • Use DuckDuckGo, a search engine that doesn’t keep or use your personal data.

How can I tell if my privacy is being compromised?

Aside from ensuring that you choose a reputable VPN service which will protect your data rather than compromising it, it’s important to be aware that your privacy can still be compromised even when using a VPN and a private browser like DuckDuckGo.

WebRTC technology, which enables real-time function in things like Skype and Google Hangouts, can undermine VPN security and cause your real IP address to leak even if a private connection has been enabled.

If you’re worried that your privacy is being compromised in spite of taking measures to protect it, you can use a free WebRTC leak test to find out if your real IP address is still being exposed.
______

Sponsored Post
Off

Comments are closed.