Data Protection

Are we really secure? (Part-1) - A look at what worries me the most

Data Protection

Are we really secure? (Part-1) - A look at what worries me the most

Modern day technologies for sure provide much more efficient, convenient and sometimes creative solutions to our problems. Want to talk for free with a relative thousand miles away? Open an app and that’s it, talk as much as you want, this was not at all possible before. Solutions like these are all around us and we use them on a daily basis. Stuck in a new city? Open the map app and get going, it will track you in real time too. Cool huh?

While the users happy that they can talk for free now and they’ve saved their money, they are paying a heavy price. Real-time location services are great but they do send data back to the servers in the name of “Consumer Experience”, “Accuracy Enhancing” or “Improvement Programs”. The users forget that when they are talking to their friends and family the data goes through the server first and can be stored or manipulated easily. They forget that the data which they generate on their social media profiles can be used to manipulate them in return.

The mechanism or algorithms by which companies like Facebook and Google decide what ads to show you are already a recipe for disastrous results in the future. The recent Facebook and Cambridge Analytica debacle is an example you will often hear me quoting, Facebook came out to be pathetic in handling the data of their 2.2 billion users and the questions put by the US Senators…don’t even get me started with it.

User’s data is just not secure anywhere. How many Google products do you use? Gmail, Chrome, Sheets, Google Search, and a lot more. Advertisements are the largest source of revenue for the tech-giant which is 70.9 percent of the total revenue. And certainly not all ads are shown to all people, they use your searches to determine your preferences and then what ads to show you, called “Targeted Ads”. Much of the users say they do not care about their data’s security, there are no photos on their timeline and that their data is of no use to Facebook. This is where they are completely in the wrong, they fail to understand that even if they are not using the platform, their friends are active tagging them, sending them requests, etc.

One user might not care about their data, two users might not, but the statistical inferences that can be drawn from the demography has a potential to cause mass-manipulation of people on political issues and things like these take no time to reach in the hands of people with no good intentions.

And this goes on as banks share data with insurance companies, social media and online searches to online shopping websites, and all of this happens with user unknowingly giving away permissions or they do not have an option.
Your data juggles between these corporates while you enjoy your free calls and online shopping. For this very reason, International Data Protection Laws are on their way, they are theoretically very effective in tackling these multinational technology firms.

I’ll give you one more reason not to trust tech firms with your data - they can and will share your data if the government demands it. It happened in the US, in the European Union (EU), and allegedly in India too.

Your Privacy 0, Law Enforcement 1.

EDIT-1 : You might have recieved a ‘Privacy Policy Update’ mail recently around 25 May 2018, that is because the GDPR (General Data Protection Regulation) goes into effect on May 25 2018. It tightens the already existing laws regarding what tech companies can do with your data, it gives you more control over how your data is collected and used, and forces companies to justify everything that they do with it.

Interesting thing to note here is that while GDPR is an EU (European Union) legislation, it still has a huge effect on businesses outside the EU. GDPR restricts collection of data that can be used to identify you including your name, ip address, location information or even things like sexual orientation, health data, and political opinions.

What I like about GDPR is the fact that people now have the “Right to be Forgotten”, people can request to have their data deleted, personal data needs to be transferable via a common file type, but it is still not absolute, certain conditions apply on it atleast for now. For Non-EU countries it is a concern beacause many business collect or reuse EU resident’s data, they also use companies based in the EU for services and processing data.

If a firm fails to comply with the GDPR, they are liable to pay €20 million ($24 million) or 4% of global annual turnover, whichever is larger.

On the very first day of GDPR enforcement, Facebook and Google have been hit with a raft of lawsuits accusing the companies of coercing users into sharing personal data. The lawsuits, which seek to fine Facebook 3.9 billion and Google 3.7 billion euro (roughly $8.8 billion in dollars), were filed by Austrian privacy activist Max Schrems, a longtime critic of the companies’ data collection practices.

These kind of laws are a nightmare for any tech firm collecting and using their user’s data, and this is definitely a significant step in the right direction. Many smaller US companies pulled out of the EU to avoid GDPR, video game makers are blocking access for EU users to older games, saying updates for GDPR are too costly, Microsoft has more than 1,600 engineers working on GDPR.

You can also watch this video about the GDPR.

India is also moving towards its own privacy regulations, a commitee was set up by former supreme court judge, Justice B N Srikrishna, and a draft bill is expected.


So, you told me not to use Google, Facebook, and Twitter. What will I do on the internet then?

There are many alternate options available. The right question to ask is - What are these alternate options?

  • For Searches, you can use DuckDuckGo, they never store any of the user’s data,
  • You can also clear site data and cookies after visiting a website to make sure that they don’t remember you and everytime you arrive at a new user
  • Turn your damn Location off for god’s sake, you only need it while navigating or finding a place or route, keep it off otherwise.
  • Avoid unnecessary signing in on websites when you are just browsing them unless you need their services badly.
  • Create an email for just the purpose of signing in, don’t use your Google+ or Facebook profile every time, or you can use a temporary email.

Considering the amount of time we spend online and the data we generate, it is not that only our data is in danger, we too are in danger.

Which raises the question - Are we really secure?