Nowadays, we are all so used to giving away our information online that we barely read the terms and conditions before signing up to a website or downloading an app. For most of us, listening to tech terms and legal jargon can seem more than a little dull and daunting.
To take out the painful process of researching the topic, we have created a simple guide to why your online privacy matters and why you should begin double checking those privacy settings and joining the privacy debate on Facebook and Twitter.
What is online privacy?
Your online privacy is the “privacy and security level of personal data published via the internet.”1
“Personal data” covers a wide array of information: everything from your bank details, to your photos and videos, to your basic preferences of films and books.
How secure this data is depends on how easy it is for third parties such as criminals and hackers to obtain it.
How do hackers, fraudsters and criminals obtain your data?
- Gathering your public online information
This technique is so easy that your great grandmother could do it. A basic Google search and a run through of your public social media pages (for example, Facebook, Linkedin and Twitter), reveal who your friends are, where you live, what you like and dislike, what you do for a living and what your interests are. This is particularly easy to do if your privacy settings on these sites are low.
Even the photos that you publicly post are mines of data. Geotags on our images let criminals know where our photos were taken and at what time. The content of these images also helps to build an accurate portrait of you (for instance, which family members and friends you are close to, what the inside of your home looks like, and what your favourite social hangouts are.) This means that not only will these criminals know what the best way is to strike you, but you will potentially trust them because they appear to know you so well.
- Phishing scams
Phishing scams involve fraudsters attempting to steal your private information through seemingly innocent and reputable messages. By using the already-gathered public information about you, hackers target you with communications that they know that you will personally trust. Very often these include links to bogus websites and forms that ask you to give up private information such as usernames and passwords. In early 2014 I received a very convincing email from the UK tax department, HM Revenue, offering me a tax rebate. All messages from HM Revenue arrive in the post, but the scammers knew that I was travelling abroad and so informed me that this year I would be claiming my tax online. When I clicked on the link, I was directed towards a form that instructed me to fill in my bank details so that they could deposit my tax rebate. Fortunately, I had received a tax rebate the month before so I knew that it must be a fake. However, it was incredibly simple and convincing!
Many of these scams also include links and attachments that infect the recipients’ mobile devices and computers with malicious viruses, enabling the fraudsters to steal valuable information and even to take over those devices.
Spyware enables hackers to track the computer user’s internet browsing and their personal information without their consent.
This malicious software can also be used to make changes to a user’s computer, causing the computer to slow down or crash. For instance, they may change your web browsing page and then make it difficult to change the settings back.
Spyware is usually downloaded when we download certain applications and files such as music and movies from unreliable sources. Think twice before you open BitTorrent!
So, why should you care about the privacy of your data?
- Unwanted targeted marketing
Free online services such as Facebook and Twitter make their money by selling their users’ data – yourpersonal information – to advertisers. Nothing about these services is free. Your data is worth billions of dollars. Facebook has made $2.6bn just in the second quarter of this year by selling its users’ data to advertisers.2
I once had a conversation about yoga on my Facebook wall and suddenly found myself targeted with countless yoga and pilates advertisements on my newsfeed.
“But doesn’t this just mean that I get an online experience that is relevant to me? Won’t I get great links to stores and products that I actually like?” we all ask. “And if I don’t like it, I can ignore it, right?”
Well, this is true to a point. However, targeted marketing has been proven to manipulate the way that we think and behave. In America the Obama campaign used US citizens’ data to determine how to best target individuals with their campaign message and to persuade them to vote for Obama. The Obama campaign’s use of data mining and analysis is greatly attributed to his electoral success in 2008.3
If supermarkets can manipulate us into buying certain products by knowing our shopping habits, just think of what companies and organisations can do if they know everything about us.
- Identity theft
The American MTV show, Catfish, reveals how strangers on the internet can steal your identity and information to strike up romantic relationships online. Whilst some of the online romances turn out to be very much real, Catfish also demonstrates how criminals and online trolls do not need to be professional hackers to create false identities. All they need is your public photos (like those selfies you post publicly on social media forums such as Instagram and Twitter), your date of birth and your full name.
Fraudsters steal identities for more than romance. Identity theft can also be used to persuade someone to part with their money (for instance, by pretending to be an attractive, struggling twenty-something female desperately in need of cash.)
The last thing that we want is the producers of Catfish turning up on our doorsteps because a stranger has been wearing our face on Facebook to con people.
- Lack of security in data storage
You might think that your data is secure by upping your privacy settings and deleting outdated photos. However, all social networking sites, email providers and the cloud store their users’ data. This means that the embarrassing picture of you drunkenly falling over at the staff Christmas party may have been deleted off your Twitter page two years ago, but it is probably still sitting dormant on Twitter’s servers.
No one can be certain how secure this stored data really is. Recently, a third party app managed to hack Snapchat’s users’ photos and leak them. Unless stored data is encrypted (when data is scrambled and made illegible), it is possible for hackers to obtain and then easily use your stored personal information, even if you think that you have deleted it.
- You are not adequately protected by current laws
Unfortunately, technology is developing faster than the law. Consequently, we cannot be certain that the law will protect us if we become victims of online crime.
The latest legal concern is cyberbullying (when individuals are bullied online). As much as governments are trying to crack down on cyberbullying, victims have an uphill battle seeking justice and protection. In 2007, Lori Drew was a mother who posed as an attractive teenage boy named Josh Evans on the social networking site MySpace in order to bully a young girl, Megan. Lori/Josh flirted with Megan for weeks online before viciously bullying her. Eventually, Megan could take no more and hanged herself in her bedroom closet. When the family sought justice, they discovered that the woman who harassed their child could not be convicted under the stalking and harassment laws because the laws did not account for the internet.4
- We do not know how our data will be used in the future or if social networking sites will protect our privacy
The final reason that you should be concerned about your online privacy is that these online services and providers have a proven track record of changing their privacy policies without notifying their users.
Consequently, we cannot rely on our email providers and social networks to adequately protect our privacy and secure our personal data. Equally we cannot know yet how our data will be used in the future or who it will be sold do. Especially because these organisations and companies make their money by selling your data to advertisers and unnamed third parties
Your online privacy and your data matter. If you haven’t done so already, join the privacy debate with Scramsoft by following us on Twitter and Facebook where you can receive our latest news and privacy tips.