By Ali Abbas & Mir Hassan:
“Security is not the absence of danger, but the presence of defences. In the digital realm, protecting personal data is the armor for a safe online journey.”
– Kevin Mitnick
In the modern digitally interconnected world, with most facilitating modes of communication, entertainment, knowledge, and a plethora of various facilities that accelerate and assist our everyday activities, saving us an abundance of time which we can employ in other, more fulfilling activities. The swift and monumental advances in the internet technology in 21st century have made all this possible, connecting the world to an ever more complex web of interlinked societies and communities, bringing globalization to its peak in the process thanks to the seamless and easy international connectivity. People sitting in one continent can easily have a face to face conversation with their relatives, friends, or any other associates from an entirely different continent. Long distant relatives can now easily be a part of the lives of their families who may be separated geographically, sharing events in their personal lives, creating a seamless bridge across vast distances. The marvels of modern technology such as the advent of video conferencing and instant messaging applications, have transformed the way we connect. Whether it’s a birthday celebration, a milestone achievement, or a simple catchup session, the barriers of physical distance seem to all but vanish. This interconnectedness not only transcends geographical boundaries, but also strengthens the bonds that hold people together. People can now share the nuances of their daily routines, fostering a sense of closeness that defies the limitations of locations and space that previously existed. In this digital era, the world truly becomes a global village, where the links of connections create a web that spans continents, uniting hearts despite the miles that separate them.
However, amidst all these facilities there are various risks that accompany the digital interconnectivity. One of such dangers is involuntary collection of personal information of individuals accessing these facilities. It is a common saying that “nothing is free”, and that holds true about all these facilities that internet has brought us today. It should poke one’s curiosity as to why social media websites like facebook or X (formerly known as twitter) provide us with so many facilities for communicating with people all over the world for free. How exactly would they earn a profit to function if they provide their services for free? One answer could be that they earn a revenue through ads, but a more dangerous and fitting answer is through collecting and selling the personal data of people who use these websites and the services they provide. Many websites and their owners make millions (if not billions) sellingpersonal data of individuals using their websites to private companies and firms, who make use of the data for a variety of purposes, ranging from learning the preferences of groups and individuals to deliver suitable advertisements, to more malignant purposes such as identity theft, fraud, phishing, and scamming. Naturally, sharing personal data of individuals without their explicit consent is illegal throughout various countries, but that has failed to deter any of such tech giants making profits off of other people’s data.
Amidst such perils, securing one’s personal and private data from malevolent actors seeking to misuse an individual’s information for illegal activities becomes a significant challenge, however, that is not to say that people who use modern facilities like the internet are entirely at the mercy of such malicious actors as there are various methods through which people using modern digital services can minimize the unwanted sharing of their personal information and prevent its misuse and exploitation by virulent forces.
The most ideal way to minimize such data exploitation is to raise awareness of it among the people who regularly use the digital services. Many of the people who access the internet aren’t even aware that their data could be stolen and distributed without their knowledge, let alone take measure to prevent such data theft. This is particularly true for the older populations who aren’t as used to using the digital services as compared to the younger generations, nor are they experienced with or aware of the presence of the malevolent forces and actors, which is why the most common victim of online scams and frauds are usually older people. The government or any other actors can raise awareness about online fraudulent and phishing activities online through adverts, campaigns, and social programs, so that people who use digital services are aware and hence more cautious of the dangers posed on their personal data. This could include teaching them to use strong and unique passwords for their accounts and using two-factor authentication, be more cautious and avoid clicking on suspicious or unknown links, regularly review software updates, etc. There have been many such campaigns already launched by government and NGOs throughout the world, such as through default caller tunes in Pakistan. Although these awareness campaigns have proven useful in lowering the susceptibility of people to data theft, it hasn’t been able to entirely eliminate or minimize it to a significant degree.
In addition to awareness campaigns, a comprehensive strategy for minimizing data exploitation involves integrating digital literacy programs into educational curricula at various levels. By incorporating lessons on online security, privacy protection, and responsible digital behavior into school programs, students can develop essential skills early on. This approach not only empowers the younger generation with the knowledge to navigate the digital landscape safely but also fosters a culture of cybersecurity awareness from an early age. Furthermore, collaborations between government agencies, educational institutions, and industry stakeholders can enhance the effectiveness of awareness initiatives. Workshops, seminars, and community outreach programs can provide hands-on training and guidance on securing personal data. By fostering partnerships with technology companies and cybersecurity experts, governments can leverage expertise to design impactful awareness campaigns tailored to different demographics.
In addition to raising awareness among end-users, governments and regulatory bodies should play a proactive role in holding tech companies accountable for transparent data practices. Implementing and enforcing stringent data protection laws can create a legal framework that safeguards user privacy. Regular audits and assessments of company’s data handling practices can ensure compliance and identify areas for improvement.
Another common method of protecting personal data on the internet is through employing third parties who excel in data encryption and protection. These third parties provide various services such as data encryption, broad range of VPNs, malware detection, phishing protection, etc. all in exchange for a monthly subscription fees by their customers. Although reviews of such third parties are usually positive, their usage and handling of their customer’s data could potentially also end up being sold to third parties should they themselves go corrupt, there for individuals should exercise caution and conduct thorough research before subscribing. It is essential for individuals to scrutinize the privacy policies and terms of service of these third-party providers to understand how they handle and protect user data. Transparency regarding data retention policies, data sharing practices, and adherence to privacy regulations is crucial. Users should prioritize services that clearly communicate their commitment to user privacy, comply with relevant data protection laws, and undergo regular security audits. The potential for third-party services to sell user data also raises concerns about the integrity of personal information. Users should carefully review the terms and conditions to ensure there are explicit provisions prohibiting the sale or sharing of their data with external entities. Opting for services with a proven track record and a commitment to ethical business practices can reduce the likelihood of data misuse. It is then advisable to choose reputable and well-established companies with a history of prioritizing user privacy. Reading user’s reviews and seeking recommendations from trusted sources can provide insights into the reliability and trustworthiness of a particular data protection service. In an era where data breaches and privacy violations are not uncommon, making informed choices about third-party services becomes crucial in safeguarding personal information from potential exploitation.
Additionally, people could further protect their data by limiting the amount of data they share online as limiting personal information online could be crucial to bolstering privacy and security. People could do this by managing privacy settings on social media websites, ensuring that only a select group of friends or followers can access their profiles and posts. They should be mindful of the details they share, refraining from disclosing sensitive information such as their address, phone number, or workplace in public forums, regularly review and adjust app permissions, granting access only to essential features, using pseudonyms or nicknames in public online spaces to add an extra layer of anonymity, limit the time spent on internet, and various other actions that would assist in protecting their personal data, as data that isn’t on the internet cannot be stolen from the internet.
The modern digital era has ushered in unprecedented connectivity, transforming the world into a global village where individuals can bridge vast distances and strengthen bonds across continents. However, this digital interconnectedness comes with inherent risks, particularly the involuntary collection and misuse of personal information by various online platforms. While many individuals remain unaware of the potential threats of their data, there are proactive measures to mitigate these risks. Raising awareness about online dangers is crucial, and governments and NGOs can play a role through campaigns and educational programs. Employing third-party services specializing in data protection is a common strategy, though careful consideration is needed to ensure the trustworthiness of these services. Furthermore, individuals can take proactive steps to limit the amount of personal information shared online, manage privacy settings, and adopt security practices such as using strong passwords and two-factor authentication. Ultimately, safeguarding personal data in the digital age requires a multi-faceted approach that combines awareness, education, and strategic use of technological tools.
References:
Federal Trade Commission. (September 2023). How websites and apps collect and use your information. FTC Consumer advice. https://consumer.ftc.gov/articles/how-websites-and-apps-collect-and-use-your-information#how
Wharton staff. (28 October 2019). Your data is being shared and sold…. What is being done about it? Knowledge at Wharton. Retrieved from https://knowledge.wharton.upenn.edu/article/data-shared-sold-whats-done/
Bryan D. James. Patricia A. Boyle. David A. Bennet. (2014). Correlates of susceptibility to scams in older adults without dementia. National library of medicine. Retrieved from https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3916958/
PTA. (17 August. 2011). Public Notice-ensuring safety against spamming, Market and unsolicited calls and SMS. PTA. Retrieved from https://www.pta.gov.pk/en/media-center/single-media/public-notice-ensuring-safety-against-spamming-marketing-and-unsolicited-calls-and-sms
United Nations Children’s Fund (UNICEF). (September 2019). Digital literacy for children – 10 things to know. UNICEF. Retrieved from https://www.unicef.org/globalinsight/documents/digital-literacy-children-10-things-know