Data Privacy: The Right to be Forgotten
It’s easy to recall the widespread enthusiasm that manifested with the emergence of the internet and the dawn of global connectivity. The early internet appealed to people’s desire to speak their minds, finally giving them a voice and platform that facilitated their right to be heard.
In seemingly direct response to the internet’s increased accessibility, engaging platforms and mediums began popping up. Internet users flocked to WordPress, LiveJournal, homemade Geocities websites, and Tumblr in order to share with the world their thoughts on current events and interesting foods they had eaten.
The internet was the great equalizer. Everyone had a medium and everyone had an opinion.
Metadata, Targeted Ads, and the Internet of Today
Compared to the previous millennium, the internet we know today is barely recognizable. Connectivity is faster and easier than ever; children coming of age in the current digital epoch will never know the sounds of “machines talking” that was associated with dial-up internet.
While today’s globalized internet has made eCommerce, information sharing, and collaboration easier than ever, the widespread use and accessibility of the internet and digital economy has highlighted numerous cybersecurity and privacy concerns.
The early internet seemed to showcase the best of humanity, allowing diverse individuals with nuanced and original thoughts to speak about anything and everything. But the once alluring intimacy or personality of the internet has since changed.
While people can still interact and spread ideas through digital correspondence, the “humanness” or anonymity of the internet has long been lost.
Social media platforms, blogs, computers, devices, and networks now look at users as “data subjects” and measure every click, communication, and additional digital activity with precision. Everyday internet users generate immeasurable amounts of metadata that are eagerly collected by private corporations and governments alike.
In stark contrast to the enthusiasm of internet users in the late ’90s, today, so many digital citizens of the internet are no longer focused on the right to be heard but instead are demanding the right to be forgotten.
Protecting Your Data and Privacy
For most people, the internet and computers are an integral part of their daily lives, and “unplugging” or going “off the grid” is both excessive and unrealistic. Besides waiting, lobbying, and hoping for legislation and government bodies to take action, there are several things that individuals can do to secure data and practice good digital self-defense.
Your Browsing, Your Business
Popular web browsers now offer settings for privacy-focused users. Setting your browser to “incognito” or “private browsing” will ensure none of your browsing history is permanently stored on your computer or mobile device. However, consider using a Virtual Private Network (VPN) in order to further conceal and obscure your personal information from others – especially when using an unsecured free WiFi hotspot or public network.
Whatever VPN service you opt for, make sure it is legitimate and vetted. Due diligence is essential to finding a trusted service to maintain privacy and security. Not only will a VPN shield all browsing information, but it also hides a user’s location and encrypts all of the data coming to or leaving a computer, mobile phone, or IoT connected device.
Encryption is Key
Encryption is the act or the process of converting information or data into a code in order to prevent unauthorized viewing or access. Encryption scrambles computer data, emails, and text messages so no one can understand what it says without the key.
There are plenty of free applications that can be used to encrypt messages and calls on a phone or tablet. On computers, software such as Microsoft Office and Adobe Acrobat have settings that enable password protection for documents and specifications on the type of encryption that can be used.
Privacy-focused computer users can purchase an encrypting file system (EFS) or disk encryption products that allow for the encryption of files, folders, removable USB drives, and flash drives.
Knowing the process of data mining and the amount of information generated by simply surfing the web is essential to protecting your personal information. While this may seem obvious, many people simply don’t know data mining is happening, or the extent to which it’s conducted. Many companies bury their data collection and surveillance policies in the fine print of their multi-paged documents.
“Terms and conditions fatigue” and a lack of understanding of the business side of the internet has turned many people into willing accomplices in corporate and government data mining, generating information gleaned by marketing companies, private entities, and government bodies.
Merely staying informed on current events, reading news focused on data privacy, and educating yourself on different data collection tactics in use can help protect your user data and personal information.
Terms and Conditions
Government bodies and legislators seem to be empathetic to widespread data privacy concerns. The European Union has launched the General Data Protection Regulation or “GDPR.” This legislation, which levies severe fines for violations, is designed to protect EU citizens from data abuse and misuse. The European Union is also set to implement the ePrivacy Regulation, which will specifically focus on electronic transactions.
Talks of similar legislation in the United States have already started. Despite being the home state of technology companies headquartered in Silicon Valley, California has passed the GDPR-inspired “California Consumer Privacy Act” or CCPA. A data breach notification law was implemented in Alabama, imposing significant penalties on organizations that collect data, such as health information, usernames, and email addresses without authorization.
Other states across the country, including Virginia and Oregon, are hearing their constituents’ concerns for data privacy and drafting similar legislation.
Despite good intentions, technology companies seem to be light-years ahead of legislation and bureaucratic entities, ultimately leaving the responsibility of data privacy and security up to the individual.
While proactive measures, such as VPNs and encryption, can help mitigate the risk of leaking private information, a cybersecurity education can teach individuals how to pivot and evolve to meet the demands of the ever-evolving cyber threat landscape.