Let’s begin with an experiment.
Log in to your primary Gmail account, the one you use on your mobile devices as well, and go to My Activity. Here, you’ll find a comprehensive list of everything that you’ve ever searched for on Google, all the videos you’ve watched on YouTube, and all the applications you’ve launched on your mobile.
Let’s go a bit further, to AdSettings. Here, you’ll find out exactly who Google thinks you are, based on your search history, the ads you’ve clicked on, the websites you’ve visited and the videos you’ve watched.
There’s an estimation of your age, an assumption of your gender and a whole list of activities you might be interested in based on your online behaviour.
But Google isn’t the only one that knows a lot about you. Facebook too has a similar page on who it thinks you are, based on your interactions, comments, likes and friends. You can see this profile under the Ads sections of the Settings menu. From the ‘Your Facebook Information’ tab inside your Facebook settings, you can also download all the data the company has accumulated on you over the years.
I don’t even use Facebook all that much but it had accumulated 1.7GB of data, which included all of my activities on the social networking site, even the posts, messages and comments I had deleted.
Companies like Google and Facebook have reams of information on who you are, but from past experience, the possibility of losing control of this data looms eternal, as seen with the Facebook data breach of 2018 and the hacking of Quora accounts the same year.
Apart from external cases of data breaches, these companies themselves have been known to misuse user data for profit.
But even with such sensitive data populating user accounts, account holders don’t seem very worried about their online privacy. According to a Privacy Survey conducted by security firm Kaspersky, only 41 per cent of its 11,887 responders, from 21 countries, said they valued their online privacy more than their privacy offline. A further 56 per cent believed information on the internet cannot be kept completely private.
This user perception, of how data is never private, is only supported by the actions of companies like Facebook, which recently came under fire for hiring contractors to transcribe user’s audio chats.
While it can be quite unnerving to see all the information internet companies have on you, a simple and effective solution would be to practice basic ‘data hygiene’ and limit the amount of data these companies have.
For the privacy conscious Nepali, the ideal solution would be to stop using these companies. But since that’s often impossible, here are a few tips to ensure big companies such as Google and Facebook collect minimal data on you.
Disable location tracking
Google Maps on your phone is constantly tracking your whereabouts. One look inside the ‘Your Timeline’ tab in the app will show you exactly where you were on a specific date, where you travelled to and what vehicle you used to make the commute.
If cyber criminals gain access to sensitive data such as this, they could easily triangulate where you live, your office address and even the bars and restaurants that you frequent.
Disabling location tracking is easy as is manually turning on mobile GPS when you need it and leaving it off when you don’t.
Have you ever come across ads peddling items that you were just searching for online? This is possible through targeted advertising, which is also why Google creates an entire persona around your internet usage habits. Companies like Google share information in real-time with ad companies that send you ads based on your recent searches.
This is possible through web cookies, small pieces of data sent from a website to a user’s browser for the means of tracking key information. Most of the time, these cookies are used to record search queries and shopping cart items but they can also be used to record long-term internet usage.
Completely disabling cookies might cause issues for users since they are also used for authentication purposes. So setting your browser to purge all accumulated cookies on exit might be the best option. On Chrome, you can easily do this by navigating to Settings>Advanced>Privacy and Security>Site Settings>Cookies and enabling the “Keep local data only until you quit your browser” option.
We share a lot of information on social media, be it pictures or private messages.
Most often, social media sites give you the option of managing your information online. Some even offer options to completely delete all of your data off of their servers.
But without proper regulation, it is difficult to know if they actually do permanently delete your information.
Set your posts and profile to private so that only your friends have access to your content because cyber criminals can analyse your social media content and draw a more comprehensive picture of your lifestyle for identity theft cases.
Understanding internal service protocols might also help control digital privacy. Facebook Messenger is far less secure than WhatsApp (even though both services are owned by Facebook) because WhatsApp uses end-to-end encryption which decrypts data at peer endpoints. For chatting and voice calls, WhatsApp or Signal are recommended over Facebook Messenger.
While in the past, stronger passwords would’ve been the best way to prevent unauthorised access to your digital accounts, today, two-factor authentication adds a layer of security that is difficult to breach.
Linking your account to your local phone number will mean that every attempt at logging into your account would be accompanied by a security code sent to your smartphone.
This could be a nuisance when you want quick access to your account, but having that extra layer of protection could mean securing your data from hackers and cyber criminals.
Almost all social media services, from Facebook to Twitter, offer two-factor authentication. You might have to dig into your account settings to enable it.
WorldLink provides free internet hotspots around the city but the problem with such open networks is that they are open for anyone to join and with sophisticated tools, criminals can easily gain access to your device or the data that your transmitting through the open network.
Even when you absolutely have to use open networks, be sure to use VPN services to scramble your data and keep yourself anonymous so as to make it difficult for unauthorised users to access your data.
Use private search engines
The ubiquity of Google as a search engine is evident in how deeply integrated it has become in our lives. But as evidenced by all the information the search engine giant keeps tabs on you, and moving to a more private search engine might help retain some semblance of privacy.
Search engines like DuckDuckGo prioritise privacy and assure users that they do not track any user searches.
DuckDuckGo also doesn’t suffer as heavily from DRM restrictions as Google and tends to provide more options for your searches.
If you also want to uncouple yourself from Gmail, there are numerous encrypted free email services out there, like ProtonMail.
Lock down your hardware
Always have passcodes and passwords for devices like smartphones and laptops. An open device can be a treasure trove of information if it gets stolen.
Your smartphone has all kinds of personal information from your private pictures and email to your bank information and your social media.
This information can be used nefariously if it falls into the hands of information thieves, which is why protecting your device behind passcodes might just give you that extra bit of time to remotely wipe your data once you hardware theft has been recognised.
Both Android and Apple offer options to remotely erase all the data on your phones. For iPhones, you will need to have set up Find My iPhone beforehand, but for Android phones, Find my Device is automatically turned on when you link your account to the phone.