Unless you are an information security expert, chances are you are not fully aware of the information security risks threatening you every time you are online. Saying that the security risks are staggering is an understatement. As more parts of our lives are stored digitally, more attackers – and methods of attacks – target our personal information online.
It is not just attackers with malicious intent either. Tech companies have long tracked and gathered information about our online activities, from the services we use to the pages that we browse through when searching for information. Years of data gathered by these tech companies are among the things that allow them to profile us with frightening accuracy.
In recent years, however, data breaches, hacks, and leaks affecting tech companies are starting to change how they view web privacy. Users are also becoming more informed and actively engaged in protecting their privacy online. These changes are good signs of things moving in the right direction, but they are definitely far from enough.
Services Turning into Honeypots
One of the biggest internet privacy scandals involves a group of free proxy service providers operating on the same server. Names that are popular among users for their free VPN services, including UFO VPN, Fast VPN, and Flash VPN, are tied to this data breach.
The breach involved 1.2 terabytes of data containing information such as plain text passwords, user email addresses, browsing history, and even financial information. It was deemed to be the biggest privacy scandal of 2020 because of how massive the reach of this breach was.
This is a clear sign of how using a free VPN or proxy service is not recommended. If you want to use a proxy service to remain anonymous, the best way to go is to use services from a reputable provider.
There are also more proxy services to choose from. You can, for instance, use a China proxy to access websites that cannot be accessed from outside the country. You can use the highest quality residential China proxy to access China-only services like Baidu and Youku. For anyone doing business in China, this is a must-have tool to beat China’s firewall.
The Facebook Story
We cannot talk about misuse of user data and data leaks without talking about Facebook’s involvement in the Cambridge Analytica case. The internet research company was able to leverage data shared by Facebook to influence the 2016 US election.
Cambridge Analytica is not the only company with access to granular user data. By using Facebook’s own app policy, the company was able to tap into millions of Facebook users, gather their personal details, and use the tracking results for better ad targeting.
Cambridge Analytica is unique because it also went further than just using non-personal analytics data for ad targeting. Their access to granular Facebook user data allowed them to change opinions through seemingly organic posts and Facebook bots.
Similar to the VPN leak, Facebook was also responsible for allowing this breach to happen. In fact, experts from Cambridge Analytica themselves confirmed that Facebook actively helped the company analyze data and do better targeting throughout the election.
There are other cases that showed how a lack of security measures and poor attention to privacy can be very harmful. In some countries, these practices are leveraged by the government to track their citizens. China is the perfect example of that.
The stories around China’s citizen ranking system are not entirely accurate, at least not in the way that you may think. Instead of overstating what China is doing, the stories you can read publicly don’t really represent just how extensive – and intrusive – the government tracking really is.
The Chinese government can now profile users based on their online activities. Augmented with data from offline activities like transactions and travels, the profiles and the ranking system behind them are immensely effective in controlling citizen behavior.
If you are a citizen and you leave a negative comment about the government in an online forum, you may be blocked from traveling by air or accessing certain services offline. That one comment is enough to lower your citizen score or ranking significantly.
On the other hand, your offline activities will also trigger closer monitoring of your online activities. If you have outstanding debt and you go online to chat with friends, the government can pinpoint your location and provide that information for collection purposes.
The bad news is this type of intrusive tracking isn’t just happening in China. Companies like Facebook are still tracking you across multiple websites. In fact, they now have more technologies to use and are making their profiling algorithms more accurate.
The use of big data and artificial intelligence are turning simple web tracking into total surveillance. The next time you see an advertisement after talking about going on a holiday with a few friends, you can accurately tell that your conversations are being monitored. That’s just the AI behind web tracking accurately predicting your actions based on a vast amount of information.
Other technologies like device fingerprinting started life as a way to protect users. In the case of device fingerprinting, its original purpose was to prevent spammers and bots from flooding social media sites. Today, however, device fingerprinting allows internet companies to track you more reliably across not only multiple devices, but also across multiple IP addresses and platforms.
The real scary part comes from the use of AI-powered image recognition. Every photo you post on social media is being used to augment your already-intrusive user profile. Even when you use multiple accounts and devices, tracking can still happen based on your interactions with apps and websites that use the camera on your laptops and smartphone.
A Shift in Approach
There has been a significant shift in approach due to these cases and their impacts on users; or more specifically, their trust. Apple, for instance, is now making it mandatory for companies to disclose the data being collected by their apps. Apple has also taken steps to strengthen privacy measures for Safari and their operating systems. Google is taking a similar step with Chrome and the other services they have.
Expecting these steps to be enough is still a mistake though. While tech companies are renewing their commitments to online privacy, they still collect user data in an intrusive way. Even plugins like QuickTime are being used to discover your real IP address for tracking purposes.
What’s needed is a unified voice on the issue: we as the users need to fight for our privacy. We need to fight for our privacy online now before it is too late and intrusive tracking becomes accepted as a normal thing.
I am Ebbe Kernel, a Swedish data gathering analyst and consultant. I’ve been working in the field of data intelligence for over ten years and have advised hundreds of data providers and large companies on in-house data acquisition solutions. In 2017, I started focusing more on sharing my experience with the world via opinion pieces and technical articles. Since then, I have advised dozens of tech journalists and IT thought leaders on the methods, merits and risks involved in the data industry.