Thursday, May 1, 2014

Your Privacy is Fuxxked up!

What is Online Privacy and why anyone should care about it  online? 

Online Privacy is about you and personal privacy concerning your data the way its stored and used by third-parties, and displaying that via internet.

With internet age, your data is captured every moment with what you do online and is available for companies to use and share with others without you noticing it and that's the reason why you should care. Your identity and data is not only yours anymore.

Google the web king:  
Every google search you do after login to google is stored. Google exactly know what kind of info you are looking for and what was your search history which it can relate and then show new results. Search done on webpage/tablet will also show up on phone and vice-versa.

If you have android then you can also see that "Google Now" will show related blogs/articles around your search. E.g. if you search for a name of place then few minutes later you will see a short map with time to travel to that destination will be shown. Its a great personalization and very useful to user. However its a way to show that your search queries are stored and processed for various purposes.

Every Android user ideally has Google account and that is the way Google brings in gmail / youtube/play and other services to user. All your emails are now with Google and they exactly know what you do and your personality traits. Ads shown by Google are defined by context of your emails.

You use youtube, and it knows which videos you watched, what you like and what you are likely to view. It show all that closely matches your taste to you and removes all other clutter.

Google alone brings huge issue of privacy online, and its hard to stay away from Google for all the services that you use.

Here is Privacy Policy of Google that details what information is collected, how they plan to use and choices Google provide to update this information.

As per policy Google collects name, email, phone number, credit-card, address, search query, your photo, you IP address, OS, On Android - call log, sms logs, hardware settings, device unique IDs,  browser type, browser language, browser cookies to uniquely identify you, users location via GPS/Wi-Fi/Mobile-tower,

Google does accept as per their policy that they share this info with partners/companies/individuals outside Google.
Google does a good job of providing us ways to view our web history and then remove items from them. You can also stop recording web-history. and you see it all there. You can see all you web history of search, image search, maps, finance, travel, books, videos and more.

Facebook/Social network: 

You got facebook account and Facebook knows what you share, your friends, your chat, your likes and dislikes.  Your close friends,  your relatives and your affairs. Facebook can track you every webpage you visit (via like/share buttons on those pages). Even user who don't have facebook accounts are also tracked by facebook. Facebook recently acquired Whatsapp and thus all chat communication is now known to facebook.
Photos and Videos you like or comment are with facebook. You get tagged in various photos of your friends and all that is with facebook.

It uses this info for showing ads to you. This info is also shared with other companies for various reasons. Here is Facebook Privacy Policy  . Here is good read on understanding Facebook privacy policy -!GWyjH

If you are working, then its high chance that you have an LinkedIn account with all your info about employer you work/worked for, peers, projects, achievements, skills, recommendations and much more.  Anyone can exactly find what you work on and your skillset without you noticing it. Its good and bad. LinkedIn is great for professionals to showcase skills and connect to peers across, however the data we pour in there is huge. Again this data is available to anyone for ads or personalization.

In addition to LinkedIn, employers do search for social networking and other sites to know more about you before they interview/hire you. And with companies sharing your data, your scores are defined before even you get to interview.

Whatsapp/Viber/IM chats:
Whatsapp and other messengers has sprung up due to smartphone and always on connectivity. Around 500 million users are hooked on Whatsapp alone. Text, Videos and photos are widely shared in 1-to-1 or Whatsapp groups. This info is with whatsapp and now with facebook. Data of 500m young  people!

ISP/Government surveillance:
All your data and websites pass through your internet service provider and then on the routers across globe. All this data is tracked and monitor by vendors at various levels. Your ISP, you state/country and all intermediate internet gateways on the way.

Governments  can ask for any of the website companies to share data about a user for any kind of investigations. Your emails/chat/photos/videos/likes and other data can now goes in hand of government without your consent.

Governments exactly know your income and expenses, credit/debit cards you hold, things you buy and from where you buy.Which place you visit and how often you visit. They can even tell you your monthy income/expense and categorize each item and tell you how much you spend on hotel/ restraurant/ grossery/ medicine / flights or movies you watched.

Skype/Viber and all telephony companies know whom you talk to and how long, even if you delete all your call log or history. All this is available as data to investigate and reuse for various purposes.

Your phone provider knows where you are so as to connect and ring your phone for incoming call. This info is maintained as you walk/drive.

If you have kindle/e-book reader then amazon knows which books you read, what's your reading pattern, which books you are likely going to read and show those. It also knows your reading speed and show how long you are going to take to complete a book.

Spotify and many other music players provide free music service with ads. Great to listen on phone/laptop. You login to these services via Facebook/Google accounts and all that info is captured. You personal favorites, playlist and more.

Google/Dropbox/facebook knows which camera you got, where you clicked photos, how many photos you clicked and what's your photography skills look like.

Smartphone the privacy killer: 
You got smartphone and it captures all your info, place you visit, websites you navigate, apps you install, games you play, songs you listen time you wake up, chat you do on whatsapp and banks you hold your accounts. It knows how many steps you walk/run daily and how many calories you burnt. Android/iPhone capture all that you do with your phone and most of it does get sent back.

With malls providing you cards to gain points and redeem, exactly knows who you are and what you buy. Which fruits your eat and how healthy you eat.  By just entering malls they know you are in using your smartphones wi-fi. How much time you spent in mall and which shop/section you spent most of the time.

Malls you visit first time also knows about your just due to the fact that you have smartphone with Wi-Fi enabled. They capture all your info, shops you visit and time you spent. Is that your first time in the mall or a returning visitor. Your smartphone keeps searching for known Wi-Fi hotspots and that helps Wi-Fi sniffers to know about your and can track you.

Almost all hotels now provide Wi-Fi and that forms the entry point of monitoring who connects or who is near by hotel. What time you came in and how long you stayed.

Other Internet services that we often use:

You use netflix or other movie streaming and it knows what you are watching.
Notes you take on Onenote/Evernote/Google Keep and other sites are available on cloud.

Tripadvisor and other travel sites exactly know places you like and hotels you visit, they show what's you likely going to book in your next travel destination.

Modern day cars are connected to internet and keeps track of how you drive, places you visit, FM and songs you listen to and more.

Data backup:
Everyone is concern about backup and dont want to miss photos or documents they have been working. All of this data again goes to cloud services like google Drive or Dropbox or or Amazon. All your data is surely safe to be available for restoring in case you lose your device or your hard-disk fails.

However you are now giving your data to keep in some other hands and that's all unknown to you. All your private photos/ideas/your work/music and much more is backed up on cloud and managed by some one whom you don't know. Surely this data will be scanned, processed and maintained in a way to make more sense to you and others.

Stolen/lost devices-
50% of theft happening around world is about mobile/tablet/laptops. All of these are data centric devices and points to your identity.

Reflection of your data on ads/personalization:
Ads you see on internet relate to you more than ad on TV. Google/Facebook/Apple/ other know exactly what you do online and show ads that you are likely to view or interests you.

All of these data is collected behind the scene and sold from one company to other without your consent or knowledge. Companies make most of it to give you personalized service on their websites and try to engage you most.

Even with private-browsing modes enabled, your internet service provider, state government, your company knows exactly what you browse. This dump is maintained for long time to refer back.

Personalization based on your data is great, however huge amount of data is been collected about you every hour/day and stored forever. You never know how it can be used against you or processed for you to provide unique internet experience for you that may be different than reality.

Best Practices:  
A good solution is not to use internet at all, however that's not practical as it brings in so many advantages which we have been enjoying. However we should be aware about above listed things and make sure you follow some best practices to keep a tab on your privacy.

You need to be careful on what you do and how you interact with technology that constantly follows you.  Here are some good tips

  1. Use two-factor authentication to ensure you have high level of protection around your account and no one can hack your account to get all your data. Here are details about two-factor authentication -
  2. Review your web history on google and keep it minimal. May be block web-history recoding from google. Review it at
  3. Review privacy settings on facebook. Remove unwanted access to apps and fine tune who see your shared info
  4. Use Private-browsing mode if you are searching and don't want google to capture that, of course don't login to browser or google
  5. Be cautious about what you share/like/comment online on social media
  6. Disable Wi-Fi/Bluetooth if not in use
  7. Uninstall unwanted apps that you don't use on smartphones
  8. Ensure you have Anti-theft apps on your mobile devices and you wipe data remotely using them if you lose it. Setup PIN/Password on your mobile devices.
  9. Review your usage of internet and data sharing
  10. Ensure online accounts for data backup are safe and not exposed
  11. Avoid connecting to public Wi-Fi hotspots or use VPN solutions to encrypt all communication.
  12. Use Tor for additional privacy from ISP and intermediate gateways
  13. Setup Google Alert on your name. Visit  enter your name, and variations of your name, with quotation marks around each. Select how frequently you want alerts (daily is probably fine for most of us) and where you want them sent. Now onwards if your name appear anywhere on public internet and google finds it, it will notify you.
Stay safe online!

No comments:

Post a Comment

Transform your $15 router to $200 security router for FREE

Technology is evolving faster and there are more IoT devices at home/office than a few years back. Software Security companies are movi...