The 6 Biggest Online Privacy Threats You Should be Concerned With

For some consumers, the online privacy remains a distant thought; a trifle for politicians and civil rights organizations. However, for a growing number of people, the matter has become a daunting battle between the powers that be and the control we exercise over our own information.

The following threats are by no means the only areas of concern in the privacy realm. However, understanding the implications of some of these larger issues can help articulate the scope and depth of privacy intrusion and data collection.

1. Cybercriminals remain the biggest threat due to shady practices

Despite government monitoring activities, cybercrime remains the greatest threat to personal information in the digital age. The reason for this is simple: while the government and law enforcement monitor your activities, cybercriminals attempt to do the same. In general, user vigilance and consistently updated anti-virus software can help mitigate threats, but strong passwords and compartmentalized email identities are also important steps to take.

Things to consider:

• According to a study done by Javelin Strategy and Research, “There were 12.6 million victims of identity theft in 2012 in the U.S.”
• Commtouch’s quarterly Internet Threats Trend Report revealed that an average of 97 billion spam, phish, and malware-laden emails were sent worldwide every day during the first quarter of 2013.
• According to the 2013 State of the Net Report by Consumer Reports, a projected 58.2 million American adults had at least one malware infection that affected their home PC’s features or performance in the past year.

Suggested actions to take to combat this threat:

• Use lengthy, complex, and varied passwords.
• Create and use compartmentalized email addresses (separate accounts for varying levels of data sensitivity) for additional protection.
• Maintain updated software and reliable anti-malware software.
• Exercise caution toward sketchy websites and any email or registration requirements, reputable or otherwise.
• Be extremely cautious about downloading software, as even trustworthy software can be bundled with malware with ease.

2. Facial recognition software is building a database

Facebook and Google+ each offers photo sharing tools to their millions of users. However, built-in facial recognition technology that scans photographs in order to suggest tags is currently collecting and building extensive profiles of user faces. Facebook maintains that the data is kept safe, however little is known how the data is used after it is sold to third-party companies.  Law enforcement is also known to query these providers for facial profile data on a regular basis.

Things to consider:

• Facial recognition software built into social networks is compiling an extensive database for myriad purposes.
• The sale of this data to others is unregulated and little is known what happens to it once it has left the hands of the social networks.
• Photographs posted by others, some potentially embarrassing or, worse, incriminating, become possession of the social network once they are uploaded.
• Current facial recognition programs provide no opportunity to opt out before data is collected.
• With ubiquitous and involuntary facial tagging, the dangers of surveillance and stalking increase manifold.

Suggested actions to take to combat this threat:

• Exercise caution when posting personal photographs online.
• Read privacy statements for popular photo sharing websites in order to understand the limits of your data rights.
• Ask that your social networking friends talk to you before posting personal photographs online.

3. Cell phone GPS functionality provides easy location tracking

Whether we are aware of it or not, the tracking of our location is not limited to Foursquare check-ins. Always-on location services and meta-data in social networking posts have turned our cell phones into personal tracking devices. It is well known that law enforcement agencies subpoena this kind of information for criminal purposes, but the implications elsewhere are startling. Employer-owned devices can be tracked, offering new possibilities for monitoring.

Things to consider:

• According to the ACLU, only 13 of the 250 law enforcement agencies in the country have never used cell phone location data.
• Multiple law enforcement agencies do not require a warrant to obtain location data.

Suggested actions to take to combat this threat:

• Refuse requests from applications for use of location services capabilities.
• Avoid posting social networking updates from your cellphone.

4. Data in the cloud is not subject to the same protections as your hard drive

According to Gartner research, 36% of US consumer content will be stored in the cloud by 2016. This massive migration to cloud storage is troubling when one considers the potential security holes. Cloud storage firms have been hacked, multiple times, and while data stored on these servers are frequently encrypted, their functionality depends on stages of decryption that present opportunities for exploitation. In addition, data is stored in remote servers where security and IT personnel have certain levels of access to customer data. This reliance on protections from others and vulnerability in transit represent considerable hurdles to privacy.

Things to consider:

• Current encryption solutions to mitigate cloud storage risks compromise convenience.
• Uploading data to the cloud subjects it to law enforcement seizure; such seizure has occurred multiple times at high volumes.

Suggested actions to take to combat this threat:

• Be wary of what you store on the cloud. Any data uploaded represents privacy surrendered.
• Encrypt your wireless Internet connection to prevent localized interception.
• Consider giving misleading filenames to sensitive data, as filename indexes are frequently unencrypted.

5. Legally mandated scanning means copious amounts of browsing data are being collected

Revelations about legislative and executive measures to increase the monitoring of national and international networks mean that your browsing history and search queries are likely being monitored this very moment. These legal mandates are frequently approved (with little oversight) by confidential judicial bodies with the express intent of monitoring and mining Internet traffic. The United States government holds to the statement that they only use the information to catch criminals, but regardless, this means that your information and your browsing activity is being monitored, entirely without you knowing or consenting to it.

Things to consider:

• PRISM and MUSCULAR data monitoring programs are mining information daily from Google and Yahoo servers and storing it in data warehouses.
• Claims that only “meta-data” are being acquired obfuscate the fact that sufficient information is being collected to construct thorough profiles for individuals.
• Confidential memos regarding surveillance activities continue to come forth.

Suggested actions to take to combat this threat:

• Contact your congressperson and make explicit your opinion on federal monitoring activities.
• Support legislation limiting the reach of surveillance programs.

6. Cookie proliferation has reached troubling levels

Cookies, simple text files that monitor information about your computer and your browsing behavior, have ballooned in number in recent years. These files track what you may be interested in buying, sending that information without your knowledge to websites. Therein lies the danger of cookies: the submission of potentially sensitive data to unknown entities without express permission to do so. Despite legislative efforts to curtail the number of cookies in use, sufficient legal protections are not yet present to help prevent the threat. In addition, what provisions exist are easily circumvented by businesses claiming their use of cookies is “essential”. This increase in tracking and lack of appropriate protections means a considerable amount of user-side effort in order to attain privacy.

Things to consider:

• Cookie activity often occurs entirely without knowledge and does so in unprecedented volumes.
• While some activities are innocent, including improving shopping results, the invisible tracking poses a threat when utilized by malicious websites or persons.

Suggested actions to take to combat this threat:

• Use cookies blocking and deleting browser functionality.
• Consider installing software that automates the blocking and deletion of tracking cookies.
• Explore browser extensions that identify tracking activities and block creation of cookies.

Be they personal or federal, privacy intrusions are present and prevalent in our digital world. Criminals, law enforcement agencies, and advertisers have multiple tools at their disposal to track and document our activities and identities. Protective action includes supporting legislation that limits surveillance activities, using a VPN service to surf the web, safe browsing habits, and installation and utilization of appropriate privacy measures on user computers. The current expanse of privacy intrusion is baffling to most of us, but with some know-how and a proactive mentality, privacy stands a fighting chance. Take action and let it be known that your privacy is a worthwhile and necessary priority.