May 25, 2018 was the deadline for GDPR compliance. The media was abuzz. Businesses were rushing to update their privacy policy page. Companies were emailing newsletter subscribers to approve updated privacy policies. Everybody seemed to be paying attention to this new law, which appeared to be the beginning of a new dawn in data privacy. Or was it? The reality is this: abuse of user data has reached such deep levels that even if laws like GDPR are fully enforced, work will still need to be done to ensure that user privacy is respected. Case in point: in a recent article, it was revealed that pretty much every major free VPN service is a sort of data farm, with a business model of collecting and sharing or selling user data. In fact, the piece revealed that hundreds of millions of users are at risk. The study also linked to a CSIRO research paper that indicts pretty much every major free mobile VPN service in the Google Play Store for intentionally compromising user data in an attempt to make money. Lest we pretend that this is an issue restricted to free VPN services, let’s not forget the Cambridge Analytica scandal involving Facebook in which data belonging to millions of people were harvested and used for political purposes or the fact that Facebook came on record to admit that it has been sharing user data with Chinese companies including a Chinese company designated as a national security threat by the U.S. government. If one thing is clear, it is this: big data is big business. And as long as there is a lot of money involved, expecting the government or some agency to come to our rescue will continue to be a pipe dream. The repeal of net neutrality is a great reminder.
Addressing the Rise of Data Abuse
There is only one solution to address the growing trend of user data abuse, and it is this: users should protect themselves. So how can you protect yourself from the threat of data abuse, especially by well-funded mega-corporations? Here are some tips:
- Realize that there is no such thing as a free lunch. The following axiom is true: “If you are not paying for the product, you are the product.” While of course there are exceptions, almost every case of data abuse happens when you don’t have to pay to use the product. Facebook is a notable example. The article covering the free VPNs is another example.If a product or service is being offered for free, especially if it requires a lot of data from you, your data is most likely at risk. This is the case even if the product is Facebook or Google.
- Enable Do Not Track, and Take it Up a Notch. By default, browsers will track and store your usage data, allowing advertisers the ability to access and collate your data and then use it for their ends. Pretty much every browser, and many major websites that you use, allows you to disable third-party tracking by enabling the "do not track" feature, but very few users take advantage of this. This Lifehacker article is an handy guide with instructions on how to disable tracking in every major browser and website. You can also take things up a notch by installing the Ghostery app to stop trackers that your browser settings are unable to stop.
- Disable Location Tracking in Your Browser. Asking for your location seems to be the latest trend these days, with browsers and search engines and social sites asking for access to your location data. First, don’t yield to the temptation. Whenever a site asks for your location data, unless you deem it absolutely necessary, don’t give it access to that data. Second, disable location tracking in all of your browsers.
- Carefully Review Permissions Requested by Apps Before Installing Them. There are thousands of apps in the app store designed specifically to collect, process, and share/sell user data in the Google and Apple app stores. Usually, most of these apps can be spotted a mile away. How? By reviewing the kind of permissions they are requesting. When a VPN app is asking for permissions to access your phone identity information, your contacts, and everything else under the sun, that should be the first red flag. When an app requests access to permissions it doesn’t need to deliver the service it is designed for, don’t use the app.
- Use a VPN: You can also go incognito by concealing your location with the use of a VPN. And certainly not a free VPN. If you have to use a free location masking service, you can use something like VPN Gate, a free cloud VPN service offered the University of Tsukuba, Japan or the Tor network.
Conclusion
Data abuse will continue to go on for as long as it remains profitable. It’s up to you to protect yourself. The above tips will help you do just that.
About the Author: John Stevens is the founder and CEO of Hosting Facts, a portal that reviews and compares web hosts. He specializes in analyzing and reviewing web hosts and giving the public an unbiased view of how they stack in comparison to their marketing claims. He is a regular contributor to TheNextWeb, Adweek, Entrepreneur.com, and other top publications. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
