On 23rd May, 2019, FII’s Digital Editor, Suman Saurav attended a Digital Security Training by Software Freedom Law Center, India. The workshop aimed at helping individuals secure their data and communications, and make them feel empowered with respect to their concerns in digital space.
The workshop started with a brief discussion about the right to privacy and what it means on an individual basis. For some of the participants, privacy meant keeping their pictures and online activity secured, while for others, it was ensuring that the information that they are sharing is not leaked to or breached by a third party. The discussion then moved on towards the importance of digital privacy. Today, our entire life exists online. Technology has made our lives extremely easy. Be it ordering food or transferring money, everything is possible at the ease of our cell phones. But this also means that all our private and sensitive data is available online. Any breach of this data can bring serious complications to our lives. Hence, it becomes important to be aware of the steps that we can take to ensure the protection of these information.
Be it ordering food or transferring money, everything is possible at the ease of our cell phones. But this also means that all our private and sensitive data is available online. Any breach of this data can bring serious complications to our lives.
The workshop was informative when it comes to lying down issues with digital security and their solutions. Participants were made aware of how they can protect themselves and their data online. In this respect, the following six pointer Threat Model was laid down and participants were asked to answer each one of them according to their online interaction.
- What data or information do you want to protect?
- Whom do you want to protect this information from?
- How important is it to protect this data?
- How bad are the consequences of failure in protection of this data?
- How much trouble are you willing to go through to protect this information?
- Do you use Password Manager?
A password manager is a software application that is used to store and manage the passwords that a user has for various online accounts and security features. Password managers store the passwords in an encrypted format and provide secure access to all the password information with the help of a master password. Master Password helps you create different passwords for all your online accounts without actually going through the trouble of remembering them. This is also helpful for creating a strong random password which is extremely difficult to breach, if not impossible.
being vigilant about the usage of the application and the access that we are giving it is particularly important to protect your private digital information.
There were various solutions suggested in the workshop in the form of websites, tools, and secure search engines among other things that one can switch instead of using regular search engines which are, comparatively, unsafe and have a history of third-party breaches. Here are some of the tools that were discussed-
- Have I Been Pawned: Checks if you have an account that has been compromised in a data breach.
- 10 Minute Mail: Temporary disposable email service to beat spam.
- Lightbeam extension: Lightbeam is a Firefox add-on that enables you to see the first and third party sites you interact with on the Web.
- Turn on 2 Fa: Guide to Two-Factor Authentication (2FA) is a free resource with the goal of bringing awareness to the benefits of 2FA.
- Tor Network: Tor aims to conceal its users’ identities and their online activity from surveillance and traffic analysis by separating identification and routing. It is an implementation of onion routing, which encrypts and then randomly bounces communications through a network of relays run by volunteers around the globe.
Search Engines/Web Browser
- Searx.me: Shows search entries from all other search engines and is more secure than them.
- DuckDuckGo.com: Allows you to search the web without being tracked. Stay Anonymous Online. Try a search. Encrypted Search Engine. Privacy Simplified.
- StartPage.com: Better privacy protection than google.
- Firefox: Better and more secure browser than chrome.
The workshop then went into a detailed discussion of application permissions. We rarely check the permissions an application is requesting access to in our cell phones before downloading it. These permissions are a major reason for the third-party breach of your data. Free applications usually make money by selling your data to the third party. Hence, it becomes extremely important to check the access we are permitting to the applications that we download. It’s an individual choice if we give priority to using the application or securing our data by rejecting the access permission. Many a time, we don’t even need to give certain permissions asked by the app in order to use them. For example, Facebook asks for microphone access in your phone, which you can reject and still use the application without any issues, except for facebook’s call feature. Hence, being vigilant about the usage of the application and the access that we are giving it is particularly important to protect your private digital information.
The workshop concluded with a brief discussion of privacy settings under facebook and twitter, and how they can be used to keep your account secured. The workshop also dealt in brief with cases related to data breach, and important laws and bills around the topic, like The Facebook and Cambridge Analytica scandal, General Data Protection Regulation Europe, Herrick Vs. Grindr and Personal Data Protection Bill. You can read more on digital security and the workshop here.
Feature Image Source: Techie Scoops