Cyber Talk: Safeguard your personal data
With increasing incidents of data breaches and cyber attacks, it’s important to protect your info
Published Date - 28 March 2023, 12:45 AM
Hyderabad: Data protection refers to the practices and technologies used to safeguard sensitive and personal information from unauthorised access, use, disclosure, modification or destruction.
It involves a range of measures, including technical, organisational and legal steps, to ensure that data is kept safe and secure at all times.
Our personal digital rights as per the General Data Protection Regulation (GDPR) include (a) Right to Access (b) Right to Confirm (c) Right to Correct (d) Right to Portability (e) Right to Forget (f) Right to Consent.
Data protection is important for individuals to protect their privacy rights while for businesses it helps to mitigate the risks associated with data breaches, financial losses, reputation damage and legal liability.
With increasing incidents of data breaches and cyber attacks, it has become mandatory for businesses to implement GDPR measures as required by law and also notify affected individuals and authorities in the event of a data breach.
How companies harvest your data
Online shopping: Name, gender, email address, delivery address, phone number, credit card details, product search history, frequently bought items, average shopping basket value, most browsed products and your IP address.
Dating apps: Gender, age, ethnicity, sexual orientation, phone number, private chats, political views, private pictures, likes and swipes, device info and IP address.
Search engines: Online searches, browsing history, online interests, shopping habits, IP address, location, passwords and credit cards, device information, downloaded files and browser add-ons you use.
Social media: Posts, photos and videos, messages and files, phone contacts, name, gender, email address, location, phone number, date of birth, relationships, groups or group chats and posts, photos and videos you’re tagged in.
Classification of data
Personally identifiable data (PII): It is any data that could potentially be used to identify a particular person.
Non-personally identifiable information (non-PII): Data that cannot be used on its own to trace or identify a person, so basically the opposite of PII.
Sensitive personally identifiable information: Not all data that qualifies as personally identifiable information is sensitive.
Non-sensitive personally identifiable information: It could be in a public record, like your birthday or phone number. It can’t directly identify you. Once exposed, attackers can use it to facilitate identity theft, fraud and social engineering attacks, particularly phishing and spear phishing.
Laws for data protection in India
The Information Technology Act, 2000 (IT Act) is the only data protection legislation in India. Some sections used for data protection as per the IT Act are (a) Section 69 (b) Section 69 A (c) Section 69 B. We are yet to have a GDPR-like law to protect data and its privacy.
Where to check if your data is breached
There are several websites on which you can check if your email or phone number has been part of a data breach. Few sources are (a) https://amibeingpwned.com (b) https://snusbase.com (c) https://leakcheck.net (d) https://leaked.site (e) https://leakcorp.com/login (f) https://haveibeensold.app
How to protect data
— Use strong completed passwords
— Enable two-factor authentication
— Be cautious when sharing personal information
— Use a virtual private network (VPN)
— Use reputable antivirus and anti-malware software
— Be cautious of phishing scams
— Download software/applications from legitimate sources only
— Keep your browser updated and access only secured websites starting with https://
— Check the complete headers of the email using https://mxtoolbox.com/EmailHeaders.aspx
— Check how your apps access your data. https://reports.exodus-privacy.eu.org/en/
— Verify the actual SMS sender by using https://smsheader.trai.gov.in/