With online services increasingly becoming the center of people's lives, the amount of personal data we share on the web is growing exponentially.
When data handling scandals occur, such as Meta's latest $1.3 billion blunder, we all get reminded of what's at stake for our right to privacy. However, the reality is that Big Tech companies have built their business model on exploiting information collected online—and all too often they're found guilty of misconduct.
But, are citizens really aware of the risks of their digital lives? And, do they care about their privacy online? One of the best VPN services around, Proton VPN, asked these and other questions to people in the UK. What it found is that most Brits are "concerned about online surveillance but lack the knowledge and tools to protect themselves."
The privacy paradox
As mentioned, companies of the likes of Google and Meta are infamous for engaging in massive data collection. While we all know they can monitor basically anything their users do online, we are all still keen to use their services.
"If Big Tech sent actual spies into our homes, we would never stand for such an intrusion into our lives. But for some reason we put up with it online," said Andy Yen, Founder and CEO at Proton.
The discrepancy between people's attitude towards privacy in the offline and online world is known as the privacy paradox.
In March Proton, the company behind one of the best free VPN services and homonymous secure email app, decided to try to better understand why this happens and teamed up with YouGov to survey 2083 adults in the United Kingdom.
It turned out that more than three quarters of respondents (77%) are concerned about their online privacy, with two thirds of people preferring to lose their passport than access to their email account.
The results show that the data Brits are most worried about is financial information (78%), login details (74%), and other personal identification info (68%). Unsurprisingly, people who got hacked in the past were the ones expressing more concern over their sensitive data.
There was also a big generational discrepancy in the responses, as more than a quarter of respondents (26%) aged between 18 and 24 said not to be concerned about their privacy online at all.
Dr. Gus Hosein, Executive Director at UK-based charity Privacy International, said "People are concerned. People want agency. They want to be able to do something. Actually, perhaps, more often than not, they just want to be left alone. They don't want to be poked at, prodded and surveilled as they just go around their daily lives. People want to not have to be worried about these things."
The results also show that, (69%) don't understand how online services are using their data. Despite this, over half of them (52%) believe it's unethical for free services to make a profit on this information.
How to fight back digital surveillance
"For too long, people have gotten a raw deal from tech companies monetizing and abusing their data. And people are upset about their online privacy, but they don’t know what to do about it," said Yen from Proton.
The survey depicts a quite grim picture when it comes user knowledge on how to secure their digital lives. The most popular measures were one-click solutions like refusing optional web trackers cookies or browsing the web in incognito mode. Sadly, these steps aren't enough to really escape digital surveillance.
The good news is that the majority of British people (83%) said to be willing to take additional steps to protect their privacy online in the next 12 months.
For those that want to take addtional steps, Proton advises users to introduce the following habits into their every day digital life:
- Use strong passwords and 2FA. Activate two-factor authentication wherever possible and consider using a password manager to help you create and store strong passwords across the board.
- Avoid oversharing online. Limiting the information you share online (from personal details to photos and videos) is also an easy way to minimize the risk of self-breaching your own privacy. Social engineering is a widespread tactic among hackers to gain information on possible targets.
- Keep your browsing private. There are a few options you can opt for here. Proton recommend using a secure VPN for your everyday browsing as it hides your IP address and encrypts your internet connections. You can also consider switching to a more private search engine like DuckDuckGo or Mojeek and using a more secure browser like Mullvad Browser. Tor Browser is the way to go when extra safety is required.
- Keep your communication private: using end-to-end encrypted messaging apps is the first step in preventing snoopers from infiltrating your private conversations. WhatsApp is a secure and popular choice but activists and journalists prefer Signal for extra security. Encrypted email services are often still worryingly overlooked. Among our favorites are ProtonMail and Tutanota.
- Secure your devices: a compromised smartphone or laptop can be the weak point for a hacker to steal your more sensitive information. Proton recommends checking for malware by using antivirus software and keeping your apps up-to-date, as well as making sure you are the only person that can physically access your device.
- Be vigilant: you should never click on links or download anything from a source you don't trust. Phishing scams are one of the most popular attack vectors among cyber criminals. As a rule of thumb, beware of offers that are too good to be true.
What about Big Tech?
As the so-called surveillance capitalism model becomes more prelevant, governments have been trying to regulate the wild world around the web. Legislations like the GDPR in the EU and UK are the current best attempts to minimize data collection. These are far away from perfect and many countries, most notably the US, are still lacking such a law.
Worryingly, commentators believe that simply fining the companies breaking privacy laws isn't enough to foster a real change. " When a company’s market cap is the same size as a small country, the fines that are currently being issued are a drop in the ocean. Big Tech has calculated that the surveillance capitalism model is so profitable that fines are simply a cost of doing business," a Proton spokesperson told TechRadar.
Even if Big Tech change their ways, unethical commercial data abuses are just a side of the story. Government surveillance and cybercrime are other major risks that come from sharing too much of you online.
10 years ago, @Snowden changed the course of history by whistleblowing against the NSA & other agencies global surveillance programmes, prompting a cultural shift in the way we think about privacy & security. Here's just a few ways these disclosures have changed the world ⬇️May 24, 2023
Proton is committed to keeping on with its mission by equipping users with a wide range of end-to-end encrypted products to help them protect themselves from Big Tech. The tools it currently provides are a VPN, secure email, password manager (Proton Pass), encrypted calendar, and drive. All are open-sourced too, and the company claims to collect no customer data.
Yen said: "Online business models where people come first and their data can never be seen, abused, or monetized need to become the norm. At Proton we firmly believe that surveillance-centric platforms aren’t the only way to operate online, and that the internet can work in the interests of people."
The Swiss-based security provider believes that "a carrot and stick approach" is what's really needed. This means that governments need to foster competition to help privacy-first alternatives to have a chance in the marketplace. That's partially what the EU Digital Market Act is trying to do—across the European Union at least.