Data Privacy Day: Security threats escalate. Are tech giants stepping up their support?

We say that we celebrate our Annual Data Privacy Day every January 28th, and 2023 will be no different. The potential threat to your online data being accessed without your consent is greater than last year. Your smartphone and PC, every app you use, your web browser, smart wearables, and even your smart home access your existing data and create new data. A lot of it can be personal. Basically, you don’t want it to fall into the hands of cybercriminals with malicious intent.

There is no doubt that we live in a hyper-connected world. Therefore, a strong online privacy layer is important. Apps should be able to keep your data safe while giving you as many options as possible to control what other users can see about you. Second, devices accessing apps and the web must have strong data privacy measures in place to complete the sequence.

“As cyberthreats become more sophisticated, businesses, people and communities are exposed to greater risk of malicious attacks. Ransomware and data theft have been a persistent problem for years, not only in India but globally,” said Ripu Bajwa, Director and General Manager, Data Protection Solutions, Dell Technologies India.

The latest figures from the Norton Consumer Cyber ​​Safety Pulse Report, which collects threat data from the LifeLock security software suite, give you a fair idea of ​​the threat landscape.

This figure represents more than 769 million online threats blocked on computing and mobile devices between July and September of last year. This includes over 100 million file-based malware, 100 million fingerprinting attempts to track users, and over 330,000 mobile malware attacks.

Smartphone dials privacy.

We need to ask what the tech giants are doing to improve privacy measures for the software and apps they make and the cellphones and computing devices they sell.

For Apple, an effort that began years ago with app tracking transparency in iOS 14 has steadily evolved into a much larger toolkit for iPhone, iPad, and Mac users. Preventing websites from tracking you, blocking various trackers in your email, creating temporary email IDs for online forms to hide your real email ID, encrypting messages and passkeys instead of passwords were added in subsequent updates.

The latest iOS 16.3 update expands the scope of end-to-end encryption for iCloud backups, new iMessage contact key validation for conversation privacy, and support for hardware security keys.

Apple states that “conversations between users who have enabled iMessage contact key verification receive automatic alerts if an exceptionally advanced adversary, such as a state-backed attacker, succeeds in eavesdropping on these encrypted communications by penetrating cloud servers and inserting their devices.” said Apple. , in the statement.

Security firm Kaspersky pointed out that “If you buy a new Apple device, you can only enable Advanced Data Protection on your old device.” This is to prevent someone with stolen Apple ID credentials from, for example, logging into a new iPhone and enabling advanced data protection encryption.

“As economic pressures increase in 2023, we expect fraudsters to continue preying on people’s vulnerabilities,” said Kevin Roundy, researcher and technology director at Norton. Therefore, the operating system must work in sync with the app.

Google must match Apple’s quick move to make its software more secure, but with more than 2.5 billion users worldwide. Android is by far the most popular smartphone operating system.

Android’s advanced protection program has been tactically enhanced, which includes anti-phishing in Gmail, Safe Browsing in Chrome, and Play Protect, which checks the integrity of installed apps and bundled threats. App permissions have also become more dynamic on Android phones, with more control over whether individual apps are granted access to location, storage, camera, and more.

If the user does not access the app for a significant period of time, these permissions are revoked so that apps that are not currently in use cannot continue to access user data.

How private is the app?

Meta’s WhatsApp, the world’s most popular instant messaging platform, extends your control over who can see you online or your profile picture by blocking and reporting accounts and messages that disappear once viewed.

Late last year, Meta upgraded its WhatsApp privacy options, allowing users to leave a group without being notified by everyone else in the group, and preventing screenshots of messages originally sent as a ‘take a look’.

“We will continue to build new ways to protect messages and keep them as private and secure as face-to-face conversations,” said Mark Zuckerberg, Meta’s founder and CEO at the time.

You can’t get everything under one umbrella when you consider apps for four very distinct use cases: email, VPN, cloud storage, and calendar. And most definitely not this level of encryption and data protection. That’s what Swiss technology company Proton has effectively changed. Proton Mail, Proton Calendar and Proton Drive provide end-to-end encryption for all communications and data. VPN apps also run your web traffic through an exception tunnel.

Meta has also expanded its end-to-end encryption capabilities in Messenger, the second most popular messaging app after its sibling WhatsApp. The latest set of updates rolling out now includes link preview and active status as all user chats are updated with the new encryption layer.

“Over the coming months, more people will continue to see some chats gradually upgraded to the extra layer of protection provided by end-to-end encryption,” says Melissa Miranda, product manager at Meta.

NordVPN, a popular VPN service, warns against mobile games that collect a lot of user data. “Multiplayer games are all about interaction and player engagement. But games like Words with Friends collect huge amounts of personal data, making them one of the worst apps for privacy,” they say.

For example, Words with Friends collects and tracks a wide range of data, including device user identity details, email, address book contacts, location data, and uses cookies to track app and web browsing as well as IP or internet protocols. courtship.

“Before you download any app, check the permissions and make sure you can run the app without giving it the necessary permissions to track your data,” warns NordVPN. Apple and Google have updated their App Store and Play Store policies, respectively, to require app developers to provide this information to users on their app listing pages. You should read it carefully before downloading the app.