Privacy rights group Privacy International is raising funds to challenge UK Government's use of hacking as a mass surveillance tool. As the Investigatory Powers Act was passed last year, UK's security agencies are now able to carry out mass hacking of devices that may potentially belong to tens of thousands of people, anywhere in the world.
The use of encryption software started rising dramatically in Britain following the new law, even though UK's Home Secretary has recently expressed her stance against encryption. Currently, around 44% of tech sector workers already use a VPN in the UK. NordVPN has experienced a 300% growth in the UK market in one year.
"When the UK passed Investigatory Powers Bill, British Internet users crowded VPN providers," said Marty P. Kamden, CMO of NordVPN. "People showed that they were willing to take privacy into their own hands. Similar regulations will always alarm people who simply do not want their information to be collected and potentially misused if it ends up in the wrong hands."
"Huge amounts of retained data always leads to the increased risk of people's personal information being exposed. This data can be accessed by a large number of people, there may be private data leaks, identity thefts and so on, " said Marty P. Kamden.
A number of security incidents involving large amounts of data have emerged recently. For instance, when Equifax was breached, the company said 145.5 million people were potentially exposed, including 694,000 UK customers, whose driving licence numbers and phone numbers were stolen.
In another case, an NSA employee stored sensitive data on his home computer, which was obtained by Russian hackers by exploiting a Russian antivirus brand – the Kaspersky Lab software – that the employee was using. Back in 2015, the U.S. government was hit by a similar breach of its computer systems, when each person ever given a government background check was affected, resulting in theft of Social Security numbers and even fingerprints.
How to stay private on the web
According to Marty P. Kamden, Internet users can take a few steps to make sure their data is private and protected from any kind of snoopers - including government tracking, ISPs, advertisers and online criminals.
1. Delete cookies. Cookies are text files containing information about a user's interaction with one particular site, which may include login details, viewed products, and any other personal browsing information. Many cookies are embedded by a tracking technology that helps identify specific user's habits and browsing history to advertisers and any third parties. To keep their privacy, users should always delete cookies from their browser.
2. Use antivirus software. Not all antivirus software is safe, as shown in the recent case with the Russian Kaspersky Lab antivirus that was used by Russian hackers to obtain NSA files. When choosing an antivirus system, one must always be aware that full access to all the information kept on the computer will be granted to the service provider. That means that a user must do their own research and choose the most trusted system. Opinions vary among different experts, which means it's not easy to make a suggestion. It's up to the user to choose where to put their trust.
3. Use software that blocks ads and malicious pages. There are many browser extensions that protect users from malicious pages. NordVPN has recently launched a CyberSec feature that automatically blocks suspicious websites so that no malware or other cyber threats can infect a device.
4. Have strong password control. Not entering personal passcodes and credit card information when using open Wi-Fi networks is an essential rule in order to avoid hackers and snoopers. It's also important to use secure passwords that have a minimum of 12 characters and include a strong mix of letters, numbers and characters. To take it one step forward, it's recommended to install a password manager, such as Mitro, which logs users into their various websites automatically and uses an open-source protocol, making it more difficult for hackers to include backdoors and flaws.
5. Subscribe to encrypted email. Choose an email provider that employ highest privacy and security standards. ProtonMail, for example, is a free encrypted email service provider, offering end-to-end encryption – meaning even the provider itself cannot decrypt and read subscribers' emails. No personal information is required to create accounts, and the basic account service is offered free of charge. Other secure email providers include Tutanota and Countermail.
6. Turn on multi-factor authentication. Multi-factor authentication is a security system that will allow a user to access their online account after they log in with their username and password, and then require the second-step authentication: either through a fingerprint scan or by sending a code via text. Most sites, including email providers, already offer multi-factor authentication as an option.
7. Use a VPN. The best-known method to keep your information private and secure is a VPN. A VPN encrypts user data through a secure tunnel before it reaches the Internet – this protects any sensitive information about one's location by hiding their IP address. As a VPN connects a user to the Internet through an alternative path than an ISP, the only information visible to the ISP is that the user is connected to a VPN server. All other information is encrypted by the VPN's security protocol. NordVPN is determined to hide and secure users' data with features like double encryption and a strict no logs policy. From the moment a user turns on NordVPN, their Internet data becomes encrypted. It becomes invisible to governments, ISPs, third-party snoopers and even NordVPN.