Online privacy is a touchy subject.
While instant connectivity changed our world (largely for the better), it came with a price. And in these uncertain times, a lot of people are beginning to wonder whether national security outweighs online privacy.
It’s a difficult question to answer – and we won’t attempt to do so in today’s post, as there are a few other things to establish first.
Still, keep it in the back of your mind as we explore the idea of online privacy and its importance in our lives.
What Is Online Privacy?
Online privacy is defined as “the privacy and security level of personal data published via the Internet.”
At a basic level, it’s all about privacy: your ability to seclude yourself (including information about yourself).
When you have control over your privacy, you also have control over when, why, and how you share yourself, as well as with whom. This is actually a fundamental human right.
Think of it this way – when you’re getting ready for bed, you do so with the curtains closed. Maybe you even shut the door. You’re controlling who can and cannot see you in a vulnerable state of undress.
This type of everyday privacy comes naturally to us. We barely give it any thought unless it’s being infringed upon.
But when it comes to online privacy, most people are actually pretty careless. “Online” doesn’t feel like the real world – it’s something separate, virtual, perhaps even impersonal.
As a result, our feelings about online privacy tend to be skewed.
What Is Online Privacy Meant to Protect?
Part of the problem with the way we think about online privacy is we’re not always sure what it entails. Many think it’s just about what you’re doing, but it’s also about who you are.
“Who you are” is what we call your Personally Identifiable Information, or PII for short. Basically, PII can include your name, birthday, address, your photos, Social Security number, even your credit card number and medical records.
“What you do,” on the other hand, is what we call Non-Personally Identifiable Information.
Sometimes it’s referred to as Non-PII or even just NPII. This is more action-based information that, by itself, can’t be used to identify you, such as your online search queries, the websites you visit, and articles you read.
Things like your online shopping list? That’s Non-PII. But if you combine it with your site account and payment details, it can be used to supplement PII and create a more complete picture of who you are.
Online privacy is meant to protect all of this information, both as individual snippets and as a whole.
Why Is Online Privacy so Important?
Let’s do a quick thought exercise.
Imagine a world where online privacy didn’t exist at all. Everything you do and all of your personal information is completely out there for anyone and everyone to see.
This includes your banking details, your emails, that picture you sent to someone.
Still wondering why online privacy is important?
We all have a few things to hide. Most of it is stuff like our banking details and whether or not we bought a surprise gift for someone. Sometimes it’s even more personal than that, like your religious beliefs or lack thereof.
This is all information we should be able to keep to ourselves until we’re ready to share it with someone else.
Encryption and Online Privacy
Encryption is one of the most fundamental aspects of protecting your online privacy.
Essentially, “encryption is the process of using an algorithm to transform information to make it unreadable for unauthorized users” (Techopedia.com).
The encryption key is how authorized users can decrypt that information to make it readable again.
So when you’re looking to encrypt your online data, you need to pay attention to the encryption key length. There’s a big debate over whether 256-bit AES really is better than 128-bit AES.
But, if you’re looking for a short answer, you can think of the key length (256 vs 128 in this case) as a rough determination of how long it’ll take to hack.
We talk more about this topic in our Beginner’s Guide to VPN Encryption.
The major catch to using encryption is government agencies like the NSA are allowed to keep encrypted data (almost) indefinitely.
So the more people using encryption, the better for everyone, as it makes it harder for the government to practically invade everyone’s online privacy at the same time.
Perfect Forward Secrecy
Another problem with the current encryption standards is, once quantum computing becomes a reality in the (so far) distant future, all bets will be off.
Hacking encryption keys to decrypt your online information will become infinitely easier.
This is one reason why you want to incorporate perfect forward secrecy, or PFS.
PFS is basically a technical add-on to encryption standards. Instead of using the same encryption keys for users all the time, PFS generates a new, unique key for each communication session.
So you might benefit from a key-combination right now, but the next time you connect to the same website or platform, PFS makes sure you’re using a totally new, randomly generated key.
Online Privacy Threat Modeling
Protecting your online privacy can’t be done in one day.
And unfortunately, it’s not something you can do 100% either. The more you try to protect, the less usable the internet becomes.
Luckily, there’s an easy(ish) way to prioritize your battle plan: online privacy threat modeling.
Start off by defining what you’re trying to protect. For example: are you more worried about the legal complexities of torrenting and the possible repercussions if you get caught, or that someone’s going to defraud you?
Next, sit down and think about the biggest threats to your online privacy and how each of them affect you personally. Is getting caught torrenting more likely to affect you than the hacker wanting to sell your info on the dark web?
Finally, take a look at your list and rearrange the identified threats according to likelihood and the effect they would have on your online privacy if successful.
This is your online privacy threat model.
A Quick-and-Dirty Cheat List
Here are a few things you can do to better protect your online privacy:
- Switch from Google Chrome to Mozilla Firefox (or the more privacy-oriented Pale Moon, based on a fork of Firefox) browser or use private browsing modes
- Use PGP when necessary
- Use the DuckDuckGo search engine instead of Google or Bing
- Install safe, proven privacy browser extensions, such as uBlock Origin and Privacy Badger
- Use a secure, encrypted email service, such as ProtonMail, instead of Gmail or Yahoo
- Compare VPNs and install one on all of your devices
- Use an anonymous cryptocurrency for purchases whenever possible (like Bitcoin)
- Delete flash cookies, cached DNS entries, and your Google history on a regular basis
While there are some issues with the proxy browser, another option is to use The Onion Router (TOR). If you’re taking this route, however, you should use the TOR-over-VPN method by connecting to your VPN first.
Will Online Privacy Ever Become Less Important?
Short answer? Absolutely not.
In fact, it’s actually becoming a much more important topic as more and more people realize what it actually entails.
And as we learn more about the many types of threats to our online privacy, we become more concerned with how to protect ourselves.
This is probably what brought you here today and why we hope you’ll continue following this blog as we unpack more about online privacy and how you can protect it.