Data privacy: How to keep your personal and financial information safe online

Our personal data is an extremely precious commodity. It gives anyone accessing it an in-depth understanding of who we are on an individual level. From our social behaviour, decision patterns to private financial details, everything can be mapped, tracked and utilised. While data usage, collection and sharing aren’t a novel idea to today’s tech-savvy consumer, a large portion of the population is slowly wising up to the realities of data access. The ubiquitous nature of technology, with all its marvels, also carries with it a looming threat of a data breach or theft on an individual and possibly even on a larger scale. So, as we now sit in the golden age of technology, it’s important we look at data in a whole new light.

Whether it's opening a bank account, booking travel, accommodation, or even buying something as mundane as a pair of socks online, every transaction involves some level of data collection, transmission, storage, and processing. When the same data is machine-readable and fed to build algorithmic models, it becomes Big Data. So, in order to understand the impact of what you are sharing and with whom, it's important to understand the different types of data.

Misuse of various types of data

-Transactional data includes all information exchanged between an organisation and an individual, often for commercial purposes. It includes web page views, ads-clicks and purchase decisions. Such data also involves sensitive information: bank account details, investment-related information, card numbers, and CVV codes, among others.

-Web data, which consists of anything and everything you watch, read or download from the web,

-And finally, IT security data which includes all user names, passwords, encryption keys, security strategies, and network structure.

Mishandling or breach of any of the above information can have serious repercussions for both the company and the user. Most common of these are identity theft, credit card fraud, phishing, hacking, and web jacking. As per a recent survey conducted by Acronis, around 70 percent of Indian companies use 10 simultaneous solutions for data protection and cyber security, whereas the remaining 30 percent use more than 10 such tools. Even with the majority of Indian companies putting data protections and cyber security measures in place, 57 percent of these businesses faced unexpected downtime as a result of data loss in a year-long period.

The need of the hour is extensive consumer education to ensure information is intact. Let's take a look at how, as a user, one can avoid being caught in such malpractice that puts one’s personal information at risk.

Also read | Consumers should ask relevant questions on use of their data: Experian India

Awareness

Consumers should always choose RBI-registered NBFCs when opting for a lending platform. Borrowers should be familiar with interest rates and repayment policies adopted by different lenders. Additionally, users are advised to change their password and other security information frequently. Compliance with such notifications will play a crucial role in protecting data in the face of a leak. In case of any breach, users must be prompt to freeze their account, lodge a report (FIR) and quickly change all passwords. While participating in an online transaction, users should always enable two-factor authentication as it provides increased security.

Be vigilant  

Users must always read the fine print very carefully. The documents contain all information about how your data will be used and it is always best to have a clear understanding of it. For instance, both Android and iOS, have become stringent towards enforcing right usage of customer’s information by the apps under their latest disclosure and data usage policy. They have made it mandatory to disclose the extent of usage of customer’s data and how they use it.

Also read | Once passed, the Personal Data Protection Bill will make companies more answerable for lapses: EY

Allow selective access 

Grant camera, contacts, microphone or location access only when needed. Make sure that the app is well-known or recommended by a recognised app store. Giant app stores such as Google Play on Android devices and Play Store in iOS have made strict security standards and always request the user to allow access, irrespective of the app he/she downloads. Users must be cautious of the extent of access they allow to different apps.

Once the information has travelled from the user to the platform, the enterprise is equally responsible to ensure it is not misused. Since the enterprise is holding customer data in large numbers, security of this data becomes the most crucial aspect of running the business. Measures like managing access control, regulation compliance and employee education are necessary to keep the chain of data security intact.

Given the pace at which Indians are adapting to technology, whether it's managing their social relationships or more sensitive data like their finances, the country needs more than the IT Act to achieve its data privacy goals. The Personal Data Protection Bill, 2019 brings the opportunity to give the citizens of India the power to decide how companies can store, use or update the data provided by them. If this bill is passed, India will witness a new dawn.