Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label internet privacy. Show all posts
Online Security
Cyber Security data security Digital Landscape internet privacy Internet Safety Online Security

India’s Digital Sovereignty: Balancing Control and Freedom in the Internet Age

 

In the dynamic landscape of the digital world, the concept of digital sovereignty has become increasingly significant for governments around the globe. India, with its rapidly expanding internet user base, is part of this dialogue, striving to assert control over its digital domain. Digital sovereignty refers to a nation’s ability to govern and regulate digital information within its borders. This concept is fundamental to India’s endeavors to manage its internet infrastructure and data. 

India’s pursuit of digital sovereignty involves a series of legal and technical measures aimed at maintaining data within the country. This initiative is seen as a way to enhance the government’s ability to oversee and protect its digital space. However, this drive has sparked debates about the balance between state control and individual freedoms, particularly concerning freedom of expression. In a country known for its democratic values, internet freedom has sometimes been compromised in favor of security and control. A notable example is the frequent and prolonged internet shutdowns in Kashmir, which have drawn significant criticism. 

The Indian government is actively working on multiple fronts to tighten its grip on internet use. Central to this strategy are data localization laws, which mandate that data generated within India must be stored on local servers. This is intended to safeguard against foreign surveillance and cyber threats by keeping data under the jurisdiction of Indian laws. Data localization has broader implications beyond national security. For international companies operating in India, these laws present logistical and financial challenges, requiring investment in local data centers. 

Despite these challenges, the Indian government continues to advocate for data localization, arguing that it not only bolsters national security but also fosters local industry growth and enhances privacy protections under stringent local regulations. Critics, however, warn that such measures could hinder technological development and disrupt the international flow of information, impacting services that rely on cross-border data exchange. Another significant aspect of India’s digital sovereignty strategy is the proposed implementation of a unique identification number for citizens. This system would enable the government to closely monitor online activities, purportedly to prevent cybercrimes and other malicious activities. 

While proponents argue that this enhances security, opponents raise concerns about potential abuses of power, increased censorship, and the erosion of privacy. India’s efforts to enhance digital autonomy must be carefully managed to ensure that citizens’ rights are not compromised. This challenge is not unique to India; governments worldwide face similar dilemmas as they navigate the complexities of internet regulation. Recent discussions in Indian media highlight the challenges and implications of India’s drive for digital self-reliance. 

As the government seeks to implement stricter internet regulations, it must strike a balance between ensuring security and preserving freedom of expression. Achieving this balance is crucial to maintaining a digital environment that supports creativity, free speech, and global connectivity while safeguarding national security. One potential solution lies in robust data protection regulations. Clear guidelines on data collection, storage, and use can help protect individual privacy while allowing for necessary government oversight. Transparency and accountability measures are also vital in building public trust and preventing abuses of power. International cooperation is another key component in addressing digital sovereignty issues. Given the global nature of the internet, no single country can effectively regulate it in isolation. 

Collaborative efforts can help establish international norms and standards for internet governance, ensuring that security measures do not infringe upon citizens’ rights. India’s push for digital self-sufficiency reflects a broader global trend of increasing governmental control over the digital realm. While these efforts are often justified by security concerns, they must be balanced with the principles of freedom and openness that underpin the internet. The future of internet regulation will depend on how well countries like India manage to balance these competing priorities. 

India’s journey towards digital sovereignty offers valuable lessons. By carefully navigating the complexities of internet regulation, India has the potential to become a model for achieving digital sovereignty without undermining the principles of an open web. However, given the current political climate, the risk of misusing this authority remains a significant concern.
Read more »
Vermont
Data Legislation Data Privacy Laws internet privacy Privacy Vermont

Vermont’s Data Privacy Law Sparks State Lawmaker Alliance Against Tech Lobbyists

Vermont’s Data Privacy Law Sparks State Lawmaker Alliance Against Tech Lobbyists

Vermont legislators recently disregarded national trends by passing the strictest state law protecting online data privacy — and they did so by using an unusual approach designed to avoid industrial pressure.

The Vermont Data Privacy Law: An Overview

Right to Sue: Under the law, Vermont residents can directly sue companies that collect or share their sensitive data without their consent. This provision is a departure from the usual regulatory approach, which relies on government agencies to enforce privacy rules.

Sensitive Data Definition: The law defines sensitive data broadly, encompassing not only personally identifiable information (PII) but also health-related data, biometric information, and geolocation data.

Transparency Requirements: Companies must be transparent about their data practices. They are required to disclose what data they collect, how it is used, and whether it is shared with third parties.

Opt-In Consent: Companies must obtain explicit consent from users before collecting or sharing their sensitive data. This opt-in approach puts control back in the hands of consumers.

Lawmakers collaborated with counterparts from other states 

The bill allows Vermont individuals to sue firms directly for gathering or distributing sensitive data without their permission. As they crafted and finished it, lawmakers used a counter-business strategy: they gathered lawmakers from Maine to Oklahoma who had previously fought wars with the internet industry and asked for guidance.

The Vermont scenario is a rare but dramatic exception to a growing national trend: with little action from Congress, the responsibility of regulating technology has shifted to the states. This sets state lawmakers, who frequently have limited staff and part-time occupations, against big national lobbies with corporate and political influence.

It's unclear whether Vermont's new strategy will work: Republican Gov. Phil Scott has yet to sign the bill, and lawmakers and industry are still arguing about it.

However, national consumer advocacy groups are already turning to Vermont as a possible model for lawmakers hoping to impose severe state tech restrictions throughout the country – a struggle that states have mostly lost up to this point.

The State Lawmaker Alliance

Vermont’s data privacy law has galvanized state lawmakers across the country. Here’s why:

Grassroots Playbook: Lawmakers collaborated with counterparts from other states to create a “grassroots playbook.” This playbook outlines strategies for passing similar legislation elsewhere. By sharing insights and tactics, they hope to create a united front against tech industry lobbying.

Pushback Against Industry Pressure: Tech lobbyists have historically opposed stringent privacy regulations. Vermont’s law represents a bold move, and lawmakers anticipate pushback from industry giants. However, the alliance aims to stand firm and protect consumers’ rights.

Potential Model for Other States: If Vermont successfully implements its data privacy law, other states may follow suit. The alliance hopes to create a domino effect, encouraging more states to prioritize consumer privacy.

Lobbying at its best

The fight for privacy legislation has been fought in states since 2018 when California became the first to implement a comprehensive data privacy law.

In March 2024, Vermont's House of Representatives began debating a state privacy law that would allow residents the right to sue firms for privacy infractions and limit the amount of data that businesses may collect on their customers. Local businesses and national groups warned that the plan would destroy the industry, but the House passed it overwhelmingly.

The bill was then sent to the state Senate, where it was met with further support from local businesses.

The CFO of Vermont outdoor outfitter Orvis wrote to state legislators saying limiting data collecting would "put Vermont businesses at a significant if not crippling disadvantage."

A spokesman for Orvis stated that the corporation did not collaborate with tech sector groups opposing Vermont's privacy measure.

On April 12, the Vermont Chamber of Commerce informed its members that it had met with state senators and that they had "improved the bill to ensure strong consumer protections that do not put an undue burden on Vermont businesses."

Priestley expressed concern about the pressure in an interview. It reminded her of L.L. Bean's significant resistance to Maine's privacy legislation. She discovered similar industry attacks against state privacy rules in Maryland, Montana, Oklahoma, and Kentucky. She invited politicians from all five states to discuss their experiences to demonstrate this trend to her colleagues.

Industry Response

The out-of-state legislators described how local firms mirrored tech industry groupings. They recounted a flood of amendment requests to weaken the plans and how lobbyists turned to the opposing parliamentary chambers when a strong bill got through the House or Senate.

Predictably, tech companies and industry associations have expressed concerns. They argue that a patchwork of state laws could hinder innovation and create compliance challenges. Some argue for a federal approach to data privacy, emphasizing consistency across all states.

Read more »
Wireless Networking
Cybersecurity internet privacy Network Protection Privacy Wi-Fi Security Wireless Networking

7 Essential Tips to Ensure Your Wi-Fi Security and Protect Your Personal Information


In today's digital world, Wi-Fi has become an essential part of our lives. It provides us with access to the internet and allows us to connect to our devices wirelessly. However, as much as Wi-Fi has made our lives more convenient, it has also made us vulnerable to cyber-attacks. 

Without proper protection, our personal and sensitive information can be easily accessed by hackers. To ensure your Wi-Fi security, here are some tips to follow.

Change Default Login Credentials:

The default login credentials of your Wi-Fi router are often easy to guess and readily available online. Therefore, it is essential to change them to something unique and complex. Using a strong and complex password that includes a mix of uppercase and lowercase letters, numbers, and symbols can make it difficult for hackers to crack. Make sure to avoid using personal information such as your name, birth date, or address in your password.

Enable Network Encryption:

Encryption is a way of encoding information to prevent unauthorized access. Wi-Fi routers come with several encryption options such as WPA, WPA2, and WEP. WPA2 is the most secure encryption option available, and you should make sure to enable it. WEP encryption is outdated and can be easily hacked, so it's best to avoid it.

Update Router Firmware Regularly:

Router firmware updates are essential for fixing any security vulnerabilities and bugs that may be present in the current version. To ensure your Wi-Fi security, it's important to regularly check for firmware updates and install them as soon as they are available. Most routers have a built-in option to check for updates, and you can also visit the manufacturer's website to download the latest firmware.

Disable Remote Management:

Remote management allows you to access your router's settings from outside your home network. However, this feature can also be exploited by hackers to gain access to your network. Therefore, it's recommended to disable remote management unless you need it. If you do need to use remote management, make sure to enable it only when necessary and use a strong password.

Enable MAC Address Filtering:

Every device that connects to your Wi-Fi network has a unique MAC address. You can use MAC address filtering to allow or block devices from connecting to your network. Enabling MAC address filtering can help prevent unauthorized devices from accessing your network. However, it's important to note that MAC addresses can be spoofed, so this method should not be relied upon solely for security.

Enable Firewall:

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Most routers come with a built-in firewall that you can enable to add an extra layer of protection to your network. Make sure to configure the firewall settings to suit your security needs.

Disable SSID Broadcast:

SSID is the name of your Wi-Fi network. By default, your router broadcasts the SSID, making it visible to anyone within range. Disabling SSID broadcasts can make your network invisible to others, which can help prevent unauthorized access. However, it's important to note that this method is not foolproof as hackers can still discover your network through other means.

In conclusion, Wi-Fi security is essential to protect your personal and sensitive information from cyber threats. By following these tips, you can ensure that your Wi-Fi network is secure and protect yourself from potential cyber-attacks. Remember to keep your router firmware up to date, use strong login credentials, and enable encryption, firewall, and other security features.

Read more »
surveillance
internet privacy Privacy Privacy Breach Privacy News surveillance

Russian expert told how to figure out surveillance via a webcam

 It is becoming more and more difficult to find out whether you are being followed through a webcam. According to Arseny Shcheltsin, General Director of Digital Platforms, earlier it was used by a special indicator, which showed whether the camera is recording, but now it’s easy to bypass this device.

"The most characteristic signs of tracking are the “freezing” of the computer or phone only when there is an Internet connection, or immediately after switching on,” explained the specialist.

As Shcheltsin noted, the appearance of unknown programs on the device that significantly "slow down" its work should also be alerted. One of the most obvious confirmations that a person is being spied on through a webcam is its spontaneous activation, but today, as the expert clarified, the burning icon near the device's camera may not light up, while it will record what is happening around.

The expert noted that it is worth paying attention to where the potential use of the camera can harm its owner. For example, it is better not to use the phone where the person is not fully dressed — in the locker room, bathroom, etc.

It is also important to keep your computer's antivirus software up-to-date. They should be updated as a new version is released.

Previously, Mr. Shcheltsin reported that intelligence services of various countries are using backdoors to spy on people around the world through Smart TVs.
Read more »
Privacy
Anonymous Banksy Internet internet privacy internet Security Online Privacy

Can we control our internet profile?

"In the future, everyone will be anonymous for 15 minutes." So said the artist Banksy, but following the rush to put everything online, from relationship status to holiday destinations, is it really possible to be anonymous - even briefly - in the internet age?

That saying, a twist on Andy Warhol's famous "15 minutes of fame" line, has been interpreted to mean many things by fans and critics alike. But it highlights the real difficulty of keeping anything private in the 21st Century.

"Today, we have more digital devices than ever before and they have more sensors that capture more data about us," says Prof Viktor Mayer-Schoenberger of the Oxford Internet Institute.

And it matters. According to a survey from the recruitment firm Careerbuilder, in the US last year 70% of companies used social media to screen job candidates, and 48% checked the social media activity of current staff.

Also, financial institutions can check social media profiles when deciding whether to hand out loans.

Is it really possible to be anonymous in the internet age?

Meanwhile, companies create models of buying habits, political views and even use artificial intelligence to gauge future habits based on social media profiles.

One way to try to take control is to delete social media accounts, which some did after the Cambridge Analytica scandal, when 87 million people had their Facebook data secretly harvested for political advertising purposes.

- Netflix Cambridge Analytica film- Social media is 'like a crime scene'

- Facebook to pay $5bn to settle privacy concerns

- Is leaving Facebook the only way to protect your data? While deleting social media accounts may be the most obvious way to remove personal data, this will not have any impact on data held by other companies.

Fortunately, in some countries the law offers protection.
Read more »
Privacy News
internet privacy National Cyber Security Privacy Privacy News

In Kazakhstan, everyone who wants to use Internet must allow government to read their Secure Traffic (HTTPS)



Providers of Kazakhstan persuade customers to install a "state trusted certificate" on all devices, which will allow intercepting all encrypted traffic of the country in order to protect citizens from cyber threats and illegal content.

Kazakhstan Telecom operators have begun to notify customers about the need to install a special security certificate Qaznet on all subscriber devices with Internet access - mobile phones and tablets based on iOS/Android, personal computers and laptops based on Windows/MacOS.

The message on the website of the Kcell provider states that the certificate recommended for installation "was developed in Kazakhstan and provided by the authorized state body" and "will allow protecting Kazakhstani Internet users from hacker attacks and viewing illegal content". However, it can be assumed that such opportunities can be used by the authorities of Kazakhstan to gain access to information that citizens exchange via the Internet.

Users are invited to download the certificate from the website qca.kz. This domain name is registered to an individual Askar Dyussekeyev. The address of the owner is the same as the address of the Ministry of Digital Development, Innovation and Aerospace Industry of Kazakhstan.

Telecom operators warn that if the certificate is absent, then customers may encounter problems accessing certain Internet resources.

Indeed, according to some users from the capital of Kazakhstan, it is impossible to access sites that force the use of the secure HTTPS protocol using the HSTS mechanism without installing a certificate. Such sites are now the majority.

According to Shavkat Sabirov, the President of the Internet Association of Kazakhstan, there is a global problem in the world related to the safe use of the Internet.

"All the experiments that were associated with the installation of root certificates failed. All over the world, it is already recognized that this is an unsuccessful and even a terrible attempt to work in a safe mode. If this certificate is stolen or hacked, the attackers will get absolutely all the information about users data that use this certificate," said the president of the Internet Association of Kazakhstan.

The President of the Internet Association of Kazakhstan noted that companies that provide services on the Internet with the security certificate should take responsibility for its use.
Read more »
internet privacy
Cryptography Encryption FSB internet privacy

The Head of the FSB appealed for the creation of international rules on the Internet


The Head of the FSB of Russia Alexander Bortnikov stated the need to create international rules on the Internet. In particular, to make encrypted messages in mobile applications open to intelligence agencies.

If the international community can come to a consensus on this issue, the terrorists will actually lose the list of opportunities, such as propaganda, recruitment, financing, communication, management, said Bortnikov at an International Conference on Countering Terrorism on 18 April 2019 in St. Petersburg.

He noted that the use of cryptography in services for communication prevents the effective fight against terror. According to him, Russia has developed a concept for the creation of "the system of the deposit of encryption keys generated by mobile applications, which will be open for control” to solve this problem. Bortnikov proposed to the world community to realize this idea together and to provide intelligence agencies with legal access to important encrypted information of the terrorists.

In addition, Bortnikov noted that at the moment there are more than 10 thousand sites of existing international terrorist structures and thousands of accounts in social networks. The information is published in more than 40 languages, but the leading positions are occupied by Arabic, English and Russian languages.

Bortnikov added that the ability to hide data in IP-telephony and foreign e-mail servers leads to an increase in the spread of false reports of terrorist attacks, as well as the sale of weapons and explosives.

According to one of the amendments to the law on Autonomous RUnet (http://www.ehackingnews.com/2019/02/the-kremlin-told-about-hacker-attacks.html), IT-companies were obliged to use Russian cryptography for all traffic in the Russian segment. It is assumed that the Government will determine the issuance and use of codes and encryption.

In addition, in April 2018 Russia tried to block the Telegram messenger for refusing to provide the FSB with the encryption key of the negotiations of suspected terrorists (http://www.ehackingnews.com/2018/04/russian-court-orders-to-block-telegram.html).
Read more »
WhatsApp
Facebook internet privacy WhatsApp

WABetaInfo says WhatsApp in Israel now uses Facebook servers

A popular fan website, WABetaInfo, that tracks WhatsApp Beta updates, on Monday tweeted that WhatsApp users in Israel are now connected through Facebook servers.


This news comes amidst the Facebook privacy and data controversy when people online are wary of what using Facebook means for their privacy and security.

WABetaInfo, however, again tweeted to reassure users that the data is still encrypted and that Facebook will only be receiving the metadata.


The website also said that the new update will improve the quality of the connection.

Twitter user and information security researcher, Karine Nahon, however, pointed out that:


Another user said that encryption itself is not a problem, but the fact that dynamic metadata such as last seen, etc. should be deleted after some time.


Still, the website told its readers not to worry and to wait till May to understand what data is being stored in the servers.

WhatsApp has not yet confirmed or denied this update.

A new privacy law — the General Data Protection Regulation (GDPR) — passed by the European Union will come into effect from May 25 this year, which will harmonize internet privacy laws all across Europe.

WhatsApp had last month signed a public commitment with Britain's Information Commissioner's Office (ICO) to not share user’s data with Facebook until the privacy and data security concerns have been addressed.

Information Commissioner Elizabeth Denham in a statement said, "WhatsApp has assured us that no UK user data has ever been shared with Facebook, other than as a 'data processor.’ ”
Read more »
WhatsApp
CNIL consent EU Facebook France internet privacy WhatsApp

France’s data protection authority CNIL gives a sharp warning to WhatsApp ;issues a formal notice

Facebook, when it acquired WhatsApp back in early 2014 said that it won't have the capacity to link the WhatsApp users to their Facebook accounts. In any case, things being what they are, turns out it wasn't so difficult after all. A year ago, the organization changed the WhatsApp terms of services to do just that: link the WhatsApp and Facebook profiles belonging to the same user.

Facebook had allowed many of its users to opt out, yet that wasn't sufficient for the regulators. Germany had even requested Facebook to quit gathering WhatsApp data last September, a similar thing happened in the UK several months later and now fast forward to December 2017; there be yet another European nation issuing similar order.

Facebook's messaging service WhatsApp was given a one-month final proposal by one of Europe's strictest privacy watchdogs, which requested it to quit offering user data to its parent without getting the necessary assent. France's information insurance specialist also known as the data protection authority, CNIL gave quite a cautioning to WhatsApp by issuing a formal notice, scrutinizing it for "inadequate and insufficient" participation and cooperation.

The decision comes a year later after the European Union privacy authorities (security specialists) said that they had "genuine concerns" about the sharing of WhatsApp user data for purposes that were excluded in the terms of conditions and the privacy policy when people had signed up to the service.
However, even after the EU slapped Facebook with a €110 million fine over unlawful WhatsApp information sharing, France says that it has still not collaborated with information security expert CNIL, and could confront another sanction if it doesn't start thinking responsibly inside 30 days. The social network is as yet exchanging Whatsapp information for "business intelligence," it claims, and the only possible way that clients can quit is by uninstalling the application.

It was a French regulator, who saw that WhatsApp was sharing user information like phone numbers to Facebook for "business insight" reasons. When it over and over made a request to take a look at the information being shared, Facebook said that it is put away in the US, and "it considers that it is only subject to the legislation of the country," as per the CNIL. The regulator countered that whenever information is assembled in France, it naturally turns into the authority in charge.

The information exchanges from WhatsApp to Facebook occur to some extent without the users' assent, nor the legitimate interest of WhatsApp, CNIL said.

France says that while the notice was issued to Facebook, it's additionally intended to exhort users that this "gigantic information exchange from WhatsApp to Facebook" was occurring. "The best way to deny the information exchange for 'business insight' purposes is to uninstall the application," it adds. In any case, Facebook guarantees that it will keep on working with the CNIL to ensure that the users comprehend what data it gathers as well as how the data is utilized.

The merging of WhatsApp's data with Facebook was the first step taken by Facebook a year ago towards monetising the stage since the social network's CEO Mark Zuckerberg bought the company for about $22bn in 2014.
Read more »
Subscribe to: Posts (Atom)