With incidents of data breaches and cyber-attacks on the rise, protecting your information is important
Posted Date – Tue, 3/28/23 at 12:45am
Hyderabad: Data protection refers to the practices and technologies used to protect sensitive and personal information from unauthorized access, use, disclosure, modification or destruction.
It involves a series of measures, including technical, organizational and legal steps, to ensure that data remains secure at all times.
According to the General Data Protection Regulation (GDPR), our personal digital rights include (a) right to access (b) right to confirmation (c) right to rectification (d) right to portability (e) right to be forgotten (f) right to retain consent.
Data protection is important for individuals to protect their right to privacy, and for businesses it helps mitigate the risks associated with data breaches, financial loss, reputational damage and legal liability.
With incidents of data breaches and cyber-attacks on the rise, businesses are required by law to implement GDPR measures and notify affected individuals and authorities in the event of a data breach.
How the company collects your data
Online shopping: name, gender, email address, shipping address, phone number, credit card details, product search history, frequently purchased items, average basket value, most viewed products and your IP address.
Dating Apps: Gender, Age, Race, Sexual Orientation, Phone Numbers, Private Chats, Political Opinions, Private Photos, Likes & Swipes, Device Information & IP Addresses.
Search Engines: Online searches, browsing history, online interests, shopping habits, IP address, location, passwords and credit cards, device information, downloaded files and browser plug-ins you use.
Social Media: Posts, photos and videos, messages and files, phone contacts, name, gender, email address, location, phone number, date of birth, relationship, group or group chat and you are tagged in posts, photos and videos .
Data Classification
Personally Identifiable Data (PII): It is any data that may be used to identify a specific individual.
Non-personally identifiable information (non-PII): Data that cannot be used alone to track or identify an individual, and is therefore essentially the opposite of PII.
Sensitive PII: Not all data that qualifies as PII is sensitive.
Non-sensitive personally identifiable information: It may be in public records, such as your birthday or phone number. It cannot directly identify you. Once exposed, attackers can use it to facilitate identity theft, fraud, and social engineering attacks, especially phishing and spear phishing.
India’s Data Protection Laws
The Information Technology Act, 2000 (IT Act) is the only data protection legislation in India. Under the IT Act, some of the provisions for data protection are (a) Article 69 (b) Article 69 A (c) Article 69 B. We don’t yet have GDPR-like laws to protect data and its privacy.
Where to check if your data has been compromised
There are several websites you can check to see if your email or phone number has been part of a data breach. Few sources are (a) https://amibeingpwned.com (b) https://snusbase.com (c) https://leakcheck.net (d) https://leaked.site (e) https: // leakcorp.com/login (f) https://haveibeensold.app
How to protect data
— use a strong password
— Enable two-factor authentication
— Be cautious when sharing personal information
— Using a virtual private network (VPN)
— Use reputable antivirus and antimalware software
— Beware of Phishing Scams
— Only download software/apps from legitimate sources
— Keep your browser updated and only visit secure sites starting with https://
— Check the full headers of the email using https://mxtoolbox.com/EmailHeaders.aspx
— Check how your applications access your data. https://reports.exodus-privacy.eu.org/en/
— Verify the actual SMS sender using https://smsheader.trai.gov.in/
