ONLINE PRIVACY LAW- A Prime Concern

Updated: Jul 31



WHAT IS THE DEFINITION OF ONLINE PRIVACY?

The definition of online data protection is the level of data protection for a person who is connected to the Internet. It covers the level of online security available for personal and financial information, communication and preferences. Internet users often try to improve online privacy with antivirus software, choose secure passwords, disable tracking, check website security, and choose more stringent privacy policies. Online privacy risks range from phishing scams to malware, while website security issues can lead to identity theft.

WHAT DOES DATA PROTECTION MEAN ON A COMPUTER? THE INTERNET?

The complex problem of data protection of computers concerns the use, collection, transfer and storage of your personal data on your personal devices and on the Internet. Personal information about your habits, purchases, and location can be collected from your phone, GPS, and other devices and possibly shared with the third parties as well. Internet and device users have the right to request the use of the information and to view online privacy policies.

What can be done with my data?

A complete record of a person can legally earn a nice penny. There are now companies known as "data brokers" that collect and store data from millions of people, regardless of whether they analyze, pack and sell it without the user's knowledge or without their permission. Data brokers collect and sell information to other companies for a variety of reasons, including targeted advertising, credit risk assessment, and direct marketing. Fortunately, this data is generally anonymized and does not contain any personal data.

INTERNET PRIVACY LAWS

Cyber ​​threats come from many sources, each of which tries to obtain personal information (IP) for profit or use. With the increasing complexity of the interventions, the necessary regulatory and internal protective measures are increasingly required.

Data protection on the Internet is a subset of the larger world of data protection, which usually includes the collection, use and secure storage of IP addresses. Data protection on the Internet mainly concerns the threat to intellectual property on the Internet through tracking, data collection, data exchange and cyber security threats.

A study by the Pew Research Institute found that Internet intellectual property control is "very important" for 74% of Americans. According to another Pew study, 86% of Americans have taken steps to protect their privacy - delete cookies, encrypt emails, and protect their IP addresses.

Digital fingerprints are everywhere. Whether you visit a website, enter your credit or debit card information, open an account, enter your email address, fill out online forms, post them on social media, save photos or documents in The cloud storage and share personal information in cyberspace. The question arises who gets the intended recipient or has access to the information that you provide? Will it be shared with other parties? Your POI may be published unexpectedly or unknown. Your information can be compromised because even the best information security programs are not 100% guaranteed.

The risk of privacy breach on the Internet has increased considerably over the years. There is no single law to protect online privacy. Instead, a number of federal and state laws apply. Some important federal laws on online data protection are:

1.The Federal Trade Commission Act (FTC) [1914] - regulates unfair or misleading trading practices. The FTC is the most important federal regulatory authority in the area of ​​privacy and takes coercive measures against companies. This includes non-compliance with published data protection guidelines and inadequate protection of personal data.

2.Electronic Communications Privacy Act (ECPA) [1986] - protects certain wired, oral and   electronic communications from unauthorized interception, access, use, and disclosure.

3.Computer Fraud & Abuse Act (CFAA) [1986] - makes certain computer activities illegal, which include unauthorized access to a computer to obtain certain information, to defraud or receive something valuable, to transmit harmful material or to manipulate words. The law was changed six times till now.

4.The Children's Online Privacy Protection Act (COPPA) [1998]-requires certain websites and online service providers to obtain verifiable parental consent before collecting, using, or disclosing personal information from minors under the age of 13. In addition, websites need to collect online privacy policies, collect only the necessary personal information, and establish and maintain adequate security measures.

5.Control of Attack on Unsolicited Pornography and Marketing (CAN-SPAM Act) [2003] - regulates the sending of unsolicited commercial emails and prohibits misleading header information and misleading subject lines. Senders must also disclose certain information, include a valid opt-out mechanism, and impose civil and criminal penalties for violations.

6.Financial Services Modernization Act (GLBA) [1999] - regulates the collection, use and disclosure of personal data collected or stored by financial institutions, and requires customer communications and a written information security program.

7.Fair and Accurate Credit Transactions Act (FACTA) [2003] - requires financial institutions and creditors to maintain written identity theft prevention programs.

Here are five of the most significant online threats to data privacy coming from the web and best practices to handle them:

1.Unsafe practices when surfing the Internet

Most of the time users don't check the websites they visit that are secured or not. There are often signs that the websites you visit are malicious and request your IP address: free offers, shortened URLs, pages that are socially designed to trick users into creating an account and downloading malware from them.

What you can do?

Keep your anti-virus software up to date. Use the safest internet browser - Google Chrome or Microsoft Edge are the two best options available in the market. Scan the files with your antivirus software before downloading them. Do not use the same passwords for multiple websites. Activate the pop-up blocker in your browser.

2.Cookies and web tracking

Cookies are files that are downloaded from a website to your browser and contain unique, identifying information about the website. However, they do not contain any personal information or software codes. When a website "sees" the data set in a cookie, it knows that the browser has already contacted you.

They can be useful, for example, to store your site credentials so you don't have to re-enter them. Cookies can also be used to track your activity and record your shopping habits. They can then be passed on to unwanted third parties who are connected to the website.

What you can do?

Configure your browser so that cookies are deleted every time you are finished browsing, or set the cookies to deactivate your browser so that cookies are not permitted in your browser at all.

3.IP address tracking

COPPA law expressly states that IP addresses are personal information because they are information about an identifiable person associated with them. An Internet Protocol (IP) address is a numerical designation behind the well-known web addresses we see every day. It identifies a device on the Internet. Hackers often encounter IP addresses as the first point of attack.

Unwanted parties can track your IP address by finding your website address if it is listed in WHOIS, the central database of all web addresses on the Internet. Information on the properties can be found here.

What you can do?

While setting up a website, you can request a private WHOIS list from the Network Solutions database manager. Your name, address and other property information will appear in place of yours.

If you are working on your PC, you can use a VPN (Virtual Private Network) tool. One good thing is IP Vanish. You connect to the VPN as an intermediary. Your IP address is then encrypted and sent to the Internet via the VPN provider.

Employees or home customers have “leased” IP addresses with their cable modem and ISP accounts. Your IP address does not change until you turn off your modem. Turn it off as often as you like.

4.Use HTTP instead of HTTPS encrypted web server connections

Personal information that flows between a user's computer and a website using a simple HTTP protocol can be monitored by other companies, or possibly intercepted and stolen by malicious hackers (often called " the middle man "). This is where Secure Sockets Layer (SSL) comes in.

What you can do?

HTTPS or SSL (Secure Sockets Layer) encrypts information sent between a website and a user's computer. When buying or entering personal information from websites, always look for an "https: //" icon or a padlock in your browser's URL bar to make sure a website is secure before entering personal information. If you see HTTPS instead of HTTP in the address bar of your browser, you know that it is a secure site!

When hosting a website, you must implement SSL on your web server to ensure data protection between you and the client. It will also help mitigate threats of direct hacking. You should find a digital certification authority (CA) like Verisign for easy configuration.

5.The threat of the cloud

Cloud computing is the latest and greatest technology wave that poses new problems for data protection. This is particularly true if you entrust administrative and technological controls to an external third party. This in itself is a major threat.

A cloud provider may lack security processes, security practices, employee controls, application interfaces, and APIs to name a few. You also never know who has the "Kingdom Keys" to display all your data. Creepy, quite enough!

What you can do?

You and the cloud provider are responsible for security, not just the cloud. When storing data in cloud storage or hosting a website through a cloud platform, keep the following in mind:

1. Ask the provider who is responsible for each cloud security check.

2. Train someone to use the provider's identity and access tools so you can control who has access to your data and applications.

3. Make sure that all of your data is stored in encrypted form at the provider

4. All major cloud providers offer logging tools. Use them to enable logging and automatic security monitoring and to monitor unauthorized access attempts and other issues.

5. A combination of government regulations and responsible individual practices can only thwart and not eliminate potential cyber threats. Your compliance and legal departments can do their part by implementing comprehensive threat analysis and response measures.

-VAIBHAV SRIVASTAVA

Lloyd Law College


Registration link for Social webinar and international essay writing competition-https://www.lawtsapp.com/event-oppurtunities

125 views

NAVIGATION

CATEGORIES

RECOGNIZED BY -

FOLLOW US

  • communications (1)
  • Instagram
  • gmail
  • LinkedIn
  • Facebook
  • Twitter
  • YouTube

©2020 by Lawtsapp.com