Why Companies Collecting Personal Data is Risky and What You can do to Protect Yours- Andrew Bourne
The recent uproar over WhatsApp new terms and conditions has led to increased awareness on data privacy. People are now more concerned than ever about how Facebook is using their private information.
While Facebook has a long history of data mismanagement, it is not the only tech company that collects and uses customer data. Andrew Bourne, Region Manager, Africa at the Zoho Corporation, in a chat with Technext revealed that tech companies collect all sorts of data from their customers.
According to him, the data collected is adjunct surveillance, which can be very dangerous to customers if it falls into the wrong hands.
For example, users’ browsing information that contains private secrets can be used for blackmail. And a database of password fed into an AI Bot can be trained to crack passwords.
Users are paying for tech innovations with their data
Although tech innovations are doing a lot of good, people are paying for it with their data. Andrew pointed out that what most users don’t know is that many tech companies have been unwittingly using and providing customer data to third party services.
In the case of WhatsApp, it didn’t just start with the latest privacy update, the company has been sharing user information and metadata with Facebook since 2016.
Although the company explained that the data shared help offer better experiences and integrations across Facebook’s family of apps and products, it doesn’t remove the risks.
Andrew explained that data collected by tech companies can tell a lot about a person. He expatiated that the advancement of artificial intelligence has made it possible to use data to determine emotions, eating and spending habits among other things.
With this kind of knowledge, tech companies can perform targeted advertisements among other things that can even be unethical. There is also a possibility of information falling into the hands of criminals through hacking.
Protecting user data
In a world with ever-growing mountains of big data, data privacy is more important than ever. And the best way to maintain data privacy is for the government to create laws.
Andrew explained it is important for each country to have data privacy laws like the GDPR to protect its citizens. He added that there should be a regulator to enforce the law and constantly update the laws as the digital world changes.
Data Privacy describes the practices which ensure that the data shared by customers is only used for its intended purpose.
On the part of the government, Andrew pointed out that there must be an easy way for citizens to report privacy breaches for the laws to be effective.
What can you do to protect your data?
Relying on the government to protect your privacy in emerging or underdeveloped countries can be tricky and often unreliable.
For example, in Nigeria, less than 1% of schools are compliant with the Nigerian Data Protection Regulation (NDPR). Yet, many schools manage sensitive and personal information of students and employees.
However, the privacy laws by the government aren’t the only ways to protect your personal data. Below are some ways you can protect yourself without recourse to the government.
Be aware of the data you are giving
Going through companies terms and conditions (T&C) is a good way to determine what type of data a company is collecting from you. Although most of the T&C are long, boring and almost un-understandable – there are some companies that now summarise the most important bits for their users.
For those that don’t know, there are several independent companies that investigate the T&C of companies on behalf of people. Another option is to Google for the summarised terms and conditions – If the company is big enough there is a high probability someone has done a review of their T&C.
You can then use the information you have gathered to determine if the data they are collecting is palatable and worth the risk. If no, Andrew explained that there are several other alternatives you can use.
“Users can group together and find an alternative. There are alternatives you just have to search for them.”Andrew Bourne, Region Manager, Africa at the Zoho Corporation
Be aware of what your data is being used for
Often times, companies claim that the collection of data is a means to better improve their quality of offering or services. However, there are times when loopholes in T&Cs give them permission to use data beyond the scope you imagined.
An example is an app used to monitor menstrual cycle that sold users data to third-party companies who then used it to invade their privacy by sending targeted ads like baby goods when users missed or failed to enter their menstrual cycle.
To avoid this, it’s important to have the company spell out what exactly the data they are collecting will be used for. And if in case they decide to hide it, Andrew says it will be very damaging once found as they will lose a lot of customer trust.
A typical example is the mass exodus of WhatsApp users to Signal and Telegram after the release of WhatsApp latest T&C.
According to the Sensor Tower, Signal saw 17.8 million downloads between January 5 and January 12, up from just 285,000 the previous week. Telegram also saw 15.7 million downloads during the same period, over twice the 7.6 million downloads it saw the week before.
To whom is you data is being sold?
As users, it’s well within your right to demand transparency from businesses when it comes to ensuring your data is kept private.
If there is a clause that allows your data to be sold to third party companies, it’s important to know who exactly the company is and what it does. This prevents you from having your data being sold to unscrupulous companies.
When a company does not have a guideline of who they share data with, it’s a big red flag. For example, WhatsApp only shares information with GDPR compliant companies.
Every now and then we hear stories of data breaches. This emphasizes the importance of companies having state of the art security and protection.
As a user, it’s important to know if the company you are using have strong security. Without adequate security, the company server can be hacked and your personal data can be stolen and sold on the dark web.
Andrew advised that companies use extra security like two-factor authentications for staff, authentications apps or IP restriction which Zoho provides to its clients.
Privacy is now an issue because people are finding out that it’s not just about phone numbers and email addresses or websites you go to. Companies are collecting way more than that.
To the still large number of privacy insensitive people in Africa, Andrew believes its just a matter of time. He pointed out that once the effect of privacy breach affects them, they too will become conscious of it.
If you’d like to get featured on our Entrepreneur Spotlight, click here to share your startup story with us.
Get latest Technology news, reviews, business-related content with a deliberate emphasis on the African narrative and insightful analysis in Nigeria – straight to your inbox.