What do security experts have to say about the question, “How to protect your data online?”

According to cybersecurity experts, if you are worried about protecting your personal data online, you are pretty much out of luck. Yes, you heard that right!

The Cambridge Analytica controversy and other incidents related to data breaches have jeopardized the personal information of millions of Americans. Starting from names, contact information to even sensitive data like social security numbers have been stolen. Things are getting out of hands—it seems!

A security technologist Bruce Schneier was asked what one can do to prevent their personal data from being harvested without their knowledge. His response was cold and straightforward i.e. “You can’t really do anything about it.”

He is not the only cybersecurity expert to have this opinion. A handful of experts say that people have little to no power over their personal information once it goes into the hands of a third party. However, that does not mean you shouldn’t follow cybersecurity best practices like using two-factor authentication or complex passwords.

Why is it so hard to protect your data online?

Unfortunately, there are no laws in the United States that regulate data brokerage companies and surveillance capitalism, which is a new type of business model in which corporations sell your personal data to earn something in return.

The only real way a user can take control of his personal information and prevent it from being used by third-party firms is to demand change at the legal and regulatory level and it’s a long shot.

Anyone can buy and sell your data without your knowledge and consent and you can’t regulate that. Another unfortunate thing is that surveillance capitalism is a legal business model. As you sign up for services like Facebook, Uber and Tinder, you actually accept to the terms and conditions of the company by checking off the “I have read and agreed” box. You literally sign away the rights to your own information to engage with the product without even knowing about it.

Once you sign that check-box, it’s completely legal for the company to do anything it wants with your data. A lot of people have actually given up trying to protect their personal data assuming there is nothing they can do to control their personal information.

A prime example of such a business model is the Equifax hack of 2017. It exposed the data of approximately 148 million Americans. Equifax is not just a credit reporting agency, it is also a data broker and a lot of people don’t know about that. It is part of their business model and that’s where they earn the most revenue. The company collects information about its users, analyzes it, and sells it.

Data brokers like these collect demographic information such as names, telephone numbers, addresses, professional, marital status, income etc. of the user. They also gather information on the list of items purchased by the user and how he paid for them. Furthermore, they keep track of the diseases, deaths, and divorces in the families of their users. They even collect information about everything we do on the internet.

Who is safe from such data collection?

The answer to this is “No one.” It’s mostly because there are no laws preventing companies from using consumer data the way they want.

The real disappointment is that regulatory changes that would help safeguard the personal information of consumers are not on the horizon anytime soon. Companies like Equifax are not facing any consequences after such a huge data breach even though it became public. Let’s suppose somehow giants like these are penalized, it wouldn’t be much of a problem for them since it’s still cheaper than paying the attorney’s fee, right?

Is there anything we can do to protect our information?

Even though we have little to no control over how third-party companies use our data, there are a few things we can do to have a bit control over our financial information at least. For instance, experts recommend getting regular copies of your credit report to see if there is something there that should be reported.

Long story short, there is not one action people can take to prevent companies from collecting their information.  Hopefully, the blockchain technology will give consumers better control over their financial lives by putting data brokers and credit bureaus out of business; but again, it’s farfetched. Despite all this, people need to be careful about the information they give away when signing up on social networks or taking surveys with marketing firms. Whatever information you give out is used to profile you.