How to protect yourself online

KARACHI: In this day and age, you’re not running social media, social media is running you. Whether you’re pushing 10k followers on Instagram, Twitter and Facebook or just considering succumbing to peer pressure and joining social media, you need to take some necessary steps protect your privacy.

“Privacy is everyone’s fundamental right but unfortunately, people in Pakistan aren’t quite aware of it,” says digital rights lawyer Nighat Dad.

We spoke to her and listed down the best ways you can ensure privacy online.

1. Use separate e-mail accounts for social media: This is especially important for those who are studying or just starting their professional life. Dad strongly recommends not to associate your personal and professional e-mails to social media websites. Your e-mail addresses for these accounts should be different from your primary e-mail account.

2. Associate yourself to trusted engines: Over the last decade, internet users worldwide have shifted to using services by Google over Hotmail and Yahoo. “Back in 2008-09 when I was studying these nitty-gritties, I learned that Hotmail and Yahoo were working to activate Hypertext Transfer Protocol (HTTPs); a protocol that determines the format and transmission of information, messages and data. Whereas, Gmail was by-default equipped with HTTPs,” says Dad.

“Privacy is everyone’s fundamental right but unfortunately, people in Pakistan aren’t quite aware of it”

During the Snowden revelation, she continues, it was revealed that Skype servers were involved in leaking user information to America’s National Security Agency (NSA); after which users were discouraged from using Skype or Microsoft. Therefore, users are advised to use domains that are tighter in terms of security and preferably provide “end-to-end encryption” such as WhatsApp and Signal.

3. Activate two-step verification: Social media and e-mail now give the option of a two-factor authentication using phone numbers or an alternate e-mail address. Therefore, if you log in form an unfamiliar system or if your account is being compromised, the domain sends you a notification.

4. Passwords should not match: Your password is the leading component of online security. Your password for all your accounts should not be the same, emphasises Dad. “If you care about your privacy, then you must prefer security over convenience,” she says.

5. Keep changing passwords: “I think people should change their attitudes towards digital platforms and security,” says Dad.

In her opinion, this is an age-old argument now because now security is primary. “Don’t set one password and forget it about for years.”

6. Keep yourself updated on social media settings: Educate yourself on new features that are introduced. All social media platforms keep rearranging their security settings.

“If you care about your privacy, then you must prefer security over convenience”

It is vital that users keep checking the security settings tabs. “Once in a month, perhaps, it is important to take out five minutes to review the new features and see which features have been discontinued,” says Dad. Currently, Facebook is in the stages of introducing a profile picture safeguard in Pakistan. Every user has an option to activate this feature. Thereafter, one can download your picture and on Android phones, no one can even take a screenshot of it.

7. Beware of what you click on: These days, intrusive software, such as malware and spyware, are easily accessible in the market. If someone is tech savvy, they will know how to crack into your account. A lot of people receive unknown e-mails and they not only just open the e-mails, but also click on links sent to them in the e-mail. As soon as you click on it, a malware or spyware enters your account and into your system through which your activities can easily be monitored. Such software are also used for purposes of surveillance. Therefore, do not click on e-mails you don’t know. Dad, a pioneer of internet rights shares her personal experience whereby she received several e-mails from an activist group that seemed fishy. Hence, she decided to call the person(s) concerned to verify if they had sent any e-mail. “Don’t be convinced about the credibility of e-mail based on the sender’s e-mail address, who knows it might be an impersonator.”

How to report

Founded by Dad, Digital Rights Foundation (DRF), a non-profit organisation actively working to minimise cyber harassment and enhance security has introduced a helpline where aforementioned complains can be lodged. The user can call on 0800-39393 (available from 9am to 5pm from Monday to Friday). E-mails from suspicious sources are encouraged to be reported by DRF. They take it upon themselves to investigate these links and their sources by analysing spyware and malware to evaluate the objectives of people behind them.

The helpline offers free expertise and guides the complainant to the digital security department.

If the person wants to report harassment, DRF makes them aware of the legislation under which their complaint can be registered. They further guide the caller about the process and its timeline.