The Beginner’s Guide to Online Privacy

What is Data Retention and How it Affects Online Privacy?

Data Retention is the process of recording and storing data by Governments or by private companies with the purpose of later use that information. Simple as that. The matter gets more complicated when it comes to the reasons of why this happens. And we will get more into that. Also we will talk about the legal issues of data retention, which are different in countries around the world.

What is Mandatory Data Retention?

Mainly data retention in the private sector is justified by the need of accessing and protecting important information against data loss accidents. Copies of information are obviously necessary for banks or any other economical organization as a precaution in case something happens with the main data storage systems. On the other hand mandatory data retention is something else.

Mandatory data retention is a law enforcement practice that demands data storage from ISPs and telecom providers under the obligation that all the recorded information will be made available at demand. Basically, even though almost every user’s IP is changed periodically, all the ISPs and telecom providers are obligated to keep records of all their IP addresses allocations for an established period of time. This way state agencies can demand providers to give information about the identity of the person who used an IP at any given moment.

Call it abusive if you like, because that is exactly what we think it is. It gives more power to the governments to surveil its citizens, and takes away from them the basic right of online privacy. And maybe you’re asking yourself what reasons they invoke for this actions? It might differ from country to country, but mainly they are the same: to fight terrorism and combat serious crimes. You could think that these reasons are legit but more often than you think are just trojan horses for political oppression and other kinds of similar abuses.

How does data retention impact online privacy?

Knowing that somebody is watching you and could easily access all your online activity, your private thoughts or your social and political beliefs it’s not pleasant to say at least. Besides that, data retention is a considerable threat in many political regimes, as users don’t longer feel at large to freely express themselves. Also, the process of storage such a heavy load of information is costly as it presumes expensive storage equipment. And if you wonder who pays for that, wander no more, because the answer is simple. The government makes the service providers to cover the check and the services providers are charging the end users. So the surveyed pays to be monitored. And last, but not least let’s talk about hacking attempts. As you learned so far, your private information is stored somewhere by your ISP. It goes without saying that there is no protective solution to fully resist to cyber-attacks. It’s just a matter of time somebody manages to find a breach and steal yours and other users’ data. And even though this is obviously a breach of your online privacy, many governments have policies that favour data retention.

About Data Retention laws and how they affect online privacy

Of course data retention laws are different from country to country, but generally they aim to obtain the same thing. A better grip to the digital world, while disregarding the personal digital space, or even, in some cases, the freedom of speech. So let’s find out more about data retention laws in order to have a better picture about where online privacy is properly valued and where it is trashed down.

Data retention in European Union

Not long ago, in December 2016, European Union made an important statement against data retention and declared illegal for member states to make bulk retention of emails or other electronic data. The only exception from this ruling applies in cases of serious threats against public safety. Only then targeted surveillance and data retention are legal. Still, this admission comes with an important mention: the person or group of persons whose data were accessed must be notified that the surveillance act took place, as soon as the notice doesn’t endangers the investigation. Further, after the investigation comes to an end all the retained data must be destroyed.

Of course the ruling must be followed by all member states, but, as every country had a prior individual and different approach on the matter, we will let time to reveal if everybody complies or if there are states who ignore or delay the european bill, protecting therefore the online privacy of their citizens.

After Brexit, UK wants to change the online privacy approach

UK is the European country that wants to stand alone when it comes to online privacy regulations. The officials recently approved the Investigatory Powers Act which allows online surveillance for large groups of people and requires Internet providers to keep for a year browsing history from all users. Obviously the new ruling from the European Court of Justice against data retention, doesn’t fit very well into this picture.

Data retention in Australia

A few years ago, a law that allows data retention was passed in Australia. It’s even called Data Retention law, under the Telecommunications (Interception and Access) Amendment, and demands ISPs and telecom providers to store data that includes account holder names and addresses, date, time and duration of communications, the recipient of communications and the location of equipment used for communications, cell towers and Wi-Fi spots included. The official reason for this was the need of creating a stronger defense against terrorist attacks, but the law also refers to other crimes.

But wait, there’s a catch here. Funny thing is that the law is, even as we speak, impossible to be applied as the officials encountered a small problem. Australian ISPs are not under the legal obligation to require a license, so nobody truly knows how many providers are. The Bureau of Statistics had recorded 66 ISPs with more than 1,000 subscribers. On the other hand Internet Australia estimates there are at least 250, and perhaps more than 500. Fortunately, without a clear evidence of the internet providers, data retention is difficult to implement. Also, a lot of civil rights militants, journalists and advocates protested against Data Retention law. So, what happens next remains to be seen.

Data retention in USA

There is no mandatory retention law in the United States. But, because there’s always a but, there are ways for the authorities to gain access to citizens’ private data. The Stored Communications Act (SCA), issued in 1986 as a part of the Electronic Communications Privacy Act requires data storage up to 180 days on government demand. Also, the providers can willingly disclose private information in emergencies where a delay of such a disclosure puts a person or a group of persons in serious danger. Other than that access to digital content is only allowed with a court order. But there is some specific information, like users’ names, addresses, telephone numbers or records of phone calls that could be obtained with an administrative subpoena. So, things are trickier that they originally seamed.

Data retention in China

Well, online environment is under siege in this country. Chinese citizens have all the reasons to be concerned about data retention and online surveillance after China’s Ministry of Industry and Information Technology (MIIT) issued a notice saying that all special cable and local VPN services are obligated to acquire prior government approval. This is the diplomatic equivalent of declaring VPNs illegal and announcing the beginning of massive data retention and surveilling actions. Why do we say that? Let’s ask ourselves what reason could the authorities have to fight against VPNs and consequently encrypted traffic and private browsing? Well, you don’t have to be a genius to realize that VPNs are the only thing that could stay between a heavy data retention and surveillance and online privacy. So, things in China are not looking good at all.

How to protect from Mandatory Data Retention?

As we said before we believe that the right to online privacy is a basic human right. But, as you can see there are more than enough places in the world where politicians think otherwise. So, it’s up to you to protect yourself and to defend your online privacy and freedom of speech. And lucky for all of us there’s a way, and it’s called Virtual Private Network. A VPN service will hide your IP and keep your browsing hidden from any prying eyes, including your ISP. More than that, any data that comes or goes from your device is encrypted, so nobody else but you could read it.

Protect your privacy

What you do on your computer while you are online is your business and nobody else’s. If you agree with this affirmation than you surely want to protect your privacy online. And that is exactly what VPN does for you.You can download torrents and visit any sites you want and all that anonymously. Also your internet phone calls (voice-over-IP) are totally safe. Otherwise, without VPN protection they are very easy to hack, either you use Skype, Lync or any other voice chat. So, if you don’t want your government to keep a permanent track on you, now you know what to do about it. Simple and efficient.

Posted on by

Want to defeat data retention?

Try VPN for free