The extremely invasive Investigatory Powers Act in the UK and Congress’s vote to allow ISPs to sell metadata has left a precedent for other countries to follow. This metadata retention raises threats regarding privacy. However, you can prevent it by following several precautionary measures and tips like getting a VPN service.
Many countries worldwide, such as the United States, Australia, and the European Union, have Mandatory Data Retention laws and policies as a backdoor to privacy in necessary times of calamity. Although it might initially seem a good strategy to tackle cybercrime and keep tabs on suspects, such metadata retention jeopardizes the privacy of all people.
Since you control your devices, you can always minimize or protect your information by following a few security measures we discussed below.
Tips to prevent metadata retention
Like common laws in your country, you should also know the regulations that affect your digital privacy and communication. You can access the website of the governmental institution responsible in your country or consult a lawyer to acquire vast knowledge.
1. Get a VPN subscription
Metadata Retention law binds all communication providers to store your online activities, bandwidth usage, and other data. This allows government authorities to access such information in case of investigations. Although they require probable cause and a search warrant from the judiciary, every government silently follows the practice of surveillance to avoid such requirements anyway.
You should opt for a VPN service to prevent ISPs from tapping into your information. A Virtual Private Network encrypts your Internet data packets, making them inaccessible even to your Internet service provider. Another function of a VPN is that it cloaks your IP address with its server IP, protecting your identity over the web and preventing IP tracking carried out by numerous websites, including social media networks.
But why does VPN matter? VPN encryption renders Metadata Retention useless, as eavesdroppers do not store your data.
Some of the VPN providers trusted by people online are ExpressVPN, NordVPN, and ExtremeVPN because:
- They follow a strict No-Log policy and are not bound to follow metadata retention as they are based outside such jurisdictions.
- They encrypt your Internet data with 256-bit AES encryption and OpenVPN security protocol.
- They maintain Net Neutrality by unblocking websites and redirecting traffic through servers worldwide.
- Protect your online identity by changing your IP address.
- Have exclusive features such as Split Tunnel (ExtremeVPN), TOR-over-VPN (NordVPN), and Core VPN service (ExpressVPN).
Moreover, try to avoid free VPN providers, as they exchange your information with third-party advertisers to earn revenue.
2. Use TOR browser
Suppose you are unwilling to entrust your information to a paid VPN service provider. In that case, you can move to a more secure volunteer-based TOR network that works through a Tor browser similar to other browsers in functionality. Once you connect to a Tor network, your web browsing traffic passes through different exit gateways or nodes, making it harder for your Internet service provider or any other eavesdropper to track and access your data.
However, your encrypted Internet data is only limited to the browser level with the Tor browser. The rest of your Internet data is still unencrypted by other system applications requiring Internet connectivity; thus, some data remains stored for Metadata Retention. Additionally, the Tor network usually gets slow as your web browsing data passes through different nodes.
If you want TOR network protection but are unwilling to use the TOR browser, you can use NordVPN, which provides TOR functionality over its TOR-over-VPN servers.
3. Protect mobile calls and SMS
Tapping on your mobile calls and SMS is an old practice of government surveillance. You must have heard an adage about ‘Big Brother Is Watching,’ which is true when intelligence agencies like the NSA and GCHQ exist. Regarding Metadata Retention, agencies are not the only ones responsible because some mobile carriers are not sincere. Unfortunately, you cannot protect your mobile calls and SMS, but you can circumvent such a situation by moving your communication to end-to-end encryption.
Many secure messaging apps, such as Signal, WhatsApp, Wickr, and Telegram, provide free functionality for end-to-end encrypted calls and messages. Since none of your communication is being stored, Metadata Retention becomes useless here.
4. Protect your email communication
Since Metadata Retention includes a summary of your email communication, e.g., sender and recipient email addresses and timestamps, protecting it should be your utmost priority. If you are flexible, you should move to end-to-end encrypted email services like Tutanota or Protonmail.
Other services like Outlook and Gmail do not provide such encryption; therefore, you can use third-party extensions like Mailvelope that encrypt your emails with OpenPGP encryption.
5. Use HTTPs Everywhere
One great thing about Google is that it tells you which websites are secure and which are not. HTTPs ensure that data exchange while browsing a website is encrypted. Many websites still use unencrypted HTTP or provide limited support for encryption over HTTPs, which makes them harder to use.
For example, the website defaults to unencrypted HTTP or redirects its encrypted HTTPs pages to unencrypted ones. The HTTPs Everywhere extension – by EFF & Tor Project itself – fixes these problems by rewriting these requests to HTTPs. However, all the communication before successful HTTPs encrypted communication is monitored by your ISPs with timestamps under metadata retention requirements. So, it is necessary to use a VPN along with the HTTPs Everywhere extension.
6. Prevent social media tracking
Social media profiles tell more about us than ourselves; it is like the silo of information ideal for mandatory Data Retention practice. It can show our psychological behavior, actions, likes and dislikes, shopping patterns, etc. Such information is valuable not only for marketing analytics purposes but also for keeping tabs on people’s activities.
Social media websites such as Facebook, Google Plus, and Twitter track you via scripts that you can block using extensions like Privacy Badger or Disconnect, which send ‘Do Not Track requests’ to the websites to prevent social tracking.
Share this article
About the Author
Rutaba Rais is Editor at Be Encrypted with focus on Technology and Internet Security. Apart from her Healthcare background, she has interests in Lifestyle, Journalism, and expressing her opinion by her writing. You can follow her on Twitter.
More from Rutaba RaisRelated Posts
Data Retention Law in United States
Mandatory Data Retention Law in the United States is not implemented. However, according to the law ...
European Union MetaData Rentention Law
In 2006, the European Union passed the Data Retention Directive (DRD), which is considered an extrus...
Review of the Mandatory Data Retention Law
KEY TAKEAWAYS Mandatory Data Retention Law is against every user’s privacy, as it allows ISPs ...
Mandatory Data Retention Law in Germany
In January 2016, the German law on data retention came into effect to ‘strengthen’ the n...
Surveillance practices in Canada, Facing Criticism
With the revelation that the Canadian Revenue Agency (CRA) regularly supervises social networking si...
What is Australia Data Retention Law? How to Protect Yourself
The countdown for ‘intrusive data surveillance’ has expired after the 18-month deadline. From this d...
