Home » Online Privacy » Privacy Laws » How to Protect From MetaData Retention? Qucik and Easy Tips

How to Protect From MetaData Retention? Qucik and Easy Tips

Disclosure: All of our articles are unbased, well researched, and based on a true picture of the story. However we do sometimes get commissions from affiliate sites. Our readers get the best discount from buying from our links. Here is our complete affiliate disclosure.

Many countries worldwide, such as the United States, Australia, and European Union, have Mandatory Data Retention laws and policies as a backdoor to privacy in necessary times of calamity. Although at first, it might seem a good strategy to tackle cybercrime and keep tabs on suspects, such metadata retention jeopardizes the privacy of all the other people as a whole. And where it is necessary to have a probable cause and a warrant from the judiciary to access stored data, every government agency silently follows different surveillance practices to access such metadata indirectly.

Think about stored confidential data as silos of information and what power it might give you when you have complete control over it. Hackers worldwide are always in search of such a gold mine of stored data either to gain personal benefits or cause harm to their agenda.

Since you have control over your devices, you can always minimize or protect your information by following a few security measures listed on our How to Protect from Metadata Retention guide.

Gain Knowledge of Metadata Retention in Your Country

Like common laws in your country, you should also know the regulations that affect your digital privacy and communication. Keep checking our Metadata Retention list of countries to get updated knowledge on the matter. You can access the website of the governmental institution responsible in your country or consult a lawyer to acquire vast knowledge.

Get a VPN Subscription

Since our lives are so integrated with the online Internet, we cannot consider a life without it. We generate more information online than we can imagine, and for every query, we search for, our Internet service provider can tap into it anytime. Metadata Retention laws bind all the communication providers to store such information to allow government authorities access in their investigation. Although they require probable cause and a search warrant from the judiciary, every government silently follows the practice of surveillance to avoid such requirements anyway.

To prevent ISPs from tapping into your information, you should opt for a VPN subscription to encrypt your Internet data packets and make them inaccessible even for your Internet service provider. Another function of a VPN is that it cloaks your IP address with its server IP, protecting your identity over the web and preventing IP tracking carried out by numerous websites, including social media networks. But why does VPN matter? Mainly because VPN encryption renders Metadata Retention useless as any of your data is not stored by eavesdroppers.

Some of the VPN providers trusted by the people online are ExpressVPN, NordVPN, and PureVPN because:

  1. They follow strict NO LOG policy and are not bound to follow metadata retention as they are based outside such jurisdiction.
  2. They encrypt your Internet data with 256-bit AES encryption and OpenVPN security protocol.
  3. They maintain Net Neutrality by unblocking websites and redirecting traffic through servers spread around the world.
  4. Protect your online identity by changing your IP address.
  5. Have exclusive features such as Split Tunnel (PureVPN), TOR-over-VPN (NordVPN), Core VPN service (ExpressVPN).

Moreover, try to avoid free VPN providers as they exchange your information with third-party advertisers to earn their revenue.

If Not VPN Get to Tor

Suppose you are unwilling to entrust your information to a paid VPN service provider. In that case, you can move to a more secure volunteer-based TOR network that works through a Tor browser similar to other browsers in functionality. Once you connect to a Tor network, your web browsing traffic passes through different exit gateways or nodes, making it harder for your Internet service provider or any other eavesdropper to track and access your data.

However, your encrypted Internet data is only limited to the browser level with the Tor browser. The rest of your Internet data is still unencrypted by other system applications requiring Internet connectivity; thus, some data remains stored for Metadata Retention. Additionally, most of the time, the Tor network gets slow as your web browsing data passes through different nodes.

If you want TOR network protection but are unwilling to use the TOR browser, you can use NordVPN, which provides TOR functionality over its TOR-over-VPN servers.

Protect Mobile Calls and SMS

Tapping on your mobile calls and SMS is an old practice of government surveillance. You must have heard an adage of ‘Big Brother Is Watching’ is true when there are intelligence agencies like the NSA and GCHQ. When it comes to Metadata Retention, blame is not limited to the agencies because some of the mobile carriers are not sincere. Unfortunately, you cannot protect your mobile calls and SMS, but you can circumvent such a situation by moving your communication to end-to-end encryption.

Many secure messaging apps such as Signal, WhatsApp, Wickr Me, and Telegram provide the functionality of end-to-end encrypted calls and messages for free. Since none of your communication is being stored, therefore Metadata Retention becomes useless here.

Protect Your Email Communication

Since Metadata Retention includes the summary of your email communication, e.g., sender and recipient email addresses and timestamps, therefore, protecting it should be your utmost priority. If you are flexible, you should move to end-to-end encrypted email services like Tutanota or Protonmail. Other services like Outlook and Gmail do not provide such encryption out of the box; therefore, you can use third-party extensions like Mailvelope that encrypts your emails with OpenPGP encryption.

Use HTTPs Everywhere

One great thing about Google is that it tells you which website is secure and which is not. HTTPs ensure that data exchange while browsing a website is encrypted. Many websites still use unencrypted HTTP or provide limited support for encryption over HTTPs but make it harder to use.

For example, the website defaults on unencrypted HTTP or redirects their encrypted HTTPs pages to unencrypted ones. The HTTPs Everywhere extension – by EFF & Tor Project itself – fixes these problems by rewriting these requests to HTTPs. However, all the communication before successful HTTPs encrypted communication is monitored by your ISPs with timestamps under metadata retention requirements. So it is necessary to use a VPN along with the HTTPs Everywhere extension.

Prevent Social Media Tracking

Social media profiles tell more about us than ourselves; it is like the silo of information ideal for mandatory Data Retention practice. It can show our psychological behavior, what we are doing, likes and dislikes, shopping patterns, etc. Such information is valuable not only for marketing analytics purposes but also for keeping tabs on people’s activities. Social media websites such as Facebook, Google Plus, and Twitter track you via scripts that you can block using extensions like Privacy Badger or Disconnect that sends ‘Do Not Track requests to the websites to prevent social tracking.


Although only a few countries follow mandatory data retention regimes after the extreme invasive Investigatory Powers Act in the UK and Congress vote to allow ISPs to sell metadata has left precedent for other countries to follow. Where digital privacy is facing threats by such metadata retention laws, the idea of encrypting everything is gaining strong roots online. To protect your digital privacy, you must follow the security measures described above to mitigate the risks of exposing your sensitive information online.

Photo of author
Rutaba Rais is Editor at Be Encrypted with focus on Technology and Internet Security. Apart from her Healthcare background, she has interests in Lifestyle, Journalism, and expressing her opinion by her writing. You can follow her on Twitter.

2 thoughts on “How to Protect From MetaData Retention? Qucik and Easy Tips”

  1. yeah i think protonmail, fastmail and tutanota are the only ones that provide encryption over emails. The only real advantage gmail has over others is its ability to sync with pretty much everything, every service, every account, every website and every app. And that it offers decent enough cloud storage for free. About VPNs, yes, tor itself is a reliable solution to the problem along with tor-powered option like nord. in terms of encryption, i do believe most of the options out there offer it, including nord, express, ivacy and pure. the only thing that really matters here is that these providers can be helpful if the aren’t operating from australia or registered from australia. because from what ive read, most of the providers operating from the said nation are actually bound by Section 187A(3)


Leave a Comment