When it comes to spying, the biggest culprit is the government. Organizations and private companies spy on you too, but the various governments hold the number one position. Note that while most people understand that almost all governments spy on their people, some nations have been caught in the act, chief among them the United States. The Snowden revelations in 2013 revealed in detail how the US and the UK were spying on people without their knowledge. With regards to other countries, here is a breakdown of prominent agencies at the forefront of spying on citizens.
Who is spying on you?
To start with; it is vital to know that five prominent agencies in the world are always collaborating and exchanging information on spy programs. Together, these agencies form the five eyes alliance.
- 1. The NSA (United States)
- 2. GCHQ – the UK’s Government Communication Headquarters
- 3. ASD – Australian Signals Directorate
- 4. GCSB – Government Communications Security Bureau (New Zealand)
- 5. CSEC – Communications Security Establishment Canada
While the alliance was initially formed to counter China’s assertive international strategy, there is no denying they also own programs such as MUSCULAR, MYSTIC, and XKEYSCORE.
MUSCULAR is an NSA and GCHQ program that between 2012 and 2013 collected 181 million records by intercepting user data as it passed between Google and Yahoo servers.
Google strengthened their security after that, but that is not to say these two agencies have not found other ways of intercepting data.
MYSTIC is a program that spies on calls made to and in five specific countries by recording the metadata. These five countries include the Philippines, Kenya, Mexico, Afghanistan, and the Bahamas.
Other countries such as Germany, France, China, Russia, and Syria also have documented spying activity.
There you have it, now you know for a fact that your government is spying on you. That said, bear in mind that security agencies make up just one channel through which the government spies on you. So, how else?
By compelling technology companies to divulge information about you
Technology companies know a lot about you. For instance, through location-based services, Google and Apple can easily track your device’s movements.
Elsewhere, a company like Dropbox reads your files. Apple, on the other hand, is responsible for storing your iMessages. Just recently, Facebook admitted to scanning private messages with the aim of tailoring adverts to suit an individual.
Even ISPs, know a lot about you through your browsing history. With enough analysis, they can map out what you are thinking of doing at a given time.
Remember that as long as the government is within its rights, a technology company cannot refuse to divulge the information in the name of privacy. Take the example of the snooper’s charter.
It states that ISPs must maintain weblogs for 12 months and under certain conditions—a warrant from the judge and the threat of national security—the ISP must release the data if so directed by a security agency. In such a scenario, the ISP will release the data.
What can you do to curb such mass surveillance?
There are a couple of things you can do to at least provide a measure of security and privacy for yourself.
First and arguably the most important, download a good VPN. A VPN takes all your data and places it in an encrypted envelope. Consequently, governments cannot intercept or spy on that.
So essential is a VPN, that the former “most wanted” hacker—Kevin Mitnick—said in an interview that his first recommendation with regards to privacy and security is a VPN.
In addition to a VPN, you can also incorporate other privacy best practices that will help enhance your security. For instance, you can be deliberate in choosing technology companies that encrypt data.
That means SpiderOak instead of Dropbox or at least protecting your Dropbox files with Truecrypt or an equivalent. Also, you can use DuckDuckGo instead of Google. If you miss Google, which is perfectly acceptable because Google is pretty powerful, then use the !g function in DuckDuckGo.
Finally, especially in extremely sensitive matters, you can use an air-gapped computer—a computer that has never been connected to the internet. No security agency can see your data if your computer has never touched the internet.
Hopefully this little bit of advice will help some of you understand better. And you can find many more guest contributions that aim to raise the same kind of awareness about other topics by clicking HERE.