Many questions are constantly asked by the public wanting to know the best way to protect themselves from online spies. In light of the exposed NSA and Prism data mining program, internet users the world over have been given yet another reason to raise major concerns over their online privacy.
What is Prism?
Prism is a secret data surveillance system developed by the USA’s National Security Agency (NSA) and exposed in early June by The Guardian and Washington Post and the man behind the leak – former NSA contractor Edward Snowden. In a classified presentation leaked by Snowden, the allegations suggest that Prism allows US government agencies to directly access servers of the world’s leading internet companies, including Microsoft, Google, Facebook, Apple, Yahoo and more. All of the said companies boast enormous numbers of daily active users, particularly the world’s largest search engine Google social network – Facebook.
To make matters more confusing, the accused internet giants were quick to deny any involvement with the NSA and vehemently rejected Snowden’s claims that the US government had direct access to their data servers. However, this scandal is still in a developing stage, with new information being revealed on a daily basis. It will probably take a considerable amount of time to fully understand the scope and validity of the surveillance program. Yet this doesn’t mean that you shouldn’t already be taking necessary precautions to hide your online activities from data snoops.
How it affects you
Chances are, you use or have used some services by the companies in question. By using Google, Skype and Facebook your is data is automatically recorded on the basis of your search history, chat logs, timeline posts and status updates. However boycotting these services altogether does seem a little over the top and would surely limit much of what you enjoy and need to do online. Simply stopping using them is not the greatest of options. Finding alternatives also seems like a huge hassle and persuading all of your friends to migrate to an anonymous social network is rather unlikely.
How to protect my data online
Simply put, get a VPN. When connected to a VPN, your internet connection and traffic data is routed through an encrypted server and your computer or mobile device is masked with a brand new IP address from a different location.
The more important decision is in choosing a service that is truly anonymous in its operations. An anonymous VPN is one that does not store user data logs. However, despite claiming to be anonymous, many providers do in fact store some usage data for various periods of time, ranging from a day to a month and sometimes even longer.
(Note that it’s a standard for all VPN companies to briefly store connectivity logs, which does in fact record just your IP address connecting to their VPN server, however, a no-log VPN means your actual traffic (online activity) is fully encrypted, mixed with other users’ and discarded in action).
Choosing the right VPN provider
Be weary when signing up with a US-based VPN provider. In the worst-case scenario, the US government can impose a court order to gain access to a US company’s servers. If the provider did in fact store traffic logs and you had used the service then your online history will definitely fall into the hands of others.
Saying that, we are not suggesting that you should altogether avoid US-based VPN providers, as some of the most highly regarded services in terms of privacy are in-fact headquartered in the USA. Take Private Internet Access for example. Their policy strictly states that they do not store traffic logs under any circumstances and this applies to all of their servers, both domestic and international. In addition, USA is one country that has no mandatory data retention law. This means that PIA VPN are not obliged by law to store any data logs and in the instance that they did receive a court order from a third party (e.g. NSA) to access their user data, there wouldn’t be much information to share.
Another viable option is to use a VPN based outside the US, such as BTGuard, who, under Canadian jurisdiction are likewise not forced to maintain data logs and affirm in their Terms & Conditions that they offer an anonymous, no-log service. Again, in the event of receiving a court order, BTGuard would not have any traffic information to hand over.