/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsIndia, years behind the US in this arena, is trying hard to catch up.
Here's five ways you could get snooped on in 2014.
CALL DATA RECORDS
This is the most likely way a government department will snoop on you. By askingyour phone company for your "call data records" (CDR): who you spoke to, how oftenand for how long, locations of both parties, and more.There are nearly a dozen Indian organizations (such as the income-tax department), apart from the police, who are allowed to do this.
So you have "nothing to hide"? And they're not listening to what you're actuallysaying? Most people do have things to hide - not all of them illegal.
One government officer got the call records for a man being investigated for taxevasion, but misused the data - which showed frequent calls to a married lady - forsome blackmail.Or let's say you're in India and you make a friend in Pakistan over Facebook.And you call her a few times from your phone. What you discuss is irrelevant: thegovernment snoops will just flag the pattern of frequent calls to one Pakistan number.
If they were actually listening to the call, they'd know your chat was innocuous, butthey're not, so they'll assume the worst.
What do you do? Use Internet based systems like Skype for frequent long-distance calls. They're more difficult to intercept, and cheaper.
SOCIAL MEDIA PROFILING
This is easy to do when targeting one person. But it takes "big data" tech to profilelarge groups.Don't forget that your social-media information is available to anyone, not just togovernment agencies.
What you say and do on social media paints a clear picture of you.
Password crackers look for clues in your social media activity: names of your cat,or son, or favorite song. Most people pick passwords drawn from objects of interest to them. On top of that, most people use the same passwords across multiple accounts.
And repeatedly, posts on Twitter, Facebook and elsewhere have
resulted in arrest under the IT Act's section 66A.
What can you do? Check your privacy settings on Facebook so that
everyone can't see your posts. Avoid posting personal information. Avoid
using passwords that have anything visibly to do with you.
EMAIL INTERCEPTION
People worry a lot about this, but it's actually not so easy for the Indian
government to do this legally. Most popular email services are US-based, with servers located outside India, and do not fall under Indian jurisdiction.
There is no easy way to intercept a Gmail message you send from a
web browser. (The US agency NSA taps directly into those servers, under
the Prism program.)
This does not mean your email is safe. ‘Phishing' (acquiring login, password, credit card and other details) is so rampant most Indians will lose an email, banking, or other account to hackers, at some point. You get an email supposedly from Gmail or your bank, saying you need to validate your account. Enter your login and password,
and someone steals your account. India is the fourth most phishing-attacked nation globally. A recent survey by EMC says phishing scams cost Indian firms $53 million in just July-September 2013.
So can the government take over your email account this way? Not legally. But yes, rogue individuals could "phish" and break into your email.
The only people safe from government snooping are terrorists. They use
encryption, making it difficult to crack their messages. More and more people now will begin to do the same thing.
The people most vulnerable to targeted phishing attacks are government
officials who, in India, tend to use Gmail and Hotmail extensively, and are simply not trained in security.
Prasanto K Roy (@prasanto) is editorial
advisor, CyberMedia