Misha Glenny, a British journalist, spoke to this newspaper on cybersecurity and data protection issues.
Misha Glenny is a British journalist, who specialises in southeast Europe, global organised crime and cybersecurity. His 2008 book McMafia sheds light on the byzantine outlines of global organised crime. He spoke to The Sunday Guardian on cybersecurity and data protection. Excerpts:
Q: Most people have a vague idea on cybersecurity and its importance. Can you elaborate?
A: Nowadays, we are not only enjoying the benefits of information technology, but we are completely dependent on it. Hence, cybersecurity has become a critical issue for everybody, whether you are in business, or working in a corporation or government, independent institutions or even as an individual. It is because people believe their relationship with the computer is intimate and there is no third person watching. People need to revise that idea because you are being tracked and watched on virtually everything you do on the computer, particularly when you are online and even when you are offline, if somebody has managed to insert some malware into your computer. So, it’s necessary that they don’t want to fall foul either on some advanced surveillance techniques or getting their personal data stolen. Everybody needs to understand that cybersecurity is now essential in their everyday lives.
Q: How do various websites function to collect and store date?
A: Whenever you click on a website, it asks who you are and where you are. If you are in Europe, where we now have something called the General Data Protection Regulation, it will ask you what cookies it can drop. These are little files that enable the hosting website to get information about the user. Though you can get browsers which are specifically designed to block people snooping on you, essentially almost every website you visit will leave a trace on your computer. So, not only your activities on their website will be tracked by the host, but the host can track your activities even on other websites. This data is valuable for the website as it’s something they can sell. So, there is a saying here in Europe—if it’s free, you are the product.
Q. Even social media websites such as Facebook have been blamed of stealing personal information. What’s your opinion on this issue?
A: Well, it’s perfectly true that through this way, Google, Facebook and Twitter make money. They make money by using the data that you hand over to them and you don’t even realise this. This is now being dubbed by the American academic Shoshana Zuboff as “surveillance capitalism”. So essentially, they are trying to include themselves in more and more aspects of your life so that they can anticipate how you are going to behave and then suggest that you behave in a certain way by offering advertisements, that they believe will benefit their clients and will persuade you to act in a certain way.
Q: Recently, allegations were made that top officials are being snooped into through WhatsApp by government machinery and personal information is getting vulnerable. So, is it that easy to snoop into someone’s WhatApp messages?
A: WhatsApp in US, Europe and many other parts of the world has what’s called “end-to-end encryption” which means that no one can read the messages being exchanged between two people. However, it has long been suspected that some government agencies—and this may well be the case in India, certainly the case in the United States, almost certainly in Russia and China as well—have actually secured backdoors into end-to-end encryption operations like WhatsApp so that they can read what’s currently going on. Nonetheless, there’s no question that this level of encryption has made the task more difficult for the state agencies to read communications between two individuals. The whole issue of encryption is going to become more and more important over the next few years.
Q: While data is considered to be more valuable than oil, cyber attacks are regarded a bigger threat than terrorism. Is it possible to safeguard one’s data?
A: Be very careful about which website you sign up, which websites you visit and most importantly what you can do is not use the conventional search engines like Google which suck up your data at an enormous rate. One can use search engines like DuckDuckGo or StartPage and use browsers like Brave or browsers using a VPN (Virtual Private Network) which is a system that you can download easily. You can also use Tor-The Onion-Router browser that guarantees anonymity. Using these techniques can protect your data from unwanted people.
Q: What is your view on India’s data security? How can free-to-use applications steal data from Indian users? Can it be considered a national security threat?
A: In terms of India’s data security, you face the same problems that we (Europeans) do. I don’t think that the use of commercial websites using your data and using applications to secure that data is a threat per se to India or its national security. However, all vulnerabilities that are embedded in internet technology are potential threat to people, businesses and national security. All citizens should have the right to privacy and freedom from state interference. It is a delicate balance that is required in the internet age. It is more difficult than it used to be in the past.
Q: Chinese gaming companies such as Alibaba and Tencent dominate India’s digital gaming industry. Can this be a threat to India’s national security?
A: Yes, it is possible that the Chinese gaming industries are supplying information to the Chinese government. Alibaba and Tencent have access to data relating to social and behavioural habits of Indians. Hence, this data is not only valuable for commercial purposes, but also for national security purposes. To counter this, India needs to build up its own digital gaming industry.