The Privacy Conundrum: How to secure your data by saying 'no' to apps

Nowadays, from calls, messages to ordering food or even a haircut can be done from the click of an app. On one hand, this has certainly enabled users to have better accessibility and a wholesome experience. On the other hand, this experience comes with a host of data that is collected by these apps, the light boxes that pop up asking for permissions to send notifications, location access, setting up profile and payment details.

The sheer amount of data collected is enough to have a reasonable amount of privacy concern. Often, the user is not aware of how their data is being used. While the draft Personal Data Protection Bill 2019 tries to tackle the issue from the supply-side perspective, we can all secure our privacy from the demand-side by carrying out the below practices.

It’s okay to say “no”

The apps collect data through two means, i.e., data provided by the user such as personal information and data collected by the apps through other means like data brokers and tracking etc. In the case of the former, the user can control the information they provide.

For instance, it is okay to say “no” to apps where they insist on sharing your mobile number. But before moving towards securing the data by saying “no”, it is important to understand the strands of sensitive, personal, and critical information the user wants to secure.

Have a checklist ready for sharing

While it is important to secure the data by saying “no”, it is also essential to balance this act with sharing it at the appropriate places for tapping various benefits and availing services. The users can have a checklist to help maintain this balance. This can involve checking if it is a legitimate app by cross-verifying with its website; stylistic aspects like language used and alignment.; and verify through online reviews and guides.

As we download the apps, they usually display a privacy policy which acts as another identifier for users to check its authenticity. Though it is essential to read the full privacy policy, it is suggested to at least glance through parts that answer the important questions of how the data is collected, processed and used. Especially, important to skim through parts on accessing data from our phone. Also, most apps have privacy by default settings which can be enabled – like opt-in only for necessary cookies and default opt-out for other forms of cookies.

Aim for positive-sum decision

Despite having a checklist for making us privacy-conscious, it has been seen that privacy consciousness and awareness doesn’t translate into privacy-securing behaviour. The users tend to share data as they consider the value to be more – this is known as the privacy paradox.

As users, we generally try to analyse cost vs utility before we do any transaction. While the cost is usually monetary, within the data-driven system, as a practice, users must move towards analysing it in terms of information (data) shared in return for the service. Because the information that is shared has a long-term implication which would cost the user more in future in case of misuse and breach.

While privacy-by-design from the companies would be the optimal mechanism to tackle this, there are various privacy-enabling tools available to secure our informational privacy without much effort and aid us in taking a positive-sum decision. These include tools like encryption that enable secure information transfer from unauthorised access.

Various platforms provide end-end encryption as a default for messaging and calls. Identity management is another privacy enabling tool that helps to manage multiple online identities through proxy. To smoothen the fatigue caused by reading the terms and conditions of various websites and services, privacy extension tools can be used which scraps the privacy policy, crunches it, and provides the user with the information in an easily consumable format.

READ | Analysing the advertising guidelines for the booming crypto market

Manage your data

As a thumb rule, users of any services should introspect whether the information we are about to share through various means throughout activities on the app is something that we want to make public. Besides, the users should also understand that information that they post, share, comment are data points used by apps for synthesising data and behavioural patterns.

Therefore, these mechanisms, practices and tools will aid users in their due diligence before allowing apps to access the information on their phone. But after practising and using all the above-suggested measures and tools, still one can fall through the cracks, in which case users should not hesitate to report privacy hampering activities and breaches.

The authors are Founding Director and Senior Research Associate at The Dialogue.

(Disclaimer: The views expressed above are the author's own and do not reflect those of DNA.)