Preventing cybercrime: Appreciate the value of information today
MANILA, Philippines – In an age where identity theft and the fear of large-scale hack attacks have become more mainstream, it's good to have reminders of what individuals can do to protect their data, and what corporations can do to keep individuals' data safe.
In a Rappler Talk session with Henry Aguda and Francesca Montes, co-authors of Data Privacy and Cybercrime Prevention in the Philippine Digital Age, the two talked about musts when it comes to protecting one's privacy.
They, along with Bryan Tiojanco, wrote the book to help spread awareness about protecting one's privacy and preventing cybercrimes from occurring.
Aguda noted that "there's about a thousand hacks happening" daily, and these include large-scale and individual-level attempts to access another person's data. (READ: The state of cybersecurity in the Philippines)
Given even just one-tenth of these becoming severe enough to be categorized as a breach, people can expect a wide range of potential problems not only in terms of financial losses, but also in terms of increased possibility for other crimes, such as identity theft. (TIMELINE: Tracing the $81-million stolen fund from Bangladesh Bank)
For individual users, Montes reiterated the importance of not only being judicious in what you share online, but also in knowing the permissions you allow your apps to have on your mobile devices. (READ: HummingBad malware affects over 85M Android devices)
For instance, sharing a picture of your boarding pass might seem harmless, but it could be a scary proposition as it can indicate to criminals not only where you're going, but also show no one's home.
Users should also learn to study the types of applications they put on their phones to avoid instances where a seemingly harmless new application has more permissions and access to data than it's supposed to.
During the session, Aguda cited the Data Privacy Act as one of the important laws Filipinos should take note of, adding that corporations and individuals have obligations and rights when it comes to data privacy.
The Data Privacy Act, signed by former president Benigno Aquino III on August 15, 2012 and which took effect on September 8, 2012, protects the fundamental human right to privacy, especially when it comes to ensuring the security and protection of personal information in both government and private information and communications systems. (READ: Comelec leak – what I discovered)
Aguda explained, "If you're a corporation and you're collecting information from the public, you have to be sure that you set the organization right." He added, "That organization has to be created and registered with the National Privacy Commission" to achieve compliance.
Aguda also said that "As individuals, you can now demand that your information should be safe. Gone are the days when, if your information is violated, you don't know what to file." Victims of hacks can file a case with the National Privacy Commission.
Montes added that negligence or haphazard security with regard to people's personal information can be subject to jail time. Corporations should be able to implement policy controls with regard to the flow of information.
"The general disposition is that we still have not gotten to the point where we appreciate information similar to how we appreciate the value of the peso or the dollar," Aguda said.
"It has to come to that point, because information will be more valuable than currency in the future." – Rappler.com