Enhancing Your Privacy on WhatsApp: A Comprehensive Security Guide

A Foray into the Digital Labyrinth

In our digital age, the silhouette of truth is often obfuscated by a fog of technological prowess and cunning deception. With each passing moment, the digital expanse sprawls wider, and within it, synthetic media, known most infamously as 'deepfakes', emerge like phantoms from the machine. These adept forgeries, melding authenticity with fabrication, represent a new frontier in the malleable narrative of understood reality. Grappling with the specter of such virtual deceit, social media behemoths Facebook and YouTube have embarked on a prodigious quest. Their mission? To formulate robust bulwarks around the sanctity of fact and fiction, all the while fostering seamless communication across channels that billions consider an inextricable part of their daily lives.

In an exploration of this digital fortress besieged by illusion, we unpeel the layers of strategy that Facebook and YouTube have unfurled in their bid to stymie the proliferation of these insidious technical marvels. Though each platform approaches the issue through markedly different prisms, a shared undercurrent of necessity and urgency harmonizes their efforts.

The Detailing of Facebook's Strategic

Facebook's encampment against these modern-day chimaeras teems with algorithmic sentinels and human overseers alike—a union of steel and soul. The company’s layer upon layer of sophisticated artificial intelligence is designed to scrupulously survey, identify, and flag potential deepfake content with a precision that borders on the prophetic. Employing advanced AI systems, Facebook endeavours to preempt the chaos sown by manipulated media by detecting even the slightest signs of digital tampering.  

However, in an expression of profound acumen, Facebook also serves reminder of AI's fallibility by entwining human discernment into its fabric. Each flagged video wages its battle for existence within the realm of these custodians of reality—individuals entrusted with the hefty responsibility of parsing truth from technologically enabled fiction.

Facebook does not rest on the laurels of established defense mechanisms. The platform is in a perpetual state of flux, with policies and AI models adapting to the serpentine nature of the digital threat landscape. By fostering its cyclical metamorphosis, Facebook not only sharpens its detection tools but also weaves a more resilient protective web, one capable of absorbing the shockwaves of an evolving battlefield.

YouTube’s Overture of Transparency and the Exposition of AI

Turning to the amphitheatre of YouTube, the stage is set for an overt commitment to candour. Against the stark backdrop of deepfake dilemmas, YouTube demands the unveiling of the strings that guide the puppets, insisting on full disclosure whenever AI's invisible hands sculpt the content that engages its diverse viewership.

YouTube's doctrine is straightforward: creators must lift the curtains and reveal any artificial manipulation's role behind the scenes. With clarity as its vanguard, this requirement is not just procedural but an ethical invocation to showcase veracity—a beacon to guide viewers through the murky waters of potential deceit.

The iron fist within the velvet glove of YouTube's policy manifests through a graded punitive protocol. Should a creator falter in disclosing the machine's influence, repercussions follow, ensuring that the ecosystem remains vigilant against hidden manipulation.

But YouTube's policy is one that distinguishes between malevolence and benign use. Artistic endeavours, satirical commentary, and other legitimate expositions are spared the policy's wrath, provided they adhere to the overarching principle of transparency.

The Symbiosis of Technology and Policy in a Morphing Domain

YouTube's commitment to refining its coordination between human insight and computerized examination is unwavering. As AI's role in both the generation and moderation of content deepens, YouTube—which, like a skilled cartographer, must redraw its policies increasingly—traverses this ever-mutating landscape with a proactive stance.

In a Comparative Light: Tracing the Convergence of Giants

Although Facebook and YouTube choreograph their steps to different rhythms, together they compose an intricate dance aimed at nurturing trust and authenticity. Facebook leans into the proactive might of their AI algorithms, reinforced by updates and human interjection, while YouTube wields the virtue of transparency as its sword, cutting through masquerades and empowering its users to partake in storylines that are continually rewritten.

Together on the Stage of Our Digital Epoch

The sum of Facebook and YouTube's policies is integral to the pastiche of our digital experience, a multifarious quilt shielding the sanctum of factuality from the interloping specters of deception. As humanity treads the line between the veracious and the fantastic, these platforms stand as vigilant sentinels, guiding us in our pursuit of an old-age treasure within our novel digital bazaar—the treasure of truth. In this labyrinthine quest, it is not merely about unmasking deceivers but nurturing a wisdom that appreciates the shimmering possibilities—and inherent risks—of our evolving connection with the machine. 

Conclusion 

The struggle against deepfakes is a complex, many-headed challenge that will necessitate a united front spanning technologists, lawmakers, and the public. In this digital epoch, where the veneer of authenticity is perilously thin, the valiant endeavours of these tech goliaths serve as a lighthouse in a storm-tossed sea. These efforts echo the importance of evergreen vigilance in discerning truth from artfully crafted deception. 

References 

• https://about.fb.com/news/2020/01/enforcing-against-manipulated-media/
• https://indianexpress.com/article/technology/artificial-intelligence/google-sheds-light-on-how-its-fighting-deep-fakes-and-ai-generated-misinformation-in-india-9047211/
• https://techcrunch.com/2023/11/14/youtube-adapts-its-policies-for-the-coming-surge-of-ai-videos/
• https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/youtube-twitter-hunt-down-deepfakes
  

Introduction

‍

The way we interact, go about our daily lives and manage our financial resources has completely changed in this digital age. Tasks that were earlier done manually (and were extremely time-consuming) now happen in just minutes and seconds. As this convenience expands, so do the risks that come with it. The proliferation of digital technology has opened up a wide arena where we, as users, are getting exposed to a complex environment of emerging cyber threats at every step. This has become especially true for our senior citizens, who face heightened vulnerabilities owing to their age and situational factors. Therefore, getting an understanding of these risks and knowing how to respond to them is no longer optional.

‍

Cybercrime against senior citizens is rising every year. The elderly today are using and depending on smartphones, net banking, UPI (Unified Payments Interface) and social media more than ever. Scammers are preying on this circumstance and perpetrating well-planned cyber attacks on the senior population. A 2024 report from the United States Federal Trade Commission (FTC) that analysed cybercrime data for the year 2023 found that older adults lost more money per incident as opposed to the younger population. 

‍

This blog aims at providing practical and easy-to-follow cyber safety tips for senior citizens and a clear action plan on how to respond if they ever fall victim to a scam.

‍

Safe and Smart Browsing for the Elderly: Essential Cybersecurity Tips

‍

1. Device safety: Cybersecurity can be ensured with one simple rule, which is securing your device first. This is the first line of defence against cybercrime and can go a long way in preventing online attacks and scams. This device security can be established by using screen locks such as setting up a PIN, lock patterns, fingerprints, or even applying the face lock feature on smartphones and tablets. 

‍

The next step is to install a reputable antivirus on your device (such as laptops and desktops) and keep updating it from time to time. Enabling additional security features in your devices, such as ‘automatic updates’, further ensures that the phone’s Operating System (OS) and the Applications (apps) remain up to date. This guarantees that the device’s OS and the apps are fully upgraded to catch and fix any new security threats. Users should also beware of any unauthorised software. Suspicious links or messages that offer free software or updates should be avoided at all costs. 

‍

The Government of India’s 2024 cyber safety booklet also stresses the importance of keeping devices and apps equipped with the latest security patches to prevent exploitation of any known vulnerabilities. 

‍

2. Robust Passwords and 2FA: Weak passwords are one of the easiest entry points for cybercriminals. This is why it is crucial to have strong and robust passwords to keep accounts and devices absolutely secure. It is also important to make sure to avoid using very basic PINs, such as date of birth or predictable ascending digits such as ‘12345’. Also, similar passwords should not be used across various bank, email or social media accounts. While creating a strong password, ideally, one should use a combination of upper case and lower case letters along with mixed digits and special characters. If need be, one can jot down these complex passwords in a separate physical diary to keep a record and refer to it in case of forgetfulness. 

‍

Enabling two-factor authentication adds an extra layer of protection. Whenever and wherever possible, users should enable OTP (one-time password) based verification or app-based authentication codes. In case someone does end up stealing the user’s password, they would still need the second factor to log in.

‍

The Government of India supported the Information Security Education and Awareness (ISEA) initiative, which also provides guidelines that recommend the use of passwords and secure authentication as key cyber safety practices for senior citizens.

‍

3. Handle messages with caution: Most cybercrime instances against senior citizens are initiated with a phone call, an SMS or a WhatsApp message. Personal details such as OTPs, CVV (3-digit number on the back of a debit/credit card), ATM or UPI PIN, full debit/credit card number, net banking ID and password, etc., should never be shared over a call or a chat. Also, people need to be aware of the fact that genuine officials will never make any demands for such details over calls or messages. ISEA has specifically warned about frauds like phishing, where fraudsters call or message their victims pretending to be from banks, courier companies, telecom operators or from the government to trick seniors into revealing their personal details.

‍

A caller might say ‘Your KYC can get blocked, give OTP now’ or ‘Your card will get deactivated, click this link’. Hang up immediately! Do not click any links, do not share any number and do not install any app that they suggest (eg. remote access apps).

‍

4. Banking without worries: Online banking is truly a boon, especially for senior citizens. It eliminates the need to visit the bank in person for every small requirement. But this comfort and ease can serve us well only if we use it with a certain sense of vigilance and responsibility. 

‍

Users are advised to use only official banking apps that are downloaded from Google Play Store or the Apple App Store. It is also prudent to activate SMS or email alerts for all online transactions so that the user receives timely notifications of any withdrawal or transfer. Users should also avoid using public Wi-Fi connections for banking or UPI payments. It is better  to use your own mobile data or a home Wi-Fi with a strong password. This safeguards your financial transactions. India has a system in place called the Citizen Financial Cyber Fraud Reporting and Management System (CFCFRMS) that quickly responds to online financial fraud, especially with regards to UPI and net banking frauds.

‍

5. Think before you share: Beyond online banking and other essential activities on the web, lies the world of social media which has seamlessly woven itself into our daily routines. Therefore, gaining awareness about the safe usage of social media is extremely important. For starters, users should keep the privacy settings of their social media accounts as ‘Private’. They should also be mindful of accepting friend requests from strangers or unknown profiles, even if they claim that they know the user. Users must also avoid ‘oversharing’ on public platforms and social media accounts. It is always best to refrain from posting about personal details on social media such as finances, travel schedules or addresses. If a user receives urgent messages from a close friend or a relative asking for money, then it is better to first call them up directly to verify that the request is genuine. 

‍

The older generation should also be wary of fraudsters who, under false identities, build emotional relationships online and then start demanding money, gifts or even private photos from their victims. 

‍

6. Stay a step ahead: Lastly, senior users can stay a step ahead in this game by familiarising themselves with the typical scams that are targeted towards their age group. This know-how will prepare them to identify scam patterns and early warning signs. Discussing experiences or sharing knowledge with family members or peers can also help seniors bridge the gap between awareness and action.

Fallen for a scam? Don’t panic! Here’s what seniors should do next: An action plan for recovery and protection

‍

We are all human at the end of the day. Anyone can fall for a scam, even the most careful people. The important thing is how to ‘respond’ after getting scammed. As per the 2023 Internet Crime Complaint Center (IC3) Elder Fraud Report, prompt reporting after a scam can improve the chances of either freezing or retrieving the stolen money. If you have fallen for a scam, here is what you should do:

‍

1. Keep calm and disconnect: Though it may feel challenging, but the first instinct that victims should display is to keep their calm and hang up the phone. The victim should then block the number and refrain from responding to any further emails or messages. Any remote access app, screen sharing app or a support tool that were installed at the request of the caller, should be instantly uninstalled.

‍

2. Alert your bank right away: Time is of the essence when it comes to online financial frauds. If a user has been scammed and he is aware of it, then he should immediately call the official customer care number of his bank. It is to be noted here that this number should be verified from the bank’s website or from the user’s credit/debit card. Once the user is connected to the bank’s support staff, he should inform them clearly that he has been a victim of an online fraud. The support staff may guide the user regarding the options that he can undertake. These can be: blocking the cards, freezing the account or an attempt from the bank’s interface to try and stop or recall the recent transaction. 

‍

The Reserve Bank of India (RBI) has laid down certain guidelines on unauthorised electronic banking transactions that encourage quick reporting and provide a steady framework for customer liability. Also, if in case a victim feels that the bank’s response has been unsatisfactory, the complaints can be further escalated to the RBI Ombudsman.

‍

3. Reset online credentials: Once the victim has spoken to the bank and taken all necessary steps in that regard, the next step is to reset the passwords. Passwords for netbanking, UPI apps, email accounts, social media, shopping platforms, etc., should all be changed. The victim can also turn on two factor authentication for all important accounts. Incase some critical information like PAN (Permanent Account Number) or Aadhar or SSN (Social Security Number ) has been shared, the victim should be on the lookout for any identity theft in the form of unknown loans, new cards or credit enquiries. 

‍

4. Notify official cybercrime portals or authorities: The next step is to inform the relevant cybercrime authorities in your region. In India there is a government backed National Cyber Crime Helpline which is a part of the Financial Cyber Fraud Reporting and Management System. The aim of the helpline is to prevent further losses in digital payment frauds. Victims can also file a complaint on the National Cyber Crime Reporting portal. Other than these options, the victim can visit the nearest police station along with copies of their online complaint, bank statements, transaction receipts and ID proofs. 

‍

In the US, such complaints can be lodged with the IC3 which runs a specialised elder fraud program. The IC3 also publishes the annual Elder Fraud Report and lays down latest guidelines and trends regarding cybercrime.

‍

5. Preserve proofs of the scam: The IC3’s 2023 report notes that detailed and prompt reporting by the victim enables law enforcement and financial institutions to deploy ‘Financial Fraud Kill Chain’ procedures that help in tracing or freezing stolen funds. This is why it is very important to preserve the evidence of a cyber scam. Proper documentation can help banks and law enforcement agencies to properly investigate a case. If possible, the victim should save all messages, WhatsApp chats, emails, screenshots and voice recordings. Establishing a clear timeline of the events also helps. Minute details such as: when the first call was received, what was said and when the money exited the victim’s account, significantly help in piecing together the full picture. Victims should also keep a record of all bank statements and transaction alert messages related to the fraudulent activity. 

‍

6. Helping seniors heal: Apart from monetary damage, the emotional impact of a scam should also be acknowledged. Getting scammed can be deeply humiliating for senior citizens, especially at their age where everyday life may already feel quite overwhelming. Also, when it comes to their lifelong savings, the ramifications of becoming a victim of an online financial scam can be quite distressing for seniors. The US Department of Justice’s elder fraud content emphasises on the fact that senior victims need ample emotional support and should not be blamed or shamed for their predicament.

‍

Families and caregivers can guide the elderly victims step by step through the recovery process which includes taking the necessary technical steps, filling out forms and following up with banks or authorities. For large value frauds, repeated targeting or cases that involve identity theft, getting a legal consult for the victim is highly advisable. This kind of support and reassurance can help seniors reduce their anxiety and regain their inner strength.

‍

Secure today, safe tomorrow

‍

The rate of cybercrime against senior citizens isn’t showing any signs of slowing down. Scammers are refining their techniques every day. Therefore, the best long standing defence against cybercrime is to make cyber safety a regular habit. This can be achieved with the support of families, caregivers and communities. Beyond the practical steps, spreading awareness and maintaining an open dialogue is equally important. Senior citizens should feel comfortable asking questions, sharing concerns and continue learning from experiences, be it theirs or of others. Reinforcement of safe online practices should become ingrained at the core of every society. When cybersecurity practices merge with everyday life, seniors gain both protection and confidence. Simple and steady digital safety practices that come with guidance and reassurance empower the seniors to enjoy the benefits of technology without fear.

Simply put, the habits that are adopted today will lay the foundation for a secure and safer digital tomorrow.

‍

References  

• https://bankingjournal.aba.com/2024/11/ftc-older-adults-lost-up-to-61-5b-to-fraud-in-2023/
• https://www.cert-in.org.in/PDF/CSH_Booklet.pdf
• https://infosecawareness.in/concept/cyber-security-tips-for-senior-citizens
• https://cybercrime.gov.in/UploadMedia/instructions_citizenreportingcyberfrauds.pdf
• https://www.ic3.gov/annualreport/reports/2023_ic3elderfraudreport.pdf
• https://www.arklegal.in/post/how-to-report-cyber-crime-in-india
• https://www.pib.gov.in/Pressreleaseshare.aspx?PRID=1814120
• https://cybercrime.gov.in/Webform/crmcondi.aspx
• https://www.justice.gov/archives/stopfraud-archive/elder-fraud-and-financial-exploitation
• https://www.ftc.gov/system/files/ftc_gov/pdf/federal-trade-commission-protecting-older-adults-report_102024.pdf
• https://www.unionbankofindia.bank.in/pdf/cyber-security-customer-awareness-guide-vol-v.pdf
• https://cdnbbsr.s3waas.gov.in/s371e09b16e21f7b6919bbfc43f6a5b2f0/uploads/2024/11/20241111752149945.pdf
• https://www.dsci.in/files/content/documents/2024/CSAM24-Infographic_Cyber-Safety-Essentials-for-Senior-Citizens-v1.pdf

‍

Data localisation refers to restrictions in the data flow by limiting the physical storage and processing of data within a given jurisdiction’s boundaries.  

An obvious benefit contributing to the importance of data localisation is the privacy benefits it offers. In addition to this, data localisation also has the potential to safeguard sensitive data and decrease the probability of cyber-attacks. In India, data localisation has become a key issue in the last decade due to the increase in the discourse for data privacy. 

The Legal Framework in India

India passed the Digital Personal Data Protection Act of 2023 which directs the data fiduciaries (collectors and processors of digital personal data) to store the data of Indian citizens within India. This push for data localisation aligns with India’s position to enhance privacy, national security and regulatory control. It further requires data fiduciaries to adhere to the principles of data minimisation, purposeful limitation and consent of the data principles. Further, Section 17 of the Act prohibits the transfer of sensitive personal data to foreign jurisdictions unless they meet satisfactory privacy protection standards. 

The Reserve Bank of India, via a circular for Payments Data Regulation in 2018, has mandated that all payment data be stored in India, though it can be processed abroad. It requires the telecom sector to ensure local storage and local processing of subscriber information. It further prohibits the transferring of subscribers’ account information overseas.

MeitY’s Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, emphasise data localisation, specifically when it involves government or critical data. The main idea behind this is that data related to Indian citizens or government activities should remain accessible to Indian law enforcement agencies and is not subject to external jurisdiction.

Common Misinformation about Data Localisation and its Impact

Misconceptions fuel misinformation and influence public perception and policy debates. A common misconception is that all data must be stored in India. It should be noted that non-critical and non-sensitive data are not subject to localisation, and can be cleared for cross-border transfers under specific circumstances.

Another misconception is that data localisation alone ensures complete security. A robust cybersecurity approach, infrastructure and capabilities are what guarantee security and this holds true regardless of the location of where the data is stored. 

The notion that small businesses and startups will suffer the most is untrue. While data localisation policies may lead to increased costs, they foster innovation in the domestic infrastructure and services. This potentially fuels development and innovation in these small businesses and startups. Claims that data localisation will stifle global business are unfounded. 

Proper regulations for data transfers can help balance data flows, enabling international trade while ensuring data sovereignty.

Real Impact of Data Localisation

Data localisation impacts several domains and has both positive and negative outcomes.

• It can be a driver for investment in local data centres and infrastructure, thereby inducing employment generation and boosting the domestic economy. And in contrast, the compliance costs may rise especially for MNCs that need to maintain multiple data storage systems. 
• It can expedite the growth of local technology ecosystems while encouraging innovation in cloud computing and data storage solutions. On the other hand, small businesses might face struggles to afford the required infrastructure updates and upgrades.
• Law enforcement agencies will be able to gain access to data more swiftly while avoiding lengthy processes such as the Mutual Legal Assistance Treaties (MLATs). However, it should be noted that storing data locally does not automatically ensure that they are immune from attacks and breaches.
• A balance between sovereignty and global partnerships is a challenge that emerges with data localisation. International Trade Relationships are vulnerable to data localisations where countries favour a free data flow. This can hamper foreign collaborations with companies that rely on global data systems.

CyberPeace Outlook

It is important to clear misinformation about data localisation, some strategies that can be undertaken are:

• Launching public awareness campaigns to educate the stakeholders about the real requirements and the benefits of data localisation. Misinformation about data restrictions and security guarantees should be tackled fairly quickly. 
• A balanced approach that promotes local economic development while at the same time allowing for the necessary cross-border data flows and creating a flexible and friendly business environment is important.
• India should work on international frameworks to streamline the process of data-sharing with other nations. This would protect national interests while making global cooperation easier.

Conclusion

Data localisation in India presents a valuable opportunity to enhance privacy, bolster national security, and stimulate economic growth through local infrastructure investment. Yet, addressing common misconceptions is crucial; the belief that all data must be stored domestically or that localisation alone ensures security is misleading. 

It’s vital to pair local data storage with robust cybersecurity measures and foster international cooperation. Supporting small businesses, which may face challenges due to localisation requirements, is equally important. By addressing misinformation, promoting flexible regulations, and working towards global data-sharing frameworks, India can effectively manage the complexities of data localisation, safeguarding national interests while encouraging innovation and economic development. 

References

• https://www.thehindu.com/sci-tech/technology/are-data-localisation-requirements-necessary-and-proportionate/article66131957.ece 
• https://carnegieendowment.org/research/2021/04/how-would-data-localization-benefit-india?lang=en
• https://www.rbi.org.in/commonperson/English/Scripts/FAQs.aspx?Id=2995
• https://www.meity.gov.in/writereaddata/files/Information%20Technology%20%28Intermediary%20Guidelines%20and%20Digital%20Media%20Ethics%20Code%29%20Rules%2C%202021%20%28updated%2006.04.2023%29-.pdf