How can your data be gathered on the Internet?

Your activities on the Web can be tracked and your data be gathered through different ways.

Examples:

• Cookies
• Device Fingerprinting
• Social Media Platforms
• ...

Cookies

One of the main methods to gather data is through the use of "Cookies". Cookies are created when a user visits a website. A cookie stores information about the user's preferences, behaviour and activities. Cookies are saved on the user's device.

Examples:

• If you visit an online shopping website and put something in your shopping cart, but then leave the website without clearing your cart, this website will remember your activities and your shopping cart through the cookies which it created during your last visit (assuming the cookie was not deleted by you and still exist on your device).
• When you log in to an account on a website and leave it without logging out, the website may remember through the cookie that you did not log out, and you would be automatically logged in when you revisit the website.

But why can this be a problem?

These cookies can also be created through an external website. This means that when you visit a website, and there are some advertisements which do not originally come from this site but instead from somewhere else, the advertisement's original website can also create a cookie and gather information about your activities. In short, different cookies can be created from different origins, but all with the purpose of collecting information about your behaviours and preferences, and to track your activities through the Internet.

Device Fingerprinting

Another method used for tracking is called device fingerprinting. This means that your device may be used as a unique identifier. Collected information will be assigned to your specific device but in combination with other tracking methods like cookies, this will also lead to a connection to your person.

Social Media Platforms

Finally, another great source where data is collected are social media platforms. Many users do not realise how much information about themselves they are publishing by using social media. Another problem is that many users do not know about existing privacy settings or do not adjust them on their social media accounts. In most cases, your profile will be public with all the available information if you do not restrict it though the privacy settings. Advertisers or data collection companies can scan through social media platforms to gather information about publicly accessible profiles. Not only advertisers may want to collect data about you, anyone can target you to gather specific information about your person for different purposes. Some of the risks which can apply to you will be explained soon but first we will talk about what personal information actually consists of.

What is personal data and which information does it consist of?

Personal data can be considered as any information which can be related to a person. This can include names, residential addresses, email addresses, IP addresses, location data, or identification numbers like social security numbers or government ID numbers. Personal information can also consist of health information, economic, genetic and biometric data (fingerprints, face or voice recognition data, etc.), information regarding racial and ethnic origin, religious beliefs or political opinions.

What are the risks when too much personal information is disclosed?

If too much of your personal information is gathered or leaked, it can harm you in different ways. One of the major problems which can happen to you as a user is identity theft. Identity theft can also often be linked to a financial loss. Your information can be used for false identification or to get access to your accounts such as online accounts, credit card and bank accounts, online payment or shopping accounts. It can also be used to open up new accounts under your name. Your data can also be used to get a loan, rent services or apartments or receive medical care under your identity. Another problem can be stalking, harassment or cyberbullying. Stalking can not only happen in the real world but also on the Internet. As we already mentioned tracking technologies, a user can leave a digital footprint on the Internet. A malicious person (a person with mean or evil intentions) can stalk users activities to gather specific data about them. Gathered information can be used as already mentioned for identity theft, but also for other acts like harassment, bullying or to embarrass the user by leaking sensitive information on social media platforms. Sharing such kind of information may show the target in a bad light and lead into emotional problems.

What are the risks when too much personal information is disclosed?

Please be mindful that your projects uploaded to our sharing website (https://share.catrob.at/) are publicly available for the whole community. Do not include sensitive information about yourself or any other person in your projects. Sometimes you may not be aware that you are sharing relatable information about your person. Personal information can not only be provided by text, but also through images and videos! Please be mindful about the contents of your images and videos included in your projects. Sharing images and videos including yourself or other relatable persons is not advised. For other examples for personal information, check the question above, some examples were already described.

What can you do to increase your privacy?

One of the main possibilities to increase your privacy is through informing yourself and gaining knowledge and awareness of data collection and tracking practices. Inform yourself, that alone will make you more cautious when sharing any information on the Web or on any social media platforms. But it is not only about knowledge and awareness. You can also actively increase your privacy. You can set up your browser to be stricter. This can be done by changing your browser settings to block more third-party (external) trackers and cookies which gather your data. There is also an option called "Do Not Track" (DNT). This option sends visited websites an additional request that you do not want to be tracked. Although this request may be ignored by websites, some of them will accept your wish. Also regularly clearing your cookies may help.

There are several browser extensions (or also called add-ons) which can be added to your browser to also increase your privacy. These extensions are known as Ad-Blockers or Tracker-Blockers. They will try to block most advertisements or trackers if possible and notify you about blocked entities.

Some examples are:

• AdBlock Plus - advertisement blocker
• uBlock Origin - advertisement blocker
• Disconnect - advertisement and tracker blocker
• Ghostery - advertisement and tracker blocker

Not just your browser has privacy settings to be more protective. Many applications or services provide users the possibility to adjust privacy settings and permissions. It is good practice to inform yourself about privacy settings and allowed permissions of your used devices, services or applications and change them in order to provide you more privacy. Another good practice is to read privacy policies to inform yourself about collected data and the purposes of collection when you use an app.

What is a privacy policy?

A privacy policy is a legal documentation that describes how an application or a service collects, uses, and shares the personal information of its users. It furthermore explains to the user what personal information is collected, the purpose for collecting it, how it is stored and protected, and how the users can access and control their personal information. A privacy policy serves to inform users about their rights. In the European Union, a privacy policy must agree with the General Data Protection Regulation (GDPR).

What is the General Data Protection Regulation (GDPR)?

The General Data Protection Regulation (GDPR) is a privacy law active in the European Union. Anyone collecting or processing data of EU citizens is required to update their privacy policies to comply with the GDPR. Companies have to be transparent about their data collection and processing activities and inform users with an easily accessible and understandable privacy policy. The GDPR establishes rights to provide users greater control over their personal data as well as to protect the privacy and personal data of users.

Some of the rights included in the GDPR are:

• The right to be informed about the collection and use of personal data.
• The right to access own personal data and to obtain information how this data is processed.
• The right to erasure also known as the right to be forgotten. This means that you have the right that your personal data is erased when it is not needed anymore.
• ...

Your rights as a user are mainly described under Chapter 3 (Article 12-23). If you want to read more about the GDPR, a link is provided down below.

Important Links

• Catrobat Community Rules: https://share.catrob.at/pocketcode/termsOfUse
• Catrobat Terms of Use and Service: https://developer.catrobat.org/terms_of_use_and_service
• Catrobat Privacy Policy: https://developer.catrobat.org/privacy_policy

Other Links

• General Data Protection Regulation (GDPR):  https://gdpr-info.eu/