There are numerous ways in which online information can be gathered. Some of these strategies focus on:
We want the benefits of using a service, so we may give permission to access our information. In reality, we are often responsible for our information getting into the public domain. We give away our privacy in exchange for use of social media services and other common applications and utilities (email, maps, search engines etc.).
In some cases, we may use a ‘suite’ of application services from one application provider. When we accept terms and condition of use, for example those of Google or Facebook, we grant permission to access and use our information as they see fit for providing us with ‘a better service’. This may mean they can track our location information, contacts, friends, interests etc.
Requesting information from us, while posing as a person who we may consider entitled to request such information. In an email, or message, pose as a representative of a retailer, bank or other institution and request confirmation of account numbers, passwords, PINs etc.
Web-browsers can have active code (Cookies that are active for a single session or persistent after a session, scripts etc.) that execute on your device. This code can track keystrokes, activity, interests and pass the information back to another device on the internet. In some cases the active content could even extract data from databases on your device (contacts, other files).
We are not always aware of how the applications we use actually work. We ‘trust’ application developers to be well intentioned and respectful of ourselves as users of their software. In particular, where we use free applications, we should reflect on why the applications are free. Are these application perhaps gathering information without our knowledge?