Even though we have long known that lawful data interception has been taking place, news of the US National Security Agency (NSA) mining data from leading internet companies has stirred strong reactions from users worldwide.
The revelations didn't come as a total surprise, it was more like confirmation that communications are being collected and intercepted, and, in real time, analysed and circulated by the US government.
All major US service providers, including Microsoft, Facebook, Google, Apple, Yahoo, Skype, YouTube and AOL, were allegedly mined by the NSA under the surveillance program called Prism.
Though the most intense debate has taken place in the US, the news has prompted concern about how much US authorities are monitoring or storing among Thai internet users.
Individuals, businesses and organisations are also concerned about whether they should store their sensitive data on cloud services overseas.
Here are some tips for keeping your data private, as suggested by an information security expert.
The first thing that Thai internet users should do is a self-assessment. Users need to know their own data.
If you use a free email account, such as Gmail, Hotmail or Yahoo, make sure that you're aware that the content could be under inspection. But also remember, if you send an email to a Gmail or Hotmail user then that mail is on Google's servers and is subject to the same surveillance risks as if you were using Gmail or Hotmail.
For Gmail users who secure your username and password with their two-step verification process, you have already given your phone number to Google. The two-step verification is a code that Google sends you via text on a mobile phone. So if you are serious about keeping your phone number secure, it's recommended to get another SIM.
In cases of business or organisational communications, it's better to use the company's or organisation's email account instead of free email.
Don't forget to use different passwords and PINs for different accounts and take extra care when using public computers to access your personal information.
Good antivirus, firewall and anti-spam software can protect your computer against viruses and spyware which can be used to obtain personal details. Smartphone users, however, overlook the importance of antivirus programs, in spite of the fact that smartphones can function the same as computers.
For smartphones or tablets, an app like TigerText allows text messages to be deleted from both the sender's and receiver's phone. They expire either after a set period of time or after the message has been read. The messages cannot be saved, copied or forwarded by recipients.
If you use a free email account for your business, you have to be very concerned about privacy because it contains your customers' information, especially if your customers are in the Middle East or countries that might be risky to America.
In the meantime, the expert suggests the Thai government should set up a public cloud service and develop high-quality network infrastructure to ensure users' privacy. So far, many state agencies have opted for Google services as they can be guaranteed for service-level agreement (SLA), whereas the cloud service offered by the Electronic Government Agency is rarely used because of concerns over security and reliability.
"The reason for the Prism program is that the US government needs to be one step ahead of the terrorists," said an information security source. "Today, Google owns fibre optic over half the globe, so they can view what's happening and where."
The final warning may seem banal but it is also timeless: Be careful.