VPN firm lashes out against Big Tech to defend privacy with big pink pipe
A pink pipe of 2.5 meters high from which a thick green slime flows: it is certainly not a spectacle that we often see in our streets. Nevertheless, the eye-catching installation is how a VPN (virtual private network) company decided to welcome the ‘Big Five’ technology companies as they set up shop in Munich, during the grand opening of their brand new office on October 13, 2023.
“Your data is leaking. Protect your online data,” read Surfshark’s message as passersby stopped to take a selfie in front of the flashy tube. With its direct action, the provider wanted to draw attention to the growing need for individuals to take back control of their personal information shared online.
If Munich Business reported, a building located in the Neue Balan Campus district in the heart of the city, is now home to Meta, Apple, Google, Microsoft and Amazon – five of the five largest technology companies in the world. I spoke with Surfshark to find out more about what drove them to take action and what’s at stake.
The Surfshark protest in Munich
When asked about the idea behind the protest, Lina Survila (Surfshark’s PR team leader) told me that the installation was meant to represent Big Tech’s continued leaking of user data. “Through this powerful visual metaphor, our goal was to amplify the existing discourse around online privacy, compel individuals to exercise control over their personal data, and strengthen their online privacy defenses,” Survila explains.
The number of data breaches has increased dramatically in 2023, as the provider itself recorded 110.8 million hacked accounts in the second quarter of 2023, compared to 41.6 million in the first quarter of the year. These findings are made even worse when you consider that many organizations admit to covering up data breaches, making users even more vulnerable to abuse.
Surfshark, the only organization involved in the Munich protest, decided it was time to leave their agency and take to the streets to raise awareness about this growing problem. “We have taken it upon ourselves to highlight the critical issue of data privacy,” one Survila told me.
Nevertheless, the action managed to produce the desired result: captivating people’s attention, curiosity and concerns that led to a broader conversation. Surfshark posted the following video providing an insight into these concerns.
The provider of the popular virtual private network, founded in 2018, has long been an outspoken advocate against privacy violations.
Through its research center, Surfshark is prolific in monitoring and documenting the state of the Internet and digital rights around the world. The investigations include internet shutdowns, censorship and data breach trackers, which the team regularly keeps up to date.
“Surfshark is deeply committed to exposing and reporting data breaches, leaks and various critical data-driven issues. Additionally, we are already developing our next campaign to continuously raise awareness and highlight the critical privacy issues,” said Survila.
With the current data protection system continuing to fail users, Surfshark believes we should all take matters into our own hands to actively prevent a significant portion of data breaches. How? By using the correct security protocols and measures.
Aleksandr Valentij, Cybersecurity Lead at Surfhsark, suggests using two-factor authentication (2FA) wherever possible to prevent unauthorized access to sensitive accounts. He also recommends using passwords that are at least twelve characters long and contain capital letters, numbers and symbols. For daily browsing, a secure VPN is then recommended, as it spoofs your IP address and encrypts internet connections.
He also shares some tips for organizations looking to strengthen their cyber defenses. These include setting up a firewall and/or EDR/XDR (Endpoint/Extended Detection and Response) systems where possible to monitor traffic and detect suspicious behavior; Use SSL/TLS (Transport Layer Security) to encrypt all communications; implementing DDoS protection systems; regularly carrying out penetration tests; and investing resources in cybersecurity awareness training for employees.
For its part, the provider is committed to drawing attention to these matters by all available means. “We are on track to implement other visually stimulating campaigns that would raise awareness about the importance of online safety and reach a wider audience.”