Benjamin Franklin once said: “Those who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety,” which helps capture the conundrum of data privacy in today’s digital society. It’s all about tradeoffs—and everyone needs to understand there are serious privacy risks when interacting online.
In recognition of international Data Privacy Day, below are five ways you can make informed privacy choices while taking immediate action to protect the sensitive information of you and your family.
#1: Research and map your data footprint
Imagine securing your digital life the same way you approach physical security. It’s vital that you lock your windows in order to keep a thief from successfully breaking in and stealing your valuables—not just the front door. The same defense strategy applies to the online world. You’re only as fortified as your weakest link.
As a first step to protecting your online privacy, I recommend conducting a digital audit to understand your (and your family’s) digital footprint across financial institutions, social networks, IoT devices, mobile applications, and online memberships/services. Understand where interactions are taking place and what content is being proactively provided (such as personal information and photos). Identifying your vulnerabilities is a critical first step in reducing potential exposure.
#2: Don’t shy away from a digital privacy conversation
Now that you’ve identified the digital ecosystem, if you are a parent or helping someone with their digital safety, it’s important to initiate the same privacy and security conversations you have about real life—only focus on online concerns. Make sure they understand that publishing things like photographs with their location, their birthday, their first car, and vacation plans on social networks can all be weaponized by online criminals. The same thing goes for more direct communication vehicles like email, direct messages (DMs), and online forums. Use the same level of caution as you would in real life.
It’s also important to feel comfortable having the digital privacy conversation with your extended network. Make sure family members and friends understand not to publish personal identifiable information such as birthdates and children’s photos, especially in places using their real name, like Facebook. Bad actors can easily access and leverage that content.
#3: Shield your web activities when you can
Use a Virtual Private Network (VPN) which disguises your IP address, which is basically your internet “fingerprint.” There’s no reason someone else needs to know who you are and where you’re going on the internet. As a secondary precaution, look into both privacy search engines and web browsers, and double check privacy settings. Web browsers and search history contain quite a bit of information about you including IP address, location, and search queries. This information is used to build “profiles” which are then sold to (best case) online retailers and marketing firms.
Lock down your personal information to reduce trackers, browser history storage, and personal data retention as much as possible. Investigate search engines such as Quant, DuckDuckGo, Searx, and Swisscows for added protection. On the web browser side, check out privacy-forward options like Brave and Firefox Focus. Finally, revisit privacy options across your social media profiles. The default settings are often quite revealing.
#4: Monitor your mobile devices and sign-up for the Do Not Call Registry
First and foremost, protect your phone number. Many of your most critical online accounts rely on a verification phone number to confirm your identity and initiate password modifications. Unfortunately cybercriminals can steal your phone number by “porting out” your number to a “new phone.” Known as SIM-jacking or SIM-swapping, be sure to confirm how to stop an unauthorized phone number transfer with your wireless carrier.
Beyond protecting your actual number, examine your mobile applications to delete those you don’t use, review the privacy policies, and also determine if the app in question actually needs access to the data it’s retrieving. For example, does a photo app really need access to your contacts? If you’re not using an app or you haven’t used it in the last month, delete it. You can always reinstall it later.
In addition, review your mobile phone’s general controls to determine which apps are using your location services and more. Only a limited number of apps need location services (Waze, for instance) and we continue to see third-party apps pose as one thing while allowing threat actors to steal personally identifiable information.
Finally, make sure your mobile numbers are registered with the Do Not Call Registry. That registration also applies to text messages, which can also serve as a vehicle for malicious SMS links. While most mobile phones have an ability to report spam text messages, you can also forward a questionable message to 7726.
#5: Protect Your Email Channel
Email is the number one way cybercriminals trick their victims—often with phishing emails that are designed to convince users to act. This includes clicking on malicious content so they can infect victims with data-stealing malware, ransomware, or compromise systems in the future. Everyone needs to be extremely vigilant when confirming the source of all emails. Typical giveaways that an email isn’t safe are unsolicited messages that urgently request a link be clicked, a password change, or transfer of money. Watch for misspelling, fraudulent display names, and fake sender email addresses. If the email looks suspicious, skip the link and type in the address of the actual page.
If you receive a suspected phishing email on your personal accounts, you can report it to the Anti-Phishing Working Group (APWG) at [email protected] Email providers like Gmail will also have options for reporting phishing.
Overall, data privacy will continue to be an extremely important topic as technology advances and our society continues to rely on online forms of communication. While trade-offs will be an ever-present reality, take the steps you can to protect both your privacy, as well as your family’s.