I hope everyone is well in this last full week of January. The semester has started, we’re adjusting to “all the things”, and moving forward. This week is Data Privacy Week, created by the same folks who support Cybersecurity Awareness Month in October of each year. This used to be just a single day in January, but the topic is growing rapidly both in criticality and scope. Every time we use the Internet, whether is via social media, shopping sites, content sites, or more important things like banking online or dealing with other financial tasks, information about us is gleaned by the sites we visit and even by sites we don’t. Limiting this information gathering is what this week is all about.
Much of the information in this article comes directly from the National Cybersecurity Alliance (NCA), the sponsor and organizer. Here is a fact that might blow your mind – by the year 2020, it was estimated that 1.7 megabytes of data was generated by every individual, worldwide, every second. If you remember old 3.5 inch “floppy” disks, this is more data than would fit on one of those. This includes information about what you like, where you are, how you behave, and other big and small bits of information about you. Everyone has probably had that feeling at one time or another that someone was looking over your shoulder. For example, you search for coffee makers or espresso/cappuccino machines just one time, and then you suddenly see ads for them start to pop up on the sites you visit, in the games you play, and in social media timelines. Spooky, right?
How do we consume all of the vast amount of information out there on the Internet and not have our information gobbled up by companies? The short answer is – we don’t. The use of social media, web search sites like Google, free email accounts, and any other free services means that your data is being assimilated. Your only choice is to attempt to limit how much data companies can slurp up about you. Unfortunately, it is extremely difficult (by design) to prevent this data accumulation, but here are some tips.
- First, just understand that this relationship exists. You get free services, the companies that offer them get your information to target you with ads. Over $300 billion is spent on Internet advertising each year, resulting in over $4 trillion of e-commerce sales each year as of 2021. This is why this relationship exists.
- Following up on that thought, consider carefully before allow services access to things like contact lists, geographic location, photo albums and other personal items. This may mean you have to find an alternative company to get that service or <gasp> PAY for a service to avoid handing over your information and digital assets. Just realize it is infinitely more difficult to revoke access to your information once you have granted permission to it. Legislatures have heard the anguished cries of Internet users and there are some laws that attempt to grant you a “right to be forgotten”, but it is still wildly difficult to accomplish.
- If you do decide to use a new app or service that requires you hand over some of your personal information, take a look at exactly what they want access to and make sure you find the privacy settings for the app or service and adjust them to your comfort level. Laws now compel companies to be more granular about permissions and privacy, but that doesn’t mean that they have to make it easy for you to protect your privacy.
- Focus on these settings to give yourself a little more privacy.
- Location/geolocation data – Is it imperative this app or service know where you are? If you are looking for a new place to eat using one of the many apps designed to do this, probably, but if the service is not related to where you are, the app probably doesn’t need to know.
- Contact lists – Does the app allow or require you to upload your contact lists? Is this relevant to the service it is providing? If not, most of your friends would probably appreciate you not sharing their contact information.
- Camera and Photos – Does the app allow you to share your photos and other media? If so, it just might need access to them, but if not, think twice about allowing access.
- The NCA has a page that explains how to find and manage privacy setting for popular apps and sites. It can be found here – https://staysafeonline.org/stay-safe-online/managing-your-privacy/manage-privacy-settings/
- Protecting your privacy means securing access to your accounts. It doesn’t do any good to protect yourself from the legitimate apps and services, but leave yourself open to cyber-criminals to simply steal your information. Protect your accounts by-
- Using long, unique passwords – Do not use the same password for multiple sites and use long, preferably complex passwords
- To accomplish the above task use a password manager. There are several different ones, for every budget, surfing style and platform. Check out the Quick Info page on password managers on this very site to find one that works for you.
- Use multi-factor (MFA) or two-factor (2FA) on every app and site that you can. Doing this has shown to block over 99% of automated attacks (according to Microsoft) against accounts. And yes, there is a Quick Info page about MFA/2FA on this site. Check it out if you want to know more.
In a recent report Cisco explained that while a large majority of people (86%) are concerned about their privacy and how much data is collected about them, a similar majority (76%) say that it is too hard to understand what is going on with how their data is being used. You can read the report about these percentages for more information. Following these tips will help you keep a closer watch on your privacy and your personal information.
For even more information about data privacy, check out this infographic containing seven end-user data privacy tips. More information about the last tip in the next article, out on Wednesday!