Every year, data breach statistics reach new record highs, but even the massive data breaches that make headlines are the tip of the online privacy iceberg. That's because marketing companies collect many intimate details about our daily lives. Online privacy laws are in their infancy, and even where privacy laws exist, some companies still use our data inappropriately.
But for ordinary internet users, it's clear that good cyber security enhances privacy and helps maintain good security. You can improve your online privacy and cyber safety without spending too much time on the process.
Take these easy steps to make accessing your private information more difficult for bad actors.
1. Take a trip down memory lane to assess your exposure
Do you still use the same apps and visit the same websites as you did ten years ago? Can you remember when you had a MySpace account or (cringe!) played FarmVille? If you've been using the internet for a while, you may be surprised by your past online behavior. In our younger, more naive days, we freely shared private and personal information online without care.
But what's happened to the websites and apps you used to frequent? What did those companies do with your data? Could they have been breached since you stopped using them?
Use "Have I Been Pwned" to check for older data breaches. Try to retrace your movements and visit possible data sources such as old gaming accounts. Delete profiles or replace profile information with nonsense data where possible because the less personal information you share, the fewer details scammers and fraudsters can use against you.
2. Get a VPN Connection
Start using a VPN (Virtual Private Network). It's a software tool that encrypts browsing data to make it indecipherable to hackers and other third parties. Always use a VPN to hide your IP address and your location. This is especially important when using public Wi-Fi networks. Public Wi-Fi are often unsecured, which means they are prime targets for people with malicious intent. Using a VPN connection, you can protect the information you share while working at a cafe, hotel, or other public space.
3. Tighten privacy settings on your social media accounts
We are usually cautious about sharing work documents and information. Why not apply the same caution to social media accounts? Be wary of fads: Tagging people in photos was a tactic used by Facebook to develop their facial recognition technology for free. Be aware of similar tactics, such as automatic geotagging, which allows companies to pinpoint your physical location. Photos contain metadata tags, such as time, place, geolocation, and device used. It's better to remove this information before uploading photos to the internet. Check if your social media platform automatically strips metadata from the photos you upload. If they don't, take a minute to learn the basic steps.
4. Decline data sharing between apps and services
Many apps allow you to connect with your Gmail or Facebook accounts, but they've interpreted this action as consent for both parties to share almost unlimited data about you. Since each party has separate data agreements with several other parties, it becomes impossible to tell who shares with whom. It's better to use a private email address for each service and decline pop-ups that ask if you want to share data.
5. Set up a decoy email address and phone number
Have some fun - why not create a little disinformation campaign? You can get an extra SIM card with a throwaway phone number and create a new email address for random or non-essential accounts or transactions. Use these details as a decoy, so instead of using your main or "real" email address and phone number when signing up for a website, use the throwaway email address for services, online stores, or social networks. This will reduce spam in your main email inbox and decrease the number of robocalls on your phone.
6. Use a privacy-focused browser
Browsers interact with websites while you're surfing the internet. Each website queries your browser to find out who you are and, in exchange, provides your browser with the information you requested.
The less your browser reveals about you, the better. Use a browser that doesn't know everything about you in the first place. Surfing the internet while logged into your Google or Microsoft Edge account is like wearing a giant banner announcing all your habits and private information wherever you go.
Use different browsers for different purposes, such as shopping or social media.
Change the privacy settings on your browser. If you're using Microsoft Edge or Google Chrome, take some time to turn off ad customization, limit the information they're allowed to use about you, and minimize detailed data collection.
Decline cookies on websites whenever possible and set your browser to disable cross-app tracking. As an additional measure, use the tracker blocker feature of a privacy-preserving VPN to filter out the worst offenders.
Clear your browser cache frequently to remove all the trackers and cookies that accumulate even when you say no to cookie tracking.
7. Delete unnecessary apps and browser extensions
Shopping or auto-coupon browser extensions and your browser's autofill or synchronization functions can reveal login information to potential hackers. While these features save you time and money, every time you use them, you add more details to your autofill profile (e.g., your address and credit card information). Hackers can easily intercept this information, especially when using public Wi-Fi facilities.
It's better to re-type this information every time you need it or to use a reputable password manager that encrypts sensitive information when not in use.
8. Pick apps based on their business models
Developing and launching a mobile app is expensive, so consider how the company will recoup its costs. If it's unclear and there is no discernible product, you may be the product! Many "free" apps make money by logging your activities and selling that information to data brokers and advertisers. Since most people neglect to remove unnecessary apps after losing interest, these apps may continue to collect your private information.
Review the permission levels of all the apps you want to keep. Ask yourself why a weather or timetable app would need access to your photographs, emails, or documents. Should you allow them to read your correspondence, or could this be a form of spyware in disguise? Schedule a monthly clean-up session to review and delete unnecessary apps from your devices.
9. Apply basic digital security hygiene
Most identity theft or hacking victims do not know how, when, or by whom their personally identifiable information was stolen. Take care by always following these basic steps:
Download apps from reputable sources, such as official app stores.
Don't ignore software or operating system updates.
Be naturally cautious. Ask yourself why you should provide certain information to certain apps or services.
Beware of phishing attempts.
Unfortunately, we all use numerous apps and online accounts, and it's impossible to memorize complicated passwords for each one. A good password manager can help you generate and manage secure passwords for all your accounts.
Implement two-factor authentication (2FA)
Guard your Wi-Fi password because the router handles sensitive information. It's better to change it regularly, especially if you've allowed guests to use your Wi-Fi.
Monitor your sensitive information with identity theft protection.
Don't even think about using the free Wi-Fi at the airport without a VPN! Hackers employ innocents to move around with 'grabber' software to vacuum up passwords and other sensitive information while you stop to send that quick last email before boarding.
Minimize Information Sharing Online
Remember that everything you type or click counts as a data point that can be used against you by hackers and scammers or data-hungry advertising companies that buy access to your likes and preferences. Block those trackers, hide your IP address, and pause before you click or share!
