Privacy- Protecting Your Digital Footprint
What is Privacy?
There are many different definitions of “privacy.” We are going to focus on personal privacy, protecting the information about you that others collect. In today's digital world, you would be astounded at all the different entities that not only collect information about you, but who then legally share or sell that information. Each time you browse or purchase something online; stream a video; buy groceries; search the web; visit your doctor; or use an app on your smartphone, smart TV, or other home devices, information about you is being collected. This information can be used to sell you goods or services, decide your interest rates for loans, or determine the type of medical care you get or the jobs you are eligible for. Additionally, if this information falls into the wrong hands, it can be used by cyber attackers to target and attack you.
The goal of maintaining personal privacy is managing your digital footprint, i.e. - attempting to protect and limit what information is collected about you. Be aware that in today's digital world, it is almost impossible to eliminate your digital footprint or stop every organization from collecting information on you; we can only reduce it.
Steps You Can Take to Help Protect Your Privacy
There is no single step you can take to address all of your privacy concerns. Instead, you will need to take a variety of steps, with each step helping in a small way. The more steps you take, the more you can help protect your privacy.
- Limit what you post and share with others online, such as on public forums or on social media. This includes being careful of what pictures or selfies you share. Even on private forums or when you enable strong privacy options, assume whatever you post will become public at some point.
- Be aware that regardless of what privacy options you set, information about you is being collected, especially on free services, such as Facebook or WhatsApp. These services base their business model on collecting data on what you do and who you interact with. If you are truly concerned about your privacy, don’t use such free sites.
- Review mobile apps before downloading and installing them. Do they come from a trusted vendor? Have they been available for a long time? Do they have lots of positive comments? Check the permissions requirements. Does the mobile app really need to know your location or have access to your contacts? If you don’t feel comfortable, then choose a different app. Look for apps that promote privacy and give you privacy options. While you may have to pay more for an app that respects your privacy, it may be worth it.
- Consider using a Virtual Private Network (VPN) for your internet connections, especially when you’re using a public network, like free WiFi.
- When using a browser, set the privacy options to private or incognito to limit what information is shared, how cookies are used and stored, and protect your browsing history. Consider privacy extensions like Privacy Badger or privacy-focused browsers.
- Consider using anonymous search engines designed for privacy, such as DuckDuckGo or StartPage.
In many ways, privacy is something very hard for you to protect, as so much of your privacy depends on the privacy laws and requirements of the country you live in and the ethics of the companies you deal with. Although you can never truly protect all of your privacy in this technological age we live in, these steps will help limit the amount of information collected about you.
Kenton Smith is a well-respected cybersecurity consultant and advisor based in Calgary, Canada specializing in security program development, management, and assessment. He teaches classes from the SANS management curriculum and you'll find him on Twitter as @kentonsmith or, occasionally, at kentonsmith.net.
Find this newsletter online: https://www.sans.org/newsletters/ouch/privacy/