Here are 10 ways you can improve your privacy if you’re concerned about others snooping on your social media profiles, advertisers tracking you online, those going through your trash, those interested in your conversations or whereabouts, and protecting your files/devices.
1. Get your social media under control
Limit the amount of information you share. We’ve seen people post everything from drivers licenses, credit/debit cards (front and back), bank account numbers, passwords, and other sensitive stuff that can directly lead to identity theft. We’ve also witnessed people share seemingly innocuous information that can add up to something more sensitive that would eventually lead to identity theft, phishing attacks, SIM swap attacks, or flat out physical theft (don’t post when you’re away from home, where you are, and when you’re coming back).
For the business owners, our external risk and threat assessments have uncovered sensitive internal documents out in the open on social media that, depending on the industry such as healthcare, come with heavy fines. We love pictures of unattended desks with monitors open for the world to see and sensitive documents on desks. This has helped us map out our clients’ I.T. infrastructure, to discovering employees intentionally leaking internal documents. We even wrote about how social media undermines your organization’s security.
Whatever social media platform you use, take advantage of all the privacy settings they offer to limit who can see your stuff.
2. Your web browser(s) need a privacy boost
When using a web browser, the following plugins/add-ons/extensions can help reduce the ability for third party advertisers and trackers from collecting data on you in order to sell it to interested buyers. To note, adblockers and various platforms that sell ads are in a constant game of cat and mouse. Adblocking extensions are great, but some digital platforms may find ways to bypass their effectiveness. With that being said, look for these extensions in your browsers’ web store:
- uBlock Origin (By Raymond Hill). This plugin is an adblocker.
- HTTPS Everywhere (eff.org. aka EFF, aka The Electronic Frontier Foundation). This plugin attempts to force a secure web connection between your device and a website you’re visiting if such a connection doesn’t exist.
- Disconnect (By Disconnect), DuckDuckGo Privacy Essentials(By DuckDuckGo, or EFF’s Privacy Badger(By EFF technologists). These plugins do their best to block third part trackers from collecting your data as you browse. The feature set may be different for each of these extensions, but they set out to accomplish the same goal.
The plugins mentioned here are great for personal and business use.
In general, always remember to vet any software you install on your devices, including browser plugins. Bad actors like to make similar named applications that are malicious, so do your due diligence.
3. Your trash may be valuable to someone else
Shred paper documents, expired IDs, expired credit/debit cards, and CDs/DVDs(if you still use them to store data). Invest in a cross-cut shredder, which shreds things into tiny pieces, which makes it difficult for someone to piece together.
4. Disable geolocation/geotagging on your devices, applications, and web browsers
If you are in a situation where you don’t want someone to know where you are, or attempt to avoid companies/data brokers from collecting your location, disable these features ASAP.
5. Ditch Google as your search engine of choice
Google tracks your search terms in order to advertise to you. There are alternatives such as DuckDuckGo and Qwant.
6. People search engines are a privacy suck
Remove what information you can from people search engines like Spokeo, Pipl, TruePeopleSearch, and dozens more. The accuracy of data they collect about you varies from platform to platform, but they typically include your name, current and previous addresses, phone number(s), people associated with you and more. These platforms collect your data from various publicly available sources and/or they may purchase marketing/leads lists from data brokers to get information about you. Some of these sites make it easy to remove this information, some make you jump through several hoops, and some take it even further by what amounts to extorting you to get your information removed. And a heads up about these sites, new people search engines pop up frequently, so it’s a never ending game of whack-a-mole. On top of that, if you do get your data successfully removed, it can get back onto these sites if you experience a major life event such as moving, getting married, getting divorced, or getting a new job. We’ve also seen people search engines housed physically in the EU, which may be challenging to get your information removed if you’re a non-EU citizen.
To get you started on removing things visit https://www.techlicious.com/tip/remove-yourself-spokeo-intelius-peoplesmart-mylife/
7. Use encrypted messaging apps
If you need to securely communicate with someone encrypted messaging apps offer various functions like encrypted text messages, which you can typically set a destruction date. These apps may also offer encrypted phone calls and encrypted video chat. When selecting one, you want to make sure they’ve had as few security vulnerabilities as possible made public, that the app has opened it’s source code to scrutiny by the public (closed source encryption algorithms make it difficult for users to trust) and the company that makes the app collects little data, if any at all.
8. Encrypt your files and devices
While we’re on the topic of encryption, encrypting your files (this also includes your backups) will help prevent someone from being able to access and read the contents should your workstation, tablet, or phone get lost, stolen, or compromised.
For laptops/desktops, depending on the operating system, you have:
- Bitlocker for Microsoft Windows (Requires Pro, or Enterprise, or Pro Education/SE, or Education editions of Windows [Source: https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/#windows-edition-and-licensing-requirements)
- FileVault for Apple
- dm_crypt for Linux
For mobile devices, check your settings, typically under security, for encryption.
9. A.I./Generative A.I. Privacy
A.I. is still having it’s moment. From OpenAI’s ChatGPT, Google Bard, Dalle3, MidJourney, and Stable Diffusion, these tools are helping people create things in a way we weren’t really able to even 5 years ago. We’ve talked about some of the security risks here and feel it’s time to talk about privacy with these tools:
Avoid entering sensitive information in A.I. chatbots. Whether it’s tax, health, financial, or client data, if you enter it, some of these companies’ privacy policies state that what you enter will be used by them to train their A.I. models. A.I. tools are notorious for sucking up data on social media and other websites. The poster child for this was ClearviewAI, but OpenAI is facing lawsuits allegedly for scaping data from websites that may put people’s privacy at risk making them a formidable contender in this regard. [Source: Washington Post of if greeted with a paywall, the archived version https://archive.ph/rJ5fp ]
Take advantage of any/all privacy settings for the A.I. tools that you use.
Businesses should consider implementing acceptable use policies for using A.I. to help limit sensitive/confidential, and internal information being entered into tools like ChatGPT.
Privacy Policies will and Terms Services are important legal documents that you must read prior to using a website/service/app.
They will tell you how your data is being collected, stored, and shared. They also outline what rights you are granted and what your limitations are.
This is just the tip of the iceberg as far as things you can do to reclaim some control of your privacy. I hope these 10 ways to improve your privacy were helpful.
What did we miss? What privacy tips or tools do you use? Let us know in the contact form below.
While you’re here, also sign up for our cybersecurity and research newsletter to stay up to speed with things. Here is the link https://bsquaredintel.com/newsletter-signup/