The three-part series I just finished up this week, the paranoid's survival guide to privacy, includes 32 different things privacy professionals say you can do to protect your privacy both online and off.
I haven't done most of them.
The problem is that protecting your privacy can be a lot of work. But the good news is that you probably don't have to do everything.
There are different reasons why people are concerned about privacy. In my case I'm not trying to take extreme measures to protect myself from a stalker, I don't have anything to hide from the law, and I figure there's not much I can do about domestic spying, outside of expressing my concerns to my legislators. If you're like me, your main worry is that you're giving away too much personal information to marketers. It's not that I think they're likely to do anything nefarious with it -- in most cases they use the information to clump groups of people (or cookie IDs) together based on interests and serve targeted advertising to those groups -- but the idea that someone is keeping track of everywhere I go online or recording where I've travelled with my smartphone feels a bit creepy nonetheless.
"Most of us don't want to hide. We just don't want intrusive marketing," says Jules Polonetsky, executive director and co-chair of the Future of Privacy Forum. So this week, as I begin a spring cleaning of my privacy posture, I'm looking for "good enough." And with that in mind, here are five things I'm doing right now.
- I am conducting an annual review of my privacy settings on Facebook, Google and other online services that I use. I don't allow Facebook to know my location or use my name to promote products in its social ads program to my friends, for example.
- I am using more discretion when posting online. My expectation is that everything I post is ultimately public information.
- I have expanded what I consider to be personally identifying information, and I am doing more to protect my personally identifying information. For example, I don't use real answers for challenge questions anymore -- too easily guessed. Instead I make up answers for each account and store them in a password management program. And rather than associating my personal email account with online services, I use secondary email accounts when a service requires an email address as a user account ID or for password reset purposes.
- I've opted out of direct mail and behavioral advertising. To opt out of behavioral advertising go to the Digital Advertising Alliance's Ad Choices site, which opts you out of behavioral tracking by Google and more than 100 other DAA member organizations in a single stroke. And to keep my mailboxes clean I also opted out of postal mail and email advertising through the Direct Marketing Association's DMA Choice site. Unless you mail in a form your choice expires after five years, so if you used the online site it's a good idea to check back periodically.
- Finally I'm deleting old accounts I no longer use -- along with the personal data each contains. For example, I don't use Myspace or Pbworks anymore. And I never did kill my Jaiku account while I still had the chance. When that business folded my personal information most likely became an asset thta could be sold off to pay the bills. Don't let that happen to you.
That's just a start, of course. I have a lot more to do.
To start your own spring cleaning of your privacy settings, first think about your needs and how much work you're willing to invest - and how much inconvenience you're willing to put up with (the most extreme measures an make surfing the web more cumbersome). Then read through the tips in the series and choose what's right for you.
What do you do to protect your privacy? Are there good tips we missed? I look forward to hearing your thoughts and ideas.
- The paranoid's survival guide, part 1: How to protect your personal data
- The paranoid's survival guide, part 2: Protect your privacy on social, mobile and more
- The paranoid's survival guide, part 3: Opting out, and how to protect your personal data offline