The paranoid's survival guide, part 1: How to protect your personal data
Privacy is under attack from all quarters, but even today, there are things you can do to protect your personal data. Here are some tips.
Computerworld - Who says privacy is dead? While it's true that marketers, the government, data aggregators and others are gathering and analyzing more data than ever about every individual, you can still exert some control over what's out there, who's tracking you and what they do with that information.
From the NSA's admission that it is capturing and analyzing metadata on every American to Facebook's appropriation of users' posts, likes and images for use in product advertising endorsements, privacy concerns are now top of mind. According to a December Harris Interactive survey commissioned by privacy consultancy Truste, 74% of Internet users are more worried about privacy now than they were a year ago. Some 74% also say they are less likely to enable location tracking on the Web, 83% are less likely to click on online ads and 80% say they are less likely to use apps they don't trust.
[Editor's note: Part 2 of this story covers privacy and mobile computing, email and social media. Part 3 explores offline tips. In this part, you can skip the rest of this introduction and go directly to the Tips sections.]
Computerworld asked nine people who live and breathe privacy what steps they recommend to get a handle on your personal data footprint -- both offline and online. Some steps are easy, while others require both time and expertise to set up.
The key, these experts say, is to know what your goals are and go for the low-hanging fruit first. "If your goal is perfection, you'll end up doing nothing. Look for good enough," says Jules Polonetsky, executive director of the Future of Privacy Forum.
There are three primary reasons why people want to reduce their footprint, Polonetsky says. One is to hide from marketers. Another is personal security. Some people have good reason to be cautious about their identity, including those worried about domestic violence or stalkers. That takes a bit more work.
But the most extreme measures are generally reserved for people who have reason to worry that they might be targeted by the NSA, or by law enforcement, or be the subject of civil proceedings. For the latter group, Polonetsky says, the required measures are more difficult to set up and use -- and the techniques may degrade the user's experience online. (See sidebar, "When you absolutely must remain anonymous.")
Fortunately, most people don't need to go to these extremes. "Complete privacy is very difficult and expensive to achieve. But reasonable privacy -- minimizing your footprint -- is easier to achieve than you might think," says Rob Shavell, co-founder and CEO at privacy software vendor Abine.
The information out there about you out falls into three basic categories, Shavell says:
- Data that's implicitly collected, such as the many services that track your browsing activity online
- Data that's explicitly collected, such as when you knowingly give out your email address and other data when signing up for a service online
- Publicly available information about you that can be harvested by data collectors online, such as your phone number and address, Twitter feed, Facebook profile and public posts, court and property deed records and so on
The first step toward minimizing your online footprint is to know who's tracking you. Tools like Disconnect and Mozilla's Lightbeam, which visually show who's tracking you as you visit different websites, can help, says Sid Stamm, senior engineering manager for security and privacy at Mozilla.
"The second thing is to figure out what the risks are that you're trying to protect yourself from," he says. Do you care who reads your Facebook updates? Or if someone you don't know can read your email? The more data you want to protect, the more work you'll need to do.
"The third layer is control, and that's the hard part," Stamm says. For example, if you want to hide all of your Internet traffic and your identity, you'll need to use Tor or a VPN all the time. Most people, however, just want a reasonable amount of privacy.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!