Privacy is vital to the vast majority of individuals. Very few people would prefer less privacy to more, but people continue to grant access to their personal information. In many cases, this occurs because people do not understand the privacy agreement and are unaware of the tools available to help them minimize their digital footprint. This blog describes the precautionary steps to be taken and tools required to protect your personal information online. The GDPR has language that would make privacy agreements more comfortable to understand. But, the consumers also need to know the practices and tools that will reduce the risk of their personal information being misused.
The Federal Trade Commission (FTC) recommends the following steps. First, the FTC recommends that consumers be alert to impersonators. If you receive an email requesting personal information from any of the below entities:
i) a company whose service you do not use,
ii) an email address you do not recognize,
iii) requesting information for a purpose that seems peculiar.
Be wary of these tactics which impersonators employ to steal personal information. If you want to check the legitimacy of a strange email, do your due diligence before complying with the request. One of the safe ways to check for legitimacy is to call the company. If something seems fishy, there's a good chance your intuition is right.
Similarly, be cautious of phishing emails. Do not click on links or download files sent by strangers. Something as simple as clicking a link can grant malware access to the personal information stored on your computer.
Avoid visiting sketchy websites or signing up for accounts on sites you do not know and trust. Websites will often prompt users to sign up for an account to "improve user experience." Signing up for an account on a website you frequently visit and trust is not harmful in itself, but if the site prompts you for information, your intuition tells you it should not need (i.e., home address, credit card information, Social Security Number) this should raise alarm bells. If a website or person does ask you for something like your SSN, first ask them if there is an alternative id that you could give them instead, and they should also be able to answer questions like "why do you need my SSN?", "what are you going to use my SSN for?" and "how will you protect my SSN?". For a complete list of steps, you can take to protect yourself on and off-line, visit the FTC's article.
It can be challenging to know the legitimacy of a website or email. Luckily, there are software's which you can download to help you identify sketchy websites, emails that originated outside your domain, and bugs already embedded in your software. It can be found with a simple Google search, but ensure that whichever protection software you choose is well-reviewed and trusted by experts and other users. A Virtual Private Network (VPN), is another useful tool to use to protect yourself online. A VPN is a tool that encrypts your data by making it look like your IP address is somewhere that it is not. A VPN usually marginally reduces the speed at which your computer operates, but it is well worth the mitigated risk that it provides.