Even if you’re reading this blog via private browsing mode on somebody else’s device while wearing your tinfoil hat, you have an online presence. And that means your information is out there.

by Chris Burns

We all have different ideas about online privacy. Some people don’t want any online presence, which is not an easy ask in this day and age. Others don’t seem to care what people know about them. You know the type, they share their most intimate secrets on Facebook and post photos of their pretty new bank card with a unicorn (and their bank details) on it. TMI, my friend. TMFI*.

Most of us are somewhere in between the two extremes, trying to create a level of privacy that we feel safe and comfortable with, without really understanding what we’re doing. We dip our toe into the privacy settings of our social media accounts, spending an hour or so trying to understand them and switching things off or on. Then we give up.

Have you tried to figure out your social media settings lately? It’s not easy.

Social media advertising settings – it’s a quagmire out there!

As an example, here are my advertising preferences on Facebook. You might think these settings mean I see no targeted advertising based on data from Facebook’s partners or other Facebook products and no-one can see my social actions on ads. That’s what it says.

So how come I see so many ads on Facebook that are obviously targeted?

Well, this might have something to do with it – a list of companies that have uploaded and shared a list containing my information. Information that I do my utmost to keep private, not just in social media privacy settings but everywhere I go online.

I don’t even know who most of these companies are.

Selecting ‘View details’ under the company on the right brings up this screen

So, this is a company that ‘obtained my information’. How? Where from? No way of knowing.

Apparently LiveRamp can allow other advertisers to advertise to a list based on their partnerships. How can it do that without my permission? What is LiveRamp anyway?

A quick google brings up this description of the company and what it does.

I am none the wiser.

Your information – it’s out there

Social media settings aside, it is very easy to inadvertently give away personal information online – especially when prompted to do so by an email, on social networking sites or on websites that request information they don’t necessarily need in order to do business with you.

How your private information can be compromised

  • Unencrypted email and most website interactions can be monitored, including by your employer and your ISP.
  • Via phishing – where an email prompts you to click on a link to a bogus website which will collect your private or financial information.
  • Using unsecured WiFi networks.
  • Not using secure websites when banking or making online payments.
  • Using weak passwords, using the same password for everything, not regularly changing passwords, not using passwords at all or revealing passwords to other people.
  • Staying logged in to a website or email account when the computer/smartphone/tablet is going to be used by somebody else.
  • Using cc instead of bcc when emailing a group of people, which means everyone in the group can see everyone else’s email address.

Ways to improve your online privacy

Check your social media privacy settings

Social media networks hold a lot of information about their members. You might be surprised how much of it is visible to anybody by default. Decide what information you want to share with complete strangers, with friends only or even just keep to yourself.

Use secure websites when shopping or banking online

Log out when you have finished your transaction, as closing the window may not automatically log you out of the site.

Don’t store private data on online services that are meant for sharing information

Google Docs isn’t the safest place to store a list of passwords and it’s not a great idea to keep scans of your passport or credit cards on Dropbox. Find somewhere safe to keep your data, where other people can’t get to it.

Keep your main email address and phone number private

Don’t share your email address and phone number with random people on social networks. Think about creating a separate email account and buying an additional SIM card to use for online shopping and use an anonymous webmail account for websites that demand an email address to register. Avoid using your work email for personal use.

Use messaging apps with end-to-end encryption

Most modern messaging apps use encryption but it’s often ‘encryption in transit’: messages are decrypted on the provider’s side and stored on its servers. This means your data could be at risk if the provider is hacked. Choose a messaging app that has end-to-end encryption (e.g. WhatsApp) so even the messaging service provider can’t see your conversations.

Use strong passwords

Use long (12 characters and more) passwords and use a different one for each service. Change your passwords regularly and never reveal them to other people.

Unless you’re Derren Brown, it’s unlikely you can memorise long, unique passwords for all the services you use, but a password manager allows you to memorise just one master password.

Review permissions for mobile apps and browser extensions

Mobile apps prompt you to give them permission to access your contacts or files, and to use the camera, microphone, location, etc. Some won’t work without these permissions but others use this information to profile you for marketing. Think about what permissions each app needs in order to function, and turn off the rest. The same goes for browser extensions.

Secure your phone and computer with passwords or pass codes

Use passwords or biometric authentication (fingerprint reading or face unlock) to lock your phone, tablet and computer. On mobile devices, use six-digit PINs or actual passwords rather than four digits and screen-lock patterns.

Stay private on WiFi networks

Avoid sending sensitive data such as logins, passwords and credit card data over public WiFi. If you connect to a public hotspot, use a secure VPN connection to encrypt your data and protect it from prying eyes.

*Too much flippin’ information

  • Our elearning modules, Data Protection: An Introduction to the GDPR and Preventing Cyber Attacks are designed to help people understand the law on private information and stay safe online.The modules are available to use right now, or we can customise them to suit your particular company or organisation if you wish.
    Email info@ashfordgs.com or call us on 01962 624268 to find out more.