TL;DR
- Do a quick check-up
- Ditch social media
- Activate password locks & tape over webcams
- Use a password manager
- Enable two-factor authentication
- Account-specific logins & passwords
- Install anti-tracking & malware plug-ins
- Use a VPN
- Sign up for credit & identity monitoring
- Use a “burner-card” service for purchases
- Freeze your credit
- Opt-out of people search websites
Why do people lock their doors and cabinets but fail to safeguard their data online? Awareness. Simply put, most Americans don’t understand they have a lot at stake when it comes to data privacy. There is a lack of familiarity on what constitutes sensitive personal data, how it is collected and (mis)used, and, most importantly, how to mitigate the risks of having one’s data privacy violated.
Before getting too far into this article, however, do a quick check-up on your own data privacy. The results will likely alarm you:
- Google your name using quotation marks (like “Michael Jordan”)
- Google your SSN, tax ID, passport number, and drivers license number
- Google your phone number, work cell number, and home address
- Search your name on Spokeo, USSearch, Intelius, and People Finder
- Take the Google phishing quiz
- Repeat steps 1-5 with your family
Startled? Don’t be. The sad reality is that there isn’t much legislation to protect you from the companies collecting your data.
The implication of this sad reality: it is on you to take charge of your personal data. The steps in this post will help, but are not exhaustive. It is also worth noting that these steps are not listed in order of importance, but in order of convenience. The first steps listed are immediately actionable. The final steps, though certainly do-able, will take a little bit of time and coordination.
1. Ditch Social Media
Richard Stallman has a great saying: “You don’t use Facebook; Facebook uses you.” Its absolutely true, and kind of scary when you think about it. How much information do we willingly upload to platforms whose business model is based on collecting data on their users and selling it to third parties? Social media platforms are massive, sophisticated surveillance engines and pose a great risk to most individuals.
Though outside the scope of this post, it is also worth looking into the worrisome literature on the effects of social media on mental health. While the verdict is still out, there is no shortage of articles on the correlation between social media and anxiety, depression, negative body image, and eating disorders.
2. Activate Password Locks & Tape Over Your Webcam
Activating device passwords and taping over webcams on your devices is a no-brainer. It also only takes a few seconds. If you haven’t already done this, do so now. (No, really… right now)
3. Use a Password Manager
Password managers (e.g. LastPass) are of the best ways to ensure you are using strong, unique passwords. They are also very convenience. Two things to consider when using a password manager:
Your password manager master-password should be incredibly strong. This is the password to rule them all, so make it a good one. Do not store the password from your password manager login email in the password manager itself.
Password managers only take a few minutes to set up, and the juice is well worth the squeeze. Having to only remember two passwords not only makes life easier, but it also enables the use of significantly stronger passwords.
4. Enable Two-Factor Authentication
Two factor authentication is the process of verifying a persons claimed identity through a combination of two different means. The most common application of two-factor authentication online is through the use of mobile phones. In laymen’s terms, this is when you have someone text you a pin after you enter a password to verify that it is indeed you who entered the password.
Two-factor authentication is one of the most straightforward and effective techniques for protecting your online accounts. When possible, use an authenticator app (e.g. Google authenticator). If not possible, however, using a SMS option (text message) still greatly improves your security.
5. Use Account-Specific Logins and Passwords for Each Account
If you don’t have a separate email account and password for each online account, all it takes is one breached account to ruin them all. Hackers can quickly leverage the daisy chain effect of linked accounts. The best way to prevent this is to compartmentalize your accounts by having a unique email address and password for every online account.
While this might sound like a daunting task, it is surprisingly easy to set up a structure for remembering each of these email addresses. You can always have emails forwarded to your actual email address, and your password manager will keep track of the passwords for you.
6. Install Anti-Tracking Software & Anti-Malware Plug-Ins
Most websites are replete with click-bait, ads, and tracking devices specifically built to collect your data. Usually this data is used for internal analysis, but often it is sold to third parties without your consent.
There are a number of anti-tracking (e.g. Ghostery) and anti-malware (e.g. Malwarebytes) plug-ins to research and choose from. Some browsers (e.g. Brave) even include privacy features as a part of the browsing experience. The ranking of each of these options is a topic for a separate post. The main point for now: research these plug-ins and use ones that are right for you.
7. Use a VPN
Virtual private networks (VPNs) mask your computer’s IP address, making them a great way to keep your browsing private and resilient towards surveillance. Like the aforementioned plug-ins, there are numerous inexpensive VPN options to choose from. Each could be the subject of a separate post. The point of this one: research VPN options and make a choice that is right for you.
8. Sign up for Credit & Identity Monitoring Services
Nearly all major banks offer useful credit monitoring services, usually for less than $10-$15 dollars per month. In addition to being great resources for improving your credit, these services also provide you notice for any attempts (failed or successful) to add to or change financial accounts in your name.
Identity monitoring services also provide notice for any attempts to alter your financial accounts. Many of these services also have features to search the darkweb for your data and let you know when your data has been compromised.
9. Use a “Burner-Card” Service for Major Online Purchases
In the last few years there has been a proliferation of online “burner-card” services (like privacy.com). These services give users the option to create a one-time use credit card to enter for online purchases. You can even add limits to these single use cards.
With such services available for free, there is basically no reason for entering your actual debit or credit card number into a website any longer. Though it takes a few extra minutes, generate a one time use card before online purchases. Doing so will protect you in the event of a data breach.
10. Freeze Your Credit
A credit freeze is one of the most effective ways to prevent financial identity theft. Credit freezes allow an individual to control how U.S. consumers reporting agencies (e.g. Equifax) are able to release their data. In effect, a credit freeze locks the data at the consume reporting agency until an individual gives permission to release it (by unfreezing the account).
11. Opt-out of Personal Data Search Websites
People search sites like USSearch and Intelius are one of the largest threats to your data privacy. It is remarkable that these sites are even legal. These sites operate by collecting info about you to generate packets of your data they freely sell to companies or individuals which receive little, if any, vetting.
You can contact these websites to opt-out of them collecting and selling your information, but be prepared for the run-around. They will put up administrative obstacles, but stay persistent until they remove your info. Remember: your data is at stake.