How proactive are you when it comes to your privacy?
It’s an interesting question, because it very much depends on the context you’re asking about. You probably do draw your curtains, especially if you’re getting out of the shower, because we’re all rather trained to understand and respect the concept of privacy then.
What about online, though?
The online world that we all spend some time in every day, whether we like it or not, is one where we’re all still learning the rules of privacy online. If research undertaken by Trend Micro is any indication, we’re slow and rather stupid learners who make many of the same basic mistakes over and over again. Their research suggests that up to 41 per cent of Australians don’t use a password or passcode to protect mobile devices at all, while 61 per cent of us simply use browser based password security features to remember our lists of passwords.
So what’s so wrong with either position? On the mobile device privacy front, while it’s a very simple thing for you to swipe at your smartphone screen to unlock it, the same is true for anyone who finds or steals your smartphone. That’s not just a worry for your photos and such created content, but also the fact that many smartphone apps that tie into specific services offer to save password and login information; so there, for example, goes your Facebook login and all the identifying information that creates your online personality as well. Given many of us happily give Facebook our birth dates so that friends can wish us a happy birthday, that’s an easy route to answer the kinds of questions that banks tend to ask to verify your identity when you phone them up.
On the browser-saving-passwords front, there’s two primary issues. Firstly, a single bank of passwords in a browser is a very obvious and rather well understood vector for attack, because while you may use any of around half a dozen commonly used browsers, that’s only six or so attacks that a miscreant needs to hit you with in order to potentially harvest all your passwords. We’re also apparently still pretty sloppy when it comes to actual password creation, with Trend Micro’s research suggesting that on average we use around five passwords to secure 26 accounts. That’s an obvious problem, rather like having one key for five doors. Lose the key, or in this case the password, and many of the supposedly private aspects of our online life would be open for anyone to see.
So what should you do to protect your privacy online? Here’s five simple steps to take:
- Use unique passwords for every online service. That way, even if a password breach occurs beyond your control, your privacy won’t be compromised elsewhere.
- Use a password manager to store your passwords behind one single, strong password that you can remember. That way, you can have strong complex passwords for all your services, but you don’t have to remember as many
- Think before you click. Is that Facebook quiz harvesting your personal information in return for telling you which Star Trek character you are really worth it? Is Woolworths really giving you a $1,000 shopping voucher? (hint: NO). Most privacy invasion scams work on basic greed or fear of missing out.
- Consider the use of VPN services, especially while travelling, to keep your online sessions secure — this is especially true if you’re not using a computer, tablet or smartphone you own.
- Remember that once it’s online, it’s out of your control, whether it’s a “funny” picture or your date of birth. That could mean data that vanishes quickly, or information that spreads worldwide with no chance of recall.