These are tumultuous times out in cyberspace, from the massive data breach at Equifax last year that compromised the personal data of 148 million people to the recent revelations that private information about millions of Facebook users ended up in the hands of a political data firm seeking to influence voter behavior. In the wake of those incidents and others, more and more users of social media doubt their ability to protect their personal information online. According to a survey by the Pew Research Center, only nine percent of respondents are “very confident” that the safeguards on social media sites are adequate to protect their privacy.
In recent years state and federal lawmakers have sought to broaden and toughen laws designed to protect consumers and their personal information. California’s Shine the Light Law, which requires businesses to disclose to consumers how they’re using personal data, is one of the most comprehensive efforts of its kind in the country. Starting in September 2018, Colorado will require employers to take additional measures to safeguard their workers’ personal data, thanks to House Bill 18-1128, which also demands prompt notification of any security breach.
But legislation on this issue, like many others, is only as good as the enforcement capabilities. Much of the anguish over identity theft and related data violations can be traced back to ways we’ve left ourselves vulnerable to attack online, either by not adequately protecting critical information (such as credit card and Social Security numbers) or falling for online scams. Social media use, in particular, has plenty of pitfalls for the careless. Here are a few suggestions on how to make your adventures online less precarious.
How to Protect Your Privacy Online
• Beef up your passwords. Most of us loathe keeping track of complicated passwords and regularly changing them, so we end up using the same obvious phrases or number sequences (“1234”), with minor variations at best, across multiple platforms. The result is that any given account is easy to hack, and that provides the key for hacking into a lot of your other accounts. Password management software can help you keep track of more complex passwords, but it turns out that experts disagree about how elaborate the password needs to be. For most purposes, the basic principles are enough: Longer is better, come up with combinations of letters and numbers or symbols that are meaningful to you (but not obvious possibilities to hackers, such as your date of birth), and don’t use the same password on more than one account.
• Pare down your profiles. Think about how you use social media and how much personal information you really need to disclose on Facebook, LinkedIn, or similar platforms. Do you need to post your age or engage in birthday notifications, which can provide identity thieves with valuable information, such as your date and place of birth? Do you need to make your entire resume widely available, which can then become a tool for social engineering attacks? Keep it bare-bones, if possible. Loose lips sink ships, and TMI can end up sharing your data with the wrong crowd.
• Fine tune your privacy settings. When you post something online, do you have a clear idea of who’s reading it? Many Facebook and Twitter users don’t realize that, unless they adjust their privacy settings properly, they may be sending a so-called private message out to “friends” and followers they don’t even know.
• Lock up your phone and laptop. It’s never a good idea to leave expensive hardware unattended, but the theft can have more far-reaching consequences if you left your data — including financial information — open to inspection. Using system password or fingerprint-ID functions to keep prying eyes from your personal data involves an extra step, but in many cases, it’s well worth taking.
• No phishing. Most of us have learned, through bitter experience, not to click on email attachments or links sent to us by people we don’t know. But phishing scams have become more sophisticated, too; beware of ads and videos popping up on social media that can take you down the rabbit hole. Your best defense should include reliable virus and malware detection programs and a healthy skepticism of material coming your way from sources that might seem sort of familiar but really aren’t. And, of course, never provide any password by email to anyone.
• Don’t overshare. Once it gets on the Internet, nothing that you disclose is truly private. The casual revelations you’re making to your vast social media audience are also grist for marketers, scammers, scam marketers, and criminals. Think twice about divulging your location to sites that don’t need it, and delay posting photos of your latest ocean cruise until you get home; the “real-time” fun of instant posting can also alert burglars to your conspicuous absence. Most of all, exercise caution about the online trail you leave that can provide an opening for financial scams and identity theft.
If you have suffered damages as a result of data breaches, unfair business practices, or corporate misconduct, the class-action and consumer protection lawyers at FDAzar may be able to help. Speak with a member of our today or contact us here. The consultation is free.