Take Back Your Privacy
Privacy is not about hiding wrongs. Privacy is power over your own information.
Your Privacy At Risk
Your privacy is at risk like it has never been before, yet most folks think that only guilty criminals need be concerned. They are wrong!
You need to take back your privacy.
Fight For Privacy
Much like we lock doors and close curtains to retain our physical privacy, we can learn how to restore our virtual privacy.
Start by learning to protect and restore your privacy. Demand accountability.
Organisations can no longer assume that any personal information given to them can be exploited in any way they see fit. — Elliot Rose
Avoid Giving Information Away
Take these steps to avoid giving away unnecessary information:
- Choose your browser to provide optimum privacy.
- Turn on Do Not Track in your browser and insist that it be honoured.
- Use encrypted (HTTPS) sites wherever possible.
- Use privacy plugins like Ghostery or Privacy Badger.
- Be aware of the risks posed by virtual assistants.
- Use a VPN service or TOR to protect your privacy.
- Use BCC when sending emails to more than one person (i.e. group emails).
- Replace Google services with privacy-friendly alternatives.
- Get an iPhone, ditch the Android.
Social media is a very important aspect of privacy because so much personal information is collected including facial recognition software, comparative and linked data (such as the "Like" button).
Are You Sharing Too Much?
Are you careful about what you're sharing in public forums?
Though the internet and social media have been used by the public for decades, the concept of privacy still lacks a modern application to the online world. Digital privacy, therefore, is still very much a legal frontier. — University of Dayton's School of Law
Protect Third-party Information
You need to protect third-party information in your possession.
Don't reveal private information about individuals (email addresses, phone numbers and birthdays) while emailing or posting on social media.
Become informed about issues around privacy.
Take the Mozilla privacy survey to see how well you are improving your privacy awareness help with changing your habits.
Who to Trust?
OpenMedia works to keep the Internet open, affordable, and surveillance-free. We create community-driven campaigns to engage, educate, and empower people to safeguard the Internet. — OpenMedia
The University of Dayton School of Law has an excellent overview of online privacy in their article, How much privacy do you have online? Their recommendations:
- Know what to look for in the Terms and Conditions.
- Clear out cookies and fully close a browser after every session.
- Take advantage of customizable settings.
- Use digital tools to better understand consumer rights.
Teach Your Children
Children's privacy has been seriously threatened. Besides making changes, we need to talk to our children in terms that they can understand.
Be Discrete in Providing Personal Information
Everyone is collecting personal data when they ask you to fill out a form — whether on paper or online.
While everyone is diligent in collecting this information, they are less careful in protecting that information — particularly if an opportunity to profit comes along.
You should be very selective in providing information.
Is It Necessary?
Once you provide anyone with information, it is no longer in your control.
- Does this site need this information to provide what I asked for?
- How will they use that information?
- Will they share (sell) that information with others?
- How will they protect my personal information?
- If they fail to protect it, what are the consequences for me? For them?
Will They Share With Others?
You have to assume that your information will be shared if it is profitable or if they are shown a government warrant.
How Will They Use That Information?
When ordering a product, the company may need your shipping address and payment information, but you have choices that are more private.
When you use a credit card, they often need your address to process online payments, even if it isn't being delivered physically.
Apple Pay doesn't provide your credit information to vendors. PayPal is another option.
Decline Email Receipts
Decline the option to get an emailed receipt when you're asked by a store clerk.
If you're buying online, you should be able to print off a receipt rather than having one emailed.
Who Needs Your Birth Date?
Depending upon the product or service, some sites may need to know your age.
They don't need to know your birth date, only if you're old enough. However the birth date is much more valuable to their marketing department.
Government services and those that are provide government benefits may need to know your age.
Big Tech on a Buying Spree
Big tech has been on a buying spree. While they're acquiring technology, they're also adding to their ability to profile their site visitors.
Monopoly is made by acquisition — Google buying AdMob and DoubleClick, Facebook buying Instagram and WhatsApp, Amazon buying, to name just a few, Audible, Twitch, Zappos and Alexa.
— NY Times
The new company may not honour promises made by the previous owners.
Will They Protect Your Information?
Most companies spend much more protecting their own information than protecting yours. Governments don't enforce protection or require significant penalties.
Have you noticed that most security breaches only affect consumer data, not corporate data. After all, your data didn't cost them anything to acquire.
Log-ins with Your Facebook or Google ID
Using single sign-on options (e.g. signing in with your Facebook or Google account) may be convenient, but creates a single point of failure.
While sites are not provided with your Facebook or Google password, they can obtain access to information that allows them to improve their profile of you.
Logging in to a website using a service such as Facebook or Google allows the website to make a request for data about you.
Linking two or more sites allows companies to collect more data, building an increasingly rounded profile about you.
Allowing one account to have access to others means that if the least secure account is hacked, the rest could also be compromised.
— Natasha Stokes
If you generate a unique password for that site using a password manager like LastPass the site obtains only your name, email and what you provide to them.
Privacy policies change for a number of reasons including purchase of the company or a new business plan.
Tech companies spend millions of dollars to learn how to fully engage their viewers. These include techniques like
- the suggestions on the side of YouTube and news feeds;
- the notifications from Facebook and other social media sites; and
- the use of instant-on videos on websites to add sound and video to draw you in.
A simple check on what you're friends or family are doing can turn into a three-hour Facebook bing. Playing a game for a “five-minute break” and suddenly an hour has gone by.
We need to restore balance to our lives by reducing our exposure to these techniques. While profitable to the corporate bottom line, they are increasingly making us feel more isolated.
I urge you to take the initiative to restore your privacy.
- Use a browser that protects your privacy like Mozilla Firefox
- Use privacy extensions in your browser.
- Remove tracking cookies and control the startup of applications using CCleaner or Windows 10's settings.
- Take care when posting on social media, especially Facebook.
- Delete accounts you're no longer actively using.
- Frequently check privacy settings on apps and services you use.
- Use search engines that protect your privacy.
- Create a unique password for every site (don't use your Facebook or Google account).
- Use LastPass to generate secure passwords and them securely.
- Firefox Send provides a secure and private alternative to other file sharing methods.
Consider using alternatives to Google to protect your privacy:
Start Using Privacy Tools
Start using effective privacy tools and be sure to use only software that is safe to use.
Take Back Your Phone
Take control of your phone. Don't let your apps control your phone use, change settings to remove the distractions.
Try these simple changes to live more intentionally with your devices right now.
- iOS 12 includes a Screen Time tool (swipe right to see it) that allows you to control activity.
- Edit what appears on your screen. Do you really need real-time weather, news, stocks, etc.? Do you need all those apps?
Start using effective privacy tools and be sure that you're not installing software that is unsafe to use.
For Website Owners
Website owners should begin to use technologies that secure their sites and make them safer to use.
Avoid invasive (a.k.a. sleazy) techniques. These place your site visitors at risk and your site's security.
Pledge to add SSL, HSTS & PFS protection this year; it matters! Already rocking SSL & HSTS? Consider approaches to end-to-end crypto.
For Mobile App Developers
Too many apps collect information they don't need (often surreptitiously) then selling it. Not only should these apps be banned, but so should the developers that released them.
Some developers released their app without securing it properly Those developers' products should not be in the app store.
Technologies like SSL and proper certification pinning should be mandatory. End-to-end encryption makes messaging much safer and your app a worthwhile download.
If you serve ads on your free apps, you need to ensure that ALL third party code, including ads and analytics, are secure.
Ensure that ads within your app play nicely.
- Avoid ads that crash an app or lock it up for extended periods of time.
- Your paid version is judged by the performance of your free app.
Like much of Canada's privacy laws, the rules governing border searches pre-date the consumer use of the Internet and cellphones and are seriously out of touch with the reality that we carry our entire lives on our smartphones.
Border searches can be conducted not only at the actual border, but within 100 miles (160 km) of the U.S.-Canada border as well as at airports or even when boarding a cruise ship.
There is an increasing trend around the world to treat borders as law-free zones where authorities have the right to carry out whatever outrageous form of surveillance they want.
But they're not: the whole point of basic rights is that you're entitled to them wherever you are. — Edin Omanovic
- U.S. border guards can search your phone.
- Border guards have 'wide open' rights to search your smartphone.
- China is forcing tourists to install text-stealing malware at its border.
Searches at the border are based upon the laws from an age when everything was on paper. That is how they justify copying everything on your phone or computer.
Canada's border agents can search your phone and laptop at borders and airports, including looking through your private photos, personal messages, and call history. — OpenMedia
[B]order agents could end up seeing private emails and text messages, photos, web browser histories and sensitive documents, even if you've done nothing wrong. — CTV News
The recommendation is to leave your devices at home. If you plan to take your digital devices across the border, check out the following advice:
…[B]efore crossing the border, delete private material or transfer it to the cloud; at the border, turn on airplane mode yourself; and, finally, be prepared, unless you have some really compelling privacy reason, to just turn over your phone. — CTV News
- Your phone is not safe at the border — OpenMedia.
- A guide to your rights at the border by BC Civil Liberties Association.
The following resources provide more information about privacy policies, privacy guides, privacy tools and privacy when crossing borders.
A study by researchers at Carnegie Mellon concluded,
That's approximately 4.5 and 7.6 work-weeks (about a month or two every year) — just reading privacy statements!
Privacy Policies are Changing
You only need to look at the way Facebook and others so quickly change their privacy policies to enhance their profitability. You're mostly on your own when it comes to protecting your identity.
Consumer Protections Needed
Consumers need a central location to find out what information companies have collected about them, how it is being used and the ability to restore your privacy.
That would be difficult to provide without legislation to create and enforce a standard by which consumers are protected from corporate giants.
Who Has Your Back?
In the face of unbounded surveillance, users of technology need to know which companies are willing to take a stand for the privacy of their users. — EFF
We are at a critical moment for free expression online and for the role of Internet intermediaries in the fabric of democratic societies.
In particular, governments around the world have been pushing companies to take down more speech than ever before.
What responsibilities do the platforms that directly host our speech have to protect — or take down — certain types of expression when the government comes knocking? — EFF, 2018
Who Has Your Back? Censorship Edition documents the track record for companies in releasing private information to the government.
We Need to Do Better
The problem with our private data is that so much of it is irreplaceable and cannot be altered. Unlike a password, once released into the world, there is no calling it back.
Both companies and individuals need to quit ignoring the damage caused by security breaches and careless postings on social media.
Fix It Already
Tech companies could change these things to make your life easier and protect your digital security and privacy. Why haven't they yet?
— Fix It Already
- The ultimate online privacy guide.
- Online privacy is a blog containing posts about privacy.
- The Motherboard guide to not getting hacked.
- *Privacy not Included is Mozilla's guide to choosing connected devices like Google Home and Amazon Alexa.
- How to keep your private conversations private for real.
- Edward Snowden: Here's how we take back the Internet (YouTube video from TED).
- 7 Ways to Reclaim Your Digital Privacy.
- Online Privacy: How to Minimize Your Digital Footprint.
- How to ditch Google for more privacy and fewer ads.
- EFF's Surveillance Self-Defense.
- HTTPS Everywhere encrypts your communications with many major websites, making your browsing more secure.
- Ghostery helps you browse smarter by giving you control over ads and tracking technologies to speed up page loads, eliminate clutter, and protect your data.
- Privacy Badger blocks spying ads and invisible trackers by enforcing the Do Not Track header (you have to have “Do Not Track” enabled in your browser) and may be a better alternative if you're uncomfortable with Ghostery.
- Gibson Research Corporation projects include Securable, Fingerprints, Perfect Passwords and ShieldsUP!.
- ResetTheNet: More ways to win against mass surveillance.