In case you missed it, last week was Data Privacy Week, an awareness campaign to remind everybody that any of our online activities creates a trail of data and that, therefore, we need to better manage our personal information online. And for good reason.
Increasingly, we live our lives in the digital world. That means: logging on to social media platforms to socialize with friends; communicating via email, using search engines, messaging and video conferencing tools; and consuming content via streaming services. But every organization you interact with wants a piece of you. They request information like logins, contact details, location and even browsing history to keep your accounts secure, deliver more personalized experiences and monetize their relationship with you.
A smart move would be to limit the volume of information you share with these organizations, and publish online, to mitigate any resulting security and privacy risks.
The problem with overdoing it
The more sites and apps you share personal and account information with, the more chance your details may end up getting breached – if one of those companies is compromised, or you’re targeted directly by hackers. There’s also a greater chance that your browsing and other information will be shared with third party advertisers and others. And, of course, if you’re publishing content on social media, you may be inviting the entire world in to observe the minutiae of your daily life.
This doesn’t just put your own personal security and privacy at risk. If you’re using a work device or unwittingly sharing corporate information, it may well also be a threat to your employer – raising the stakes even higher. Even something pretty innocuous like the name of a pet animal or details of your current role could be used by hackers to try and crack open online accounts, and/or customize phishing attacks to elicit even more sensitive information.
Restricting what you publish and share online makes sense in a digital world increasingly populated by cyber-thieves and shady data brokers. But with so much information spread across potentially so many websites, accounts and devices, it can be tough knowing where to start.
Here’s our top 10 steps to kick things off:
10 ways to limit your digital footprint
- Download fewer apps
Mobile applications often require users to input a significant amount of personal and/or financial information to work as intended. They may also track location, browsing activity and other info that is then shared with third parties. It stands to reason that the fewer apps you’ve signed up to, the less exposed your information will be.
Your default impulse should not be to download first and ask questions later, but the opposite. Do your research before deciding if it’s something that you genuinely need.
It then goes without saying that you should regularly “spring clean” your devices to remove any apps which have not been used in a while. While you’re at it, check the permissions for the apps you decide to keep.
- Set up fewer online accounts and cleanse existing ones
Companies don’t just want your custom. They want your loyalty. That’s why many will push you towards setting up accounts and sharing monetizable information that way. It could be anything from an e-commerce store to a media site. Resist the urge to do so, even if it means payment and other details won’t be saved next time you visit. A little inconvenience is often the price we pay for greater privacy and security.
If over the years you’ve set up online accounts you don’t really need and use anymore, shut them down.
- Take extra care not to share sensitive data
Sometimes sharing info is inevitable to get the goods or services you want. But be mindful of what you’re handing over. Unless strictly necessary, don’t share things like phone numbers, email and home addresses, financial details and social security numbers, which are in high demand on the cybercrime underground. Emails and phone numbers can be used to spam recipients with phishing messages, for example. Use guest accounts when buying online to further reduce risk.
- Think twice before sharing on social media
Social media is like a digital megaphone. For many of us, the content we share will be liked, reshared and made virtually impossible to remove or retract once out in the digital domain. So it’s important to first consider how that content may be received by others, and prospective employers. And whether it contains any sensitive information in it about your work and personal life. Also consider limiting your profile to online your friends/contacts, and not adding anyone you don’t know in real life. Review privacy preferences and be mindful that any unsolicited contact may be fraudulent.
- Exercise your right to erasure
For people in some parts of the world, including the European Union, regulators have created new ways for data subjects to have information they don’t like scrubbed from certain online locations. This so-called “right to erasure” was pioneered by the EU’s GDPR. Search online for your name to see what’s out there and contact website owners direct to request removal. Then contact search engines like Google to do the same.
- Keep your location a secret
One of the most intrusive forms of data capture is that which tracks your location. From it, third parties can piece together a highly accurate picture of your daily movements and habits. That doesn’t just put your digital privacy at risk, it can also imperil physical safety. Be sure to stop apps from tracking your location.
- Don’t fill out online surveys
The internet is awash with competitions and prize offers, often in return for completing online surveys or similar. Some are thinly veiled marketing campaigns to build up contact lists. Others may be downright criminal efforts designed to steal your personal information for use in phishing campaigns and/or to sell on the dark web.
- Be ruthless with newsletters
Online brands are big into digital newsletters. They believe it enables them to communicate directly with their customers, and deliver them personalized content and promotions. But for many of us, online newsletters do nothing more than clog up our inbox. Resist the urge to sign up. Alternatively, use a dedicated email address for these purposes or a throwaway email account, especially if you’re signing up for something you’re only planning to use once.
- Disable third-party cookies
Cookies are tiny files downloaded to your PC or device when visiting a website. They’re used by the site owners to profile who is visiting their site and to save preferences for future visits. While this may make the browsing experience better, many of us would prefer that we didn’t share this type of information, which could include usernames and passwords. If presented with the choice on visiting a website, simply refuse to accept cookies. You can also disable third-party tracking by going to your browser’s privacy settings.
- Limit the number of devices you use
Finally, consider how many devices and PCs you have in active use. Each one of them is a potential treasure trove of data which could be exposed if the device is lost or stolen. Do you really need to buy that new tablet? If the answer is still “yes,” do you need to sync all of your personal data to it?
Keep it up
Data minimization is an industry best practice for the organizations we interact with on a daily basis, helping to reduce their regulatory risk exposure. With caveats, it could also be a best practice for data subjects themselves – to enhance our security and privacy as we navigate the treacherous waters of the internet.
About ESET
For more than 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit ΕSET Hellas or follow us on Facebook, Twitter and LinkedIn.