Thursday, February 6, 2014

Data Privacy Day Tips


I have to confess that I was unaware that Data Privacy Day was last week.

Data Privacy Day occurs every year on January 28 and is intended to remind us to more carefully consider our privacy choices throughout the year.

Computer users are encouraged to think about privacy choices the next time a new online profile is created, or load an app on a phone, or sign up for a frequent shopper card at your favorite retail establishment.

“And with the big data movement hell bent on collecting as much information about us whenever possible, apparently innocuous or unimportant details can be pieced together in new and surprising ways,” said Chester Wisniewski, senior security advisory at Sophos.

Following are three simple privacy diet tips from Sophos to help trim the fat and protect user’s privacy:

1. Turn off geolocation, and leave it off.
Whether you're a Twitter user, a soldier in a war zone, or a fugitive from the law, geolocation can carry serious unintended consequences even when it's used on purpose.

Users have to be careful to avoid being tripped up by a steady supply of less-than-honest app writers. Geolocation data has been silently hoovered up and sent home by phone software as diverse as flashlights and mobile apps for kids.

2. Turn off Wi-Fi. Turn it on when you need it.
To trim the next few privacy pounds dieters need to turn off Wi-Fi on their smartphones, tablets and laptops. You can still use Wi-Fi but you have to switch it on when you need it and turn it off again when you don't.

As it searches for networks to join, your phone will offer up the names of Wi-Fi networks you've used previously. Many Wi-Fi networks are named after the places where they're located, so that your phone's electronic greeting can read like a history of where you've been. Alongside the networks it's joined your phone will also broadcast its MAC address almost constantly. Commercial organizations have begun to show serious interest in that little unique ID because it can be used just like a cookie to track and profile your movement in the real world.

3. Log out when you have finished
Dieters on the Privacy Plan should log out of any system they've finished with. Stopped using your laptop? Log out. Checked your bank balance? Log out. Done updating your Facebook status? Log out. Everything you've used but haven't logged out of is an open back door that leaves your privacy at the mercy of Clickjacking attempts, Cross-Site Referral Forgery attacks, social media tracking beacons and people just sitting at your keyboard when you're not there.

“Data Privacy Day is the perfect time to think about all the computing devices and gadgets you use, including smartphones and tablets,” said Rebecca Herold, an information security and privacy expert, internationally recognized as "The Privacy Professor," and author of  Managing an Information Security and Privacy Awareness and Training Program, now in its second edition. “Many people don’t realize these devices are continually collecting personal information about the user, such as where you work or attend school, travel, shop … the list goes on. Everyone should be aware of the information they are putting out there and the data being collected without their knowledge or consent.

“As we embark on 2014, we truly are in a new and expanding ‘Internet of Things’ where numerous amounts of data are being collected every day. All individuals, businesses and government organizations should make privacy a priority by being educated about new, expanding data collection points and put appropriate protections in place to protect personal information,” added Herold.
Herold encourages all consumers to ensure they aren’t giving away too much information when their personal data is collected, and she believes they have the right to demand that the entities collecting their information are protecting it and using it properly.