With more and more business and communications taking place online, most people are providing a significant amount of personal information to websites, and making personal information available through social media. At the same time, very few of us take the time to read the "terms and conditions" documents we acknowledge when we establish accounts online. It is not realistic for most people to avoid using the internet in this manner, but there are things we can do to help protect our privacy while still enjoying these conveniences.
- Use encryption
It is relatively easy to set up disk encryption on a laptop or smartphone, so if your computer is lost or stolen, the information cannot be obtained.
- Use a password manager
A password manager allows you to create unique, unbreakable passwords for every site, but you don’t have the burden of memorizing them. The New York Times’ March 2020 Wirecutter recommends these password managers: 1Password (fee service) or BitWarden (free version available). See https://thewirecutter.com/reviews/best-password-managers/
- Use two-factor authentication
This process requires you to have two factors to prove your identity, e.g., your password plus an image you recognize, a question you can answer, or a temporary access code sent to your phone by the authentication service. Two-factor also gives you a second means of access if your password is stolen or exposed. UCD makes Duo available to all faculty, students, and staff. https://ucdavisit.service-now.com/servicehub/?id=ucd_kb_article&sysparm_article=KB0002934
- Beware of sites that offer some sort of reward for your contact information or other personal details.
- Never respond to suspicious emails; do not connect to links or open attachments they send you
Even if the email appears to be from someone you know or a reputable source, be cautious of unexpected emails that appear to be suspicious or have spelling and grammatical errors.
- Be conscious of Web security
Never submit a credit card number or other highly sensitive personal information without first making sure your connection is secure (encrypted). In any browser, look at the URL (Web address) line - a secure connection will begin https:// instead of http://.
- Don’t overshare on social networking sites
Identity thieves can find information about your life, use it to answer "challenge" questions on your accounts, and get access to your money and personal information.
- Examine privacy policies and seals
Have you heard of the company? What is their reputation?
- Are they backing up their privacy statement with a seal program such as TRUSTe or TrustArc (https://trustarc.com/truste-certifications/) or the Better Business Bureau (BBB) privacy accreditation seal. You can search here (https://www.bbb.org/search) to see if a business is BBB accredited. For more on BBB’s privacy accreditation standards, go to https://www.bbb.org/bbb-accreditation-standards.
- Safely dispose of personal information
Before you dispose of a computer, get rid of all the personal information it stores. Use a wipe utility program to overwrite the entire hard drive. Before you dispose of a mobile device, check your owner’s manual, the service provider’s website, or the device manufacturer’s website for information on how to delete information permanently, and how to save or transfer information to a new device. Remove the memory or subscriber identity module (SIM) card from a mobile device. Remove the phone book, lists of calls made and received, voicemails, messages sent and received, organizer folders, web search history, and photos.
- Remember that YOU decide what information about yourself to reveal, as well as when, why, and to whom
For example, keep a close hold on your Social Security number and ask questions before sharing it. Ask if you can use a different kind of identification. If someone asks for your SSN, or for your child’s, ask why they need it, how they will use and protect it, and what happens if you don’t share it.
- Other Tips from Privacy Rights Watchdog Non-Profits.