Tips for Keeping Your Data Private Online

It’s hard to keep a low profile these days. Internet behemoths like Google and Facebook make their money by interpreting the data you provide them to pitch you offers from their advertisers. If you don’t provide them data, they don’t make money. And yet, if you don’t agree to provide them data, you don’t get to use their services. Rather than pay them your money, you pay them with your data, for data and money are synonymous.

So, knowing that you can’t stay completely anonymous online, how can you can still keep a somewhat low profile? The overarching theme here is that convenience isn’t free. It is very tempting to store your data with a site so you don’t have to provide it again the next time you visit. But, wherever you share your data, you now have another point of exposure, another port a cyber thief could use to learn about or even steal your identity. And, even when the motives aren’t so nefarious, why should you let any company know more about you than it absolutely has to?

With that mantra of “convenience isn’t free” in mind, let’s consider a few tips:

  1. When a website asks you if you want to save the data you’ve entered on their site so you don’t have to re-enter it when you visit later (such as a charge card number, for example), just say no. There is no point in entrusting your data to someone just to save a few keystrokes.
  2. When your browser asks you if you want to save the password you’ve entered for a site, just say no. If the computer you used falls into someone else’s hands, all they have to do is open up the browser’s built-in developer tools, change the page’s code, and reveal your stored password.
  3. Don’t use the same password for every site. Ideally, use a different password for every site. That way, if an attacker discovers your password for one site, they haven’t found the keys to your entire kingdom.
  4. Limit your online shopping to a handful of sites. The more different vendors you visit, the more places you end up sharing your personal data. At the risk of avoiding the smaller players and supporting the giants, it’s safer for you to support the giants than to spread your money and data around.
  5. Never share any personal data, including your social security number, passwords, driver’s license number, health records, or anything else you wouldn’t share through non-computer channels in an email or instant message or social media post. If someone requests that you give them this information through such a channel, insist that they request it old-school and they allow you to share it old-school: in other words, offline, through snail mail and other slower-but-harder-to-share 20th century technology.

Regarding the third suggestion – to use a different password for every site – you might think that would be so inconvenient as to be impractical. But that is not the case. Come up with a base password that is common to every site that is easy for you to remember and that would not be easy for someone else to guess. This might be an acronym for something you commonly say or an abbreviation for place you frequently visit. Tack onto that a special symbol (like a punctuation mark) followed by a short fixed-length string of characters related to the site for which you’re trying to come up with a password. For example, for that last component of the password, you might choose the first two letters of the site name, capitalizing the first or second letter or both. Voila! You have a unique password for every site that is hard to guess and won’t compromise every account you have if it is broken.

The key to staying somewhat private online is to avoid giving away more than you absolutely have to sacrifice. You certainly have to share some of your data with some sites. If you limit the amount you share and the number of sites you choose to share that limited quantity with, you minimize your risk. And minimizing risk isn’t a bad goal to shoot for when it comes to preserving your privacy online.

About Ray Klump

Professor and chair of Mathematics and Computer Science Director, Master of Science in Information Security Lewis University http://online.lewisu.edu/ms-information-security.asp, http://online.lewisu.edu/resource/engineering-technology/articles.asp, http://cs.lewisu.edu. You can find him on Google+.

Leave a Reply

Your email address will not be published. Required fields are marked *