Over the weekend, I wound up at Washington, D.C.’s Trapeze School with a group of friends. Before one of them headed up a ladder to attempt a somersault landing from the trapeze bar, she handed me her phone and asked me to take photos. “What’s the password?” I asked. “I don’t use one,” she replied. My jaw dropped as it often does when someone I know tells me they’re choosing not to take one of the very simplest steps for privacy protection, allowing anyone to snoop through their phone with the greatest of ease, to see whichever messages, photos, and sensitive apps they please.
So this post is for you, guy with no iPad password, and for you, girl who stays signed into Gmail on her boyfriend’s computer, and for you, person walking down the street having a loud conversation on your mobile phone about your recent doctor’s diagnosis of that rash thing you have. These are the really, really simple things you should be doing to keep casual intruders from invading your privacy.
1. Password protect your devices: your smartphone, your iPad, your computer, your tablet, etc. Some open bookers tell me it’s “annoying” to take two seconds to type in a password before they can use their phone. C’mon, folks. Choosing not to password protect these devices is the digital equivalent of leaving your home or car unlocked. If you’re lucky, no one will take advantage of the access. Or maybe the contents will be ravaged and your favorite speakers and/or secrets stolen. If you’re not paranoid enough, spend some time reading entries in Reddit Relationships, where many an Internet user goes to discuss issues of the heart. A good percentage of the entries start, “I know I shouldn’t have, but I peeked at my gf’s phone and read her text messages, and…”
2. Put a Google Alert on your name. This is an incredibly easy way to stay on top of what’s being said about you online. It takes less than a minute to do. Go here. Enter your name, and variations of your name, with quotation marks around it. Boom. You’re done.
3. Sign out of Facebook, Twitter, Gmail, etc. when you’re done with your emailing, social networking, tweeting, and other forms of time-wasting. Not only will this slightly reduce the amount of tracking of you as you surf the Web, this prevents someone who later sits down at your computer from loading one of these up and getting snoopy. If you’re using someone else’s or a public computer, this is especially important. Yes, people actually forget to do this, with terrible outcomes.
4. Don’t give out your email address, phone number, or zip code when asked. Obviously, if a sketchy dude in a bar asks for your phone number, you say no. But when the asker is a uniform-wearing employee at Best Buy, many a consumer hands over their digits when asked. Stores often use this info to help profile you and your purchase. You can say no. If you feel badly about it, just pretend the employee is the sketchy dude in the bar.
5. Encrypt your computer. The word “encrypt” may sound like a betrayal of the simplicity I promised in the headline, but this is actually quite easy to do, especially if you’re a MacHead. Encrypting your computer means that someone has to have your password (or encryption key) in order to peek at its contents should they get access to your hard drive. On a Mac, you just go to your settings, choose “Security and Privacy,” go to “FileVault,” choose the “Turn on FileVault” option. Boom goes the encryption dynamite. PC folk need to use Bitlocker.
6. Gmailers, turn on 2-step authentication in Gmail. The biggest takeaway from the epic hack of Wired’s Mat Honan was that it probably wouldn’t have happened if he’d turned on “2-step verification” in Gmail. This simple little step turns your phone into a security fob — in order for your Gmail account to be accessed from a new device, a person (hopefully you) needs a code that’s sent to your phone. This means that even if someone gets your password somehow, they won’t be able to use it to sign into your account from a strange computer. Google says that millions of people use this tool, and that “thousands more enroll each day.” Be one of those people. The downside: It’s annoying if your phone battery dies or if you’re traveling abroad. The upside: you can print a piece of paper to take with you, says James Fallows at the Atlantic. Alternately, you can turn it off when you’re going to be abroad or phone-less. Or you can leave it permanently turned off, and increase your risk of getting epically hacked. Decision’s yours.
7. Pay in cash for embarrassing items. Don’t want a purchase to be easily tracked back to you? You’ve seen the movies! Use cash. One data mining CEO says this is how he pays for hamburgers and junk food these days.
8. Change Your Facebook settings to “Friends Only.” You’d think with the many Facebook privacy stories over the years that everyone would have their accounts locked down and boarded up like Florida houses before a hurricane. Not so. There are still plenty of Facebookers that are as exposed on the platform as Katy Perry at a water park. Visit your Facebook privacy settings. Make sure this “default privacy” setting isn’t set to public, and if it’s set to “Custom,” make sure you know and are comfortable with any “Networks” you’re sharing with.
9. Clear your browser history and cookies on a regular basis. When’s the last time you did that? If you just shrugged, consider changing your browser settings so that this is automatically cleared every session. Go to the “privacy” setting in your Browser’s “Options.” Tell it to “never remember your history.” This will reduce the amount you’re tracked online. Consider a browser add-on like TACO to further reduce tracking of your online behavior.
10. Use an IP masker. When you visit a website, you leave a footprint behind in the form of IP information. If you want to visit someone’s blog without their necessarily knowing it’s you — say if you’re checking out a biz competitor, a love interest, or an ex — you should consider masking your computer’s fingerprint, which at the very least gives away your approximate location and service provider. A person looking at their analytics would notice me as a regular visitor from Washington, D.C. for example, and would probably even be able to tell that I was visiting from a Forbes network address. To hide this, you can download Tor or use an easy browser-based option.
These are some of the easiest things you can do to protect your privacy. Ignoring these is like sending your personal information out onto the trapeze without a safety net. It might do fine… or it could get ugly. These are simple tips for basic privacy; if you’re in a high-risk situation where you require privacy from malicious actors, check out EFF’s surveillance self-defense tips.