Want data privacy? Here's how to protect your personal information online
MANILA, Philippines – Filipinos' right to privacy is protected by various local laws and international treaties.
But with the threat of surveillance by government and data collection by non-state actors added to widespread social media use, the extent to which this right is still being respected is becoming harder to see.
According to data privacy lawyer Cecilia Soria, the most important thing to remember if you want to protect your personal information is to not overshare information. You've got to be vigilant because the technological improvements in recent years have made it easy to obtain data without the consent of the owner. (READ: You think your data, communication devices are safe? Think again)
“Ultimately, you really have to be more mindful,” she told Rappler. “Don’t be so free and careless in giving away your information.”
But what else can be done to protect personal information?
1. Refrain from using unsecured/public Wi-Fi
While the convenience given by public Wi-Fi especially for people looking to cut costs is undeniable, using it can lead to increased cybersecurity risks. (READ: How to protect your computer vs cyberattacks)
Given that it’s free for all, people knowledgeable enough and with malicious intentions can manipulate the connection and use it to steal personal information from your device. Third parties can also intercept and monitor your internet activity while connected to the network.
If it cannot be prevented, make sure to be wary of the transactions you do using a public Wi-Fi connection. Do not do activities that deal with sensitive information – such as banking transactions – while connected. Do not also send emails that contain classified data because they can easily be intercepted.
2. Be careful when sharing your location data
Using Facebook’s check-in feature has become a norm for social media savvy citizens. Privacy experts, however, warn against publicly sharing your location online. Doing so could increase the risk of physical surveillance, especially if your line of work is sensitive.
Aside from consciously posting your whereabouts, it's important to know that applications installed on a device can also access your location data. Make sure to review the permissions you granted to these applications!
While accessing data may be necessary for those who make use of global positioning systems (GPS) such as Waze or Google Maps, you may want to rethink if it's necessary to let Twitter, Facebook, or Instagram know your current location.
3. Check the privacy option on your social media account
According data privacy lawyer Soria, keeping your social media presence to a bare minimum is an effective deterrent against surveillance and unauthorized use of your data. She, however, acknowledged that it could be difficult given that Filipinos make up the biggest chunk of Facebook global users.
“I know it’s easy to say but very difficult to do because we’re trapped since our friends and families are there,” Soria said. “It’s really one of the best ways for them to share information.”
If you can't minimize your social media footprint, make sure you know the best privacy settings for your Facebook posts. If you do not intend for them to be seen beyond the people in your contact list, then make sure to use the “Friends Only” option.
But it’s another problem if one of your Facebook friends decides to take a screenshot of your post or even tags you on photos you do not want to be online.
This is why it’s important to be careful with the people you accept as friends online. Giving them a heads up about not wanting to be tagged on Facebook is also a necessary step to make them understand the need to protect one’s privacy.
4. Refrain from playing 'Facebook quizzes'
You may have encountered Facebook personality quizzes that claim they can help you find a celebrity twin or determine the state of your romantic life in the coming year. And while you’re aware that these are bogus, you may not totally realize the security risks you expose your data to by answering these quizzes even if just for fun.
The risk of using these Facebook quizzes recently came to light in the United States. A whistleblower recently revealed that data of at least 50 million Facebook users were harvested through one of these personality applications available on the social media platform made by Trump-connected data analytics firm Cambridge Analytica.
Aside from this, you can be vulnerable to identity theft and scams given the data these applications get from you.
If you do not want your data to be mined, make sure to take these applications off your approved list or maybe reduce the type of data they are allowed to have. (READ: How to check your third-party app permissions on Facebook)
5. Create separate email accounts for social media and banking transactions
Aside from social media, emails are also a prime spot for hacking incidents. There have been many breaches in the past where emails have been compromised, increasing the risk of exposing personal information.
For this reason alone, Soria suggested that a person create separate email accounts for social media and sensitive transactions such as for banks. In case the one you use for Facebook or Twitter gets hacked, your financial information will not be exposed.
It's also better if you enable two-factor authorization which will notify your phone if there are any attempts to access your email.
6. Constantly clear your email inbox of both read and unread messages
Soria also encouraged people who want to protect themselves from data breach to constantly “clean” email inboxes. Messages to be deleted include those containing banking transactions, work documents, and photographs, among others.
By maintaining an entirely empty – and not just the “unread” messages – inbox, a person lessens the chances of sensitive information being obtained by hackers with malicious intentions.
“The more that you keep those messages inside your inbox, the more information the hackers will get,” Soria said.
7. Be careful with what you download
While the internet and recent technological developments have made it easier to download various types of files and applications, such accessibility poses cybersecurity threats, according to firm Trend Micro. (READ: Malware, phishing, cybersecurity: terms you need to know)
The websites which carry these files and applications may carry malicious codes or malware that can harm your device and compromise your personal information. For example, a seemingly innocent file you downloaded may contain a keystroke logger (keyloggers) that can record the activities of your keyboard – including your passwords.
Make sure to download only from legitimate sites and install antivirus or antispyware software as these can detect and eventually delete malware.
8. Examine the permissions you grant for software applications
When downloading a new application on your smartphone, make sure to examine first the information it is requesting from you.
“[Granting permission to access] could be a way for them to get information from you na hindi mo alam kasi iniisip mo, nag-download ka lang ng applications (It could be a way for them to get information from you without your knowledge because you were thinking you just downloaded applications),” she said.
It's important to ensure that the information the application is requesting is in line with its purpose. For example, the Philippine National Police (PNP)’s Know Your Rights application was recently hit for requesting access to a user’s text messages, phone and phone call logs, and photos and other media files even if these were unnecessary.
Getting beyond its intended purpose is already “unauthorized processing,” according to Soria, but it will be considered authorized already if a user consented by granting permission.
9. Do not use personal information as passwords
When thinking of passwords for any account, do not use personal information such as your birthdate, phone number, or house address. These are easy to obtain if you are not careful and can lead to your accounts being compromised.
Data privacy experts also suggested using “passphrases” instead of normal passwords. Passphrases are longer and more complex than a password – which are usually just a single word if not easy-to-crack sequences.
10. Undergo "Data Detox"
When you’re used to being online so much and sharing personal information, following the above-mentioned tips may feel overwhelming. If you’ve signed up for too many accounts or downloaded far too many applications on your device, it can be a chore to clean up after your digital self.
To lessen the difficulty, Berlin-based Tactical Technology Collective developed “Data Detox” which can help reduce the “toxic” buildup of personal data available online which can lead to problems in the long run.
The group said that the so-called “data bloat”, which traces a person’s digital patterns, can be capitalized on without your consent.
Each day of the 8-day program focuses on one aspect of someone’s digital life and will guide a user through maintaining necessary accounts, deleting irrelevant ones, and ensuring that data privacy is respected. – with reports from Sofia Tomacruz/Rappler.com
Read more about state surveillance: