Owning Your Privacy by Managing Your Digital Footprint
Originally published on the National Cybersecurity Alliance (NCSA) StaySafeOnline blog.
Walking along a muddy trail or through snow as a child, did you ever turn around and look at your footprints, marveling at the size and impact of what your little feet left behind?
Just like traipsing through the mud or a snowy field, your internet activity leaves footprints across the digital landscape. But instead of harmless child’s play, hackers and identity thieves could use these tracks to find their way to you.
Social media posts. Email newsletter signups. Online account activations. All these actions leave a digital trail organizations use to learn more about you and your habits.
While seemingly innocuous, this information can reveal more details then you intend and make your personal information vulnerable to compromise.
To recognize Data Privacy Day, we’ve compiled a few simple actions that can help you gain more control over your data and the tracks you leave in the digital snow. Taking charge of your data privacy doesn’t mean trying to erase yourself completely from the internet. It means being intentional and cautious about the data trails you leave and knowing how to manage them. Here’s how.
Start by Asking “Why?”
For all data requests from digital services, first ask “Why?” Why are they asking for this data? Think about the relevancy of the request in relation to the service to be rendered. For example, does that email newsletter provider really need to know what state you live in?
Consider the tradeoff that you’re making in exchange for losing a little of your privacy. Giving access to your location so that your trusted turn-by-turn navigation works on a business trip might be worth it to you. But you might want to think twice about giving location data to a store loyalty program or coupon app on your phone.
With “Why” on your mind for all internet and digital activities moving forward, you’ll be on the right path toward limiting your digital footprint.
Searching for your name on the major search engines (let’s just say it, “Googling yourself”) will give you a snapshot of your online presence. It can be eye-opening to see what personal information is publicly available.
Another eye-opening exercise is entering your email address or addresses into an online tool like Have I Been PWNED. This site will tell you if your email address has been involved in any major data breaches. If it has, be sure you’re no longer using the passwords associated with those accounts at the time of the breaches – not on those affected accounts and not on any others.
Use a Password Manager to Take Inventory
When I started using a password manager, I began to realize just how many online accounts I have. With the manager installed on my browser, it prompts me to use it every time it detects me logging into an account.
Seeing all my various and sundry online accounts in one place in my password manager made me realize just how big my footprint is. Some of the accounts were clearly unnecessary and I deleted them, reducing my footprint.
If for some reason the vendor doesn’t let you delete your account, just change your details to a bunch of gibberish, and don’t trust them with your business in the future! Having fewer online accounts means there’s less to protect.
Managing New Accounts
Countless online vendors require that we create accounts before we’re allowed to use their service—even for one-time purchases or email newsletter subscriptions. Although these accounts feel trivial they’re useful to spam marketers, mailing lists, and cybercriminals.
In addition to giving the axe to old accounts you no longer use, try to resist the urge to create new ones. Fortunately, more vendors are providing “checkout as a guest” option, which is the way to go if you think that your interaction with that site will be a one-time occurrence.
Controlling Account and Privacy Settings
For accounts you might want to hang on to, like the 800-ton gorillas Google, Apple, and Facebook, get to know their account privacy settings. The National Cybersecurity Alliance has launched a great tool for Data Privacy Day 2020 that compiles privacy setting information for dozens of the major digital providers out there.
These settings will allow you make your social posts as private as possible, for example, or limit what data these services collect about you.
Exploring account settings should also allow you to see what information these services have collected on you. In the case of Google, anything you’ve ever done while logged in with a Google/Gmail account is logged. Every bit of search history, location visited … everything.
If this level of data collection bugs you, these services do allow you to put the torch to all of it if you choose. Be careful, though, as these actions will be permanent and have potentially undesirable consequences. For example, deleting your entire email history and account could make it more difficult to communicate with family and friends. Deleting search histories could make it more cumbersome to do future internet searches.
The same goes for the major social media networks, though steps here might be a little more convoluted. Most major sites will give you the option to download this information before deleting so you can keep any details you need on your personal computer.
Know Your Rights
Governments are slowly waking up to the realization that data protection governance should be part of their job.
This means that there are new regulations that might give you several important rights (if you live in an affected region). California residents, for example, have extensive new ways to control how companies use their data thanks to the California Consumer Privacy Act, or CCPA. Other U.S. states are following suit, with rumblings of a national data privacy law making its way through the U.S. Congress.
Since 2018, residents of the European Union have had the General Data Protection Regulation (GDPR) overseeing how companies everywhere manage their data.
Long story short: pay attention to what you hear on the news about new legislation. It could affect your privacy.
Treading Lightly While Browsing
Prevention is faster and more effective than trying to clear your digital footprints after the fact. This means knowing how to tread lightly through the digital landscape (think “Leave no trace,” but for the internet).
To start, make full use of the private browsing settings of the major internet browsers. For the most popular browsers, this entails simply right-clicking on the program’s icon on your computer and selecting “New private/incognito window.” This will keep these browsers from assigning specific search and internet usage histories to you as an individual.
When it comes to social media, assume everything could be public, even if you’re vigilant about your privacy settings. Never post something that you wouldn’t be comfortable explaining to your boss or parent. And be particularly cautious about posting too many personal details, like your travel plans, for instance.
Completely erasing your digital footprints is not necessary to move safely through our uber-connected world. But a little knowledge and awareness about the impact your journey through the digital landscape can have on you will go a long way. With these tips, you’ll be on the right path toward limiting your digital footprints.