Wednesday, 24 October 2012

Your Online Privacy

So much of our day-to-day lives is now wrapped around some form of internet connectivity, that it's hard to imagine how we would function without it. From email and games to social media and communication tools, life as most people know it is lived (to some degree) in a virtual world.

Then we hear a story about a site changing its policies to 'reflect the ever-changing online environment'. Whenever a major player changes its own rules there are always a handfull of people complaining or walking away in protest - canceling their accounts.

Some recent events that have sparked great emotion;
1. Facebook's timeline rollout [PC Mag]
2. Twitter's 'selling' of archived tweets [Mashable]
3. Wikipedia's subjective editing [PC World]

At the end of the day, the social media giants really aren't going to worry too much about a few thousand people leaving. Because of the sheer volume of people using their sites, and the millions of new users joining every day will mean that they're never really going to take a hit.

While some of the policy changes do certainly alter the accessibility of our information, it's ultimately not something we should be concerned about if we've taken appropriate precautions, and understand the risks of using social media.

Tips & Suggestions:

1. It's called 'social media' because it's designed to be social.

When you post or submit any information to any website (either as a message or just information), assume that it may be accessible by more than just your intended recipient. Unless the recipient (person and/or website) is covered to protect your information by law (banks, medical, legal etc..), they're not only free to use it how they want, but they're free to change their policies on such things as well. Although it's probably not in their best interest, they can even edit the information you post if they wanted to. This includes 'private' messages or even email.

2. Create an alias

I'd recommend for every parent introducing a young person to the online world, to create an alias for use online. Determine a name, date of birth, address & phone number. Then create some standard passwords & hints that relate to your new alias, a mothers maiden name, a pets name, city 'you' were born in - all questions you may be asked when registering for online services. Write them all down and keep it by the computer for easy reference. This creates a level of separation between your online profile and your personal information. Obviously for interacting with legitimate sites, you'll want to use your actual information, but for places it doesn't matter as much (forums, galleries, photo/file sharing & download services),

3. Create a free online email account to use for dubious registrations

Once you have your alias determined, go and create a free email address (Gmail, Hotmail, Yahoo etc..) using those details. This creates a level of separation between your online profile and your personal information. You may have noticed that sometimes when you register for something, you instantly begin to receive hundreds of junk email from all kinds of places. Keeping registrations in an email account that's separate from your main email means you're reducing the amount of spam you have to sift through, but if you need to log in to confirm something that's sent to you you can do it. If you're signing up for a service that you're not 100% sure about or don;t feel you need to hear from them again, this is the email account to use.

4. Don't leave a social site just because you are unhappy with changes

This isn't so much a privacy protection stance, as long as your customers (or potential customers) are there, you also need to be there. As with any of life's curveballs, you just need to roll with the punches. Facebook isn't going away (at least any time soon), so you need to work out how you can adapt your usage so that you feel comfortable with the public availability (real or potential) of the things you post.

5. Be cautious what you sign up for

There are many 'easy' signs that a site is just looking for people to enter their personal information. Watch out for;
- popups telling you that you were a randomly selected winner and to click to claim your prize.
- ads telling you to register to get a free iPad (Apple products are commonly used as bait)
- notices that 'you have qualified for a 'free gift' without having made a purchase
- Opt-in check boxes when registering for online websites. Read the language carefully, sometimes they reverse the language to confuse you (check the box to not receive our emails).
- Opt-in language that allows the site to share your information with their 'partners' (this is particularly dangerous since they then have the right to sell off your address to hundreds of 'affiliated' databases).

6. When submitting personal information (especially credit card info), check it's a secure site

There's 2 quick ways to check if the site your information is being submitted via a secure page. Securing pages prevents something called 'eavesdropping' where a non-authorised party 'watches' what you're typing into a form. This is not something that's controlled by the person owning the website, but can be prevented by them using encryption.
1. The address at the top will start with https://.. that little 's' stands for secure, and means that the page has an SSL certificate encrypting information being entered.
2. Look for a little padlock or  in your browser header or footer. This is something that can be a little harder to find, as there's no consistent place across different browsers. For instance, firefox now uses a document icon on a blue background to the left of the URL.
A lack of an SSL certificate doesn't mean that your information will be stolen, it just means that it's not being sent encrypted to the recipient. It's like sending a postcard through the mail instead of a sealed envelope.

---

Don't perpetuate the problem.

Never, ever, not ever forward an email to part or all of your contact list because an email tells you to. Tracking pixels in emails are not able to identify individuals that forward emails, only if the site generated an email to a specific user, and then only if HTML formatting is used and images are enabled etc. in other words - there is no way for a company to track every person that forwards an email. However, emails that are forwarded around with lists of email addresses on them are easy ways for email farmers to not only collect your email address, but then sell it to multiple dubious mailing lists.

When developing your own site, make sure your language is clear and concise. Don't try to trick people into signing up for your mailing list. Sure you might get more people on your list, but you risk losing the trust you have/had with your clients if they feel you were deceptive.

Talk to us today about your online security and how you can add security measures to your own site so that others can trust you too.