The current climate of mass surveillance has
led many people to ask if there are ways to protect their privacy online. There
are, and Electronic Frontiers Australia recommends the following steps to
minimise your individual online security risks.
Bear in mind two points. First, much of the information
available from our near-ubiquitous Internet access is easily accessible not
just to intelligence agencies, but also to online service providers, their
advertisers, people who might want to steal your identity, and, increasingly,
anyone with reasonable technical skill.
Second, a significant amount of online security risk is social,
not technical. Easily guessed passwords used across a number of services and
so-called "social engineering", in which a victim is tricked into
providing login and/or identity information. For both issues, make security a
conscious choice.
1. Use a password manager
A password manager makes it easy to have a
unique password for every site and ensures that if one service is hacked, other
services will not be vulnerable. Some are free, many are low cost, and they are
available for all platforms, including mobile.
2. Disable GPS and Wi-Fi
on your mobile device until you need them
GPS: Your mobile provider is able to identify your approximate
location using cell towers. If you have a smart device with GPS enabled, much
more precise location information is available to a whole range of entities,
including your platform provider and app developers.
Wi-Fi: Wi-Fi broadcasts
detailed information about your device, the apps on it, your location, and
Internet usage. Disabling Wi-Fi except when you are using it will prevent
promiscuous broadcast of personal information. Power management apps will help
you avoid having to remember by turning Wi-Fi off whenever the screen is dark,
which will also maximise your battery life.
3. Read the access
privileges for apps carefully, and make good choices
In the digital world if a service is free then you are the
product. Many free services and apps collect detailed information about you
that allows them to sell highly-target advertising. Next time you download a
"free" app, check the information it is asking to access, and decide
if this app really deserves those privileges.
4. Guard your date of
birth and telephone number
Never display your full date of birth. It is a key piece of
information that many providers use for verification. The same goes for telephone
numbers, especially if you lose your telephone and are trying to re-create your
contact list.
5. Make yourself more
difficult to find on social media
Consider using a pseudonym on social media sites. You can also
use unique email addresses for each website you join. Most online email
providers allow you to do this by appending extra letters (eg "fb+")
to your existing email address. This will make it difficult for strangers to
search for you on social media sites and if you start receiving spam at that address,
you’ll know exactly where the spammers found your address.
6. Keep your work and
personal presences separate
If you have a work email account, keep it for work only. Your
employer has the right to access your work email account, so you really should
keep your private emails separate. This will also save you the significant
trouble involved in telling all your contacts and updating all your logins
if/when you change employers.
You might also consider creating multiple social media
identities: work, very private, and "publicly" personal, with
different names and different contact lists as much as possible.
7. Encrypt your
connections
Encryption is the process of encoding
information so that it is only intelligible to those given access to read it.
Many online services, such as Facebook, Twitter and Gmail, now offer encrypted
connections. Ensure that your browser uses an encrypted connection wherever
it’s supported by installing the "HTTPS
Everywhere" plug-in. Email is an inherently insecure
communications medium, but there are options available for encryption, such as Pretty Good Privacy. Unfortunately, your email messages
will only be encrypted if the people you are communicating with also use a
compatible encryption service, so this limits its usefulness.
8. Collective action
While these measures can provide you with some
individual protections, the fact remains that the most powerful action is
collaborative.
Globally, we should demand that all
countries focus efforts on implementing the International
Principles on the Application of Human Rights to Communications Surveillance.
These are 13 principles that set out for the first time an evaluative
framework for assessing surveillance practices in the context of international
human rights obligations.
In Australia, citizens should also be demanding a much more
fundamental and long-term solution: a bill of digital rights. Australians
deserve a set of principles that underpin decisions made about
legislation that regulates online freedom, access, fair use, and
privacy.
SOURCE: theGUARDIAN
previous article
Newer Post
No comments
Post a Comment