«

»

Apr
01
2011

Ten Tips: How Not to Look Like a (Privacy) Fool

Fran Maier
President
TRUSTe

We’ve all made online gaffes of one kind or another and felt foolish, such as inadvertently copying a boss on a job search email or leaving our Facebook account open on a public computer in a library or hotel. Here’s some helpful tips to avoid feeling like a privacy fool:

1. Free Apps Can Come With A Price

Just this week I was the victim of a rogue web app that sent an unwanted message to my social media contacts. Free apps can be tempting, whether you’re downloading them on your social networking account, your phone, or your computer, but in some cases these apps generate revenue through advertising by spamming your contacts or repeatedly showing you intrusive ads. Revisit your app privacy settings on your device or account and also be cautious when downloading a new free app. Do you know someone that has had a positive experience with that app? Is that app approved by a trusted authority? Are there positive reviews of this app online? These are all good questions to ask yourself before clicking “install” or “download”.

2. Don’t Forget to Log Out

Log-out of your social networking account. Log-out of your email account. Log-out of your online bank account. Even if you’re logging in to these accounts from your personal computer you risk compromising them if your device is stolen or if someone decides to snoop on your computer (this can include family members) and finds that you have not logged out. I can’t tell you how much I’ve learned about my teenagers’ love lives because they don’t log out.

3. Practice Safe Emailing

Double check your “to:” and “cc” fields before you send that email. Don’t open attachments or click links from people you don’t recognize. Don’t open attachments or click links from people you do recognize something seems strange or out of place. Use junk mail filters. It doesn’t hurt to have a separate “spam” email account that you can use to register for accounts or services on websites you don’t trust.

4. Use SSL

SSL is encryption that websites can use when collecting and transferring your personal information online. SSL makes sure your information cannot be intercepted by unauthorized parties during transit. All online banks use SSL and any reputable e-commerce site that is asking for your credit card information should be using SSL. The use of SSL has spread beyond financial sites, however, and is now offered on social networking sites (Facebook & Twitter, for example) as well as email accounts (Gmail, for example). In some cases you as the user must turn on SSL encryption from within your account settings. You’ll know SSL is on when the URL you visit begins with “https” instead of the regular “http”. Depending on the browser you use, the URL may also be highlighted in green or feature a padlock icon to signify that SSL is being used. If you’re transmitting sensitive information online and SSL is available, you should be using it.

5. Check Out Privacy Notices

Reading a full-length, traditional privacy policy can be a daunting task, but you don’t have to do that to stay informed. Look for the most important parts of the privacy policy and focus in on those. Key questions you want to answer include: who do they share my information with? Can i delete my account and information if I want? Who can see the information I share on this site? What are the privacy default settings?. Privacy notices are also increasingly occurring outside of the privacy policy. These can be short, to-the-point notices that occur on pages where you enter personal information. Look for them.

6. Look for the “Forward i” In Online Ads

The online ad industry now offers you ways to control your personal information. Look for a little blue icon and the words “ad choice” in online display ads. You’ll start to see more and more of these icons in the coming months. By clicking on this icon you can learn about the companies that may be tracking your online activity and helping to deliver that ad. This notice will also provide you with the opportunity to opt-out of the use of your personal information by these companies. TRUSTe powers technology that supports this system in our TRUSTed Ads product, which can facilitate your opt-out process.

7. Learn How to Spot a Phish

Does that email or website you’re looking at have grammar and spelling mistakes? Does it seem too good to be true? Does it appear to be from a trusted friend or source, but does something feel not quite right? Trust your instincts. If it looks fishy, it probably is (a phish). By clicking a few links and filling out a form or two you can very quickly find yourself the victim of a hijacked email or social networking account or the recipient of unwanted spam. When in doubt, navigate directly to the website you want to log-in to rather than following a link that was sent to you and could potentially be fraudulent.

8. Check Your Mobile Settings

If you’re a smartphone user it’s probably your most personal computing device. It contains your photos, emails, location data, contacts and log-in credentials for any number of online accounts. Review the privacy settings of your mobile operating system and set them accordingly. When you download apps be aware that they can have separate privacy settings that you need to separately review and modify as you see fit.

9. Use Separate, Strong Passwords

Password-protect your computer, your smartphone, even your ebook or tablet. Make sure to use different passwords so if one account is compromised the rest are safe. It’s especially important to use different passwords for sensitive online accounts, like your email account and your bank account. Make sure these passwords are strong. Strong passwords typically contain letters, numbers and symbols and are longer than 6 characters. Microsoft provides a helpful guide on creating strong passwords here.

10. Reward Those You Trust

It’s always tempting to get the better deal, but sometimes that deal is too good to be true. Look for privacy or security trustmarks on websites and apps (and click them to make sure they’re real). Look for online reviews and confirmation that the business you are dealing with is legitimate. Make companies earn your trust before you do business with them. It will pay off in the long run.

Happy April Fools’ Day!

Sincerely,

Fran

Comments