Privacy awareness in the year of COVID has been a mixed bag. While consumers become painfully aware of the intricacies of contact tracing and related privacy exposure, they became less concerned overall as their lives shifted more and more online.
On the corporate side 60% or more of employees did not know whether their employer has to comply with major privacy regulation (CCPA, GDPR, etc.) . Can consumers using these services fare any better? We believe we can help with practical tips in this regard. Of course, we continue to offer our XcooBee Free Privacy Tools to consumers as well.
Thus, as we are trying to emerge from COVID in 2021, privacy is a mixed bag. On the one hand there were overall gains with certain aspects, on the other hand, there was a fundamental shift of work and social life online which exposed more people than ever to data theft and privacy intrusion.
Unfortunately, at the same time, the craving for PII data is growing. Facebook announced forced data-collection requirements for continued used of its WhatsApp messenger platform. And criminal organizations continue to successfully gain access to private and government data. According to some studies there is a new victim of identity theft every 2 seconds in the US, and Experian published a statistic that 31% of data breach victims have their identity stolen. Most of the exposed identity records, 47%, are by organizations from the United States and China.
We at XcooBee work diligently to introduce tools for both businesses and individuals to better manage the processing, sharing, storing PII data and consent. Organizations can build full fledged GDPR, CCPA, or NYPA processes on our platform. Many of our tools, like the XcooBee Cookie Kit, are available as Free and Open Source software. However, we also believe there are a few things that each individual should consider doing to limit the data that is available out there.
So, here, after much deliberation, is our 2021 top things to do that anyone should consider as part of their own privacy tool belt.
1. Protect your Email
Many sites require that you provide and email and, then, proceed to verify it. You cannot easily make up one and so your email box becomes harder and harder to manage. This creates increased levels of stress.
In addition, your email may be sold, copied, breached and you are, then, on the radar of people targeting you. You can see how email has become the primary gateway of spam, phishing and viruses to your computer. In short, you need to become more vigilant about protecting it.
You can setup special addresses and manage your own email servers, but this quickly becomes unwieldy and requires technical expertise.
We recommend that you use email protection services that will allow you to create temp, special purposes addresses. You can consider using XcooBee Email Guard. It is one of the first special-built tools for this purpose. You can generate a temp email with one click or shut it off with another. You control from whom traffic is allowed and for how long. Should your email guard address be compromised or breached, you shut it off easily.
This gives you the ability to use email more actively without the same stress and anxiety. Give an email to the store clerk or use it to test drive a new service without fear that this is forever.
XcooBee Email guard emails are fully functional email addresses that you can use to receive and send messages while protecting your primary email. They are simple to create, manged centrally, and can be used from your primary email account. No messy logins, nothing else to remember. For XcooBee users, this helps us boost email privacy and reduces internet stress and anxiety we didn’t even know we had.
2. Time to Cut the WhatsApp Cord
We all knew this day would come. Facebook will require WhatsApp users to share data or be cut off by February 8, 2021. Facebook built a global business on one principle: Free service in exchange for data. This is just a logical consequence. As consumers we have to decide whether in 2021 this premise is broken.
There are many other services out there that can deliver a secure and safe messaging experience. Choose another and convince your friends to come along:
- Signal (https://www.signal.org/)
- Wire (https://wire.com/en/products/personal-secure-messenger/)
- Telegram (https://telegram.org/)
3. Clean House
Consider cleaning accounts and your data from sites that will allow you to do so. With the advent of the GDPR & CCPA this is possible with many more sites though the process is different for each of the sites.
Signup for a free XcooBee account and use the XcooBee tools to make Erasure Requests and Subject Access Requests (SAR) simple. You can even manage complaints to supervisory authorities. Track progress and document activity. This is the only consumer privacy tool that lets you do this much centrally and all for Free.
It is good practice to submit Subject Access Request (SAR) to find out what is stored about you first. A fair warning, this may be many gigabytes of data.
Put it on a schedule and repeat. There is no automated way at this moment to schedule this for you, but we at XcooBee have this feature on our radar.
4. Manage Your Cookies & Fingerprints
For most of us this means regularly deleting cookies. Your browsers can nowadays remove all cookies that you create during a given session. For example in Google Chromes this is hidden under “Keep local data until I quit my browser” in the cookies section. Familiarize yourself with your favorite browser’s cookie options is also helpful. The more you understand how your browser handles the tracking of your person, the easier you can make informed decisions.
Be aware that if you remove cookies from banks or other financial institutions they make ask you for more information when logging in again.
Many sites have switched from Cookies to fingerprinting. This is a less visible mechanism and harder for users to control. Using privacy browsers, anti-fingerprint browsers, or plugins to throw off fingerprints is an approach to consider.
5. Use Privacy Browsers
It is time to look at the eco-system of browsers again. In the last year privacy focused browsers like Brave and Firefox Focus have gained market share.
This has even prompted the stalwarts at Google to take notice and start modifying their data hungry behavior to adjust to the market and consumer trends. Users have spoken clearly and loudly and you should consider joining this movement to improve your online privacy stance.
Also don’t be shy to spread your browser affection. Use multiple ones. The more you spread your internet use, the harder it becomes for others to profile you via a singular browser and browser fingerprints.
6. Watch Your Cell Phone Camera
Your cellphone camera app is an interesting snoop. It may inadventently collect information on you and encode it into every image you take. If these images are uploaded to the cloud, cloud providers have a feast on your location and image data.
You can follow these instructions to check on your phone and camera to turn off location tracking/marking on android. On iOS/Apple you can try these instructions to turn photo tagging off.
7. Some Plugins are Good
We recommend that you look at certain browser plugins to help guard you as you are surfing. For sure, many security companies like Symantec, McAfee will sell you one, but we are not certain that they are not themselves using this data.
Here are some plugins that come in handy:
- Privacy Badger from the Electronic Frontier Foundation. Analyzes how you are being tracked across sites.
- Disconnect: Looks at finding invisible trackers and let you know.
- MyPermissions Privacy Cleaner: Will alert you if a website tries to get files or data and also will check your social media accounts for 3rd party access.
8. Use a Privacy DNS
Domain Name Servers (DNS) are the Internet’s equivalent of a phone book. Whenever you visit a site, your computer first looks up the correct IP address using DNS. Each ISP normally has a servers that you automatically use. This gives the ISP the option to save all the queries you do against DNS and correlate this to a picture to sell to marketers.
You can opt out of this by overriding this for your whole network on your router or individually on each device. For details on your router use Duck-duck-go to search for documentation. As replacement DNS you might want to consider using Cloudflares 1.1.1.1.
9. Use Privacy Search Engines
It seems the business of search engines is to sell their visitors goods and services. And, in return, collect more data to sell to marketers. It’s a vicious cycle and an overall poor deal for the actual users.
In general, your search results seem to be more influenced by what marketers want you to see vs what you actually want to search for. All big search engines, Google, Yahoo, Bing, do this. Instead we recommend that you use someone like DuckDuckGo; in most browsers you can select them as a search engine in your options and everything continues to work as usual without search tracking.
10. Reset all your passwords
You were about to glance over this one because it seems such a gargantuan effort. This, however, is exactly the point. Our inertia makes us an easy target. If you are like many users, you use a few passwords repeatedly. And, when websites ask you to create a complex one you just add a number at the end end and call it a day.
Unfortunatly this is a also a pattern hackers count on to expose your data.
You might not reset all of your passwords by why not make it fun and pick a different one this year, and change it for your top five accounts. Then, next year, you get to look forward to making up new ones again.
As far as password length, the complex passwords that are required by many sites are hard for humans to remember and easy for computers to guess. Longer passwords like “MyDogCharlieLikesToChaseARedBall” are hard for computers to guess and easier for you to remember.
If you do not want to go through the password hassle in the first place, try to use password manager.
11. Logout of Accounts
Yes this is 11 of 10. Sometimes we need to just add a bonus one.
After doing some online searches and/or looking for an item on Amazon you might have wondered how Facebook was so magically prescient to know that you were looking for a new mattress.
The unfortunate answer is cross site tracking and data sharing between the big internet companies. They can do so because you are logged in to their accounts and many other internet sites use technology pieces from them that allow a correlation to be made.
The simple solution is once your are done to logout, and to logout completely. This is hard. After logout many big sites will still display an avatar with your profile picture on their login window or show you the three previous accounts that used this browser. This seemingly convenient feature is not for convenience; it allows continued tracking and means you have not completely logged out.
If so, consider going back to the first item on our list and delete the cookies.
Similarly, don’t forget to logout from the browser itself. Many browsers have user accounts. Logout from Chrome, Firefox, Safari etc. and try surfing as guest. You might see less magical conjectures and experience better long-term sanity.
Moreover, when asked to provide data to a service, stop a minute to review whether what they are asking for is reasonable. Feel free to be liberal with made up data. After-all, why does your local pizza delivery need to know your birthday or your favorite car make?
And, sometimes, we have to recommend that you walk away from services that wish t have to much information or build their riches on business models based on “free” consumer data.
Be Safe,
Your XcooBee Team