Privacy week

The American Library Association designated May 1st-7th as Choose Privacy Week. Rather than add more stuff to finals week, I decided to wait until this week when we all have time to do the deep dive into online privacy.

Taking the steps to protect on online privacy can be tough. While the majority of us are concerned about online privacy, most of us are also not following through on measures that would make us safer online. (It’s not just you, it’s me too!) Often it is not just one reason that stops us, but multiple factors some of which we aren’t always aware of. The Harvard Business Review has a good breakdown on Why We’re So Hypocritical About Online Privacy.

The first step is understanding what personal information is on the web and who is using it. It may be easy to say “I don’t post anything revealing online”, but that is missing who is paying attention to what you are doing online. Most of the time it is not what you are saying but what you are doing or where you are visiting that interests companies. Where you like to shop, what sites you visit, your latest hypochondria in order to sell to you. If you are not paying for an app, they are selling your data.

 

Password Tricks:

Privacy comes up most frequently when companies are hacked and people have to change passwords. (cough Yahoo cough) How do you create a good password without using common words?

One solution a random passphrase. The Electronic Frontier Foundation (EFF)has a Dice-Generated Passphase site that can help you come up with random phrases.

You can also take a song lyric, use the first letter from each word and add symbols. “Every time I think I’ve had enough and start heading for the door” (from Never Can Say Goodbye by the Jackson 5) EtItIheasgftD

If you need help generating and remembering these strong passwords, you might want to look into password managers. PC Mag has a great breakdown of different ones available and their features (like syncing across devices!).

You should also turn on 2-Factor Authentication if it is offered. Two-Factor works on a premise of “Something I Know” (my password) and “Something I have” (often a cellphone that allows you to receive a one time code) in order to make sure it is you logging into your account. You can check to see which websites offer this at Two Factor Auth. Update: Using 2-Factor in a SMS might not be the best idea, as SMS is vulnerable to hacks as well. It is you can still receive codes other ways or have a sheet of codes. 

 

Next Steps:

Sign up for and listen to WNYC’s Note to Self’s The Privacy Paradox. They will send you one thing to do over five days to help understand what apps are tracking in your phone, what companies are tracking when you are online and what you feel comfortable giving up (or not giving up!).

The Electronic Frontier Foundation offers a Surveillance Self-Defensekit to help you understand what the different issues are and how to implement them in your life. It covers password managers, Tor Browsing (“The Onion Router” relays your browsing to make it harder for it to be tracked), and a whole host of other topics. They break it down into smaller chunks to help you learn and understand.

 

If you want to fall down the rabbit hole of privacy:

Read Little Brother by Cory Doctorow (available on the 2nd floor in the JUV collection). It follows a group of teenagers who are targeted by the government and how they evade detection. It was scary reading it and realizing how many ways I can be tracked and didn’t realize.

Be sure to listen to Note to Self’s episode where they discover where and who you are from metadata that is on your photos. (After you listen to that – here’s how to remove your metadata from those photos.)

It is not just companies that track you through social media. Law enforcement agencies are purchasing programs to monitor protestors and activists on social media. Complex details how the activists, especially activists of color, are being tracked. These third party programs use Twitter, Facebook, Instagram and other social media to search hashtags and provide local data.