Are You in Control of Your Personal Privacy?
Vice President and ID Theft Practice Leader
Eight years ago I wrote an article titled How to protect your personal information from the internet and database marketing (see here) on how your data is used by marketers to analyze your personal information in order to create targeted marketing and provide you with specialized offers.
Just this month there were news stories on how Facebook 'doesn't sell data' (see here).
My initial response to the Facebook headlines was "what's the surprise?" To properly share my view on why I am not surprised, let's begin with the history of big data and how it has evolved over the last 50 years.
The first form of big data was in the 1960's and 70's with direct mail or direct marketing when companies started to collect basic personal information such as name, age and address to generate personalized communications to promote a product or service for mass marketing purposes.
In the 1980's and 90's, with the help of emerging computer technology, data mining was a new process for marketing companies to identify anomalies, patterns and correlations within large and segmented databases to target opportunities and recognize trends in order to increase their customer base.
Over the last five years, big data is a new phrase that takes data mining to the next level including business and marketing companies as well as science, engineering, medicine and other industry groups and applications.
As you may have guessed, my point for sharing the above and "not being surprised" about Facebook is that our personal information has been collected, purchased and sold for marketing and yes, political purposes for over 50 years.
So let's talk about social media in general and Facebook in particular where individual consumers share their personal information such as family names, where they live, where they work, where they go to school, who they communicate with, what they read and write, what they watch, what music they listen to, what they buy, what they eat, how much they exercise, and here's the big one - their politics and how they vote!
It amazes me that people share all of this personal information on social media - generating thousands of data points every day for marketing companies like Facebook - and then complain about personal privacy.
But it's more than sharing information on social media, it's also about your search engine history. Every time you type words into your web browser like "concert" or "live music," it's no coincidence that "concert, tickets and tour" advertisements pop up on websites you view.
And it's more than your search history. Every time you use an app or social media, you have accepted terms and conditions (even though you probably did not read them). Common examples of app and social media terms and conditions include:
- If they host your photo, they also own it and allows them to use your pictures for commercial purposes
- Geo tracking which means once you agree, they are able to see your precise location
- Permission to track your search engine history and online purchases
So while Mark Zuckerberg (Facebook CEO and founder) has stated that "technically, Facebook doesn't sell users' data," it does sell access to you, or more specifically, access to your News Feed, and uses that data to show you specific ads it thinks you're likely to click on.
This is how Facebook makes money using your personal information. This is how Facebook is one of the largest marketing companies in the world with $40 billion in annual revenue. And this is why Facebook will continue to use your data to make more money by selling more access to you.
While I have talked about Facebook and big data, I will conclude by talking about your personal privacy by saying that your privacy is not so private anymore.
As for your personal information, Privacy Rights Clearinghouse (see here) reports that there have been over 8,000 data breach events totaling over 10.3 billion records since 2005. This means that your personal information is already out there including 145 million Social Security Numbers thanks to last year's Equifax data breach.
So while you have little to no control of your personal information that is already out there, you should still try to mitigate your exposure by taking action on three items:
- Limit how much information you share both online and on social media
- Read and understand the terms and conditions of the social media sites and apps you use
- Read, understand and adjust the privacy settings of the social media sites and apps you use
Finally and for consumers who want to control the use of their personal demographic data you can opt out of direct marketing programs (see here) and do not call registries (https://www.donotcall.gov/) by using the Federal Trade Commission (FTC) as a consumer risk management resource.
To learn more about these threats and how to protect yourself and your family from Identity Theft, you can read my past newsletters at the Merchants Identity Theft Educational Website at www.idtheftedu.com.
BBB Tip: Digital Spring Cleaning
By Better Business Bureau. April 8, 2018.
With spring in full swing, there is a good chance that your weekend plans may include scrubbing, sweeping and sprucing up your home for the season. While clearing clutter is an annual ritual for many households, the National Cyber Security Alliance (NCSA) and Better Business Bureau (BBB) have teamed up to remind all consumers not to be digital hoarders and to freshen up their online lives. By conducting a digital spring cleaning and taking care of overdue online maintenance, you will be safer and more secure against losing personal information and becoming a victim of identity theft.
"A single breach in September 2017 hit nearly 148 million Americans – exposing Social Security numbers, birthdates, addresses and other highly personal information," said Russ Schrader, NCSA's executive director. "The average consumer is doing very little to protect their data. Our connected devices contain volumes of details about family and friends. Information like contacts, photos and videos, along with confidential health and financial records, could easily get into the wrong hands and cause chaos. Doing a digital spring cleaning will help keep your valuable information more secure and assist in protecting you against identity theft, which continues to be a top online safety concern."
A good rule of thumb is to consistently keep a keen eye on all sensitive accounts like online banking, your credit cards and credit report. A recent survey indicates that half of Americans still have not checked their credit reports since the previously referenced breach. If you are in that 50 percent, take action to fix this as soon as possible. Then, as you prepare to digitally declutter, spend a few minutes reviewing NCSA's STOP. THINK. CONNECT.™ tips and the additional advice listed. When it comes to rolling up your sleeves and actually starting the cleanup process, stay organized by following this handy checklist, which breaks the bulk of the tasks into four buckets: keeping a clean machine, staying secure, cleaning up your online reputation and purging files.
"Last year, consumers filed more than 47,000 reports to BBB Scam Tracker about a wide variety of scams, and we found the riskiest are online scams," said Bill Fanelli, chief security officer with the Council of Better Business Bureaus. "It's vitally important that consumers and businesses alike develop and stick to good habits on how data is collected, stored, and shared, and how it is disposed of when it's no longer relevant. Digital Spring Cleaning means treating both paper files and electronic files securely; destroying old hard drives, data sticks, cell phones, and tablets; deleting old files; updating passwords; and making sure you have the most up-to-date versions of operating systems, software, apps, and malware protection."
A digital refresh is a relatively simple process. NCSA has identified our top, trouble-free tips and advice that everyone should follow beginning this spring and throughout the year.
- Keep a clean machine: Ensure all software on internet-connected devices – including PCs, smartphones and tablets – is up to date to reduce risk of infection from malware.
- Lock down your login: Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Begin your spring cleaning by fortifying your online accounts and enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.
- Declutter your mobile life: Most of us have apps we no longer use and some that need updating. Delete unused apps and keep others current, including the operating system on your mobile device. An added benefit of deleting unused apps is more storage space and longer battery life. Actively manage your location services, Bluetooth, microphone and camera – making sure apps use them appropriately.
- Do a digital file purge: Perform a good, thorough review of your online files. Tend to your digital records, PCs and phones and any device with storage just as you do for paper files. Get started by doing the following:
- Clean up your email: Save only those emails you really need, and unsubscribe to email you no longer need/want to receive.
- Back it up: Copy important data to a secure cloud site or another computer or drive where it can be safely stored. Password protect backup drives. Make sure to back up your files before getting rid of a device, too.
- Own your online presence: Review the privacy and security settings on websites you use to be sure that they remain set to your comfort level for sharing. It's OK to limit how and with whom you share information.
Here are some user-friendly, actionable guidelines to assist with the safe disposal of electronically stored data. Prep your data in advance of participating in BBB's Secure Your ID Day:
- Know what devices to digitally "shred": Computers and mobile phones aren't the only devices that capture and store sensitive, personal data. External hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information.
- Clear out stockpiles: If you have a stash of old hard drives or other devices - even if they're in a locked storage area - information still exists and could be stolen. Don't wait: wipe and/or destroy unneeded hard drives as soon as possible.
- Empty your trash or recycle bin on all devices, and be certain to wipe and overwrite: Simply deleting and emptying the trash isn't enough to completely get rid of a file. You must permanently delete old files. Use a program that deletes the data, "wipes" it from your device and then overwrites it by putting random data in place of your information - that then cannot be retrieved.
- Various overwriting and wiping tools are available for electronic devices. For devices like tape drives, remove any identifying information that may be written on labels before disposal, and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
- Decide what to do with the device: Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed. Note the following:
- Failed drives still contain data: On failed drives, wiping often fails, too; shredding/destruction is the practical disposal approach for failed drives. Avoid returning a failed drive to the manufacturer; you can purchase support that allows you to keep it - and then destroy it.
- To be "shredded," a hard drive must be chipped into small pieces: Using a hammer to hit a drive only slows down a determined cybercriminal; instead, use a trusted shredding company to dispose of your old hard drives. Device shredding can often be the most time- and cost-effective option for disposing of a large number of drives.
See BBB.org/techsupportscam for more advice on how to avoid tech support scams.
For more tips on how to avoid scams, check out BBB.org/scamtips. In addition, if you've fallen victim to this type of scam, you can help others avoid being scammed by filing a report BBB.org/scamtracker.
If you have been the victim of identity theft, go to identitytheft.gov for a personalized recovery plan from the Federal Trade Commission.
Courtesy of the Better Business Bureau - for more information visit: http://www.bbb.org/phoenix/news-events/.
If you believe your identity has been stolen, call 866.SMART68 today!