In the digital age where the rate of technological advancement exceeds the rate at which we understand it, it is hard to know the risks of using something as simple as email to as complex as some of the apps on our phones. A very important lesson to learn is that nothing you use is truly free.
Let’s start with email. Most email providers are free these days, but that isn’t because they are generous people. They gain an unimaginable amount of information about consumers – you – by automatically scanning emails to better target advertisements. What’s even more disturbing is that the government has gained the authority – albeit unconstitutional – to examine your personal emails manually or automatically.
The internet is mostly free right? I mean, most of us pay for home internet service through a provider like Time Warner Cable, but other than that we enjoy a massive repository of information at little to no cost. Some of us browse the internet on our cell phones, tablets, or laptops using 3G/4G or the free wifi at the local coffee shop. All of your internet traffic has to pass through a network of computers (think of a series of roads to your destination) before you see the web page come up on your screen. If we continue with the roads analogy you can imagine that there could be cameras along the way on your journey to a destination. Likewise, your internet traffic passes through many different servers and can be inspected by a third party. So while we gain so much by using the internet, we also open ourselves up to potential eavesdroppers.
What this all boils down to is that no matter how you interact with technology it is highly likely that your information is being tracked and stored permanently. As you continue to use it, “we” know more about you. How that information is used is really not up to us any more. Sounds pretty scary, right? Well, yes, it is, but there are simple things you can do to safeguard your information.
- Always browse the internet using https (SSL) where available, and if you are passing sensitive information (like a username / password) insist that the web page is accessed over https (SSL). For example: rather than logging into http://facebook.com use https://facebook.com. There is a subtle difference, but that is your first line of defence against an adversary. If you receive a message from your browser saying something to the effect of “there is a problem with the certificate”, just leave the website. Someone may be trying to hijack your secure browsing session.
- If you are browsing the web at a coffee shop or anywhere with free wifi, just assume you are being watched and be especially wary of the error I referenced in #1. It is incredibly easy for someone to hijack your internet session and get your passwords or other sensitive information. If you are a bit more technically savvy, you can sign up for a personal VPN service. A lot of the new providers are much easier to use – one click connect – and will make an insecure connection secure for you.
- Search for things on https://startpage.com instead of Google. StartPage actually uses Google to search the internet, but it blocks Google from knowing who you are. A great example of why this is important can be found here: http://www.theguardian.com/world/2013/aug/01/new-york-police-terrorism-pressure-cooker
- All your internet traffic reveals your physical location even without GPS. If this is a concern for you, spend some time looking into the Tor network (https://www.torproject.org/projects/torbrowser.html.en) or a personal VPN service. Also, most modern cameras, if not all, will record the location that you took a photo. If you post that photo on Facebook, anyone can see where you were when you took it.
- Most applications allow you to opt out of certain data collection. DO IT! Most often you can find a “Privacy” link or tab.
- Your cell phone is constantly revealing your physical location even if your GPS is off and you use the Tor network or a personal VPN service. That is because in order to get cell service, your phone has to connect to towers that are close to you. That information is logged.
- All your phone calls’ meta-data is stored and it has been revealed that this information is handed to the government on an ongoing, daily basis. Meta-data is anything but the actual phone call audio itself. That includes who you called, when you called them, how long you talked and where you were when you called them. The only option here is to use a secure VOIP service like RedPhone for Android or pay for a service like Silent Circle.
- Your texts are easy pickings. There is a great free text messaging application that will allow you to encrypt your texts. It’s called TextSecure.
If you are anything like me when I first started digging into this information, you are probably overwhelmed. You don’t have to change your habits all at once. Start small and ease into the habit of better practices. Most importantly, think twice before you use the latest and greatest piece of tech and try to understand what it means for your privacy – nothing is free.