“If you have nothing to hide, then you have nothing to fear”. How many times have we heard this phrase, especially when we question or refuse to give our personal information or belongings to any type of security? Nowadays, this argument is also used in the digital world. Since Snowden’s discovery of NSA’s mass surveillance on American and global citizens, invasion of privacy by companies and the government are justified under the excuses of “getting to know the users’ behavior to improve their navigability” or “protecting the citizens against external threats”.
In the book Data and Goliath, Bruce Schneier explains that the jargon “If you have nothing to hide, then you have nothing to fear” shouldn’t be used as an explanation to access our data like it happens. Just as we have the right to be protected against external threats by our government, privacy is also a right that should be preserved given the circumstances. Then why is this same privacy endangered by the government?
Hiding something doesn’t mean that the thing being hidden is wrong or a crime. When we go to the bathroom, we expect some kind of privacy, but that doesn’t mean that what we do behind closed doors should be considered wrong. And the same logic can be applied to many other things, like telling secrets or even having sex.
Our digital privacy is now being endangered almost every day. Just by browsing through Google, companies or the government can collect our localization, age and gender, to name a few items. And if you think your personal email, Facebook or Instagram accounts are safe from tracking history because of passwords, you should know that they are probably not. But, if you want to keep your digital information available to yourself only, besides also avoiding hacker threats, there are some useful tips to follow.
- Use two-factor authentication on your email
-
Your email provides access to most of your other connected accounts online and gathers information about your preferences, work and personal life. Securing your email account is the first step to start protecting yourself from any kind of surveillance and two-factor authentication is the easiest way to do so. With this step, whenever you log in from a different device, a specific password will be sent to your phone in order to allow access to your account.
If you use Gmail or GSuite, you can do that by visiting myaccount.google.com, then clicking on Sign-in & Security, then on 2-step Verification. Outlook accounts that are attached with a Microsoft account can enable two-factor authentication at account.microsoft.com, then Security Basics, More security options, Two-step verification and finally Set up two-step verification. Chatham Outlook accounts cannot be secured with two-factor authentication.
- Upgrade your phone’s password protection
-
In the US law, the Fifth Amendment allows citizens to keep a password secret, but a court can compel you to unlock your device with a thumbprint. Alas, if an attacker manages to get your phone’s registered thumbprint, you can’t exactly change it afterwards. Even though Touch ID is much more convenient to access your phone, a number password is safer.
Therefore, you should choose a difficult combination of numbers. Attackers usually get 10 sequences tried before a phone lock them out, so, if your 4-digit password is one of these most common ones, like 3333, 8888, 1234, 1212, 1004 or 4321, change it
- Install a private web browser
-
According to Business Insider, you’re still being watched if you use incognito mode on browsers like Chrome or Firefox, because internet services providers, the company that made the browser and the system administrators in charge of the network where you get online can still snoop in on your network activity.
Some good alternatives to browse the internet, while still keeping your search history to yourself, is Tor, a browser option that needs to be configured according to a specific type of network and privacy settings. DuckDuckGo is also a possibility to keep your data safe from advertising tracker, but it shows a smaller variety of results and doesn’t have the “multiple layers” of protection like Tor.
- Use different passwords for each account
-
In 2016, hackers released 117 million email-password combinations and Mark Zuckerberg’s was among them. His “dadada” LinkedIn password was also used on his Twitter and Pinterest accounts, which made hackers gain access to these social networks.
Besides having a strong password (containing special characters and numbers), you should have different passwords for different accounts. If you have trouble managing tons of complex passwords, you can also try using a password manager, like LastPass.
- Encrypt your hard drive
-
To protect all the information stored on your computer, or the ones you consider sensitive, you should encrypt your hard drive with a password. With this type of security, the files you want can only be accessed through a password defined by you. If you have a Windows computer, you can learn how to set up BitLocker with this link. To know how to set up FileVault for MacOS, visit this link.