"The internet never forgets."
These were the words of Jon Padfield, assistant professor of management in the business division of IUPUC, as he discussed the importance of data protection.
On Wednesday, Padfield and Kevin Jones, who is an associate professor of management at IUPUC, gave presentations and answered questions over Zoom on "Privacy In The Digital Age" as part of the university’s Timely Topics series.
Timely Topics are free, online conversations with the public about "topics related to the challenges facing Columbus and surrounding communities and new ideas for overcoming those challenges."
[sc:text-divider text-divider-title=”Story continues below gallery” ]
During Wednesday’s session, Padfield and Jones discussed the dangers of sharing data and steps that can be taken to protect your personal information.
Padfield emphasized data collected online for one purpose is "frequently used for other purposes." For instance, even the simple act of using a grocery store’s reward card can have side effects. These cards allow the business to gather information about your purchases, and data aggregators can share that information with other entities, including political campaigns, who in turn use that information to send you targeted ads.
Some companies use data to sell employers "behind the scenes profiles" on potential hires, Padfield said. Banks and insurance companies can also use personal data profiles to decide what rates to charge individuals.
The consequences of data sharing and, in some cases, data breaches, can be even more severe. Padfield noted that the federal Office of Personnel Management was once hacked, and the data of millions of government employees were stolen, opening them up to the danger of blackmail.
The National Security Agency has also been hacked in the past, Padfield said. He emphasized there is a lack of data security even in the U.S. government.
"No matter how much a company may promise you that ‘We follow industry-leading security procedures,’ that ‘Your data is safe with us,’ once you give away data you can never get it back," he said. "And regardless of what it’s collected for or how secure somebody promises to keep your data, there is no guarantee."
Laws on data privacy and monetization vary by state, Jones said.
"We do have some laws (in Indiana)," he said. "… Our Social Security is protected. You know, there are some other things that are protected. But with regard to how people monetize our data, we are not protected in Indiana."
While there are certain laws and regulatory bodies that protect certain types of information, "none of them cover the entire spectrum of monetizing your data," Jones said.
The COVID-19 pandemic has brought more potential for data sharing and abuse, the presenters said.
Padfield said that while he understands the need for contact tracing, there is some danger in how some companies are marketing location-recording apps that claim to aid with contact tracing.
The pitch is to put the app on your phone, because your memory might not be good enough for you to remember everyone you were close to, Padfield said.
Thinking about contact tracing and having an app that tracks individual’s every move should put chills down the spine of everyone, he said.
It’s also possible that app location data cold be used against someone who happens to be in the wrong place at the wrong time, such as being in and around protests that turn violent.
In light of the dangers of sharing your data, Padfield and Jones offered advice on how to protect your information.
- Consider paying for deletion and privacy services
Services such as Blur and DeleteMe can remove your information from data aggregators and sites such as Spokeo that list that information.
"The company that I pay goes out and constantly monitors these data aggregators to see if my data is there. If it’s there, they send them legal notices requesting that they remove their data from their website," Padfield said.
Blur also offers other services, such as burner credit cards and disposable email addresses.
"So if you want to make a credit card purchase, you can load money on a one-time use credit card, make the purchase, that credit card disappears, and it can’t be tracked," Padfield said. Paying with cash also helps protect privacy, he said.
Blur’s disposable email addresses are created so that users can give an address to sites or people asking for their email address. The disposable addresses then forward messages to the user’s main email address, which remains private.
- Update your software
Software updates often include security improvements. For instance, iOS, which will be released in the near future, warns users anytime an app is trying to access a clipboard.
"If you ever do a copy and paste on your phone or on your laptop, when you do a copy, whatever you copy — photograph, URL link, text — it gets put on the clipboard," he explained. "Apps such as TikTok were caught accessing the clipboard and sending it back to the mothership."
- Use paid VPN services
A VPN is a virtual private network that, according to Cybint, a global cyber education company, is used "to obscure your personal information from others who may be using the same unsecured public network" when you access public WiFi hotspots.
Padfield stressed the important of getting a paid VPN service, as a free VPN service is likely untrustworthy.
"None of these companies do things out of the goodness of their heart," he said. "… The old expression is, ‘If you’re not paying for it, you’re the product.’ A VPN service will protect your identity, to a degree, online. There are other technologies, such as browser fingerprinting, that even if you’re using a VPN, there’s still a possibility that you can be tracked. But VPNs limit the amount of tracking.”
- Clear cache and browsing history
When asked about clearing your cache and browser history, Padfield said that this should be done often, on a weekly or even daily basis.
Jones said that these practices, while helpful, don’t offer complete protection.
"It’s a good activity, but it’s already out there, the data," Jones said. "You know, anytime we touch the internet, it’s out there. … We’re always subject to someone intruding upon our computer, so the less we have available there, the less likely we are to give up our secrets. So it is a good practice to continually do. But it doesn’t, it’s not 100 percent."
- Look closer at privacy options
Jones recommended reading the End User License Agreement for social media sites and other sites or services you use, as well as looking further into your settings and what privacy options are available. He also recommended using ad-blocking technology.
- Unplug when not using
Jones said that unplugging certain devices, such as an Alexa, is a simple way to stop them from monitoring you.
- Use alternative search engines
Jones and Padfield mentioned DuckDuckGo as a search engine that allows you to search without worrying about your data being stored and shared.
"When you do a search, they will serve up a real-time ad related to your search," Padfield said. "If you’re looking for cars, you’ll see a car ad. But they do not store that information to compile that someone with your IP address was looking for cars last week."
- Keep the conversation going
Jones said that it’s important to talk about data and privacy issues and push the people who have power over those issues to take action — and keep working on these problems continuously.
"Because it’s not something you can fix today and be fixed forever," he said. "… It’s an ongoing and regular evaluation and work to help protect what most people want — some semblance of privacy."
[sc:pullout-title pullout-title=”Where to watch” ][sc:pullout-text-begin]
The Timely Topics discussion on "Privacy in The Digital Age" was recorded, and a video of the session will be uploaded to www.iupuc.edu/events/timely-topics.
[sc:pullout-text-end][sc:pullout-title pullout-title=”More tips on data protection” ][sc:pullout-text-begin]
Some advice from "7 Easy Steps to Take to Protect Your Data" from Cybint Solutions:
- Apply software updates
- Protect your passwords
- Disable lock-screen notifications
- Lock your apps
- Keep your browsing to yourself by using a VPN when using public WiFi hotspots
- Encrypt your data
- Back up your data
[sc:pullout-text-end]
