I consider myself a high-functioning lazy person. I do my laundry regularly, but leave clean clothes in a pile on the floor. I make it to work on time, but have to set my alarm for an hour earlier than I’d like because I hit the snooze button so many times. I will wear a blazer to my business casual office, but only to cover up my terribly wrinkled shirts… which I pick up off my bedroom floor each morning.
At the Internet Society, I work primarily on topics related to security and privacy. Through my work, I have the pleasure of learning about new vulnerabilities or computer viruses, how different apps and devices can or already are spying on me and selling my data, and all other manner of scary online threats. As you can imagine I’ve become increasingly paranoid about my online privacy.
Yet, when it comes to online privacy, lazy and paranoid is a terrible combination.
I know what I should be doing to better protect my online privacy. I know I should update my devices regularly. I know I should be using two factor authentication when its available. But, like the clothes I know I should be folding, I never take the time to do so.
So I’m making a change. When it comes to online privacy, for too long I’ve just been lazy and paranoid. Now, it’s time for me to become the paranoid, high-functioning lazy person I know I can be. Like overdressing to hide a wrinkled shirt, it’s time to take my laziness and turn it into a strength.
Here are a some actions I’m taking to improve my online privacy. All of them are easy, and a few don’t even require follow-up.
- Learn how to “shop smart” for connected devices. You don’t want to have to return a connected device because it is spying on you. Returning things is a pain. Learn how to “shop smart,” and buy privacy respecting connected devices so you won’t have to.[1] My post on shopping for connected toys and Mozilla’s guide to shopping for connected gifts are both great places to start.
- Update your devices and its applications. If a device or app has an auto-update feature, turn it on! Are you really going to want to take the time to update it later? Often this is as easy as a couple clicks. And don’t forget to update the less obvious devices. Anything that’s Internet connected, from your light bulbs to your thermostat, should be updated.
- Turn on strong encryption. Some devices and services have the capability to use encryption, but don’t turn encryption by default. This is like owning a safe, but leaving it unlocked. Take a few minutes to see if your devices or services are already using encryption or if you need to turn it on.
- Review the permissions on your mobile device. No flashlight app ever needs to track your location or your calendar. So, don’t let them! Seriously, do this, it takes less than five minutes. Review your permissions settings and turn off the permissions for apps to gather more data than you’d like.
- Review the privacy settings on your social media and store accounts. You may be sharing a lot more than you intended through your social media and store accounts. Review your privacy settings to determine who can see what you write, the pictures you post, or your other activity on the platform. Ask yourself, who do I want to see this sort of information, and who do I not want to see it. When possible, avoid linking your social media accounts with other third party services. Your social media platform does not need to know what music you listen to, so don’t tie your music streaming service to your social media account!
- Boost the privacy protections on your favorite browser. There are lots of great browser extensions or plug-ins that can increase your privacy when browsing the web. One browser plugin, HTTPS Everywhere, will ensure that if a website offers an encrypted SSL connection, it will use it. Others, like Ghostery and Privacy Badger, will block tracking cookies or web beacons that companies use to track your browsing habits. Getting privacy protecting browser plugins is a quick and easy way to better privacy.
- Stop reusing passwords. It is tempting to reuse a password for multiple devices or services. How are you supposed to remember different passwords for everything? But, while reusing a password may be easier for you to remember, if hacked or stolen, it also makes it easier for criminals to gain access to your other devices or services. Take a few minutes to get a secure password manager and learn how to use it, or, for home devices, write down your passwords in a securely stored notebook.
- Turn on two factor authentication (2FA) for your applications and services. Okay, this one is a bit of a stretch goal but hear me out. When you think of 2FA, think of something you know (e.g. password) and something you have (e.g a security token). 2FA means if someone only has your username and password they can’t login as you, and that’s really important, because companies lose databases of their users passwords all the time. The Two Factor Auth site will walk you through how to set it up for almost every website that supports it. Banks, social media, everything.
Let’s take action to better protect our privacy online. We might not clean our rooms and dust our furniture, fold our clothes, or wake up on the first alarm, but we’d rather not have our devices show the world just how lazy we can be.
*Strong security and privacy takes time and effort, and device manufacturers can be lazy too. So sometimes, there isn’t going to be a privacy respecting option. At the Internet Society we’re working hard to make it easier for device manufacturers to do the right thing when it comes to security and privacy. The OTA IoT Trust Framework provides manufacturers and others with a simple risk assessment guide for connected devices and systems.