Category Archives: Privacy

Internet of Things – How Much of Your Life Should You Put Online?

Internet of Things – How Much of Your Life Should You Put Online?

The term “Internet of Things” goes all the way back to 1999 when British entrepreneur Kevin Ashton first used it to refer to objects identified by radio frequency. It was redefined in 2013 to mean “the infrastructure of the information society.” With more and more devices incorporating internet into their design, the term has become something of a buzzword, a way to refer to a network of connected appliances which eventually will have the ability to communicate automatically and share information about us.

Some parts of the Internet of Things (IoT) already exist. More and more household appliances like thermostats, microwaves and televisions are becoming internet connected. Fitness programs now share stats online. This type of technology is expected to become even more widespread, more automatic, and more all-pervasive in the future. Different estimates have forecast between twenty-six and fifty billion internet enabled devices by 2020.

Being connected has pros and cons

There are many advantages to the IoT. Smart energy-grids can monitor and adjust temperature and power use in a home; they can be accessed from a cell phone or a tablet, making it much easier to track energy use over the course of a day. Another example is the new Dash button on Amazon which allows consumers to order products with the push of a button. It’s likely that in the future this service could bypass human input altogether so that smart-appliances can automatically order whatever supplies you need in your home.

But the problem with internet access is that it brings with it a host of new issues related to privacy and security. Any data stored online is potentially accessible to companies and individuals who want to use this information for their own purposes. The IoT can have far-reaching consequences for reputation, both on and offline, which makes it a big concern for us and our clients at ReputationDefender.

Everything we do could be shared online

In the future, smart sensors in a car could measure driving habits, record the amount of gas you use and even track what radio stations you listen to. Internet connected home-appliances could broadcast cooking and laundry habits and record what time you get up and go the bed. None of these details might seem especially important, but put together, this information can say a lot about an individual’s private life.

At the very least, the IoT will increase the sophistication and amount of information collected for advertising and research. However it can have even more negative consequences if data is made public with the intent to harm or damage a reputation. Any internet connected device is also vulnerable to outside control via hacking, creating an entirely new market for criminal activity on the internet.

Making the Internet of Things accountable

Attempts have been made to regulate and standardize the IoT, but none are fully successful. The IUT, the information and technology branch of the United Nations, launched the Global Standards Initiative to study the application of the internet of things. This effort was renamed Study Group 20 in 2015. SG20 is focused on developing international standards in relation to the IoT.

The Federal Trade Organization has made an attempt to prosecute companies that provide false privacy claims, specifically a 2012 suit against Trendnet for internet connected video cameras that ended up exposing users’ private feeds. However when it comes to privacy violations that are not misrepresented the FTO lacks authority since different standards apply in different countries. Basic privacy legislation exists in the UK and Canada, but protections have yet to be applied internationally and could be limited in some cases.

Other types of regulation

Private organizations have also explored options for individuals that want to retain control of their data. IoT Council, a loosely knit group of professional consultants, offers guidance in this area. Director, Rob van Kranenburg, suggests we should “steer” IoT development to “harness” the benefits of big data in a useful way, for both individuals and companies. Thingful is a “search engine” that “categorizes” and “documents” IoT devices. Its founder, Usman Haque, believes individuals have the right to decide what information is shared about them.

Both Kranenburg and Haque are currently pioneering a new device called the Dowse Box which would make this easier by plugging into the home network and monitoring what data is being broadcast. The Dowse would let owners know right away if information is being sent to a utility company or elsewhere and give them the option to stop it.

There’s a high financial incentive for companies to collect data; in many cases this is even built in to the product price. Moving forward, some companies may start offering privacy protection in return for a small fee while others may offer rewards and even money for data sharing.

Taking control of your own data

As the Internet of Things continues to grow, it’s important that individuals retain anonymity online. Choosing options not to share data can be extremely important even if this means paying a fee or a higher price. With any new product, it’s best to consider the value of an internet connection. Are the advantageous of being connected worth the risk that recognizable information will be leaked? The choice is always up to the individual, but at ReputationDefender® we recommend caution. Most online information is available to someone who wants to find it and many factors may make it more recognizable than you think.

Please follow and like us:
Twitter in Jeopardy

Twitter in Jeopardy

Recent celebrity twitter hacks have made headline news, as we’ve reported previously on our ReputationDefender blog. Some of the biggest names include Facebook’s founder, Mark Zuckerberg, Katy Perry, and the NFL’s official account. Almost all sources agree that the 33 million Twitter credentials which went on sale in early June are the result of aggregated information stolen from other sources, but several different ideas have been put forward about the origin.

Many security experts believe that password recycling and the recent sale of a large number of LinkedIn and Tumblr passwords are largely to blame. However LeakedSource, a security site which broke the Twitter story as well as the LinkedIn and Tumblr thefts, has maintained from the beginning that abnormalities in the stolen Twitter data suggest it may have come from malware installed on users’ own browsers.

Evidence supporting this theory includes the fact that the credentials were stored as “plaintext” with essentially zero encryption, which would never happen on a large social media site like Twitter. Many passwords remain blank suggesting users chose only to store their username on the browser. LeakedSource has also claimed in a blog post that people opening Twitter accounts as recently as 2014, after both the LinkedIn and Tumblr hacks took place, were included in the data set. A large portion of the 32 million accounts also appear to be located in Russia, suggesting a geographical location for the theft which could be consistent with malware.

Twitter has locked some accounts

Twitter has responded to the recent password disclosures by working with LeakedSource to cross-check their account holders’ information against the data stolen from LinkedIn and other sites. All affected accounts have been locked, forcing users to reset their password before they are able to log in, and warning letters have been sent to the associated emails. Twitter has not disclosed how many account holders were included in this precaution.

Further warnings about state-sponsored attacks

Twitter’s latest action is more mysterious. Emails have been sent to a very small segment of users, twenty accounts in total, warning that the account may have been the target of “state-sponsored actors” searching for “emails, IP addresses, and phone numbers.” Twitter goes on to say they have “no evidence” at this time, but are “actively investigating the matter.” Several people have publicly admitted to receiving the warning, including encryption organizations and security professionals in multiple countries. Twitter recommended affected users sign in through Tor, an anonymous browser that helps protect user identity, prompting a wave of criticism since Twitter “frequently blocks accounts accessed over Tor.”

Twitter is not the only large social media organization to send such emails. Google began sending warnings as far back as 2012, and Facebook sent similar warnings this year. Neither company has explained exactly how the threat was identified, citing the need to protect their methods. Another name for this type of attack is an Advanced Persistent Threat (APT), which essentially means the hackers are actively targeting a particular person, are willing to go to great lengths to gather the information they need, and usually have extensive technical resources at their disposal. It would be extremely difficult for a private individual to counter a government sponsored hack.

What does this mean for Twitter users?

Pending further information, there is no evidence that Twitter is unsafe. All Twitter users should reset their password and enable two-step authentication as described in a previous ReputationDefender post. When resetting your password, take precautions to avoid choosing one that can be easily guessed:

twitter password

Please follow and like us:
Twitter Hack Update : What You Need to Do

Twitter Hack Update : What You Need to Do

The recent sale of a stolen trove of Twitter passwords has left many celebrities scrambling to regain control of their accounts. Mark Zuckerberg, Katy Perry, Tenacious D and Black Lives Matter activist DeRay McKesson are among the well-known figures implicated by the Twitter hack. In a particularly unkind prank, Tenacious D fans were made to believe that lead vocalist and guitarist, Jack Black, was dead.

Twitter Hack is the latest in a long line

Tweeting is an every day activity for internet users, celebrities and regular joes alike, and the idea that someone else can take control of what we say is scary to say the least. Yet for social media users, this is just the next installment in a string of recent threats. Over the past few weeks, LinkedIn, OKCupid and Tumblr have both reported the appearance of new data stolen during past hacks, prompting concerned users everywhere to reset their accounts.

Many hacked accounts trace back to the LinkedIn data theft

Yet experts agree, the high number of recent threats is not a coincidence. According to Troy Hunt, the new Twitter dump seems to be “an aggregation” from other “sources,” especially the massive LinkedIn theft which dates back to 2012. Hunt believes the majority of the information is out of date but it’s still better to remain cautious. There are many ways hackers may be able to use your information, as the hijacked celebrity accounts show.

At ReputationDefender®, we want to help you stay up to date with the latest internet privacy threats. If you are worried that you may be implicated in the twitter hack, here is what you should do:

Secure your Twitter account

twitter hackIf you are able to sign into your Twitter account normally, click on ‘Settings’ and the ‘Security and Privacy’ tab.

There you can edit your details. If hackers have changed your password however, you may be unable to sign in and you will need to reset your password using a link sent to your email. Worst case scenario, the hackers will have redirected the account to a different email and you won’t be able to log in at all. If this is the case, file a request with Twitter under “Hacked Account.”

There are essentially three steps to securing your Twitter account.

  • Enable two-factor verification

    This is a Twitter feature which verifies your identity by sending a temporary password to another account, like your cell phone. It’s easy to activate by adding your phone number and checking “Verify Login Requests” under “Privacy and Security.” Two factor verification makes it harder for hackers to sign-in with your credentials. Unfortunately, it doesn’t make it impossible. DeRay McKesson’s Twitter account was hacked when an imposter called his cell phone company and was able to redirect his text messages to a different SIM card. Still it’s rare for a hacker to go to this much trouble.

twitter hack

  • Secure your password

    Even with two-factor verification, a secure password is your best defense. Regardless of whether your account appears on a data breach site like LeakedSource, you should change your Twitter password right away. Choose a complex password that will be hard to guess through encryption. Above all, don’t reuse a password from another site!

    • Use a password manager to ensure a unique password. LastPass and 1Password are just some of the devices that can be installed right onto your browser or mobile phone. These apps will choose a different password for each of your accounts and remember them for you. Some models will even prompt you to rest your password periodically.
    • If you don’t get a password manager, try this memory trick from security expert Bruce Schneider. Chose a sentence you know well, such as a nursery rhyme or better yet something connected to your profession that no one else would be able to guess. Use the first letter of each word in the sentence as your password. Switch out one letter for a number, capitalize another letter, and you will have your own code that is almost impossible to crack.
  • Third party access

    This allows other apps to access your Twitter account, making it easier for you to share Twitter posts on LinkedIn or Facebook. Unfortunately, it also facilitates inter-account access for hackers. If you go to Setting and Applications on Twitter, you can see what third party apps are active on your account and “revoke access” for ones you don’t need.

If you’re able to go through all of these steps with your account, you don’t need to worry too much about the most recent Twitter hack and password leak.

Please follow and like us:
Brexit or Not – Companies Face 6 New Data Protection Rules

Brexit or Not – Companies Face 6 New Data Protection Rules

With a great deal of discussion taking place about Thursday’s potential ‘Brexit’, one topic which hasn’t made headlines is data privacy. However, you might be surprised to hear that the EU recently updated its data protection policy with potentially global implications. The new guidelines, called the General Data Protection Regulation (GDPR) will unify data policies across all 28 members of the EU, replacing the less stringent UK Data Protection Act of 1998. Unfortunately many people in the UK remain uninformed about the new legislation. In a recent poll, 44 percent of IT professionals responsible for implementing the new standards were unclear on what the GDPR would mean for their company. Meanwhile, a growing number of companies are waiting until after the referendum to tackle the issue, mistakenly believing that the new requirements will not apply if Britain votes to leave the EU.

The GDPR affects any “EU individual”

At ReputationDefender® we take our clients’ privacy rights seriously and we have a good deal of experience with how the laws in various countries can be applied in individual cases. The new rules, expected to go into effect in 2018, will cover anyone living, working or travelling in the EU. Even with an independent UK, the GDPR could be applied to British citizens who spend a significant amount of time in Europe. Meanwhile, any company holding data about people from other parts of Europe will be expected to comply. Even nonspecific data which could be used to identify these people is subject to the ruling.

The GDPR is applied based on who the data is about, not where the company is based or the physical location of the server. This is why it’s expected to have a broad global effect. In an international survey conducted around the time of the bill’s publication, two-thirds of the “IT decision makers” polled said the new rules would make them rethink their data protection policies, while 52% believed they might face fines as a result of being unable to comply. The numbers didn’t vary much among countries inside and outside of Europe: 58% of US companies expected fines, versus 62% in Germany and 53% in the UK.

The same obligations apply regardless of a Brexit

These are 6 GDPR policies UK companies will have to consider regardless of the Brexit outcome:

  • Data erasure – EU individuals will have the “right to be forgotten;” they can request that companies delete data stored about them.
  • Explicit consent – consent for data storage must be clearly stated; implied consent will be considered invalid.
  • Not give under duress – it’s illegal to offer incentives in return for consent to hold an individual’s data.
  • Provide a universally readable copy – individuals have the right to see any data stored about them.
  • Notify authorities within 72 hours – any significant data breach must be reported immediately.
  • Fines – companies that don’t comply will have pay €20 per month or 4% of profits, whichever is higher.

While the GDPR is set to offer a degree of protection for individuals who want to protect their privacy online, it will also be a significant and costly change. It would be unrealistic for any UK company to assume a Brexit will prevent Britain being affected, given the broad scope of the legislation. Check back soon to hear more about what the results of the referendum will mean for your digital privacy.

Please follow and like us:
OkCupid Data Dump Has Users and Experts Worried

OkCupid Data Dump Has Users and Experts Worried

Data theft is a topic that has taken center stage recently, with several high profile cases being reported in the last few weeks alone. LinkedIn and Tumblr (as previously covered on the ReputationDefender® blog) both discovered stolen information from old data breaches were actually on a much larger scale than originally believed. With millions of accounts affected, users everywhere rushed to change their passwords and are now re-examining their online privacy practices. Celebrity account holders were not exempt, as sources say that Mark Zuckerberg, Facebook’s well-known founder and CEO, had several accounts hacked last weekend, believed to be from information gained through the massive LinkedIn data breach. The most recent threat concerns the fine line between legal and illegal practices when it comes to internet privacy. OkCupid data is the latest casualty.

Two Danish students recently published a data base containing information from 70,000 OkCupid users, including user names, age, gender, location and answers to some personal questions. Although the information was technically collected legally, many people believe this is an improper use of sensitive personal data, and the Danish Data Protection Authority, Datatilsynet, recently launched an investigation to determine if any laws were broken.

How public is OkCupid?

OkCupid data
Image courtesy of Pedro Ribeiro Simões at Flickr.com

OkCupid is an international dating and networking site that was founded by several Harvard students in 2007 and came under the same ownership as Match.com in 2011. It creates matches based on how users respond to quizzes and multiple choice questions. From November 2014 to March 2015, Emil O. W. Kirkegaard and Julius D. Bjerrekᴂr used an automated scraper to collect information from OkCupid profiles on a random basis. They targeted users who had answered the largest number of personal questions, covering a whole range of extremely personal topics. The two students then used this big data set in a self-published research paper exploring how easy it was to determine intelligence and cognition levels from the answers.

OkCupid data is available on a semi-public basis. Account holders must register and sign a user agreement, but once they log in, they are able to search the profile pages of other uses which will display the same information Kirkegaard and Bjerrekᴂr collected. Paying or A-list members have added benefits, including privacy control over who can see their profile page.

How far should researchers go?

Most people don’t fault the students for collecting the information which was accessible to all OkCupid users. It’s the fact that the OkCupid data was subsequently republished on an open site where it became even more available that has many people questioning both the ethics and the legality.

The students claim they want “other researchers” to “use the dataset for their own purposes,” but many academic researchers are openly criticizing their choices. Scott B. Weingart, a specialist in digital culture from Carnegie Mellon University claimed the information could be used to deduce the real identities behind at least 10,000 OkCupid profiles. Rasmus Munksgaard, another researcher who has also used scraping to amass large data sets from dark web sites, says the publication allowed “de-anonymization” without consent since there was no way for OkCupid users to “opt out” of the study.

The students also failed to take certain steps that have been used to protect privacy in past research. A 2008 paper relied on data gleaned from Facebook, but identifying characteristics were deleted and researchers using the information had to sign a terms of use agreement.

What laws protect OkCupid data and users?

Open Science Framework has removed the data following OkCupid’s claim that the two students violated the site’s terms of service agreement. OkCupid believes the students may also have violated hacking and privacy laws in the United States, but as yet it remains unclear whether or not this could be grounds for prosecution. The Danish DPA has taken up the case voluntarily and reportedly sent a questionnaire asking for more information about the students’ methods of data collection and storage.

It might seem obvious that publishing anyone’s personal data without their consent should be illegal, but the laws surrounding the use of information on the internet vary widely among different countries, provinces and states. Stricter protections in the US might give OkCupid grounds for filing a lawsuit since it is based in that country; on the other hand this might not apply to users in other countries. The Datatilsynet website guidelines state that the Danish DPA should be notified if any “sensitive information is processed in a research or statistics project” which was not done in this case. Meanwhile as Weingart admits, the ethics surrounding university research is “slow-moving and difficult to change.”

okcupid data privacy
Image courtesy of nikcname at Flickr.com

Protecting yourself on the internet

This case highlights the need for more uniform legal and ethical guidelines in regards to data collection and internet privacy. Big data sets have become standard in many research projects and internet sites like OkCupid are an ideal place for researchers to gather data from a large, varied sample of people.

Given the many grey areas that exist, it’s very important for internet users to be careful about what they share on a profile page that is essentially public, such as OkCupid. For any personal account, choose a user name that can’t be connected back to your real identity and avoid sharing too many details. Consider becoming a paid member so you have more control over who can see your page.

Please follow and like us:
Tumblr Data Theft Announcement: ReputationDefender®’s Guide to Protecting Your Account

Tumblr Data Theft Announcement: ReputationDefender®’s Guide to Protecting Your Account

Only a few weeks after LinkedIn hit the news with the largest data breach ever, ReputationDefender® can report that another password theft has come to light, this time on the blogging site Tumblr. Since its founding in 2007, the Yahoo owned platform has served as a space for account holders to share multimedia posts and short articles. A few weeks ago, on May 12th, Tumblr announced it had discovered a hack that took place back in 2013, claiming the stolen information included email addresses and passwords for an undisclosed number of users. The Tumblr data theft may have serious consequences for the company.

The extent of the damage has not been confirmed, but independent sources reveal that the Tumblr data theft covers a substantial portion of the 2013 account holders. According to Troy Hunt, an Australian based security expert, more than 65 million Tumblr users are at risk. This makes the Tumblr data theft the third largest data breach ever, after the recent LinkedIn discovery and the Adobe theft, both of which included over 100 million users.

Why the Time Gap?

Besides the large number of people at risk, the most notable factor is the date. 2013 is already three years ago, ancient history in the world of internet security. In a Security Sense column posted May 20th, Troy Hunt explained some of the reasons for the delay, which was also a factor for the LinkedIn case. “We’ve seen this pattern play out many times before,” remarked Hunt, citing other examples, notably two gambling sites that discovered a 2009 data breach six years later.

Unlike your house or office, there’s no alarm that goes off when hackers gain access to your information. Electronic data can be replicated billions of times, so companies often have no idea information has been stolen until it appears on the dark web. This is what happened with Tumblr. A hacker going by the name of Peace recently began selling passwords and associated emails for the price of $150, citing difficulty with cracking the passwords for the low value. The recent LinkedIn data release was also attributed to a hacker going by the name of Peace, but in the shadowy underground internet, it’s hard to know if these incidents are really connected or not.

How Safe is Online Information?

According to Hunt, the passwords for sale are far from secure. Tumblr’s 2013 practices were more responsible than LinkedIn’s in 2012, but they did not conform to today’s high security standards. Tumblr was using a “hashing” algorithm to scramble the passwords as wells as an element that added individuality to each entry, known in cryptography as “salt”. Tumblr has not confirmed exactly which algorithm they were using in 2013, but the hacker claims it is SHA1, one of earliest hashing algorithms that was already considered somewhat vulnerable as far back as 2010. Most browsers have declared they will not accept SHA1 as a security certificate after 2017.

So if your details are those that have been compromised by the Tumblr data theft, there’s still a good chance someone with today’s technology could manage to crack the code. On other hand, this hacker has likely spent the last three years working with the data and probably already decoded the easiest passwords, only putting the information up for sale because it was no longer worth his time. The risk for Tumblr users may not be great. As Hunt points out, the biggest security risks are the data thefts from sites we don’t yet know about. “By the statistics alone” he says this is “a non-zero number”.

Worried Your Details are Part of the Tumblr Data Theft?

Remember – it isn’t just your bank details that are at risk here. Stolen data can potentially open you up to identity theft, spear phishing, cyber stalking and reputational damage. At ReputationDefender®, your privacy is our priority. The ReputationDefender® ExecutivePrivacy product allows individuals to remove personal and confidential from the internet, protecting against these associated risks. By working together with privacy experts and maintaining good password and security practices, you are building multiple layers of protection.

With this in mind, we have some advice on proactive security that can help protect your accounts:

  • Reset passwords frequently – after the data theft was discovered, Tumblr sent out a letter requiring an account reset. Even without this letter, you should be resetting your password on Tumblr and other accounts every few months. Many people see blogging sites like this as low risk, but if hackers can gain access to personal information through Tumblr, it may help them reach other sites. If all Tumblr users changed their passwords frequently, any data stolen in 2013 would quickly be obsolete.
  • Avoid using the same password – using a similar password on several different accounts may make it easier for you to sign in, but this will also make it easier for a hacker to use stolen information. Many Tumblr account holders may be racking their brains to remember what other accounts they set up with a duplicate password back in 2013. It’s easy to avoid this by not using the same password more than once.
  • Avoid using generic passwords – a surprising number of people still use 123456 or password to access their accounts. This only makes it easier for hackers to guess at the algorithm since there are so many people with the same password.
  • Consider using a password manager – password managers can help, since anything you can remember will be much easier to guess than truly random characters. Many password managers will also help remind you to reset the password on your different accounts.
Please follow and like us:
Concerned About Data Privacy? Here Are 3 Mistakes You Could Be Making

Concerned About Data Privacy? Here Are 3 Mistakes You Could Be Making

You don’t overshare on Twitter and your Facebook page has enough security settings in place to rival Fort Knox. You’re pretty good at maintaining your data privacy, right? Maybe not as good as you think. Following on from our last article on the ReputationDefender® blog, ‘Online privacy: paranoia or legitimate concern?’, here are a number of common ways we are accidentally sharing personal data every time we log on without even realizing it:

3 POTENTIAL THREATS TO YOUR DATA PRIVACY: 

#1 Connecting to WiFi hotspotswifi data privacy

Beware of WiFi hotspots. As well as the obvious dangers that come with unencrypted and unsecured internet connections, you’re also opening yourself up to other issues. Always check the operator’s terms and conditions of use. When accessing the internet via a mobile device or smartphone, your internet service provider will collect data about your usage. This is used to build up an overview of your browsing habits and tailor advertisements to you. You may find this helpful, as it ultimately enables them to alert you to offers you might benefit from, or you may just find it intrusive.

#2 Accepting cookies every time

Cookies are used by the vast majority of websites to deposit data regarding your online activities onto your hard drive. Many forms of cookie are innocuous and often improve the user’s online experience by making life easier for them by remembering usernames and passwords in order that these may be auto-completed in future (obviously you should never use this facility on a public device), or remembering the contents of your shopping cart so that you can simply log back in and buy those items at a later date. Cookies can be used to customise the display or keep track of the last page the user was looking at. However, some cookies called “third party cookies” communicate data about your online activities to advertisers. These can be helpful, or downright annoying. Many browsers include facilities to detect and delete cookies, particularly third party cookies. Ghostery is one tool which scans webpages for cookies and provides information on how to block them.

data privacy online shopping
Sites use cookies to record information about your browsing habits – Image by Dressformer – CC BY-SA 3.0, via Wikimedia Commons

#3 Using Search Engines carelessly

All search engines retain personal data. They argue that it’s necessary to thwart security threats, provide a better service and combat internet scammers. Nevertheless, major search engines have been discovered holding user information for over a year. To avoid your online browsing being connected to your email contents, it is recommend that you log out of your email and clear your cookies before browsing.

By taking a few simple steps, you can improve your data privacy. Remember, not all data collection is necessarily bad. However, the way this information is retained and used can be entirely beyond your control in the future. By taking a proactive approach, you could be protecting yourself further down the line.

Please follow and like us:
Online Privacy: Are We Just Being Paranoid?

Online Privacy: Are We Just Being Paranoid?

Each day we unwittingly share personal information about ourselves online. This information has a potential audience of millions. The subject of online privacy has hit the headlines frequently in recent months due to Google’s change in stance over what information the company allows access to via its web services.

Google’s privacy policy states that express permission is required from its users to release their personal information to its affiliates. Nevertheless, here at ReputationDefender® we’ve seen a slew of companies such as Google, Microsoft, Yahoo and Facebook come under fire in recent months for expanding their data collection techniques without giving users fair warning.

Simon McDougall of Promontory, a financial service consultancy, recently stated in interview that public concern over the issue is well-founded. McDougall, speaking with the BBC, pointed out that many people have been using free services via the internet for a considerable time, without questioning how those services are paid for.

 

online privacy
Image courtesy of Geralt at Pixabay

The rise of online privacy & data collection in Europe and Asia

Everything comes at a price – it all boils down to whether the user is happy to trade their privacy for free online services. Jeff Chester of the Center for Digital Democracy, realizes all too well the massive expansion in data collection systems throughout Europe and Asia in the past few years. Chester maintains that the issue runs deep: it’s really about ethics and even democracy. Speaking on the issue in interview recently, Chester cited a clear threat to privacy of endemic proportions via a pervasive commercial surveillance system which had been created without web users’ knowledge, let alone consent.

One of the key stumbling blocks lies in the difference in interpretation of privacy between America in Europe. Chester states that in the United States, whilst privacy is considered a right, it’s the free market which determines internet policy, on the whole. In Europe however, the right to privacy is cited as a fundamental human right which is enshrined in far-reaching legislation. Safeguards in the EU are deeply embedded, with civil liberties deemed to be of the utmost importance.

Chester states that Europe is pushing the internet privacy debate whilst the US is more inclined to self-regulation and trusting internet moguls such Facebook and Google to have enough wherewithal to tread the line for fear of alienating their market. He is resigned to the fact that the battle for greater privacy online has already been lost, pointing out that data collection throughout Asia and Europe in recent years has been eye-watering. Chester acknowledges that all we can do now is put as many safeguards in place as we can to ensure our personal information is protected.

Please follow and like us:
How to keep your personal and professional profiles separate?

How to keep your personal and professional profiles separate?

Most of us have our personal social media in check with permission settings giving limited restriction to our kid’s pictures, personal information and commenting privileges given to only those we know and trust. When we make the decision to make an online professional presence, we have a lot of things to consider. From how much of my personal information I want out there now that I am going public to what social media I should use for everything I need and want to do online. These questions can take you making brand new profiles, changing your privacy settings or even deleting your personal accounts to avoid confusion, especially when your name is your brand.

Why separate personal and professional profiles?

Online social life is merely a reflection of your real life relationships, so would you want co-workers knowing what your wife or husband calls you as a pet name, or going through your old family photo albums? They would never look at you the same way again. Reason why, same as we would in real life, we should separate our personal and professional lives. Another big reason is to segment your posts to an engaging audience who is truly interested in what you have to say, and say if you’re in finance, most likely your aunt won’t appreciate tons of financial-related posts in her News Feed. By separating your profiles, you can ensure that your professional voice and message is getting through to those who are interested in what you have to say, not to all your friends who are more interested in seeing the pictures from your birthday party.

Image courtesy of Mark Smiciklas at Flickr.com
Image courtesy of Mark Smiciklas at Flickr.com

 

How to separate them?

There are actually a few ways to begin the process of separating your accounts and profiles, and it will depend on the level of privacy you want for your personal profiles and the social media you consider to be important to share your messages.

All work and no play

The first, and most radical option, is to delete all and any personal accounts. Open brand new ones only for professional use on networks that will allow you to have the most presence. Most prefer Twitter since it allows you to showcase your ideas, especially if you want to be known as a thought leader. But you shouldn’t leave out LinkedIn, and even Facebook. With Facebook’s business features you are sure to attract a lot of people and showcase articles and things you are working on.

Half and half

In this strategy, you are not going to be deleting your accounts, but instead will up your privacy levels, while adding professional profiles to your online presence. Most will open with their personal Facebook account a Page and this way have two “separate” profiles with completely independent posts, friends and News Feeds. It’s important to remember that even though they are separate to your community, in the backend you are still using your personal email and password to log on, so in case you one day want to transfer management of the account to someone else, you’ll have to give him or her your login information.

Night and day

Finally, you could keep both profiles completely separate. Create a brand new identity for yourself online and make sure they don’t cross anywhere. If you are your own brand, but you want to make the difference try including the initial of your middle name or shorten your first name from Thomas to Tom. By making it different, you’ll be able to easily differentiate between your accounts and you’ll have a new persona that can be shown to the world, without affecting your personal profile.

Once you’re set, how to maintain them?

Well, independent of the choice you made as to how you decide to put your professional profile out there, you should follow some basic rules so as not to undo all your hard work of trying to separate the two.

Do not …

Share pictures with family and friends. Keeping your personal life personal is at the top of the list. Leave these pictures for your personal profile page.

Discuss personal opinions on sports, politics or religion. As a public figure you should not take part in any conversation that can offend or disrespect your current or future clients. (Unless that’s what you are aiming for as a comedian who focuses on politics, or a radio show host whose talk show is about sports)

Discuss wild nights out and about. Showing a side of you while you’re off the clock can definitely give an image of being unreliable or even worse unprofessional.  

In general, if you’ve made the decision to separate your two profiles, be sure to uphold that while posting, sharing ideas and reaching out to your communities.

Please follow and like us:

ReputationDefender LLC, 1001 Marshall St., 2nd Floor, Redwood City, CA 94063

© 2016 ReputationDefender LLC. All rights reserved.