Last Updated –
What if before handing over the item to you, the delivery guy pops open the box, takes a peek, and then shouts to your neighbors:
“Si Juan bumili ng bagong underwear!”
Absolutely embarrassing, I know. And even if you got the guy running away with a black eye, that silly smirk from your neighbor’s face says it all.
The damage has been done.
But while it’s near-impossible to happen in real-life (unless the delivery guy is an utter sociopath), this kind of thing happens right under our noses.
If you use Facebook, Instagram, Google, YouTube, shop online, browse the web, or just basically work and do stuff online (both on your smartphone or computer), then there’s a good chance your personal or sensitive information has been shared to both private or public entities that you may or may not be aware of.
Consider this new ad from Apple (which parallels that of our scenario earlier):
Here’s a more common example:
Ever wondered why after checking out a particular item in Lazada or Shopee (or any online shop), ads for similar or related items suddenly start popping up whether you’re browsing the web or checking Facebook?
That’s “retargeting” in action. It’s an advertising tactic that works by tracking “cookies” (a tiny text file that stores your web session information) and then uses that information to show you ads for related products or services.
And this is just one example of how our data can be used for other people’s benefit with or without our knowledge.
And in this article, we’ll share with you an extensive list of some of the most effective tips for protecting your privacy and personal data.
What is Data Privacy?
Data Privacy is all about obtaining, handling, retaining, deleting, and storing information in the most appropriate way possible and in accordance with the law.
The concept of Data Privacy is particularly important in the digital age where most of the transactions happen online. When you sign up for a Savings or Checking account, for example, you’ll be required to provide sensitive personal information about your lifestyle and livelihood (employment or income source).
You wouldn’t want any person or entity to know about this highly-sensitive information, right? And that’s why it’s important that your personal data is to be guaranteed safe and protected by the bank (or any institution that requires your information) against unauthorized access.
Companies and businesses run stringent measures to ensure that both the personally identifiable information of their employees, as well as the business’ own trade secrets and financial information, are protected.
What is Data Protection? And Why is it Important
If Data Privacy refers to the manner by which data is handled and managed, then Data Security is all about implementing the necessary systems, rules, and safeguards to protect that data.
It’s how data is secured and protected against unauthorized access. This includes information about us like our names, addresses, DoB, email, cell phone numbers, among others. As individuals, we should be able to decide the extent to which we want to share information.
The concept of data protection stems from our right to privacy as individuals. It’s about preserving our values and rights as people, like our freedom of speech and personal views.
Companies, corporations, organizations (both private and public), and the government implement strict measures to safeguard both internal and customer data.
Without the necessary data protection, our personal information can be easily accessed and manipulated for various reasons and without our knowledge.
Imagine other people accessing your bank accounts, personally identifiable information (PII), social media accounts, and work-related documents for their own gain.
Aside from being able to steal from you, they can also use your information for stealing from others. Theft identity is a very serious matter and if left unchecked, can cause all sorts of grave problems to the unwary victim.
Data Privacy vs. Data Security
Data privacy and data security are so highly interlinked that most people think they are the same thing.
However, there are certain distinctions between them, and understanding it allows us to grasp how they work together to secure and protect our personal information.
One way to easily remember how these two terms differ is to think of data protection as a technical matter (systems, methods, strategies, or steps for protecting information) while data privacy can be considered as a legal issue (compliance, terms and agreement, rules, laws that govern how personal data should be managed).
As we’ve defined earlier, Data security refers to the steps and efforts made for protecting and securing data.
Data privacy, on the other hand, deals with the regulations and compliance standards that are implemented to make sure our rights to privacy are acknowledged and managed.
[Study] How Important is Online Privacy to Filipinos?
Online Privacy is such an important consideration nowadays and we wanted to find out if people are taking the necessary steps to protect it.
To do this, we surveyed 1,037 individuals to share their thoughts on a couple of questions related to data privacy. Here’s what we found out.
An overwhelming majority of respondents (96.6%) said that they take precautions in protecting their privacy online. The remaining 3.4% confirmed that they don’t enforce any methods or efforts when it comes to securing their privacy online.
When asked which type of data they are most protective of, the majority of respondents (37.8%) confirmed that it was Identification documents — driver’s license, passport, and similar IDs.
Next were any financial-related information like income statements, account numbers, transaction history, etc., (20.2%). Contact details like phone numbers, email addresses, physical addresses, IP addresses, etc., comes next at (17.7%). See the image below for the rest of the results.
When asked with the question: “Would you consider selling your personal data?”, most of the respondents (83.9%) said that they won’t. Some would consider it (8.7%) while the rest of the respondents were not sure (7.4%).
We surveyed 1,037 of our readers about their online privacy. Respondents were:
- Gender: 66.9% (694) women and 28.9% (300) men. 3.2% non-binary and 1% prefered not to disclose their genders.
- Age: 40.1% of respondents were in the age range of 18 – 25 years old. Whereas the second highest were in the age group of 31 – 40 years old (20.5%)
Based on the results, it’s good to know that almost everyone who responded is aware of the importance of data privacy and are taking measures to protect it.
And to help our readers implement the necessary steps and actions to keep their personal data and privacy secure, we’ve compiled this helpful list of online privacy best practices for easy reference.
52 Data Protection & Online Privacy Best Practices
- Install Anti-malware software
Malware refers to software that damages, disrupts, and gains access to a system. Installing antivirus or anti-malware software can help combat them and keep them at bay.
- Constantly update your OS
There are thousands of instances of new malware being created and detected on a daily basis. One of the ways to keep your system protected against them is by regularly updating your operating system.
- Use Data Encryption Software
Data encryption is the process of encoding data so that users without authorized access or code won’t be able to access it.
If you’re constantly working with highly-sensitive information (or just simply need high-level data protection), data encryption is a must
- Regularly Back-up Your Data
Aside from keeping it safe via the use of encryption software, it’s also important to make backups of your most important data files.
You’ll never know when the random glitch or unfortunate event will occur so making sure you can easily recover sensitive and highly-important information is crucial.
- Consider Passphrases over Passwords
A passphrase is a series of words used as a password and typically used with some mnemonic system to make it easy to remember. For example, combining four or five unique words into one word (the more random, the better) is ideal.
It provides an advantage over passwords which are either made to be easy to remember (but easy to crack as well) or too random and strong (but results in the user not remembering it).
- Don’t Save Passwords On Devices
The ability to save our passwords in our mobile phones and computers makes a lot of things more convenient (logging in to sites and apps that require passwords, for example).
However, one disadvantage is it exposes it to a higher risk of unauthorized access when your device gets compromised (via malware attack or phishing, among others). It might be less convenient, but the trade-off for reducing the risk of hacking and unauthorized access to your account could be a worthy trade-off.
- Be Aware of Your Privacy Settings
Do you ever check the privacy settings of your apps, browsers, and devices? Well, you should. It pays to double-check these settings to make sure your access is not being compromised by third-party users.
- Keep Your Devices Locked
When not in use, keep your devices safe by turning on its automatic lock setting.
You’ll never know when someone might try to get a hold of your device without your knowledge so having that initial layer of protection definitely helps to keep it safe from prying eyes.
- Turn-off Bluetooth When Not In Use
Just like other types of wireless connections, Bluetooth is also vulnerable to unauthorized access and hackers. It can be used to connect to your device and then scrape off all your personal data. Always turn it off when not in use.
- Customize Your Push Notification Settings
Plenty of apps and services nowadays offer push notifications that provide updates to the user.
While useful, it could be a security liability when important information pops up on your phone’s screen and someone else can see it. To be safe, you could perhaps adjust key notifications from your most sensitive apps (banking and finance apps, etc.,) to make sure that only you can view them.
- Use Your Device’s Automatic Lock (after a period of inactivity)
Pretty straightforward and an absolute must. Protect your device by setting up an automatic lock after a specific amount of idle time.
- Be Wary of the Apps You Install
More than a decade ago, torrents and file-sharing apps were all the rage. Back then, there’s a high chance that all those free stuff being passed around had malware on them, simply because anyone with a working knowledge of hacking can easily manipulate the file for their own benefit.
Nowadays, piracy is still a concern and so are the hacking practices of days old. But with the advent of mobile computing, there’s now a wider platform for such things so make sure that you install apps only from reputable and trusted sources.
- Reset and Wipe/Overwrite Devices Before Discarding Them
Did you know that simply formatting a drive doesn’t really delete all the information previously stored in it? No, it really doesn’t.
There’s a long list of data recovery apps and services out there that can easily retrieve formatted information.
And that’s why if discarding old devices, you should have it wiped or overwritten with data to completely remove old files and information.
- Don’t Use Your Personal Data As Password
It’s not good practice to use easily guessable information like your birthday, SSS number, your favorite color or number, or other similar information for your password.
Someone with a decent amount of knowledge can use that to snoop into your private stuff by accessing locked apps or equipment.
- Be Mindful of Sharing Your Personal Details
Be extra careful when completing online or paper forms, providing your email address, or giving any other personally identifiable information as you can never be sure how your data is going to be used. Provide as little info as you can when possible.
- Don’t Stick to Just One Password
Sure it makes logging in so much easier, but you’re basically increasing the likelihood of getting hacked across various accounts. For better security, use different passwords for each platform that you’ll use.
- Shred Paper Documents
The presence of personal information in documents like contracts, bills, statements, especially finance-related paperwork is simply too sensitive to be disposed of the normal way.
To ensure nobody can use your personal information without your knowledge or for other personal gains, make it a habit to shred all paper documents containing highly-sensitive data.
- Leverage Automatic Email Alerts for Transactions
I personally have set up automatic text and email alerts for any form of withdrawals from my savings and checking accounts. This allows me to monitor the usage of my ATM should someone else use it without my knowledge.
That way, I can quickly request a suspension of the lost or missing card and prevent any further transactions. The same concept applies to plenty of other platforms so make sure to take advantage of it when you can.
- Review your financial statements on a regular basis
Aside from setting up the necessary alerts, regularly checking your financial statements and bills allows you to verify all the transactions being made on your account.
This way, you can quickly act if you see any suspicious activity and execute the appropriate solutions.
- Don’t Save Passwords in Your Browser
Almost all browsers nowadays let you store your login credentials so you can easily access the website anytime.
However, this exposes you to the risk of hacking when any of the particular websites you store your login credentials on gets compromised. As an alternative, you can try password vaults and manager programs that guarantee your data is encrypted.
- Only Shop on Websites You Trust
As tempting as it might be to hit the buy button on an e-commerce website, it’s still good practice to verify first the legitimacy of the site to protect yourself from fraudulent transactions and malware exposure.
Only shop on websites that are proven safe and secure.
- Be Mindful of What You Share on Social Media
With the advent of social media, the line that distinguishes what is appropriate to be shared online and what is not has been forever blurred.
As a general rule, we should always be conscious of the details we share about ourselves and our loved ones. Especially if it pertains to somewhat privy information that can be leveraged for hacking and other malicious practices.
- Tweak Your Privacy Settings in Social Media
Check and tweak your privacy settings in social media to add filters and additional safeguards that can help protect you against being tagged on sensitive material or oversharing personal details.
- Block Unknown Users on Facebook
As a general rule, if you don’t know them, just block them. The trade-off of exposing yourself to potential hacking or suspicious activity/conversations is simply not worth it.
- Use Two-Factor Authentication
It’s a security protocol that provides two different ways of authenticating the user.
Instead of relying on a single layer of protection (e.g password), 2FA adds another element, either a biometric login requirement or security code.
- Secure sensitive data locally
While cloud-based technology offers a great way of storing all sorts of stuff online, having back-ups in physical storage should still be practiced.
It gives you full control of your data and gives you the flexibility to store it in a secure manner that you prefer.
- Don’t Use Public WiFi for Transactions
A WiFi connection is one of the easiest ways that hackers can access your device and steal your personal data. That’s why it’s never advisable to conduct any sensitive transaction using a public connection.
Not only are you not sure of the source of the connection (could be the hackers themselves), public WiFi is generally considered less secure and exposed to potential unauthorized access.
- Always Sign Out After Each Session
Don’t forget to log-off your credentials especially if you used a public device. This is a very easy way for others to access your account.
Be extra mindful and remember to log-off (even in your own device) if it involves dealing with sensitive data or transactions.
- Delete Suspicious Emails from Senders You Don’t Know
As tempting as it may look sometimes, the risk of exposing yourself to malware and unauthorized access just by opening emails from an unknown sender is not worth the trouble.
When in doubt, just send them to your spam folder or delete it completely.
- Don’t Fall for Fake News
Anyone nowadays can make claims on social media. With all that noise, sometimes it can be hard to distinguish the truth. Almost everything can be faked
- Look for HTTPS
The “S” in HTTPS stands for “secure”. It acts as a badge that means the website is using a secure connection and has better protection against unwanted tampering from third-parties.
This is especially important in transacting on e-commerce sites as a secure connection bumps up the site’s defense against snoops and unauthorized access.
- Be Mindful of Clicking Links in Emails
Aside from blocking unknown senders, you should also be wary of opening links from senders as you’ll never know where that link could lead and do to your browser once opened.
Only open links from sources that you absolutely trust.
- Avoid Downloading Stuff from Shady Websites
It goes without saying that you should refrain from downloading stuff from websites that freely share paid content because aside from the shady method used to obtain it, these are not official apps, files, or software from legitimate sources.
There’s a high chance of a malware event since anyone can upload to these sites and embed all sorts of programs or code that could steal your personal data.
- Use Disposable Emails
You can use “disposable” emails if you constantly sign up for various newsletters or websites. This way, your inbox won’t be bombarded with all sorts of spam or marketing material.
- Avoid Logins using Your Social Media account
While admittedly convenient, using your Facebook or other social media account to log-in to a website or use a particular service is not a good idea.
You’re basically allowing the company to gather your information (and track your activity) in exchange for accessing their site.
- Go for Encrypted Cloud Service
Web services that allow you to store and encrypt data provide us with a convenient and secure way to keep and access our data.
Being web-based means you don’t have to worry about physically storing it and makes it easy to access through your devices.
- Change Passwords After a Data Breach
Data breaches seem to be an inevitable occurrence nowadays no matter how big or small the company might be. Should a data breach occur, immediately change your password to reduce the likelihood of data theft.
- Request a new card immediately if lost
If you lose your debit or credit card or other similar IDs or documents, you should report it right away so they can tag it as lost or invalid and prevent any unauthorized usage.
- Change your router’s default password
Routers, pocket WiFi, and similar devices typically come with easy-to-guess default passwords out of the box. Make sure to change them and use strong combinations that are hard to crack.
40. Be wary of pop-ups on websites
Ever noticed those scary-looking alerts that pop out nowhere when you’re browsing online?
These are called “scareware”, and its goal is to bait you into clicking a link for downloading software that will “clean” the virus from your computer.
This is fake and installing the said software will likely get your computer infected.
41. Use an an-blocker
To help deal with pop-ups and ads (as mentioned in the previous tip), you can try installing an ad-blocker in your browser to prevent them from showing in your screen.
42. Check if your account has been compromised
This website lets you check if your email address has been compromised. It will show you a list of websites that you joined/signed-up for in the past (or recently) which were exposed to cyber attacks.
This way, you’ll know which ones require an update on your login credentials (just to be on the safe side)
43. Be wary of Facebook third-party apps.
It’s all fun and games until you realize signing up for their services isn’t really “free”. Some 3rd-party apps can sell your email address (or other info you provided to use their service) to data companies.
Be extra-cautious and don’t always willingly give up your personal data to use a “hot” new app. It’s probably not worth it in the long run.
44. Only join FB Groups you actually find useful
While they can be useful for learning about niche interests or buy-and-sell, FB groups increase your profile exposure to identity thieves that could be lurking in those groups.
45. Customize your Social Media Privacy settings
Don’t let anyone easily view your personal information through Facebook. Especially if you’re the type of person who regularly shares details of their personal life.
Learn about the different privacy options (timeline, tagging settings, etc.,) in your social media accounts and customize them to your preference.
46. Don’t use your work email for personal matters
Work emails are usually monitored by your company’s IT personnel which is why you shouldn’t use it for personal needs.
Not only is it unprofessional if they catch any personal stuff getting into your inbox, but you’re also risking exposing personal information to other people.
47. Clean up your Browser Extensions.
Most people are probably not aware but there are hundreds, if not thousands, of browser extensions that look legit but are actually set up to steal your personal data or execute remote code, among others.
Before installing anything, check for reviews and be wary if it asks for several permissions in order to run.
48. Delete your Browsing Data.
Cookies store your browser activity, patterns and behaviors so it’s best to clear your browser’s cache after each session to keep third parties from tracking your behavior online.
49. Uninstall unwanted programs from your PC.
Regularly check the list of all the programs in your computer. Performing a routine check to ensure you don’t have any unknown or unfamiliar apps running in the background helps in keeping your data and personal information protected.
50. Use Windows Firewall and other built-in security features
In most cases, Windows built-in Firewall along with protection is sufficient in keeping your network safe and clear against unwanted access into your network.
51. Keep your wireless network protected
First, use a strong password for your router. Occasionally check for the number of devices connected to your network to make sure there’s no unauthorized access.
Every once in a while, change to a different password just to make sure. There are also 3rd-party apps out there that let you tweak and monitor your network for better customization and security.
52. Be extra careful with handling company data
Data privacy and security is a big deal among companies especially if you’re working on sensitive customer information.
Never share any company-related files and documents to anyone unauthorized for access and be extra careful with handling company data if you need to work with them at home or someplace else.
How to Mask/Hide your Identity Online
Masking or hiding your identity online is another way to protect yourself against all sorts of attacks that aim to steal your data or invade your privacy.
The following are tested and proven ways to cover your digital tracks so that snoops will have a much harder time learning about you and stealing your information.
Use Incognito Mode
Almost all browsers nowadays feature an “Anonymous” or “Incognito” mode that deletes your browsing history and patterns after closing the session.
This way, you can mask your interactions with the internet and keep third party services from tracking your behavior for the purpose of serving you targeted ads (among others).
Use a VPN
A Virtual Private Network (VPN) is essentially a program that masks the location where you’re browsing along with the IP address you’re using.
Location data is a crucial part of the tracking systems that third-party companies employ to learn more about your browsing habits and patterns. Using a VPN will “throw off” any trackers by changing the default location and IP settings you have on your device.
TOR is a modified version of the Firefox browser that allows users to anonymously browse the web through a special configuration of servers.
This essentially blocks the ability of traditional third-party trackers to get your information like location data or web browsing activities.
Use Disposable Emails
We mentioned this earlier, but it’s worth noting here again since email is one of the easiest ways for trackers to get more information from you and potentially use it to steal your data.
There are several free services that let you have your very own disposable email address so you won’t have to use your real one all the time (if you merely need to access a website or sign up for a free service, for example).
This way, you can decrease the likelihood of receiving spam emails and at the same time protects you from phishing and similar acts of unauthorized access.
Use TAILS for your OS
TAILS is a variant of the open-source operating system, Linux, and it’s focused on giving users anonymity and privacy online. It can be installed on a flash drive and runs smoothly even on old hardware.
Using TAILS, you won’t be leaving any traces on the computer which includes activities like: websites you opened and visited, files you accessed, passwords, Wi-Fi networks, and connections you used.
Keep your devices updated and protected from malware
Nowadays, you can never be sure if an app is legit or not. Even if it comes from a reputable source, there’s still the possibility that it contains malicious code.
To protect yourself, always keep your device’s operating system and anti-virus/anti-malware software updated so you’ll have that first line of defense against these offending software.
Use Alternative Profiles
You can use aliases or alternative profiles to add that additional layer of anonymity when browsing or interacting online.
While it won’t necessarily prevent tracking software from knowing your actual credentials, it’s still a quick and easy way of preventing snoops from easily knowing about you.