In 2013, Americans were shocked to learn that the National Security Agency conducted mass surveillance of its citizens by intercepting and monitoring Internet and phone traffic within and outside of the country’s borders. When challenged, government officials justified the collection on the basis of national security and ongoing threats of foreign terrorism within the U.S., believing these threats to be aided by both American citizens and foreign nationals within the country.
The disclosure ignited a debate between those advocating the need for the government to access such information and those who deem such acts a violation of the Constitution’s Fourth Amendment and an implied right to privacy. Whether the program is going be modified in the future remains uncertain.
The Risk of Identity Theft
The surveillance incident follows a growing concern for many about the possibility of their identity being stolen. Identity thieves have the potential to plunder bank accounts, run up credit card balances, and perpetrate malicious mischief on innocent people or in their names. According to a recent report based on data from the U.S. Department of Justice and Javelin Strategy and Research, about 11.5 million people are victims of identity fraud each year, with total financial losses of $21 billion. The personal stress and inconvenience suffered by victims is incalculable, to say nothing of the effort required to restore their good name and credit after the fact.
Our fear of identity theft is fueled by a constant flood of advertisements and media dramatizing such events. Movies suggest that the possibility of being electronically erased is not only possible, but common. 1995’s “The Net,” starring Sandra Bullock, was the first of many films in which characters are forced to contend with the consequences of identity theft. Since that time, an industry dedicated to identity protection and recovery has evolved to assuage our fears. Companies such as LifeLock, IdentityForce, ProtectMyID, and others offer protection to worried individuals while banks, credit card companies, and credit monitoring services proclaim their security superiority.
The possibility of mass surveillance and incidents of identity theft are the consequences of living in a digital world. This is a world of interconnected electronic networks, massive databases, and sophisticated software that can search and link billions of data instantaneously. If you use a cell phone, drive a car, use credit cards or ATMs, or participate in social networks or retailer affinity programs, you leave traces of your identity behind. These traces can be assembled to depict a relatively accurate portrayal of your activities, movements, likes and dislikes, and your friends and associates.
While such technology makes our lives easier and more convenient, our digital footprints leave a path that dedicated predators (or simply curious data voyeurs), as well as hundreds of marketers, can use to gain access to your likes, dislikes, and idiosyncrasies. As a result of that path, sales pitches can be aimed specifically at you, or more sinister efforts may be engaged.
The Benefits of a Digital Society
For many people, however, the benefits of living in the digital world are substantial. Cell phones are ubiquitous. Everyone can reached almost instantaneously around the clock, bringing families closer together regardless of location and financial status. Printed paper maps, often out-of-date and difficult to interpret, have been replaced by electronic maps featuring verbal and audio directions and real-time physical location tracking so that getting lost is becoming increasingly rare. Social networks enable people with similar interests and personalities to connect despite distance and physical obstacles.
The ability to view and select products on a computer with immediate price comparisons and electronic payment options has changed retail practices irreversibly. Individuals and small companies can compete directly with larger competitors for the attention of prospective customers, encouraging greater product diversity and lower prices. Virtually every aspect of the human experience has been changed by the digital revolution.
Amazon, the world’s most successful digital retailer, aggressively seeks to figure out what customers want before they know they want it by tracking more than 500 metrics. Its business model focuses on personalizing Amazon for each user based upon a constant stream of data. Without access to personal information such as a physical addresses, purchasing history, shopping activity, and credit card data, the Amazon experience would not be possible.
How to Physically Protect Your Personal Information
Identity theft was present long before the Internet, made possible by thefts of purses, wallets, briefcases, and so on. Paper receipts and bills are often discarded without thought, credit card receipts are physically available in stores and restaurants to employees who can collect and sell their information, and merchants can offer lists of customers to anyone willing to pay the right price.
Electronic identity theft is relatively new, but wherever money is present, someone can always try to steal it. This is why common sense steps to physically protect your private information are essential:
- Protect Your Wallet, Purse, and Briefcase at All Times. Be aware of your surroundings; do not leave your items in plain sight, even in locked cars; limit the cash and number of credit cards you carry to a minimum; and leave your Social Security cards at home unless they are needed.
- Lock Your Mailbox or Use a Post Office Box. Suspend your mail delivery whenever you’re going to be unable to check it for more than a few days. Letting newspapers, fliers, and other evidence of absence accumulate can advertise when you’re away and make you an easy target.
- File Valuable Information in a Locked Drawer or Safe. Invest in a safe deposit box offsite for your most important information. Transfer paper documents into electronic form and keep that data on removable media such as thumbnail drives, which can be physically stored in a safe place.
- Invest in a Cross-Cut Paper Shredder. People intent on stealing your information may go through your trash. To avoid that, make it a point to shred all documents, including any personal information – in particular, your Social Security number, date of birth, and any account numbers.
Methods to Protect Your Data Electronically
Securing a base level of information protection in a world of digital communication is relatively easy, inexpensive, and sufficient for most people. The steps you should take, at a minimum, include the following:
- Watch What You Post at All Times. Once published on the Internet, whether as an email or a message on a social network, information is virtually eternal and available for all to see. This includes opinions, comments, pictures, and personal data. Use common sense and censor yourself. Teenagers and children should be taught basic Internet security techniques, and their activities should be regularly monitored.
- Use Firewall and Antivirus Software. While hackers can eventually overcome such software, it is a deterrent to the majority of Internet pirates. PCs, because of their market dominance, are most often subject to hacks, but there is a variety of free programs available to protect yours including Zonealarm, Comodo, and Ashampoo. Mac users can employ a free firewall program such as the NoobProof/Waterproof combination, or purchase commercial versions like NetBarrier X5 or DoorStop X Security Suite. Mobile phones and tablets also need firewall protection. Avast Mobile Security is one free option for Androids, while Lookout Premium is a paid option for iPhones.
- Use Strong Passwords. Generating, maintaining, and remembering passwords can be tedious. However, it is one of the most effective methods for keeping your data secure. Create a strong password by using at least nine-symbols, including upper- and lower-case letters, numbers, and special characters. Avoid children’s names, birthdays, and other easy-to-crack sources. A combination of your best grade school friend’s initials, the name of your high school athletics team, and the year of your graduation can be difficult to crack, but easy for you to remember. For example, “Mary Brown,” “Wildcats,” and “1985” would be “mb85Wildcats.” According to the website How Secure Is My Password?, this example, which has three septillion possible combinations, would take a desktop PC about 26 million years to crack.
- Avoid “Phishers” and “Pharmers”. Most efforts to capture your personal data are disguised by bogus emails suggesting computer trouble or offering free goods and prizes. This is called “phishing,” as the perpetrators are hanging millions of baited lines around the world hoping to hook gullible fish. When the malicious email is opened or a link within it is clicked, a subversive program is downloaded onto your computer, which immediately seeks private and confidential information and transmits it to the email sender. This process is called “pharming.” Do not open emails from strangers, nor any without a subject line. If the email purports to be from a company or institution with whom you work, but looks “fishy,” call the company to verify its author before opening. Never send bank or Social Security information to strangers or unsecured websites.
- Control Third-Party “Cookies” on Your Computer. While many sites use “cookies” – bits of their code stored on your computer – to facilitate log-ins, remember your location at your last visit, or keep score if you’ve been playing a game – cookies can also be used to collect all sorts of information which are downloaded to the cookie owner the next time you visit that site. Set your web browser’s privacy settings to warn you and ask permission before letting a website install a cookie on your computer.
- Keep Your Software Up-To-Date. Programmers constantly upgrade their software to eliminate bugs, improve usability, and add protection. You’ve paid for these updates, so take advantage of them. Many are free and take less than a minute to upload and install.
How to Stay Off the Grid
For those seeking even more anonymity and identity protection, there are additional measures you can employ without abandoning use of the Internet completely:
- Email Encryption. Many Internet browsers provide a method to secure the connection between your computer and email provider using Secure Socket Layer and Transport Layer Security (SSL/TLS) encryption. This is the same protection scheme used for checking bank account balances or making Web purchases. Your email program may provide encryption features, or you can use a third-party encryption-based email service such as Sendinc. Most operating systems include a method to encrypt the data stored on your computer if it is lost or stolen.
- Encrypted Hard Disk. Rather than depend upon piecemeal encryption, there are programs available whereby every bit of data that goes on your hard drive is encrypted and only available to those who have a “key” or password. It’s not 100% secure, but since the decryption key must be kept in the hard drive in order to access memory, the code is difficult and time-consuming for even a professional to crack.
- Anonymous and Disguised Web Use. Use proxy servers to surf the Internet so that your location and identity are difficult to find. Fans of television detective shows are familiar with the fictitious episode searches where the signal bounces randomly across the world. TOR is free software that directs Internet traffic through a free, worldwide volunteer network of more than 3,000 links, making the message difficult to trace. Commercial programs like Proxify and Hide My Ass provide similar services with fees. Ghostery is a program for the popular Firefox browser that illumines the “Invisible Web” – cookies, tags, Web bugs, pixels and beacons – so you can tell who is tracking you. DuckDuckGo is a new search engine that does not collect or retain information about you, including computer ID or location, when searching on the Web, thereby ensuring your searches are confidential even when legally requested.
- Prepaid Phones and Prepaid Calling Cards. While often inconvenient for users and those who want to contact them, prepaid phones with minutes can be purchased for cash with no personal information required. Removing the battery when not in use makes tracking even more difficult.
- No Social Networks. The best way to remain anonymous is to avoid social networking completely. However, some privacy advocates suggest using social networks to establish false identities, which can confuse searchers who may be looking for your information. If you post pictures, strip off the EXIF data (metadata tags such as the make of camera, date, time, and location of picture) before posting. Programs such as Photoshop or Lightroom allow you to delete the data by simply changing the metadata setting to “none.” Commercial programs like EXIF Tag Remover or EXIF Remover are available over the Internet.
- Cash and Gift Cards. Using cash for purchases in physical stores, or cash-bought gift cards for electronic purchases, prevents having to rely on private financial information when buying products or services. Eschewing buyer and store affinity programs and foregoing completion of warranty information can help as well.
Final Word
The battle between those who seek to protect data and those who seek to access it continues. Whenever one or the other gains an advantage, the other side is quick to make changes and overtake it.
For the vast majority of people, the time, effort, and expense to remain anonymous and completely secure cannot be justified by the value of the information protected. Few hackers, information pirates, or government agencies are interested in the personal proclivities, financial affairs, or buying habits of a single accountant in Omaha, Nebraska, for example.
The size of our population – 315 million – makes all but the most wealthy, powerful, or skilled among us faceless. Using common sense in most cases is all of the protection we need.
How far do you go to remain anonymous? Are you willing to give up the conveniences of technology by going off the grid?