Ask Leo! #646 – The Biggest Risk to Your Privacy

Video & Off-Topic

Just three quick notes here at the top:

  • After a three month hiatus, I'm back on video. The current discussions around privacy and ISP - and a slight re-work to my "studio" - prompted me to get in front of the camera again. Check out "Is There Really A Reason to Hide From Your ISP using a VPN?", below.
  • I'm adding an "Off-Topic" section at the end of the newsletter. As I pointed out a few weeks ago I also have several projects going that aren't strictly tech-related. I don't want to throw those in your face every week, but I decided I did want the ability to mention other things for those so interested. Come for the tech, stay for the ... well, who knows? Check out Off Topic, below.
  • There's a new Page of Gratitude thanking all my Patreon supporters!

As always, thanks for being here!

Leo

The Biggest Risk to Your Privacy

(skip)

I've written several privacy-related articles discussing the various aspects of risk we assume when we use technology. From the computers we use to the systems that run them, as well as the applications and tools we rely on, each adds risk of some kind of exposure.

And yet, in my experience, the greatest risk we're exposed to has little do with technology.

It's a risk we don't think of – and yet I see privacy directly invaded more often due to this than any other reason.

The biggest risk is people

Even with semi-regular news of data breaches, hacking, and other technological intrusions, the single biggest cause for actual tangible privacy-related damage boils down to nothing more than… people.

I'm certain you're already making assumptions about which people you should be concerned about. I'm just as certain you're overlooking perhaps the most important group that puts our privacy at risk every day.

Let's review some of the various classes of people involved in putting our privacy at risk.

Hackers, scammers, and other ne'er-do-wells

This is the first thing people think of when it comes to privacy invasions. We hear a seemingly endless stream of news and word-of-mouth reports of privacy hacks every day. It's easy to think we're under constant threat from evil villains trying to get at our data.

In a sense, we are. There's no question that organized crime and other malicious entities have their sights set on gathering personal information and either using that for nefarious purposes directly, or reselling it to those who would.

While your data could fall victim to the individuals in this category, it's important to realize they're simply not interested in you as an individual. What they're interested in is much broader; what they care about is gathering as much data as they can, or scamming as many people as they can. Particularly when it comes to scams, they don't care who those people are, just that they're vulnerable.

Perhaps in part due to the obviousness of this class, this is the group of people we most easily protect ourselves from, using technology and common sense. Security software of various flavors and layers, coupled with skepticism and our own smart habits, are our first, best line of defense.

Governments and government agencies

You may think I'm including this because I'm concerned your government is spying on you.

I'm not.

Oh, it's certainly possible, and in some countries even plausible, depending on your own behavior and "value" to whomever might be watching. Once again, however, I believe strongly that most of us, in most countries, simply aren't that interesting (or worth the effort) for individual government surveillance. It's just not that big of an individual risk.

No, what makes government in general one of the largest threats to our privacy are the laws and policies they enact or fail to enact. Weak government policy and enforcement around individual rights and privacy makes it easier for others – in the government and elsewhere – to access and possibly misuse our personal information.

Most people never pay attention to this unless they're already living under an oppressive regime, in which case it could be considered too late. I strongly suggest that paying attention and working within your system to ensure personal privacy rights is an important responsibility.

Employees, technicians, and policy makers

Many people are concerned about big business and corporations collecting and using our personal information.

I'm generally not. Excepting the previous point about making sure that government regulations are in place to protect my information, and corporate policies that similarly ensure my privacy – whether a legal requirement or not – I'm actually not that concerned about the information I'm certain is out there about me.

With one exception: when those companies get hacked or otherwise compromised.

That generally comes back to the people involved. I believe the majority of breeches boil down to individual people making individual errors.

One example might be the software engineer with little to no security experience placed in charge of the security of my data. All the good intentions in the world won't make up for the inevitable oversight (which is probably more common than we suspect). Software developers and policy makers operate under a "features first, security later" approach that often pushes service development – and with it our personal information – beyond acceptable risk. Then, once a vulnerability is discovered, the hackers mentioned earlier swoop in to take advantage of the unintentional access to our information.

The most important thing you can do to secure yourself against these types of oversights is to know who you're dealing with and hold them responsible and accountable for the security of your information. Do business with companies that have a proven track record. If you find you can't – if you find you need the services of an unproven entity – be particularly wary of the information you choose to share.

Friends and family, business contacts, and associates

We share a fair amount of information without thinking about the ramifications of exposing ourselves to other people.

Sometimes that can even be literal. I frequently encounter individuals who come to me concerned that their video chats might be intercepted by some middleman. As it turns out, it's not the middleman they need be concerned about when they find themselves being blackmailed by the individual at the other end of the conversation.

The fact is, there's no technology – none whatsoever – that can protect you from the people to whom you choose to expose your information (or anything else). Any technology can be circumvented in one form or another by the recipient. If it can be seen, it can be copied – even if it's just taking a picture of the computer screen while your sensitive details are displayed.

And of course, once something is posted publicly (and let's be clear: all social media is "public", regardless of your privacy settings), it cannot be recalled.

This is, perhaps, the single most common cause of privacy violations I've encountered over the many years I've been doing Ask Leo! – not big business or government, not massive data breaches, not malware, not even ransomware1 – but one-to-one interactions in which individuals simply share too much and later regret it.

This risk is only growing on social media, which creates an illusion of intimacy and safety while nothing of the sort exists.

You

You are the biggest risk to your own privacy.

By sharing too much on social media or trusting too easily when some stranger calls to tell you your computer has a problem, or by reaching out to the wrong people in times of technological crisis because you're panicking, the biggest risk of all comes back to you.

And that's great!

Now, why, after what might seem like gloom and doom about all the ways that our privacy can be compromised, am I so excited to point the finger at you?

Because the one thing you have control over is yourself.

You can become more knowledgeable. You can make better decisions. You can take responsibility for your privacy from here on out.

There's no requirement that you become a Luddite and walk away from technology in general – Lord knows I've certainly not done that. What's required is simply awareness – mindfulness, if you will – of exactly what, where, and with whom you share.

That last one is perhaps the most important: your privacy is all about the people you trust and share with.

Related Links & Comments: The Biggest Risk to Your Privacy
https://askleo.com/27036

Is There Really A Reason to Hide From Your ISP using a VPN?

I discuss the recent decision by the U.S. Congress to roll back rules relating to privacy and internet service providers, and whether a VPN is really the right solution for most people.

Continue Reading: Is There Really A Reason to Hide From Your ISP using a VPN?
https://askleo.com/27399

Become a Patron - Get The Ask Leo! Tip of the Day

How Do I Upgrade Windows When I Can't Actually "Upgrade"?

As we saw with the Windows 10 roll-out awhile back, sometimes you can upgrade an operating system, and sometimes you can't. The Windows 10 "upgrade" actually works only for Windows 7 and Windows 8.1. If you have any other edition of Windows, you could still install Windows 10 (assuming your hardware met its minimum requirements) – you just can't do it as an upgrade to an existing installation.

As it turns out, what you do in that scenario is very, very similar to exactly what you do when you're not "upgrading" at all.

It's called a reformat and reinstall. I'll walk you through it, noting how the new version of Windows might impact the steps along the way.

Continue Reading: How Do I Upgrade Windows When I Can't Actually "Upgrade"?
https://askleo.com/27098

Why Does Email Sometimes Take So Long to Be Delivered?

When someone sends me an email, I don't get it right away – sometimes it takes hours. It is time stamped hours before I actually get the message. Could it be because my inbox is too full?

We're all so used to email being almost instantaneous that delays are noticeable.

Email delivery can be delayed for many reasons, and counting on it to be nearly instant is just a bad idea.

Couple that with the fact that the timestamps on email often lie, and it can be really difficult to understand exactly what happens when email takes a little longer than expected.

Continue Reading: Why Does Email Sometimes Take So Long to Be Delivered?
https://askleo.com/2650

From Ask Leo! On Business:

Automating Social Media

Automating social media can sound like an oxymoron, but sometimes it's the pragmatic choice to make your content available where your people are.

Read: Automating Social Media

The Ask Leo! Tip of the Day

A feature exclusively available to Ask Leo! Patrons Bronze level & above.

More Ask Leo!

Become a Patron
Books - Business - Glossary
Facebook - YouTube - More..

Off-Topic

The new "off topic" section for things that aren't strictly computers and tech.

For The Interested

A few months ago I subscribed to a weekly newsletter called "10 Ideas Worth Sharing" - exactly what the title implied, with an entrepreneurial bent. It's since been renamed For The Interested, to reflect a slightly larger scope. Completely by coincidence it's another example of the curation model that I discussed over on Ask Leo! on Business last month.

It's a great example of adding value. Each weak I'm pretty much guaranteed that I'll be pointed to informational, educational, or inspirational, content that I would not have found on my own. There's always one or two items that I find particularly valuable.

Check out For The Interested, subscribe, and see if you don't find some interesting stuff showing up in your inbox each week.

Personal Blog

Last week I went on a business trip. (There'll be at least one Ask Leo! article coming up this week about an experiment I ran on that trip.) Before I even got to my destination I found myself feeling particularly grateful for all the things that got me there. So I wrote it up in my personal blog: Travel Ease.

Leo's Other Projects....

HeroicStories Since 1999, HeroicStories brings diverse, international voices to the world ' reminding us that people are good, that individuals and individual action matter. Stories - new and old - are published twice a week.

Not All News Is Bad - Each day I look for one story in the current news of the day with a positive bent. Just one. And I share it.

leo.notenboom.org - My personal blog. Part writing exercise, part ranting platform, it's where I write about anything and everything and nothing at all.

Help Ask Leo! Just forward this message, in its entirety (but without your unsubscribe link below) to your friends. Or, just point them at https://newsletter.askleo.com for their own FREE subscription!

Newsletter contents Copyright © 2017,
Leo A. Notenboom & Puget Sound Software, LLC.
Ask Leo! is a registered trademark ® of Puget Sound Software, LLC