How do we protect our digital privacy

For people like me, the hardest thing to get others to understand  is that the internet, and the digital environment we live in, are not safe. In some cases they are downright dangerous.

We are producing a generation of people who have no understanding of privacy, and are only concerned with instant gratification—“I want it and I want it now.”  They put their personal information online, and they expect someone else to protect it.

We need to change this.  Cyber security is something that needs to be taught in schools, and it is something we need to sort out before the next generation comes along.

Today’s generation, anyone younger than 20 (or 30—sorry, showing my age), has growntext cloud with social media up in this digital world.  They have embraced the technologies that make our lives easier, but they have also embraced the ones that put us in danger.  They have no concept of keeping information about themselves private.

Since the advent of social media, the understanding that some things need to be kept private is getting harder and harder to find.  Most social media sites hit you with a guilt trip if you do not put all of your private information on their site.  They issue dire warnings that you might miss out on someone looking for you if you do not put in where you lived 10 years ago—heaven forbid!

Since we seem to reveal everything about ourselves on our Facebook timelines, the understanding of privacy is thinning to the level of non-existent.  If it’s bad for us, think how much worse it’s going to be for the now generation, who were never exposed to a world pre-timeline and Twitter.  We have to teach them that they need to keep some information in reserve.

Recently I had a client who had to reinvent himself, to such an extent that he cut all ties with the old world, deleted all his accounts and started again.  He then had to go back to his group of trusted people and reconnect with them.  Do you know how hard that is in today’s world?  There are a number of reasons that your might need to do this and he had one of them.

We have all visited websites that gather information.  But how much information is too much?  One rule of thumb is that websites have to build trust.  There is no other way to get people to connect with you if that trust is not there.  So asking 20 or 30 questions when creating an original account is not a good idea.  If a site is going to request that much data, they should give you time to build trust.  They should start small—name and email address—and then give something in return.  Once they have your trust they can then ask further questions.  If a site demands more than that just to open an account, consider providing made-up information or avoiding them altogether.

What about purchases on the internet?  Of course online sellers need payment information, but you’re often giving those details to someone you know very little about.  The combination of credit card details and of PII (personally identifiable information) to the level of name, address, phone number and email is something that I will not provide unless I trust absolutely.  You shouldn’t either.

When it comes to privacy, there are some things that I will not put on a website.  If I do put a piece of information online, it’s something relatively trivial—something I don’t fear the consequences of losing control over.  It is a matter of choice how much information you put on the internet, but by my way of thinking, the least possible is probably the best way to go.

Roger Smith, is an educator. Teaching students at ADFA (UNSW) and showing them how vulnerable they are to cybercrime.

He is also CEO at R & I ICT Consulting Services Pty Ltd, an Amazon #1 author on Cybercrime and founder of the SME Security Framework. He is a Consultant who specialises in inexpensive and highly effective security strategies for small and medium businesses and not for profit organisations.

He has developed and authored the SME Security Framework and the Security Policy Training Course which are considered to be the definitive guides to helping SME's protect their organisation using the principles of Technology, Management, Adaptability and Compliance.