Tips and Tools

Helpful tips to protect your privacy online.

 

Select a topic

WaTech has curated a variety of information on online privacy. While we cannot endorse any particular product or service, you may find the following tips helpful:

Auto-fill

Disable "auto-fill" features

Most web browsers have a feature that remembers information you type into forms on the web. This is often a convenience, saving time when you fill in a lot of forms.  But it's also a little risky because the browser might remember private info you type into forms, such as your credit card number, passwords, medical conditions, date of birth, etc. Disabling these "auto-fill" features is usually pretty simple in the "Options" "Preferences" or "Settings" panels of your browser.

Here's how it looks in Firefox

Cookies

Actively delete cookies on a regular basis

It's easy for "cookies" to accumulate in your web browser -- little bits of data left by websites you visit that identify you as someone the company knows. Sometimes they are a convenience, helping you get to your account more quickly or helping you see the kinds of offers you're most likely to be interested in.  But they can be read from your browser for quite a while if you allow it, and you'd be surprised how many you may have.  It's pretty easy to remove them from the "Settings" "Preferences" or "Options" panels of your web browser, and you'll have plenty of opportunities to accept more cookies.

Find out more about cookies on the Federal Trade Commission's website.

Disable cookies in your internet browser

Disable cookies in your internet browser. "Cookies" are data files stored on your electronics that track your internet browsing activity. To minimize the tracking of your internet browsing activity, be sure to limit or disable Cookies in your browser options. The links below show how to do the steps in various browsers:

Firefox  Explorer  Chrome  Edge

Tell Facebook not to Let Ads Follow You

In a recent article in the Wall Street Journal, reporter Joanna Stern sketched out a simple and prudent step to protect your privacy online.

You might not be aware that your web searches might “follow” you across other sites, such as Facebook, which can use your search history to target advertising.

In the Facebook iOS or Android app, tap the three lines in the bottom-right corner, select Settings > Account Settings > Ads.

Tap “Can you see online interest-based ads from Facebook?” and then “Off.”

This will turn off the setting across your Facebook account—on all your devices.

 

Devalue

Get on the "Do Not Call" lists

To reduce the value of your contact information among advertisers, add your name to the 'Do Not Call/Email' lists.  Even though it may take a little while for advertisers to pick up the change, it's a good and easy step.  There may still be hackers or less careful advartisers out there who don't pay attention to 'Do Not Call/Email' lists, but when your name's on a list it's not worth as much on the black market.

Email

Do not send private information over email or messages

Unless you have a pretty good technology skillset or an IT support organization behind you, it's not easy to be sure who exactly you're getting email from, or to secure messages you send so that they can't be picked up by snoopers. Scam artists love to send emails out to people, pretending to offer a lost inheritance, a really good offer on a white elephant you're selling online, or suggesting you're under threat from some powerful organization.  Sometimes people even write back to such messages with their private information - like bank account numbers. The safe way to avoid hassle is to just keep your private info out of email or messages, and be leary of people who don't do the same.

Read all emails carefully!

Read all emails carefully! Many compromises of personal information are due to inattention and not compromising of security. When you get an email requesting personal information, read it carefully to ensure that message is actually from the sender and not from someone masking as the sender. When in doubt - leave it out.

Use a business-class email service for business

Do not use personal email accounts to transmit others' private information. There's a big difference in privacy and safety between a "business-class" email service and most people's free web email. Big organizations put a lot of effort into making their email systems safe (or safer) because they know there's a lot of bad email out there. So if someone is going to trust you with their personal stuff - like a phone number, their medications, or even their kids' birthdays - be a professional and use an email service run by humans, where you're a valued customer not just another free account.

HTTPS

Look for the Lock

 During web browsing, get used to looking for the "lock" icon near the top of your web browser - these "HTTPS" websites provide for secured connections and are safer use when volunteering personal information. Here's a couple of samples of properly secured sites in popular browsers:

Firefox:

Internet Explorer:

Insurance

Use Identity Theft protection

Try using an Identity Theft protection and monitoring service.  There are lots of options out there; pick one endorsed by an outfit you trust, like your bank, credit union or professional association. With all the hacking stories in the news these days, you may well already have a service looking out for changes in your credit history, accounts etc. -- it's one of the usual things companies do when they get hacked to try to reduce the danger to their customers.  If you have such a service available to you - use the heck out of it! Read the emails they send you; call the company if you don't understand something.

Links

Spammers are Sophisticated

Spammers - the folks who sent you email or text messages you didn't know you needed - are becoming more and more sophisticated. That "invoice" in broken english from a vendor you don't remember? It could be a virus. Never click a link in an email or download a file without confirming that it was sent from a trusted source and the link or file is (at least mostly) safe.

Think before you click!

Think before you click! Similar to reading email carefully, if someone sends you a link via online messaging or other service, review the link carefully before clicking. Some links may install malware or virus that may compromise your device security.

Location

Disable location services in your electronics

Disable location services in your electronics. Many modern electronics contain GPS functionalities and allow applications to track your location, but it's more than just "where you are" - if you know both "where" and "when" you can map a person's habits, highway speed, kids' school, favorite bank branch, etc. Be sure to review the GPS location options in your device to ensure you minimize volunteering your location information.

Lock

Always log-off

Most computer operating systems these days are designed to keep the data of multiple users securely separated, but you don't get that protection if you leave your devices running and unlocked, so always log-off! If you're leaving your computer or phone, make sure it's locked before you leave. Worried about remembering your computer password? Practice makes perfect.

Get rid of your old smartphones

Smartphones and tablets don't come with an expiration date - but perhaps they should. Most people's smartphones get updates to the operating system only when the carrier gets around to it. Eventually the carrier and the original manufacturer consider them out-of-date and stop the updates.

But wifi hotspots, desktop computers and even commercial networks don't block these old devices from connecting. An old phone or tablet with security issues can still have lots of your files, passwords, pictures and data on it, and it's far easier to break into than a newer device.

What to do:

  • Often (but not always) your carrier will let you trade in your old device - ask if they dispose of data securely
  • Best Buy, Staples and RadioShack stores will recycle cellphones too - ask how they dispose of data
  • Resale marketplaces like Gazelle promise tom remove your personal data before selling on
  • Here's a how-to about "wiping" your old phone's data.
  • Washington's department of Ecology has an e-cycle program that disassembles devices into parts for recycling

 

Make sure any device containing private information has an "auto-lock" feature that requires a password to unlock

Make sure any device containing private information has an "auto-lock" feature that requires a password to unlock. The theft of a computer, phone, or tablet should not include the theft of access to personal information.

Minimize

Delete private information once it is no longer being used

Delete private information once it is no longer being used-if it's not necessary to keep, don't keep it!

Delete unnecessary files and emails that have your personal information

Delete unnecessary files and emails that have your personal information. If your security is compromised, minimize the amount of personal information that may be released.

Minimize the amount of personal information you disclose online

Minimize the amount of personal information you disclose online. When signing up for online services and apps, fill out the bare minimum of personal information to minimize your digital presence.  Does that fan site really need your home phone number or birthday? Does the pizza shop need your whole Facebook profile?

Password

Use a password manager

Use a password manager that will enable you to remember only one password without needing to use it across all your services. Using the same password for different services can increase the harm caused if one service or the password itself is compromised.

Use Two Factor Authentication

These days the major internet companies offer you the option of using "multi-factor" or "two-factor authentication as an option you can turn on.  It's a good idea.  Here's how it works: to log in to a website that uses multi-factor authentication, you have to know your password, plus you also have to have some kind of extra validation step.  For example, some sites will send a text mesage to the mobile phone on your account, checking to see if it's really you. Others use a dedicated keyfob that fits on your keyring and feeds you long random numbers to use with your password.  The extra validation changes frequently, so it's like changing your password every 2 minutes - but much easier.

Phishing

Beware of phishing attacks and scams

Beware of phishing attacks and scams. A service that you use will rarely call or email out of the blue for you to confirm information such as your billing address, credit card, social security number or password.

Just because someone asks for information, doesn't mean they should get it

Just because someone asks for information, doesn't mean they should get it. Confirm that the person is authorized to access that information, and make sure you share it in a secure manner.

Private-Mode

Clear your search history

Periodically clear search history and accompanying stored data. The steps required vary by browser, but there's always some way to do a spring cleaning. Deleting stored data from websites can also free up storage space or memory on your computer and help it run faster.

Use private browsing modes in internet browsers

Use private browsing modes in internet browsers. Many internet browsers have a private browsing mode which does not save cookies or browsing history. Although some connection information is tracked by your internet service provider, using private browsing modes also limits the amount of personal information a user retains and volunteers.

Public-Places

Avoid volunteering personal information over public WIFI

Avoid volunteering personal information over public WIFI connections. Public WIFI allows many users to connection to the internet, and others may have access to your connection information as you browse the internet. Thus, avoid viewing or providing personal information when using public WIFI connections.

Make sure your home wifi is password protected

Most of us these days have a WiFi box in the house and do a lot of our web surfing or movie watching over that home network.  Mostly we just plug the box in to the wall outlet, connect it to our internet provider somehow, and turn it on. But is that network secure? You're probably looking at your bank accounts over that connection - could it be snooped by a guy in a van down the street with a laptop and a can of pringles? Older wifi routers sometimes came with really weak initial passwords and insecure out-of-the-box settings - have you changed yours this year?  For a lot of home WiFi boxes you can see all the settings by browsing the following address while you're at home: http://192.168.0.1  you might be surprised what you find.

Never review private information in a public place

Never review private information in a public place. Whether on a plane, in a Starbucks, or at the park, you should not have private information up and available for plain view on your computer screen.

ABOUT THE OFFICE

Educating citizens and government on privacy protection

© Copyright 2016 Washington State Office of Privacy & Data Protection