If you are one of the millions of consumers who use a voice-activated assistant in your home or through your smartphone, your personal data and activity may become more secure due to new data privacy regulations like the European Union’s GDPR and recent privacy-related legislation. Virtual assistants and chatbot tools will now have to tighten up their security to protect your information.

Siri, Alexa and Google Home are just a handful of the artificial intelligence tools that interact with live people every day. We rely on these devices for everything from looking up a phone number or a favorite song to controlling the utilities that power our homes. Because of that, they are fertile ground for hackers who are looking for private information or who seek to get a picture of our day-to-day activities. The amount of use they get is another reason AI data privacy is so important.

Even if you do not own or use a voice-activated virtual assistant, you have probably interacted with a chatbot online. You may not even know it. These tools use artificial intelligence to provide customer support for businesses. You may have visited a retailer’s website and found a “live chat” button to click or had a pop-up box open with the words, “Hi! How can I help you today?” on the screen. While some businesses still use human customer service reps to provide support, a growing number of companies are already relying on computers to carry on the conversation and solve any problems.

Some experts are already at work helping developers create privacy-compliant AI tools that still have enough room to be useful. If your virtual assistant cannot store your shopping or search history, for example, how will it help you find that great brand of coffee you tried? How will it know what songs or movies to recommend when you tell it to play something “upbeat?” This kind of data collection is what makes AI-driven tools useful and easy to operate, rather than forcing human users to repeat themselves with every interaction.

The first step for developers is to draft a clear policy on what information is collected from users. From there, it is important to store it securely for data privacy. Some states are already requiring chatbots to disclose that they are not actual people and to request permission to record or save the chat conversation. It is a good idea for businesses in every state to start working in that direction since these data privacy laws are already being put in place. On a more personal note, it is important that companies develop AI tools that incorporate the ability to respond accordingly if a minor initiates the interaction. This can prevent a toddler from renting a movie on Amazon or a teenager from asking for critical medical advice from a robot.

The most important step is to remember that technology and innovation are fluid. There is no such thing as a one-and-done law or regulation where privacy and tech intersect. Any data privacy policies or upgrades, especially where AI and chatbots are concerned, must be revisited frequently to ensure they are still complying with the law and protecting the public.

If you are a victim of identity theft in need of assistance, you can receive free remediation services from ITRC. Call one of our expert advisors toll-free at 888.400.5530 or LiveChat with us. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

Is Deepfake the Next Step in Cybercrime?

Things to Consider When Using VPN

Shutterbugs Beware! DSLR Ransomware Attack Targets Digital Cameras 

 

In 2012, Facebook was sued by the Federal Trade Commission (FTC) for misleading consumers about their privacy. One example of their misleading promises was the extent to which they shared user information. Mobile applications used by one consumer were allowed to access the information of that consumer’s friends even though the friends did not grant permission. The 2012 settlement from the FTC required Facebook to tighten its privacy policies and put penalties in place for misleading statements to consumers.

Facebook violated the FTC’s orders by allowing third-party companies access to consumer information they did not want to be shared. This scandal came into the limelight in 2018, with investigations looking back at least four years to determine wrong-doing by the social media company. Facebook and the FTC announced last week that a settlement had been reached of $5 billion, the largest in history for this type of offense. The settlement is not only monetary fines, but also requires a change in Facebook’s privacy policy to comply with new standards.

Some of these standards include creating a system of checks and balances within the company to ensure consumer privacy is being properly handled, and removing CEO Mark Zuckerberg from complete control over privacy decisions. They also outline specific rules Facebook, Inc. must abide by when it comes to consumer privacy.

More Control Over Third-Party Apps

The FTC is requiring Facebook to exercise more control over applications granted access to their platforms. App developers who want to integrate with Facebook must certify compliance with Facebook’s policies and justify the need for consumer data. The social media giant must regulate the acceptance of their policies and stop creators from accessing the platform who do not meet the standards.

Prohibited to Sell Phone Numbers

The settlement ruled that Facebook is not allowed to use or sell user-provided phone numbers for advertising. This pertains to phone numbers given to Facebook for security reasons, like getting texted a code when you are logging in to a new device for two-factor authentication. This does not mean advertisers are prohibited from collecting your contact information in other ways. For example, if you fill out a form on Facebook where a company asks for your phone number and you provide it willingly, that company is entitled to use your phone number as in accordance with Facebook and their privacy policies.

Restrict Facial Recognition Technology

You have probably noticed facial recognition technology when uploading photos to Facebook. The platform often auto-suggests friends for you to tag in the pictures. The FTC is requiring Facebook to provide clear notice, absent of misleading messaging, to consumers and obtain consent from users when it uses facial recognition software.

Implement a Data Security Program

While the FTC does not go into very much detail about this requirement, Facebook will be forced to maintain a “comprehensive data security program.” Meaning it will not only have limits on how they can use and sell consumer information, but they will also be held to a high standard to protect user-information from outside sources.

Encrypt User Passwords

Facebook notified the public earlier this year of misuse of stored user passwords. The passwords for some users were stored as plain text for anyone in the company to access easily. Part of the FTC settlement requires Facebook to encrypt passwords and regularly check whether they are stored in plain text.

Limit Asked Information

According to the FTC press release, “Facebook is prohibited from asking for email passwords to other services when consumers sign up for its services.” Meaning Facebook cannot require users to disclose information about other platforms they might be a part of, even if owned by Facebook, Inc.

If you are a victim of identity theft in need of assistance, you can receive free remediation services from ITRC. Call one of our expert advisors toll-free at 888.400.5530 or LiveChat with us. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

Facebook Privacy Settlement Shows New Industry Trend

New Tool Helps Consumers Make Sense of Data Breaches

What Does the Equifax Settlement Mean for its Data Breach Victims?

 

The Federal Trade Commission (FTC) announced July 24, 2019, that they have reached a settlement with Facebook, Inc. The social media giant received the largest fine in history for violating consumer privacy and were ordered to pay $5 billion – roughly 20 times the last largest fine of this kind. This comes less two years after Cambridge Analytica was found using millions of Facebook users’ data that brought the companies privacy practices into the limelight.

As part of the Facebook settlement, the FTC has ordered the company to make changes to their current standards of privacy. The changes will start at the board level – and will trickle down through their executive ranks – including increases in transparency and holding individuals within the organization accountable.

What Does This Mean for Social Media Users?

Just within the United States and Canada, 185 million people use Facebook on a daily basis. This enormous number represents just how integrated the company is in the daily lives of citizens and does not even account for the other Facebook, Inc. entities, like Instagram and WhatsApp.

Social media users should expect to see more updates and changes to privacy policies on Facebook, Inc. applications. Similarly to the last time Facebook updated their privacy policy, other social media companies – like Twitter and Snapchat – are likely to proactively update their standards as well. This means users will probably be receiving emails and in-app notifications of updated privacy policies. It also means they might have more control over the information they choose to make available to Facebook and third-party partners. Identity Theft Resource Center always encourages users to read privacy policies in order to know exactly what companies can do with your data. We also highly recommend reviewing your current privacy settings on all online accounts to make sure you are comfortable with the information shared.

When these changes are expected to roll out is unknown, as Facebook’s settlement with the FTC is a 20-year plan. Likely, initial changes will likely start to happen within the coming weeks and continue to be updated on a regular basis. Users may not see immediate changes to their how they are able to interact with the platform or its sister properties, Instagram and WhatsApp.

What Does This Mean for Facebook?

On Facebook’s website, the company says this decision has come after months of negotiations with the FTC. The statement also says the settlement will require a “fundamental shift” in Facebook’s approach at every level of the company in terms of privacy and that they hope to be a “model for the industry.”

Requirements of the Facebook settlement include establishing an independent privacy committee, removing CEO Mark Zuckerberg from complete control over decisions that affect user privacy. Compliance officers will be appointed throughout the company that will report to the FTC quarterly regarding the new privacy standards being upheld. Also, third-party assessors will be evaluating Facebook and identifying any issues.

Additionally, Facebook will be required to document cases when data of 500 users or more is compromised and notify the FTC within 30 days of the discovery.

On top of the $5 billion fine from the FTC, Facebook will pay an additional $100 million to the Securities and Exchange Commission (SEC). This fine came after it was discovered Facebook made misleading claims about the misuse of user data. The SEC’s statement said Facebook acted as though the situation were merely hypothetical when they knew the data had in fact been misused. The $100 million fine is the highest penalty to be paid because of this type of lack of disclosure according to the SEC.

If you are a victim of identity theft in need of assistance, you can receive free remediation services from ITRC. Call one of our expert advisors toll-free at 888.400.5530 or LiveChat with us. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

Facebook Rolls Out Privacy Updates – Here’s How To Check Your Settings

New Tool Helps Consumers Make Sense of Data Breaches

What Does the Equifax Settlement Mean for its Data Breach Victims?

 

The internet may be abuzz once again with users sharing images from their FaceApp filters, but security experts are treading carefully. The AI-powered photo editing app, which provides fun filters to enhance your pictures of your face, became a viral sensation when it launched in 2017.

When it first became popular, FaceApp had a fairly convincing filter that would change the gender appearance of the person in the photo. Now, it is once again sweeping social media for its old-age filter. Everyone from school kids to celebrities are sharing pictures of how they are going to look when they are nearly 80-years-old.

However, it is not exactly harmless fun. The terms and conditions for this Russian-owned app have alarmed some security experts and privacy attorneys. The app developer being outside the U.S. is not why it is problematic. In fact, their servers where the photos are stored are located in the U.S., Ireland, Singapore and Australia, and are hosted by U.S. companies like Amazon and Google.

What has raised red flags for experts is where the photos are stored. Rather than applying the filter to the image in the phone the way a colorizing filter might happen, the user must submit the photo to FaceApp’s servers in order for the filters to be applied. Those photos are then kept on the server, and the terms and conditions state that FaceApp can do nearly whatever they want to with the photos once the user submits them.

Reactions have ranged from “no big deal, lots of companies have users’ photos” to “this just proves they are developing facial recognition software to spy on us!” What are we actually supposed to believe and what are we supposed to do about it?

The first answer is simple: nothing. If you are not concerned with your photo being used by a third-party company, then carry on. There were initial concerns that uploading one photo actually gave access to your entire camera roll in your phone to FaceApp, but that does not appear to be the case.

If you are someone who values your privacy in these matters, then this might be one of those apps that is not for you. If you do not want your children using this app, or their friends uploading your child’s picture, then you need to have a talk with your kids about digital safety and security. If you are worried about the future of facial recognition software being used in harmful ways, then you might not want to add your picture to the database of more than 150 million users’ photos that FaceApp has already collected.

The biggest issue with this news is not what FaceApp could be doing with it. Rather, how users have become very quick to download and use the latest fun app without really paying attention to the terms and conditions. If you do not know what permission you have given an app, how will you know if the app does something you are not comfortable with?

Remember that it takes money to build a platform or an app. If someone is letting you use it for free, you should proceed with caution. They are getting paid somehow, and in many cases, their income is from the user data they sell. If you are not having to pay to use it, either advertising dollars or your information are probably providing that revenue. Again, it might be harmless data that you do not mind sharing, but if you did not understand the terms and conditions, you could find out its information or purposes you are not comfortable with.

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at 888.400.5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

Is Deepfake the Next Step in Cybercrime?

Things to Consider When Using VPN

New Tool Helps Consumers Make Sense of Data Breaches

Pucker up for a selfie and set your Snapchat filter with dog ears – it is World Social Media Day! If we divide tech users into two groups, the casual account holders and the social media fanatics, this event can mean very different things. The casual user might see social media as a necessary evil, a tool that everyone seems to have to have, even if they do not use it regularly. To the ultra-fans, social media is a way of life, every day is truly World Social Media Day to these users.

Each viewpoint is valid and a matter of personal choice. However, when it comes to protecting yourself online, there are different concerns for each kind of user.

The Casual User

If you have a Facebook account but never use it, or you signed up for Twitter but cannot remember the last time you tweeted something, you might be a casual user. You might use social media for group communications once in a while or post the occasional photo. For those reasons, you might be at risk of being hacked or spoofed.

When someone hacks into or copies your account, they can target your friends and family for information and money. They can also turn the tables by pretending to be you, and ask for sensitive information about your identity or comprise your reputation.

If you are a casual user, there is good news. Your password is your best friend. Since you will not be logging in and out regularly, feel free to make an unbreakably long, complicated password. If you did need to log in and are no longer able to access your account with this impossible password, simply click Forgot My Password and sign in via the password change link in your email – make sure it is a password reset you actually requested before clicking any link. You can also choose difficult security questions that are not very common, to keep a hacker from accessing the answers and using them on your other accounts. Celebrate World Social Media by taking these precautions on your accounts.

The Social Media Fanatic

Congratulations, your obsession with online updates is now considered practically commonplace. Like millions of Americans, you think of social media as a way of life, a handy tool and just plain fun. But there is nothing fun about being targeted by a social media scammer or hacker.

If someone is checking their accounts routinely, you might think it would be easy to spot something out of the ordinary. Instead, people with high friend or follower counts and lots of posts are an easy target for someone to spoof their account. Instead of trying to hack into an unused account, scammers create a new one that looks just like the original. They reach out to the original account’s followers and lure them in with a new friend request, trying to capitalize on their reach.

One way to avoid a spoofer is to make sure your privacy settings are as strict as your comfort level. If you are trying to meet and connect with new people, your settings might be a little more open. But if you are only want to connect with people you know, there is no reason to leave your posts open to the public.

Depending on the platform, you may not have much control over who can see them. Therefore, it is important to avoid oversharing, something that can become a real problem when you spend so much time letting others see glimpses into your daily life. Avoid personal details, overly specific references to your home and workplace, photos that include geotags or identifiable locations and stay safe this World Social Media Day!


You might also like…

Imposter Scams Were the Most Reported Complaint in 2018

In New Scam, Criminals Pose as Government Pretending to Help With Identity Theft

Study Explores Non-Economic Negative Impacts Caused by ID Theft 

 

If you are traveling and plan to rent a car, there is a very specific privacy pitfall threatening you. Rental car companies have begun offering premium features in their fleets of vehicles, including things like Bluetooth sound systems, on-board GPS navigation and infotainment devices for everything from playing music to showing movies. The upgraded technologies can pose a threat to your identity.

Most rental car companies have no policy concerning deleting your Bluetooth-enabled activities from the vehicles once you return them. Some privacy organizations have even rented cars with the intention of seeing what past users are still stored in the device. It was a surprise to discover that many big-name rental car companies do not delete old user information, and that previous renters’ info was still easily visible.

Now, this might seem like a small concern in comparison other identity threats – like having your Social Security number stolen – but rental car risks exposing information like downloads, navigation and your phone’s identity. Your personal data should not be accessible to anyone else, especially the random individual who rents a car after you.

It is unfortunate that rental car companies are not concerned as they should be about your personal information. Sadly, this is a trend we see across many industries as misuse of personal data and data breaches are on the rise. Even if companies are not as worried about someone finding out your information via rental car technology, there are still steps consumers can take to minimize car rental risk.

Do not connect

The very first solution is to not connect your phone to the vehicle. This might not be ideal for integrated use, but it is the safest of precautions a consumer can take.

Delete the history

If you choose to connect, delete your own history from the Bluetooth system and the GPS navigator. If you do not know how, ask the service department when you return the car.

Block your name

Some Bluetooth-enabled devices will use a nickname for the device when connecting, such as “Lisa’s iPhone.” If your nickname is in your device and is picked up by the car’s system, it is possible that the next patron could piece together your nickname, your whereabouts (from the GPS) and your social media profiles in order to follow you. This could lead to other malicious activity.

Avoid having the GPS take you home

You already know where you live, so if you are using the GPS in a rental car, do not have it take you all the way to your house. It is enough to take you to your city or town, then shut it off and find your own way for the rest of the trip. This prevents others from finding your home location to plan a robbery or other malicious activity.

Do not skip the inspection

Do not skip the inspection when you return a vehicle. It is a good time to ask for help if you cannot delete your Bluetooth activity, and prevents any disputes later about damage to the vehicle. Some car rental places have started letting you place the keys in the car and leave without seeing an attendant, but avoid this and you will be happy in the long run.

Of course, the Identity Theft Resource Center is here to help. Speak to an identity theft advisor for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.


You might also like…

Imposter Scams Were the Most Reported Complaint in 2018

In New Scam, Criminals Pose as Government Pretending to Help With Identity Theft

Study Explores Non-Economic Negative Impacts Caused by ID Theft 

 

What is on your agenda for today? Go ahead and pencil in changing your Facebook passwords. This item does not need to be near the very top of the list, but it is certainly a good idea to put it on there and follow through.

According to a report by KrebsonSecurity and a follow-up announcement from the company, hundreds of millions of Facebook passwords were left accidently unencrypted. If you are not already aware of what that means for individual users, do not worry there is no evidence that anyone got your password. It just means that those passwords were “visible” in plain-text to anyone who was able to access the servers, which could include hackers—although there is no evidence of that—but certainly included numerous employees of the company.

In fact, Facebook seems to have traced the security issue back to project that centered on employee-created tools, apps, and features. Once the employees accessed the usernames and passwords for their work, those passwords were often stored in plain-text. Some of these employee-created copies of the login credentials—especially the passwords—go back as far as 2012.

Facebook has not released information on how many user accounts were visible or how many employees had access to the information, but KrebsonSecurity has details that put the number of employees at around 2,000—and those employees made approximately 9,000 separate data inquiries into millions of users’ login credentials.

This issue does not fall under data breach notification laws or protections, and Facebook is not recommending or forcing a password reset at this time. However, the social media site will inform users whose information was left potentially exposed, which is why it is important for the users themselves to be proactive about changing their Facebook passwords. There is no way of knowing if anyone other than the authorized employee accessed their information, and also no reason to assume that a company employee could not be the one to maliciously use or sell a large database of credentials.

“Password hygiene” has gotten a lot of attention in recent years, largely due to incidents like this one. If you secure all of your accounts with a strong password that you do not use anywhere else and that you change routinely, announcements like this one probably will not even be a cause for concern. However, if you use an easily guessed password, reuse your passwords on multiple accounts, and keep the same password for years, your risk of harm from a data breach is much greater.

Remember, to keep your online accounts protected:

  • Use a strong password that contains a long string of characters—eight to twelve letters, numbers, and symbols
  • Only use your password on one account
  • Update your passwords routinely, especially on sensitive accounts like email, social media, and financial sites

Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: Imposter Scams Were The Most Reported Consumer Complaint

Data Privacy Day is an international effort to empower individuals and business to respect privacy, safeguard data and enable trust.

Many of today’s tech users have never navigated an online world where they weren’t constantly asked to provide personal details about themselves for everything from booking a doctor’s appointment to buying a new shirt. Too many tech users don’t do enough to protect their online privacy and secure their data, while also thinking that it’s “other people” who don’t protect themselves.

This is a trend that Data Privacy Day works to address. The Identity Theft Resource Center is the non-profit partner for this event, hosted on January 28th, 2019, by StaySafeOnline. Powered by the National Cyber Security Alliance, the upcoming event will focus on the changing privacy landscape and what that means for consumers, businesses, policymakers, and more.

The change is so rapid, in fact, that StaySafeOnline is referring to this age as a new era in privacy, and as such, the event will feature a wide variety of instructional sessions led by some of the top names in the field. With events available for both in-person attendees and live stream participants, Data Privacy Day stands to be a source of vital information to kick off the new year with a focus on security.

Of course, there are actionable steps that every tech user can implement right now to help secure their personally identifiable information and protect their privacy:

1. Understand—and put in place—good password hygiene.

2. Establish a family or company policy on how to respond to suspicious messages and what steps to take in the event of a possible privacy incident.

3. Install strong, trustworthy security software that helps block or delete attempted privacy threats.

4. Think twice about oversharing, whether it’s posting too much information on social media, responding to emails asking for identifying details, or handing over your data to third-parties.

5. Seek out the vulnerabilities that may already be a threat, like third-party apps, unsecure privacy settings in your social media accounts, software and operating systems that haven’t been updated regularly, and more.

Can’t be there in person? Watch live from LinkedIn, SF! ITRC CEO, Eva Velasquez will be joining privacy experts on the panel, “The Future of Privacy and Breakthrough Technologies” to discuss advances in technology, such as artificial intelligence to the human body acting as the computer interface, how privacy will take on even greater significance. Panelists will highlight why our actions now will drive tomorrow’s outcomes.

Just released – Download the 2018 End-of-Year Data Breach Report


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

Read next: Consumers at Risk: 126% Increase in Exposed Consumer Data, 1.68 Billion Email-Related Credentials

Social media has changed the way people interact with each other in both good ways and bad ways. It’s amazing to connect with people all around the world or to find a long-lost classmate from seventh grade. It’s something else altogether, though, to find yourself in a compromising situation because of something you posted online.

One of the more recent features of different social media sites like Facebook, Instagram or Twitter is the ability to broadcast live video to your followers. This feature can be fun and entertaining or even educational, but if you’re not sure how the platform works or what kind of surroundings you’re broadcasting from, you may be unhappy with the results.

1. How long is my video accessible, and who can see it? – Those questions depend on the platform you’re using. Twitter’s Periscope or the Meerkat platform, for example, are available to anyone who chooses to click on your name. Facebook Live can be limited, meaning you can broadcast to everyone or just to your friend’s list. Instagram Live, though, is by default set to allow anyone to see your video; you have to adjust that setting yourself if you want to keep it private.

As far as how long the video is available, there are key differences you should know before you press the button to go live. Instagram Live videos are gone the moment the camera turns off, but Facebook Live videos can repeatedly be viewed and at a later time.

2. What’s going on around you? – You’ve probably seen some viral videos with hilarious background images, such as an adorable wedding couple sharing the first kiss during their beach ceremony only to have a man in a tiny swimsuit standing behind them. It’s not so funny when the visible area behind your video contains anything incriminating, illegal or simply embarrassing.

Remember, depending on the platform and the settings, you might not control who can see your video. If anything behind you is a dead giveaway for your location, any of your identifying information or even the answers to typical security questions (i.e., posting a video on your birthday and mentioning it), you might be sharing far more than you intended.

3. Is this content allowed? – Each platform has regulations for what is and isn’t permitted, and it’s up to you as the user to know what they are. Obviously, behavior that violates copyright—like broadcasting live from a concert, movie, or other ticket-holder events—is a no-no; even if you don’t necessarily get in trouble, it’s still theft, and it’s wrong. Broadcasting live for anything other than journalistic reasons from a crime in progress can also land you in hot water with both the platform and law enforcement.

If you want to go live on social media, you need to be smart. Know how your platform works, understand your privacy settings and surroundings, and make sure it’s approved, beneficial content… then smile for the camera and enjoy!


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.

April the Giraffe became an internet sensation in 2017, bigger perhaps than any pop-star-behaving-badly, for her adventure park’s YouTube live stream of her pregnancy and delivery. It took a little longer than expected, but she gained a following of millions of viewers for the birth of her first baby to be born at the park, Tajiri.

At that time, many people had a tongue-in-cheek criticism of the whole sensational affair: how would you feel if someone broadcasted your pregnancy and delivery to the entire internet?! In fact, in recent years, more and more hospitals have instituted policies against this very thing, banning video cameras, digital cameras and even cell phones from the delivery room to give the mom and baby both some privacy.

Obviously, April didn’t seem to mind either the jokes or the constant attention directed towards her medical condition. Hopefully, she’s just as calm about the April Cam going live once again for her next delivery. But that doesn’t mean we should be so laid back about our own privacy and oversharing of personal information.

Oversharing happens when we post more information or content online that might be safe. It could be sharing too many details in your social media profiles, entering information online without finding out where it will end up, even posting photographs that in hindsight probably shouldn’t have been made public. In any event, oversharing is a serious problem that can lead to consequences like identity theft, account takeover, repercussions at school or in the workplace and more.

In order to avoid oversharing, there are a few things to keep in mind:

  1. Social media settings – Who can see your posts? Do you know how to keep others’ prying eyes out? Depending on the platform, such as Facebook versus Twitter versus Instagram, you have options when it comes to keeping your content limited to people you personally know. To check up on your privacy settings, log into your account and go to your profile. Note: that’s not to say everyone must lock strangers out altogether, but it’s good to know how to set up your preferences and change them if you wish.
  2. Locations – If you have location settings turned on for your phone or other devices, you might be handing a criminal the exact location to where you’ve taken a photograph, even down to which room in your house. A concept called geotagging incorporates these coordinates into the digital file for the image, and when you upload that image, you can retrieve the coordinates by someone who accesses the picture. In order to keep your location under wraps, be sure to turn off the location settings for your device’s camera so, anyone with malicious intent doesn’t come looking for the flat-screen TV or MacBook in the background.
  3. Sensitive content – Finally, once you’re certain that the posts aren’t giving away too much, really think about what’s in the post, photo or video. Is this something that paints you in the best light? What will an employer say about it? Is it embarrassing to anyone in your family, including your kids?

Remember, April the Giraffe may not understand that millions of people around the world watched her every move—including an event that most people consider to be very, very private—but you and your friends or family might care a great deal. Protect your privacy and your dignity with safe, smart sharing behaviors.


Contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.