Social media sites have redefined the way a lot of people use the internet. Where it used to be suspicious for people to know information about you, it’s now becoming so common that many of us are letting our guards down. Face it, thanks to social media, I can find out where you like to shop, what you ate for dinner last, what movie you saw last week, and more. It’s easy to find out where your kids go to school and what soccer teams they play on. Even better, some social media sites actually provide real-time information of where you are…physically.

The strange thing is that this is the information users are sharing knowingly and intentionally. This isn’t secret hidden data that a hacker can pull out of a computer, this is stuff that people purposely tell their social media contacts about.

And while willing use of social media is hardly a Big Brother situation, users need to understand that hackers are all too happy to grab as much personal information about you as they can, then use those puzzle pieces to complete the picture of your identity.

One important step begins even before you have your account. Give as little information as possible in order to establish the account, and keep a close lid on information that is too personal. Remember that your credit card company might want your mother’s maiden name as your security question, so don’t use that question on Facebook to establish your account. It’s understandable that people might want to find you by knowing what high school you went to, but do they really need to know your last three jobs, your church, your hometown, and your current profession?

Never click an email link from someone sent to you over social media unless you know the person well and you have verified that the link is something that person intentionally sent you. There are a number of scams in which your friend’s account gets hacked and the criminal sends the link to everyone in your friend’s contacts list. That link isn’t a cute video of a puppy playing with a garden hose, instead it’s a landing page that’s installing malware on your computer, snapping up your personal information.

Some of the worst behaviors online actually come from people who aren’t trying to overshare, but do so accidentally. Did you really just announce to the entire internet that you’re going on vacation to Hawaii next week and won’t be home for five days? Locally, popular sites like FourSquare let you “check in” at different places from your smartphone, sometimes to earn free discounts. Unfortunately, you just told would-be criminals that you’re standing in line to see the new action movie that just came out, but what they read was, “I have two hours and six minutes, plus driving time, until I’ll be back home.”

Even more frightening is the connections thieves can make between your posts. If you’ve posted pictures of your toddlers on your account, for example, those criminals also know you probably didn’t bring that toddler with you and he’s home with a babysitter. By checking in at that movie theater, they also know your hometown and where you go for entertainment.

Speaking of those pictures, it’s important to know that sharing photos on Facebook, Instagram, Twitter, and other social media sites can have a very serious consequence if you took them with your smartphone and uploaded them. Unless you have turned off the GPS setting in your phone, any pictures you take will be coded with the coordinates to where that picture was taken. Did you just post a picture of your family eating on the back deck, or your daughter’s school play? The coordinates to that picture were posted with the photo, telling criminals where your house or your child’s school is located. You couldn’t have done them a bigger favor than if you’d actually drawn a map.

Social media is a great tool, and can even just be a lot of fun. But it can’t be beneficial if it leads to criminal activity against you and your identity. Take precautions to protect your accounts and your safety, and when it doubt, don’t post it.

If you found this information helpful, you may want to consider taking part in the Identity Theft Resource Center’s Anyone3 fundraising campaign.  For more information or to donate please visit http://www.idtheftcenter.org/anyone-3.

Following the news of the NSA and whistleblower Edward Snowden, companies and individuals alike have begun paying much closer attention to how privacy is regarded on the Internet. With reports of corporations reading their customers’ emails—as in the case of Microsoft’s recent efforts to track down the source of a software code leak—and concerns over faceless entities accessing consumers’ private information online, users are right to be a little more cautious about their Internet activity.

In the case of Microsoft, the company went a little further than just accessing someone’s account. Based on a tip that a former employee had stolen data and leaked it to a blogger, the group actually searched the employee’s emails on their servers and read entire conversations. The blogger ultimately published the information that had, in fact, been stolen by the former employee, giving Microsoft legal grounds for prosecution.

But what really raised eyebrows about the entire scenario wasn’t the theft of Microsoft’s proprietary information, but the fact that the software giant openly and blatantly admitted to reading its users’ emails. The former employee had used a Hotmail account, which is a Microsoft product, and according to Microsoft’s terms of service, this gave them permission to access, read, and ultimately use that person’s emails as evidence.

The public outcry has been interesting, to say the least. Everyone from consumer protection groups to legal experts have weighed in on the alleged violation of privacy. And while we could argue the “Big Brother” aspect to the situation all day long, ultimately…Microsoft is right. They have the legal power to do as they did, and it’s very surprising that so many people are upset about it; it means that a large portion of the online community doesn’t know what’s in those terms of service that we all blithely agree to.

While tedious and filled with legal jargon that could have even the most seasoned court officers nodding off, terms of service are very real legal protections that outline in writing what the consumers’ rights are, and what the corporations’ rights are. They can be quite surprising, as in the recent outrage over what should have been a positive and well-received offer for authors and writers.

Due to a pleasant exchange on the social media site Twitter between two authors, Amtrak took action and established a writer’s residency program. Basically taking these two up on their suggestion, Amtrak is currently taking applications from authors to give them free rail travel with the express purpose of letting them write their books while on the train. The down side? Those pesky terms of service.

Not only does the author’s private information become available through Amtrak’s TOS, the actual book that the author writes during the residency becomes Amtrak property. Whether that was intentional or simply a misspoken line in the TOS is not yet known, but a rush of authors flooded the Amtrak site to sign up and then found out after the fact that not only were they signing away the rights to the book they would presumably write, but that they had also just given permission for Amtrak to publish and use the sample writing that they submitted with their applications. Because they didn’t read the TOS before signing, many authors are crying foul and demanding their applications be deleted.

While privacy policies are an expected right, they’re not something that consumers can easily sign away. Regardless of what a company’s terms of service state, privacy is constitutionally protected; even if consumers agree to waive their right to privacy just by clicking “I Accept,” that does not make it legally so. But you will have a far easier time fighting a violation of your privacy by first knowing what’s in the agreement you just clicked.

In the case of Microsoft, while industry experts continue to speak out vehemently against the invasion of privacy, company vice president and general counsel John E. Frank said the practice is in full compliance with the law, specifically the Electronic Communications Privacy Act. However, Microsoft has already amended its practice for this type of situation to include several layers of oversight by teams of attorneys, agreeing to only take invasion action if the legal teams agree the situation warrants it.

FTC Commissioner Julie Brill urged Congress to pass new privacy laws while making a speech at Princeton’s Woodrow Wilson School on February 20, 2014. She specifically lobbied for Congress to pass three privacy laws related to data broker transparency, a comprehensive federal privacy law, and a federal data security law, reports The Hill.

The first privacy legislation she called for would require more transparency for information brokerage companies which track consumers and analyze their behavior to sell for marketing purposes. Data brokerage companies track what consumers do while browsing the web, while shopping in physical stores and 
even what kind of purchases they make. They do this to compile as much data as possible on a consumer and then use complex algorithms to make inferences about the consumer. Brill mentioned Target’s tracking practices in which the company would track female consumers’ purchases in such a way as to be able to determine whether they are pregnant and even what stage of pregnancy they were in at any given time.

The second piece of legislation Brill called for was a comprehensive “baseline privacy legislation for the commercial arena.” The U.S. privacy law framework is such that different laws apply to different types of data or people. This can make figuring out which law and requirements an organization needs to comply with complicated, but it can also leave holes where certain data does not have any specific privacy law dedicated to it. Brill wants a baseline privacy bill that would “close the gaps in consumer privacy protections and help level the playing field among businesses.”

Lastly, Brill insisted that the U.S. clearly needs data security legislation. This is a hot topic lately after very public data breaches (Target, Neiman Marcus) captured the attention of the U.S. bringing data security, privacy, and identity theft to the forefront of the general public’s mind. There are currently 46 state data breach notification laws (plus the District of Columbia, Guam, Puerto Rico and the Virgin Islands), which can create a confusing maze for breached entities to navigate when determining what is a breach, who must be notified, when must they be notified, what the notification must include and more. There are several bills pending in Congress which seek to create a federal data breach notification law that could possibly preempt the state data breach notification laws. This is a touchy subject for many states because there is a risk that federal preemption of state data breach notification laws will water down many states’ individual laws. We will monitor legislation introduced in Congress to see if any of these FTC requests come to fruition.

“FTC Calling for Privacy Legislation” was written by Sam Imandoust, Esq., CIPP, CIPA. He serves as a legal analyst for the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.

Most of us are aware these days that smart phone information isn’t as safe or as private as we might like.  Revelations about massive smartphone metadata being collected and stored by the federal government awoke many to the risk that anything they do on their smartphone could potentially be watched or monitored by a federal agency.

The risk of exposure of the very sensitive, personal information you store on your phone by no means begins or ends with government intrusiveness.  Seemingly, every day the public is made aware of a corporate entity (see Snapchat) suffering an improper exposure which may potentially lead to yourinformation falling into the wrong hands.  Insecure mobile apps are but one more way that your information can be compromised.

Smartphone PrivacyWe’ve all seen similar scenarios play out like this before – elected representatives fail to protect the people they’ve pledged to represent, then a private entity or entities produce potential solutions consumers want and need which are unable to be found elsewhere. There are now a few products on the market that seek to address the issue of smartphone privacy in a real and tangible way.

Several products put on the market by the company Silent Circle seek to directly address the problem of smartphone privacy.  For ten bucks a month, they will encrypt all voice, video, text and file communication sent to anyone who is also using Silent Circle Mobile. The option for a more expensive upgrade also exists which will allow a user to encrypt their end of a phone call to a mobile or landline, even if the person on the other end isn’t a subscriber.

For secure internet browsing, The Guardian Project has created a free app called Orweb Browser, which allows users to browse the web privately. It frees you from cookies, limits security threats, and prevents network providers from viewing your web history.  Additionally, there are several other programs available to restrict outside access to your phone. While none of these offer complete, impenetrable security, it is a great way to reduce your exposure to the prying eyes of your creepy Uncle Sam.  If you’re looking for something to add some level of protection without having to pay for and install additional software, consider utilizing the private browsing modes on Safari or Chrome browsers, both of which are available for either IOS or Android platforms.  While this won’t encrypt your information, it will prevent your browser from saving your data, browsing history, or cookies once you exit the browser.

The Guardian Project also has an app for secure text and instant messaging called Chat Secure.  This program unlike some others, doesn’t replace your existing texting or messaging application.  Instead, it allows you to send encrypted messages over a plethora of different chat services including Facebook Chat, Google Talk, Google Hangouts, Jabber and others.

If you have questions about the risks to your privacy your smartphone can create or would like more detailed information on the steps to take to protect yourself, please call the ITRC toll free at (888) 400-5530 or visit our website at www.idtheftcenter.org.

Protecting your Smartphone Privacy” was written by Matt Davis.  Matt is Director of Business Alliances at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.

Commercial website operators should be reviewing their online privacy policies to ensure they are in compliance with California’s new “do not track” law.  On September 27, 2013, California Governor Jerry Brown signed into law AB 370 which amends the California Online Privacy Protection Act of 2003 (CalOPPA). AB370, introduced by Asm. Al Muratsuchi, amends Section 22575 of the California Business and Professions Code to require commercial website operators to openly disclose how they will respond to a “do not track” signal from an internet browser.

A “do not track” signal is a mechanism by which an Internet user can click an option within their browser that will automatically tell every website (they) visit that the internet browser used does not wish to have their activity tracked. Despite much attention and effort devoted to the topic, the term “track” still does not have a widely accepted definition.  (However, it is most frequently assumed to mean that the user does not wish to have their personal internet browsing seen by third party websites). 

The W3C’s Tracking Protection Working Group (TPWG) was tasked with defining the term and establishing a self-regulatory system with rules dictating how a website should respond to a “do not track” signal from an Internet user’s browser. The TPWG was created more than two years ago and has made little to no progress on their goals. Due to the lack of progress, the Digital Advertising Alliance (DDA), a “consortium of the leading national advertising and marketing trade groups,” withdrew from the TPWG with DAA CEO stating, “the TPWG had yet to reach agreement on the most elementary and material issues facing the group.” The TPWG continues to function despite the departure of the DAA; however, some have lost faith in the group’s ability to effectively dictate policy.

With the passage of AB 370, California is giving the advertising industry a gentle prod because the bill does not attempt to define or regulate “do not track”, but does increase the transparency of which information is collected and how it is used. What the new lawdoes regulate is commercial websites’ privacy policies, thereby requiring that the commercial website operator explicitly state whether they will honor a “do not track” signal from a user’s browser. Although this is a California law, any commercial website that collects personal information from California residents should be aware of this new law and determine whether their privacy policies need to be updated.

AB 370 went into effect on January 1, 2014, so privacy policies should be updated already; however, a cursory review of several well-known commercial websites shows that many organizations have not yet updated their privacy policies. Website operators covered by CalOPPA have 30 days to comply with the new amendments after being notified or noncompliance or they can face fines of up to $2,500 per violation of CalOPPA.

“Happy New Year, Happy Updated Privacy Policy” was written by Sam Imandoust, Esq., CIPP, CIPA. He serves as a legal analyst for the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.

These days more and more people are beginning to use their smart phone as their main tool for browsing the web, transferring documents, sharing and storing personal pictures, and managing financial accounts.

There is also an increasing use in the workplace. A smart phone can be a treasure trove of personal information and proprietary work information that can be exploited for financial or personal gain. Sensitive data can be found in a multitude of places on your iPhone:

  • Private emails containing passwords to other accounts, financial account information and attachments containing sensitive information such as a tax return.
  • Work emails containing confidential business communications, intellectual property or protected customer information.
  • Should your iPhone passcode be bypassed or left unlocked, a thief can use apps installed on your phone to manage bank or financial accounts and other sensitive transactions.
  •  Pictures in the iPhone camera roll may be of a private personal nature or contain scans of sensitive documents for personal or professional use.

Unfortunately, many people don’t realize just how much personal information is accessible via their iPhone and don’t take necessary steps to protect it. Sometimes people go beyond failing to take protective measures and actually take proactive measures to reduce the security of their iPhone. For example, many people opt to “jailbreak” their device which entails the owner making unauthorized modifications to the operating system of the phone.  These modifications allow users to download apps or perform other tasks normally not allowed by the iOS. This can result in severely reduced security measures that come with the iOS in order to protect your personal information and ward off malware targeted at your iPhone.  (Yes, there is malware designed to attack iPhones).

The latest iPhone has a fingerprint scanner that can be used to unlock your iPhone in lieu of entering a four digit passcode, but was successfully hacked about two days after the iPhone 5s was released.

New hacks and tricks are discovered every day by white hat hackers looking to expose iPhone’s vulnerabilities so that Apple can resolve them. Many of these hacks are short lived as Apple is good at providing updates to close security loopholes when they are discovered, but they continually surface  and this requires vigilance on the part of the iPhone owner to stay up to date on iOS updates. These hacks often include methods to bypass the unlock passcode to access limited capabilities of the iPhone via Siri or the control panel.

While there is no surefire way to avoid having your iPhone hacked, there are many ways to reduce your chances of unauthorized access:

  • Keep your iOS updated and be quick to install the updates as soon as they become available.
  • Disable access to Siri and Passbook while the phone is locked by navigating to Settings -> General -> Passcode Lock and switching Siri and Passbook to off.
  • Disable access to the Control Center while the phone is locked by navigating to Settings -> Control Center and turning off the “Access on Lock Screen” option.
  • Should you decide to use the fingerprint scan option to unlock your phone, use it in conjunction with a four digit passcode to increase security.
  • Whenever browsing the web using free WiFi in a public place, use a VPN service to prevent thieves from monitoring your Internet activity.
  • Always have your iPhone passcode lock activated and consider using the auto-lock feature to avoid accidentally leaving your phone unlocked in a public place.

“Protect Your Privacy on Your iPhone” was written by Sam Imandoust, Esq., CIPP, CIPA. He serves as a legal analyst for the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.

Critics of privacy practices argue that your personal information is so commonly disseminated, to so many various persons and entities, that any effort to mitigate the spread of your information is wasted effort.  But as ITRC CEO Eva Velasquez is often quoted saying, “Just because a rock will easily go through my window doesn’t mean I leave home with the front door unlocked.”

One of the ways that can be shown to statistically reduce your likelihood of becoming a victim of identity theft or financial fraud is to limit the number of times you allow your personally identifying information (PII) to be shared over any given period of time.  The first step then, is understanding when there is a legitimate need for a person or organization to request your information, and when you’d be better served to politely refuse to give out your social security number, bank account, or identification information.  Below are some examples of common scenarios and locations where you may be requested to share your PII and an analysis of whether the information is really necessary.

The Doctor’s Office:  The idea that you have to share your social security number or driver’s license number at your medical professional’s office is one of the most common misconceptions amongst the public today.  After all, there it is right at the top of their very professional looking sign in document; A block of space requesting your Social Security Number.

Here’s the thing: in the vast majority of cases, a social security number is not necessary for your Dr.’s office to have on file.  If you have medical insurance the insurance number and group number combined with your name and contact information is sufficient for them to process your method of payment and establish a medical record.  Usually if you inform them you’re uncomfortable giving out your PII or you simply leave the applicable spaces blank they will simply say “OK” and process your paperwork without it.  If they insist upon collecting your SSN, ask them what specific purpose they need it for? Additionally, it’s wise to inquire as to their procedures for storing sensitive information. Will your info be stored on a computer or in a hard file? Who has access to the information? What sort of e-security do they have if they will be storing your information on a computer?  These are all important things to understand before you leave your personal information in the hands of a stranger.  If they are unable to answer your questions to a satisfactory level you can always inform them that by law they cannot require you to give out your PII.

Job Interviews:   This one can be a bit tricky because at some point an employer will need a new employee’s PII, including but not limited to your Social Security Number.  So when is the appropriate time to share that information? Especially in today’s digital world this question is an important one.

As a general rule of thumb you should never give out any PII to someone you haven’t actually met face to face and shook hands with.  The job interview process in 2013 often starts online, but eventually it should progress to phone conversation and then a face to face meeting.  PII is appropriately requested by an employer when you are approaching the end of the hiring process.  That is: you’ve had several interviews, both parties clearly have some level of interest moving forward and hiring at some level seems imminent.  To process your paychecks and taxes and related HR issues, an actual employee will need to produce his or her PII.

It is not appropriate for the employer to send you an application form via email after your first correspondence asking you for PII before you’ve even identified who it is you’re actually talking to.  PII is not necessary to conduct any part of the interview process prior to background checks and credit scores, and again, the appropriate time for that conversation is after several communications and at least one face to face meeting with your potential employer.  Be wary of jobs posted online that seem too good to be true. Making 5,000 dollars a month just for receiving and shipping packages, for example is likely a re-shipping scam.  No legitimate employer will pay you just to cash checks either.

The Department Store:  Those of us who like to shop can be somewhat easily enticed by offers of significant discounts through signing up for a store credit card.  While a store clerk is completely on the straight when they ask you to fill out the application for credit to become a member, it’s important to consider the risk before providing them the PII they require to open a line of store credit.  Much in the same line of thinking as at the Dr.’s office you want to get a feel for how seriously they take security before you give them your information.  Ask them how and where that information is stored, and who has access to it.  Only after you’re satisfied they give due consideration to the safety of your PII should you consider filling out their application for credit. Weigh that risk against the convenience or amount of savings you’d miss out on by paying for your purchases with a non-store credit method.

You must remember that it is impossible to completely prevent identity theft.  You have to give out your PII for some purposes and often once you do that, you are no longer in control of how that information is protected.  However, using these tips will help you minimize the places you have to trust with your PII.

“Do They Really Need Your Information? was written by Matt Davis.  Matt is Director of Business Alliances at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.

The geo tagging feature on your smart phone can be a very cool way of allowing people to know where you took a beautiful scenery picture, attended an interesting event, or even serve you as a digital road map to locations associated with fun experiences you’ve had over the years in just a few clicks of the mouse or touches of the screen on your phone. Geo tagging makes it easier for you to arrange photos and let friends know where they might be able to replicate some enjoyable experience you had.

As with most modern technological conveniences, there is also risk to consider when using your Geo tag capabilities.  Primary amongst these is the risk of “social surveillance.”   Most of us who use social media regularly are familiar with social stalkers.  These modern creepers make use of the information you publish on social media pages in order to track your movement, your habits, and your associations.  Stalkers can make use of public geo tagging information to pinpoint your present location, find out where you live, and even how and where you spend your time with very little effort. This very fun feature of modern smart phones can also potentially put your safety and security at risk, depending on who you are, and the value to anyone who might want to track your movements.

The point is not to scare you, but to note the risks and be wary.  It pays to know the risks, and have an air of caution when using this feature.   Avoiding the risks of geo tagging is definitely something consumers need to be wary of as privacy continues to erode in our ever more electronically connected society.  What follows are a few best practices to keep you safe while geo tagging.

  1. Take the time to note your default privacy settings: This applies both to your smart phone or mobile device and the social media networks you access through your device.  To geo tag something is simply attaching GPS grid coordinates to a picture, video, website or text message.  Sometimes tagging a location maybe a default setting on your phone or on the social network you’re using.  It is important to be aware of these settings so you can consciously decide when and where you geo tag, and who the information will be available to.
  2. Understand the Risk:  Realize that geo tagging information gives anyone who views it the opportunity to know your exact whereabouts, particularly in instances where you’ve posted your location to multiple sites (e.g. Twitter, Facebook, and Instagram).  A check-in at the airport with the message “vacation for the next week!” for example lets anyone who might care to look know that you’ll be out of town for a week.  If you’ve also been geo-located at your place of residence in the past this information could be very valuable to a thief looking for an opportune time to break in.  Additionally, if you use the geo tag feature regularly, it can also give others an understanding of your movement patterns, which will give anyone with an interest in stalking you a picture of your routine, allowing them to predict where you will be and when.  Be aware of who in your network will have access to this information, as it’s possible that not all of them are really your “friends.”
  3. Know How to Disable the Geo Tagging Feature: Every smartphone has a geo tag feature, and many of them will be automatically set up to function without you consciously choosing to have it do so.  You need to take the time to figure out how to prevent it from doing this.  It’s a much better idea to consciously decide to geo tag each time you post rather than having to remember to opt out of geo tagging each time you post.  Leaving the default setting as geo tag operational will likely mean there will be times when you inadvertently post your location to the world when it is risky or unnecessary to do so.

For iPhones: Go to the “settings” page of the geo-tagging program.  Go to “settings” then “general” and then “location services.”  Disable those applications that automatically make use of your GPS tracking data.

For Android Platforms:  Start the camera application.  Open the menu and go to “settings.”  Turn off “geo tagging” or “location storage” (depending on the type of Android).

For digital cameras, be sure to consult the user manual.  Not all digital cameras come with a geo tagging feature, but it’s important you know how your particular camera operates in relation to location tracking.

“Geo Tagging and Do Not Track” was written by Matt Davis.  Matt is Director of Business Alliances at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to the author and linking back to the original posting.

Privacy is becoming an ever more important issue garnering increased public discussion. Increased fear of misuse of personal information is slowly showing up in a multitude of consumer surveys. Facebook along with many other global powerhouses have at times been criticized for their perceived failure to adequately address the various infringements on individual privacy that can sometimes result from their services. In an effort to address these concerns, Facebook recently put a privacy tutorial in place for all new users.

facebook-logo

Facebook created customizable privacy settings several years ago, but many users expressed unfamiliarity with how to effectively make use of these settings. Other users simply were unaware of or else never took the time to understand privacy implications. In an effort to generate greater awareness of privacy risks, as well as greater understanding of how to best make use of Facebook’s privacy settings, a tutorial for all new users has now become a part of the set-up process for any new Facebook account. In the tutorial, users are made to understand how their information is shared with others, what information is shared, and what options Facebook makes available in order that the individual may control what they share, how they share, and with whom.

For current users who wish to learn more about privacy settings, simply go to your account settings and find the tab labeled “privacy” and do a little perusing. If the Facebook tutorial specifically is something you want to help walk through the process of understanding the privacy settings, simply generate a new account (using a new email) and go through the start-up process. The tutorial will be one step in getting your new Facebook account fully set up and completed. Any questions about privacy issues can be directed to Facebook staff via message through the sites “contact us” listing.

“Facebook’s New Privacy Tutorial” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the original article.

Recently at the ITRC, there have been several curious consumers who’ve contacted us asking how they can be more proactive protecting their privacy when they surf the web. Well, we like to give the consumers what they want, so here are a few tips on how you can control your privacy while you use your Google Chrome Web Browser:

privacyFirst, in order to set your privacy settings, you must find the privacy settings. When you open your Google browser, find the button at the far top right of the screen,  just beyond the URL/address bar; the one that has three horizontal lines. Click that button and a drop down menu will show. Select the 4th option from the bottom that says “settings.”

This will open your settings within the webpage space itself. Find the blue hot link all the way at the bottom that says “show advanced settings.” This will prompt a longer menu to drop down, where you will see some basic privacy preferences like “enable phishing and malware protection” or “offer to save passwords I enter on the web.” These settings are preset by Google and generally speaking the default settings are appropriate for most users.

The most important area to focus on is a button immediately below the “Privacy” headline that says “content settings.” This button takes you to the meat of web browser privacy. In this subsection you’ll find the setting tables for things like internet cookies, pop-ups, location, plug- ins, and handlers. Examine this section carefully and select the settings that most conform to your level of concern.

Some people don’t mind having their web activity tracked by advertisers for the purposes of customized marketing, others do. The Google Chrome browser is highly customizable and easily adaptable in this way. Take a few minutes to examine your privacy settings, and have peace of mind next time you go online.

“How Can I Secure My Privacy on Google Chrome?” was written by Matt Davis. Matt is a Victim Advisor at the Identity Theft Resource Center. We welcome you to post/reprint the above article, as written, giving credit to and linking back to the ITRC Blog.