Organisations and governments have a shared responsibility to protect the citizens’ privacy. People share an enormous amount of information over the internet these days, and sadly, it exposes them to breaches of their privacy.
We are celebrating Privacy Awareness Week over this week, so we have collected you three top tips that help protect your privacy in the digital world.
Tip 1: Understand your rights to privacy
Every citizen should be aware whether organisations they are dealing with adhering to the applicable rules and regulations with regards to privacy.
I believe, protecting privacy should be one of the primary goals of the security program of any organisation. In fact, numerous legislations apply to organisations in Australia making them manage our personal details in a specific manner.
Over this week, we also celebrate the 30th anniversary of the Privacy Act 1988. The Privacy Act regulates how organisations must handle personal data through their lifecycle. This piece of regulation was a collaboration between organisations and the government to mitigate the likelihood of data breaches.
In 2018, The Australian Government has expanded the Privacy Act 1988 with rigorous privacy amendments. One of them is called the Notifiable Data Breaches (NDB) scheme, which regulates certain high-risk organisations to report and deal with privacy breaches in a particular manner.
Just after two months since the legislation came into effect in February, 63 data breaches were reported under the Notifiable Data Breaches scheme. On a related note, failures to comply with the NDB scheme can attract fines up to $2.1 million.
Tip 2: Understand your social media settings
Privacy Awareness Week is a good time to review and update the privacy settings of your social media accounts. Unfortunately, the default settings are usually too permissive, leaving you and your data exposed to the broader public.
For example, I had to modify the How People Find and Contact You setting on Facebook. By leaving the settings as shown below, anyone can find you on the platform by keying in your email address or phone number.
The other setting leaves your friend list available for anyone to see is ‘Who can see your friends list?’. So I have changed this setting, too.
Most importantly, I always review my friend requests for their legitimacy. Finally, consider reporting any unusual or suspicious activity in your account.
Tip 3: Consider what you share, how, and when
On different occasions, we may tend to share information on the internet without thinking of the potential consequences.
Others with nefarious intentions may add you as a friend on social media for getting full access to your personal details and use them against you. The information you share may be the answer to the security questions on your critical accounts. By guessing the security questions, the perpetrator may be able to reset your password and take over your user account eventually. For example, blogger Katie Kochetkova has managed to hack her own accounts by abusing the concept of security questions.
Beside security questions, weak passwords and password reuse can both be the Achilles heel of your privacy. The annual list of 25 most common passwords shows that we often fail to choose strong passwords, let alone not to reuse them elsewhere on other websites.
My suggestion is to install a password manager and generate strong, unique passwords for each website you register.
What is more, some of these managers can audit your existing password for weak passwords and password reuse, and automatically change them for you – saving you from a major headache when any of the websites get hacked and the passwords are leaked publicly.
Data breaches, data linking and numerous cases of abuses (e.g. Equifax hack, Cambridge Analytica scandal) have drawn more attention to the importance of privacy. They made citizens pressuring their government to be concerned about data privacy issues and regulate them.
As a response, various laws and regulations have been revised and updated with an attempt to remediate the situation. For instance, Australian Government agencies must comply with the Australian Government Agencies Privacy Code in two months. As for the General Data Protection Regulation (GDPR), it takes effect for all Australian businesses operating in the European Union.
The Privacy Awareness Week is an excellent occasion for all of us to think and talk about privacy matters. We encourage everyone to review their usual privacy practices over this week and share their thoughts under the #2018PAW hashtag on Twitter.
What is your best privacy tip? Tweet us and let us know!
CryptoAUSTRALIA is participating in the Privacy Awareness Week with two exciting events in Sydney and Brisbane.
This article was written by our guest writer, Jamal Diab. CryptoAUSTRALIA provides the opportunity for professionals within the digital privacy and security community to publish in this blog. Please feel free to contact us if you have something interesting to say.