20 security tips for Data Privacy Day 2016

Posted on 2016/01/28


The old-fashioned way.

The 28th of January has been declared the Data Privacy Day, a moment where we spread awareness on how personal information is managed, both by us and by the entities that have access to it. For the occasion, I put together a list of tips and food for thought; feel free to share it and add to it.

  1. If the three security questions of your account can be discovered with clever investigative journalism, the strength of your password is irrelevant.
  2. Even in 2016, websites store passwords in plaintext (or with a bad cipher). If they take so lightly the most sensitive information of your account, imagine what they might do to the rest.
  3. If you have an app that tracks your running, and publishes your location in real time, anyone on your Facebook knows you are 5km away from home. Someone could have enough information to throw you a surprise party.
  4. The US Government might look at photos of your junk, even if you’re not an US citizen.
  5. Don’t create a WhatsApp group that contains a potential stalker and an attractive person: you are giving to one the number of the other. On the bright side, it could be the premise of an entertaining sitcom episode.
  6. If I find your phone and there’s a lock screen background that tells me what to do if I find it, I’ll surely walk the path of least resistance and return it back to you ASAP.
  7. If someone finds your phone with both a background that tells what to do if it’s found and a strong lock screen pattern, they will probably walk the path of least resistance and return your phone back. It’s possible that they will also take a peek at the SD card in case there are nude photos.
  8. The things you send to another person through Gmail or Facebook are private between you, him, and Google or Facebook; at least. Even if Google scans our email only with scripts and algorithm it’s equally bad, because when the machines will become sentient they will kill us by embarrassment.
  9. For an hour, try to be your own stalker: open an incognito browser window and discover all you can about yourself.
  10. Photos have information that can be seen, but also information that is stored in the file. Be aware of both.
  11. Bullies always existed, but now anyone can bully from the comfort of their home. This is why it looks like it’s getting worse.


    That was dumb…

  12. In the near future we will realize that everybody’s life is embarrassing and we will collectively decide that it’s OK. Until then, we will continue to feel shame.
  13. Apps ask for too many permissions. Develop a sense of what’s sketchy and what’s fair. It’s like playing good old Minesweeper (without wanting to).
  14. Put yourself in a position where you can decide to revoke your trust anytime; it can be trust towards a website, a company, a person. Ask yourself: if I cut ties completely, what can/will they keep of mine?
  15. Be creative in making sure that spamming you is costly and full of drawbacks.
  16. When you share something publicly, consider that you are sharing it to your lovely grandma.
  17. When you share something publicly, consider that in one year from now you might have a nemesis that will do whatever they can to turn that something against you.
  18. When there’s something about yourself that you believe should be public, then share it, whatever your grandma or your nemesis might do. Then be emphatic about the reaction of the public.
  19. When there’s something about somebody else that you believe should be public, then don’t share it, but convince the other person to share it themselves.
  20. Be aware. Ask questions. Make informed and conscious decisions.
Posted in: Security