Google Privacy Policy Changes & What You Can Do

On March 1, Google changed its privacy policy. Google Privacy Policy Changes

Companies do that all the time without much (or any) notice. But Google is Google: big, influential, and intimately tied into the lives of a large percentage of the online population. So Google’s privacy changes got more scrutiny. A lot more.

The bottom line? Google consolidated the privacy policies for its more than 60 properties (Gmail, search, YouTube, Docs, Blogger, Chrome, etc.) into one policy. More importantly, Google will be consolidating all the information it collects about users and storing it in one place. That’s a lot of users and a lot of information. If you’re interested, here is the new Google Privacy Policy.

From Google’s perspective, it makes good business sense (more information leads to better ad targeting) and the company says it will lead to a better, more seamless customer experience as well.

But for many who are concerned about online privacy, it’s too much information in one company’s hands. What do you think?

If you’re concerned about your online privacy and want to use Google products while minimizing those privacy concerns, what can you do? Here are 7 suggestions…

1. Stop Using Google: Now, I wouldn’t personally do this. I love Google and count on many Google products almost every day. I’m also not very concerned about this kind of privacy. Sure, I want to keep my financial and other sensitive accounts private so I’m not exposed to ID theft or other crimes, but I don’t really care if a company knows what I’ve searched for and what videos I’ve watched. But if you care, not using Google is one of the most straightforward ways to deal with this issue (keep in mind that other companies track and store information too). For most people, however, less drastic measures make more sense, like…

2. Mix In Other Providers: If you don’t put all your eggs in one basket, they won’t all be at risk. So, if you’ve been using Gmail, perhaps switch back to use EarthLink Web Mail for your email and continue using Google for search. Or switch to Vimeo for video sharing instead of YouTube. You may just want to use multiple search engines – Bing and Google – instead of just Google.

3. Sign Out…or Don’t Sign In: Your Google profile grows when you use Google services while signed in. Some services, like Google + or Gmail aren’t usable if you aren’t signed in (so you can get your email or interact with your friends). Others like the Chrome browser or Google search work just fine without being signed in. In Chrome, go to Preferences and click Personal Stuff under Settings to see whether you are signed in to Google or not. You can also click the Disconnect Your Google Account button if you want Google to stop syncing browser data with your Google account. For Google search, look in the upper-right corner of the web page. If it says Sign in, then you’re not yet signed in: so search away. If you see your name there, you’re signed in. Click your name and then the Sign out link to sign out before you search.

4. Become a History Major: OK, not really. But if you’re concerned about the privacy of your searches, you should devote some major attention to your Google search history (they call it Web History). Simply go to www.google.com/history/. From there, you can turn on or off your Web History, remove individual items from your history, remove all your web history, and learn more about Google’s Web History (click the learn more link for details).

5. Turn Off or Modify Personalized Ads: Google has an Ads Preferences page that lets you see information about the types of ads targeting you and why. (I was happy to learn that they thought I was younger than I am based on my browsing history.) You can edit various settings here or click the Opt out link on the left to turn off personalized ads. Keep in mind, you’ll still see all the ads, they’ll just be more random.

6. Monitor Your Google Dashboard: This can be a bit overwhelming, but Google does give you a unified look at your Google account, with all the Google properties you use, their settings, and ways to edit or delete information and manage your preferences. Sign in at www.google.com/dashboard/ and take a look.

7. If You’re Going…Take Your Stuff with You: If you decide to stop using any Google product, an engineering team at Google called the Data Liberation Front offers detailed information about how you can take your data with you. (It also works in reverse if you want to bring information from another service to Google.) Get all the details at www.dataliberation.org.

Let us know if this is an issue for you. And if it is, tell us whether you have modified any of your online habits.

Facebook Privacy Controversy – Employers Asking Job Applicants for Facebook Logins

Facebook privacy - employers asking for Facebook passwordsBeen looking for a job? Then you know it’s not easy out there, even though there are more online job resources than ever to help you, like the Careers section of My.EarthLink.net.

One more recent complication to the job search? Some employers have started asking job applicants for their Facebook usernames and passwords so they can log in and snoop around. Really.

The ACLU denounced this practice as “an invasion of privacy,” saying it is “out of bounds” to look through a person’s private social media accounts.

Facebook’s Chief Privacy Officer Erin Egan issued a strongly worded denouncement, calling this an “alarming” practice that “might jeopardize the security of your account or violate the privacy of your friends.” She also reminded users that “it is it a violation of Facebook’s Statement of Rights and Responsibilities to share or solicit a Facebook password.”

On the legal and legislative fronts, Senators Charles Schumer of New York and Richard Blumenthal of Connecticut have called for investigations by the U.S. Justice Department and the Equal Employment Opportunity Commission, and said they are writing a bill to fill in any privacy gaps in existing laws.

In the U.S. House of Representatives, Democratic Congressman Ed Perlmutter already proposed a Facebook user protection amendment, but it was voted down yesterday 236 to 184, mostly on party lines (only one Republican voted for it, only two Democrats voted against it).

EarthLink reminds all of our members that sharing online passwords compromises your privacy and is a great security risk. Our members are required to take full responsibility for keeping their EarthLink passwords confidential and reporting any unauthorized use of your account information.

Expect more news about the investigations into this issue and additional attempts at national or state legislation to prevent employers from asking job applicants for personal and private social network logins.

Protect Your Passwords

Protect Your Passwords! – Believe it or not everyone has passwords and uses them more often than you think. Your check cards are secured by a password (a.k.a. pin), your cellphone voicemail has a password, and your home security alarm and possibly even your garage door have passwords. But how good is your password if you don’t protect it? As a security expert I’ve performed hundreds of IT security assessments and have seen the most secure passwords left unprotected. Here are 5 things you should not to do with your passwords:

  1. Don’t use dictionary words or sequential numbers – Don’t set your password to “password”, “Password”, or “123456”. The #1 password of the century is the word itself. The most common brute force attacks are successful because the compromised password is word taken directly out of the Dictionary or is made up of a combination of sequential numbers.  You can view the top 25 worst passwords of 2011 HERE
  2. Don’t write your passwords down! – Don’t write your password on a Post It note and hide it under your keyboard, under your mouse pad, behind your monitor, or under your desk calendar. Don’t tape it under your desk, hide it in your desk, or write it on your phone directory taped to the wall of your desk. Trust me, I will find it!
  3. Never email your passwords – I don’t care if the world is ending and Superman needs your password to save it (Yes, even Superman uses email). Don’t email passwords, EVER. One of the most successful attacks I perform is sending an email to a sample set of employees. Using the IT Manager or CIO as the sender I ask for credentials. Depending on the sample size I have seen anywhere from a 25% to a 70% successful response ratio. That’s scary!
  4. Don’t share passwords – Don’t let your co-worker (or anyone) borrow your password. If you don’t reset it, they still know it and can pose as you anytime they want. Even your garage door or home security system has options for multiple passwords (for multiple users). So you don’t even have to share it with your kids!
  5. Don’t keep the default password – Whatever your password was when your account was created it shouldn’t be the same today.  The majority of systems and applications have the capabilities of allowing the user to set and reset their own passwords. If you haven’t reset your password from the first time you used it then someone else still knows your password. Reset it.

Bottom line, the only person that needs to know your password is you, so protect it. Use strong passwords, change them often, don’t write them down, don’t share them, and if someone asks you for your password, don’t give it. If your Supervisor, IT Manager, or CIO requests it they should have the power to reset it, so let them. They can give you the new password. If they don’t have the power to reset your password then they shouldn’t be privileged to have the power of your password.

Protecting Your Privacy…While You’re Traveling

We recently posted 5 privacy tips to help you prepare to travel safely. As we promised, here are 5 more tips to help you protect your privacy while you’re away from home with all your tech gadgets. So you can enjoy your trip and minimize the risks of theft or identity theft.
Privacy tips to help you prepare for safe travel with technology
1. Watch What You Post to Social Media: Just as we warned you about broadcasting your absence before you leave home, you also have to be careful while you are away. Posting vacation photos in real time and talking up the great vacation you’re on right now is fun…but it means the bad guys could know your home is vacant.

2. Look for Secure Wi-Fi: Wi-Fi Internet access is your friend when you’re on the road, but unsecured Wi-Fi at coffee shops or hotels can be your enemy. Wi-Fi hotspots are more secure if they are password protected; if the one you just hopped on didn’t require a password, then virtually anybody could be on it with you. And no matter what kind of Wi-Fi network you are on, don’t sign in to any online accounts or enter credit card or other financial information unless you see that the URL of the website you are using begins with https. The added s means secure. With https the information you enter will be encrypted for your safety.

3. Use Extra Caution with Public Computers: If you are using a public computer (i.e., not your laptop in public) that other people will use, make sure the sign in screen for any online account you access isn’t set to save your username and password. And be extra careful to sign out of any account you use (don’t just close the browser window). You should also see if your web browser has a Private Browsing mode you can activate, so it won’t store your auto-fill information and other users who follow you can’t see your browser history. Most new browsers do have this privacy option (click through the browser menus to find it; it’s in different places on different browsers).

4. Look Out For Your Laptop: Staying in a hotel? Store your laptop in the room safe or main hotel safe if there is one. Or use a lock that can attach to the lock port found on most newer laptops to secure your laptop to the desk. Whether you have a lock or not, you should also lock your laptop’s screen when you are not using it. On Windows computers you can press the Windows key and the L key.

5. Check Your Financial Accounts: If you have your laptop, iPad or another device you can use securely, you may want to regularly sign in to check your credit card and bank account activity while you’re away. Look for any charges or changes that look suspicious (e.g., money going out of your bank account or purchases back home during the time you’ve been away).

Have a good safe time on your next trip!