In most debates about protecting online privacy rights, someone raises this all too common retort: “Why worry about it if you’ve got nothing to hide?”

Many hear people debating privacy issues and think: what’s the big deal? If you’re not doing anything embarrassing or illegal, then there’s nothing to protect. For a long time, people have used this fallacy to debunk the reasons why we need to protect our privacy.

But, as Daniel J. Solove writes in his great article Why Privacy Matters Even if You Have ‘Nothing to Hide’, this argument is flawed because it’s based on the premise that privacy is only about hiding or protecting “bad things.” What it’s really about, is keeping control.

The article smartly draws attention to the fact that we should care about protecting our privacy no matter what.  Even if we’re not concerned about surveillance, it’s the processing of private information that can become problematic – the storage, use, or analysis of data – rather than just the simple collection.

The author uses a great example to illustrate one of the potential harms – what he calls, aggregation; “the fusion of small bits of seemingly innocuous data.”

He writes;

“Suppose you bought a book about cancer. The purchase isn’t very revealing on its own, for it indicates just an interest in the disease. Suppose you bought a wig. The purchase of a wig, by itself, could be for a number of reasons. But combine those two pieces of information, and now the inference can be made that you have cancer and are undergoing chemotherapy. That might be a fact that you wouldn’t mind sharing, but you’d certainly want to have the choice.”

Solove also explores several other ways that not protecting your privacy can cause harm:

Exclusion: When you are prevented from knowing how your information is being used, and could even be barred from accessing and correcting errors in that data.

Secondary use: When your data is obtained for one purpose, but is then used for an unrelated purpose without consent.

Distortion:  When the data obtained reveals a lot – but fails to paint a complete picture.

Even if you feel the organization collecting data about you does not have the intention to harm you – it can still happen, whether through carelessness or errors.

Remember: thinking that you have nothing to hide doesn’t mean you shouldn’t care about protecting your privacy. Taking steps to protect your own privacy is not about being secretive: it’s about keeping control over what’s yours.

Treat your information the way that you treat the rest of your personal property, it might not be expensive – but that doesn’t mean you should give it away.

The study was part of MTV’s A Thin Line, a campaign developed to help young people identify, respond to, and stop the spread of digital abuse in their lives. Although some teens might shrug off a stolen password or hacked account as a joke, the campaign is built on the premise there is a “thin line” between a harmless prank and something that could really cause damage to a young person’s reputation or general wellbeing.

If these numbers are any indication, now more than ever kids really need to be aware of the dangers of using shared computers in labs, dorms and even their homes, and always ensure they surf smartly and securely.  

A few quick tips:

• Always ensure you log off any social networking or e-mail account before you leave the computer (don’t just close the browser!)
• Use passwords with superhero strength (containing a mix of numbers, capital and lowercase letters, as well as symbols)
• Change those passwords twice a year, and don’t use the same password for multiple accounts or share them with friends

In the poll, two-thirds of those who had been hacked said that the intrusion led them to change their e-mail, instant messaging or social networking password – and 25 per cent have deleted a social networking profile altogether: all, which could be avoided by smarter, safer Internet use.

In today’s fast-paced digital world, educating young people about the risks of the web is so important and something that should be on all of our minds.  For more on the AP-MTV poll, head on over to The Wall Street Journal. For additional tips from the SurfEasy team on how to surf securely, click here.

On the heels of Data Privacy Day, an internationally known day that marks the importance of ensuring our personal information is protected online, we thought: Why not share SurfEasy’s top tips for highly secure Internet use?

Yes, some may seem pretty simple, but you would be amazed how many people don’t do the obvious.

 1.      Use passwords with superhero strength 

We could write a whole article about this, because the fact is there is a huge range of ways to keep your passwords secure.

That said, there are a few key elements to always keep in mind:

• Use different passwords across your accounts.
• Use a mixture of numbers, and both upper- and lower-case characters.
• Don’t be obvious with your word selection, and if you want to be really good, don’t choose a word at all.
• Change your password twice year, at the very least.
• Never share your password with anyone.

If you already have these elements in place, you’re well on your way to a strong password.

2.      Ask yourself: Is your Internet connection secure?

Many Internet connections are not secure, especially if they’re Wi-Fi connections. In fact, often people don’t realize that public Wi-Fi – such as the connections offered in coffee shops, airports and hotels – are often very risky places do important things like e-mail, banking, and social networking. In today’s world of multiple devices, it is important to trust the network you’re connecting to – whether you’re using a smartphone, laptop, tablet, or a public computer.

So how do you do it?

• Be sure public networks are secured using WPA or WPA2 protocol, and remember that a password login is not an indication of encryption. Often, the password is simply used to pass the pay wall or provide data to the network host.
• The same goes for at home. You must take extra steps to ensure home and office wireless routers are set to WPA or WPA2 encryption protocols, because often wireless routers are shipped with this feature turned off.

If in doubt, it’s always best to use a personal Internet encryption solution whenever possible.

3.      Stay updated, stay protected         

Those pesky pop-ups reminding you to update your software, browser or operating system can be a pain, but it is very important that you heed their warnings as soon as new service packs become available. These updates usually take little to no effort to install and often contain important security upgrades that will reduce how vulnerable you are to malicious activity.

In that same vein, always ensure you have trusted anti-virus software to protect you from malware and other viruses.

 4.      Have a critical eye

Always be mindful of how you surf and who you’re communicating with.

• Be skeptical of e-mails offering you things that are too good to be true – even if it looks like it is coming from a friend, family member or co-worker.
• Remember that no one has any reason to ask you for your password or money, especially when contacting you via e-mail or social media.

 5.      Surf with caution

Continue to keep that critical eye when you come across strange or unidentified links. To protect yourself against cybercriminals who could be phishing for your personal information, resist the urge to click on anything that that seems fishy if.

The same goes for pasting unfamiliar text into your address bar.

6.       Use HTTPS whenever you can

Websites that have https:// before the web address are adding an extra layer of security by encrypting your browsing. It is best to use https:// whenever possible. Most important, never send bank info, credit card numbers, confidential e-mails, or other sensitive data unless you’re sure you’re on a secure site.

The best way to check if you’re on a secure site? Check the URL in the address bar for the https:// and then look for the lock icon in the bottom-right corner of your browser.

 7.       Shared computers: Use carefully!

Attention to detail is key when using shared computers at work or in public spaces because many websites leave you automatically logged in after you close the browser. While some of us find that to be very convenient on our home computers, it’s not always safe: What happens if someone launches your browser and has access to all of your e-mail, contacts and social media activity?

Leaving your personal account open puts you at risk for others to access and use your information. So, no matter what, always be sure to log out of accounts, and clear the browsing history, cookies and cache before leaving the public computer. This also isn’t a bad habit to consider for things like work and smartphones and laptops – because you just never know what could happen.

If you integrate these seven simple tips into your everyday you can enjoy the peace of mind that comes from knowing you’re surfing safely.

Returning recently from the 2012 International CES in Las Vegas, Nevada, our team is still flying high.

Showcasing SurfEasy at Eureka Park – the show’s TechZone carved out just for start-ups – allowed us to have great conversations with people from across the globe.

The TechZone was designed in homage to the “eureka moment” – that a-ha instance that ultimately launches every great idea into a product or service. Throughout the whole show, the energy in Eureka Park was palpable.

A CES first, the area showcased smaller companies and first-time exhibitors – many of whom had some very cool innovations. Participants were offered a special rate for a standard booth – about 20 per cent of the typical cost – which was a wonderful way to increase accessibility to such an important event.

Because Eureka Park seemed to be frequented by very purposeful visitors with a keen interest in start-ups, we were able to have some truly engaging chats with the folks that dropped by. This led us to receive immediate, first-hand feedback from the most tech-savvy of crowds, and we’re happy to report that many we met with seemed just as excited to learn about SurfEasy as we were to tell them about it.

During our week in Las Vegas, the team met with a lot of passionate people: press covering the latest and greatest in technology; distributors on the hunt for one-of-a-kind products; and angel investors and venture capitalists searching for the next great opportunity.

In the end, Eureka Park, and CES in general, was a fantastic space for SurfEasy to rocket ahead.

We also had a little cameo in a CBC story and a wonderful interview with This Week in Tech (TWiT).

Check it out:

Until next time!

source: Microsoft http://www.microsoft.com/privacy/dpd/default.aspx

This Saturday, January 28, is Data Privacy Day (DPD) – a day marked by individuals, organizations and governments across the globe to raise awareness about the impact that technology is having on our privacy rights, and the importance of ensuring that our personal information is protected.

If these issues aren’t top of mind for you, you’re not alone – a recent Microsoft survey suggests that 56 per cent of adults don’t actively think about the consequences of their online activities.

But, with so much of our lives being lived out on the web, what DPD reminds us is that if our personal data and information isn’t carefully managed and protected online, it can have serious consequences for our offline lives, including job loss or even being turned down for a mortgage.

Being thoughtful about sharing personal information is an important component of an overall approach to protecting online privacy and security. We can do this in a variety of ways, including using secure passwords and changing them often, understanding the privacy settings of our web tools, being careful when using open or monitored networks, and always educating ourselves, family, and friends on the issues.

For more great tips on how to protect your privacy, visit staysafeonline.org.

The post – a lengthy but excellent read – gives a great primer on some of the top digital issues we’re facing today: the Stop Online Piracy Act (SOPA), National Defense Authorization Act (NDAA) and telecommunications surveillance. Duncan aptly notes that each of these have the potential to fundamentally change how we communicate and experience the web today – so if you’re not up to speed, this is a great place to get started.

It was near the end of the article when Duncan said something that grabbed all of us over here at SurfEasy.

He wrote:

“Simply put, most people believe that information about themselves belongs to them, and ought to be under their control. We find information about ourselves to be ‘immeasurably valuable.’ Sure, we’re free to share details if we like. But we should also be free not to share information, or to have information about ourselves collected and used with no right of recourse, appeal, deletion or correction, because we recognize that information could be misused by others, to our detriment.”

As time goes on and technology continues to advance, laws will change as will how we use the Internet. While we may not know exactly what the future will look like, one thing we do know for sure though is that privacy should always be at the forefront of our minds.

To read the full article, please click here. We’d love to hear your thoughts.

Looking back, this now seems kind of funny. IT worked hard to allow employees to securely check e-mail or access other company data while at home with their families, but at the same time they installed firewalls that made it difficult to check in with family on Facebook while at work.

Today progressive organizations are realizing the benefit of giving online access to things like Facebook, Twitter, YouTube and beyond. There are even studies that show how full web access can actually enhance productivity.

But with this increased access also brings a number of privacy and data ownership issues.

Sure, it used to be that what was on a work computer was the property of the company, and what was on your personal device was yours. But today employees have the right to the protection of their personal data stored on employer-owned computers, and this means that while the IT team continues to monitor and record important company activity, it also must filter out personal information belonging to staff.

Tricky, right?

SurfEasy is a simple solution to this new reality. By plugging in the USB key, staff can keep their personal online activities private: they self-select what information is personal and what is company property and this allows IT to continue protecting important company data without violating the employee’s privacy.

It often seems like technology moves at lightning speed, with everyone from consumers, big businesses and governments racing to keep up. By providing your teams with the latest and greatest tools and technology, you and your company will always be one step ahead.

Go inside any Apple Store today and find throngs of people not only fawning over Apple’s goodies, but also hopping on the computers to check their e-mails and Facebook accounts. The number of visitors to Apple stores has risen steadily over the years— many drawn not only by the glitz as to the fact that it’s an easy place to check your e-mail.

Most people who log on to their personal accounts on public computers don’t think about the security risks of someone else stealing their personal data. Remember, this is not your personal computer.

(Image source: http://www.appleinsider.com/articles/11/05/04/apple_store_visitor_figures_show_iphone_ipad_and_mac_on_a_roll_report.html)

What can you do to protect your personal and confidential information? Here are 10 tips to protecting yourself— at the Apple store— and at any internet café, library, hotel, airport public computer terminal:

1.     Don’t save passwords: When you log into your e-mail, some e-mail logins like Hotmail may have the ‘Remember me’ box and/or the ‘Remember my password’ box checked. Make sure these options are NOT selected. The browser may also prompt you to save your password— make sure you decline. You do not want any personal information (userid, password, etc.) to be recorded on the public computer.

2.     Sign out: Don’t just close the browser. Click ‘Sign Out’ and log out properly from your account. Otherwise, the next person to use the computer could see and access your personal data.

3.     Don’t save any files locally: If you need to download any attachments, save them to a portable flash drive. Make sure your flash drive is encrypted to protect your data in the event you lose your portable flash drive. You can also try cloud storage sites like DropBox.

4.     Delete the cookies and browsing history: There’s no need for the next person to see where you have been on the web. Depending on the version of your browser, the instructions may be slightly different. For Firefox, go to Tools à Clear Recent History. Check all the boxes and click ‘Clear Now’. For Safari, go to Safari à Empty Cache à History à Clear History. For Internet Explorer, go to Tools à Internet Options. Under the General Tab, select ‘Clear Cookies’ and ‘Clear Files’, and then click ‘Clear History’ and ‘Apply’.

5.     Don’t leave your computer unattended: If you need to leave the computer for a moment to go to the bathroom or get another cup of coffee or whatever, always log out. Don’t leave any personal information on the screen, even for a short break.

6.     Avoid any financial transactions: If possible, wait until you get home or when you have access to a more secure computer to conduct more personal business or enter confidential information, such as credit card information, check bank accounts, etc.

7.     Create another e-mail account and forward your regular e-mail to this account: You can log on to this ‘dummy’ e-mail account and receive your forwarded e-mail. Later, you can change the password or delete this ‘dummy’ e-mail account and revert back to your regular e-mail account.

8.     Watch out for snoopers: Make sure no one is looking over your shoulder. Some people can ‘read’ by watching you type and steal private information.

9.     Do a hard reboot: This will clear everything from the physical memory (RAM) and reset the public computer back to what it was before.

10.  Keyloggers: Some computers have keyloggers installed. Keyloggers are software or hardware tools that record every keystroke you enter on the keyboard. While there are some ways to minimize this problem, they are not simple or foolproof.

With so much information on the web competing for our attention, are employees slacking off from having unlimited internet access at work?

Firms have funneled millions of dollars in software to block their workers from idly watching YouTube videos, reading the news, visiting Facebook or Amazon, and even checking their personal e-mails. By keeping employers in a distraction-free zone on their computers, many companies believed they were enhancing productivity and saving themselves money.

Good for business – the water cooler effect from web access

Research has discredited the negative effects of employee internet activity. In several recent independent studies (University of Melbourne, New York University Stern School of Business to name a few), scientists have cited big gains in worker productivity when employees have access to the web. In Australia, participants who surfed the web no more than 20% of their time at work were tracked by researchers and were estimated to be 9% more productive than their counterparts with firewalls in place. According to the Melbourne scientists, “the activity helps keep the mind fresh and helps put you in a better place when you come back to working on topic”.

A University of Western Ontario study found that companies improved the creativity and problem-solving capabilities of their employees by giving access to multiple stimuli that improved mood— such as social networking sites. According to the researchers, “If you have a project where you want to think innovatively, or you have a problem to carefully consider, being in a positive mood can help you do that”.

Dangers lurking in unlimited access?

Still, many companies limit access to social networks and the web to avoid potential security breaches and losing control of information. Limiting activity can also be seen as a way for companies to avoid legal snafus. In 2003, Michael Hanscom an employee at Microsoft and part-time blogger posted a photo of Apple computers being delivered to a Microsoft loading dock. He found the picture ironic and thought he’d get a few laughs from fellow employees—only to find himself in the hot seat with management. He was later dismissed for violating employee codes of conduct regarding company loyalty. Companies also worry about inadvertent downloading of spyware and computer viruses and keep their office networks on lockdown.

The tides are turning though. StopBlocking.org spearheads a campaign designed to “end business blocking employee access to the Net” and offers itself as a hub for like-minded thinkers around the world. In a recent Market Tools survey of 1,268 professionals, 35% of respondents agreed that access to social media was a good way to communicate with colleagues, clients, and vendors. 25% actively used social media to build relationships and was as high as 37% in the 18-24 year old age group. Mimicking networking, 19% turned those online relationships into valuable business relationships.

Turning the tables: Companies encouraging collaboration and interaction over the web.

Several big blue chip companies like General Motors, IBM, HP, Infosys, Google, and Charles Schwab recently instituted corporate blogs and launched campaigns to encourage employees to participate. New York University researchers followed the blog posting and reading behavior of employees at a particular company over a year and discovered interesting patterns on work behavior. If the company set up restrictions on what topics to blog about (e.g. restricting employees to blog only about work-related matters), participation plummeted. Employees became more engaged when they could blog about both work and play. What they also found was that blogging activity diffused into real life. Conversations over blogs became conversations around the water cooler, during coffee and lunch breaks. Rather than costing the company productivity points, the blogging and web access prompted employees to interact more deeply with one another.

Even Microsoft, the epitome of corporate culture, has softened to the use of personal communication at work, stating that “we believe that social networking can also deliver real business value for all types of organizations.” They have recently released Outlook Social Connector, which allows companies to manage access to social networks for its employees. Rather than being used to block sites, it lets users add social networks and integrate them into their inboxes.

The verdict: Access to the web, particularly access to social networks and connecting with people beyond work-related matters— can push us to work together more productively.

(Image source: http://blog.socialcast.com/restricting-social-media-at-work-how-does-it-affect-productivity/)

With off-the-shelf software, anyone can hack your WiFi network. No public WiFi network is secure. The most innocuous hotspots, often called ‘Free WiFi’ or something generic, such as ‘AT&T WiFi’ or ‘Starbucks WiFi’ can lull us into a false sense security. We log on to the network innocently, checking our e-mail, checking Yelp. Meanwhile, hackers could be trolling the network nearby gaining access to your computer or smartphones in less time than it takes to finish that latte.

Even hotspot providers, such as BT in the UK admit to the security holes in their networks but have no timetable on a permanent fix. In one experiment in the UK, using software downloaded freely from the internet, crooks were able to set up fraudulent WiFi gateways to which smartphones would automatically connect. Once connections were made, all information passing through this WiFi gateway could be read directly or decrypted by hackers. Even if it’s an authentic WiFi hotspot hosted by Starbucks, McDonalds or a reputable company, hackers can still break into the network and get into our hard drives.

Worldwide WiFi hotspots have been multiplying like rabbits (over 90 million according to WeFi). This has lead to easier and greater internet accessibility at a lower cost for travelers. However, the risks of fraudulent access to your personal, financial, and confidential data (credit card, SSN, bank account, online shopping history, etc.) have increased.

“This is all very alarming, “ says Professor Peter Sommer, a cyber-security expert at the London School of Economics and author of an OECD study on ‘Reducing Systemic Cybersecurity Risk’. “It means that literally millions of people who use Wi-Fi in public could be at risk. If criminals are able to harvest the usernames and passwords of all the websites you visit, they could do significant damage in terms of identity theft and fraud.”

With unsecured public WiFi hotspots, it is easy for any web savvy thief to get away with the worst.

5 ways to minimize the risks of data theft:

1.     Make sure your home WiFi network is secured— that means, password protected. Use your WiFi router’s encryption software (make sure to set it to WPA2, the latest standard security protocol). Don’t let anyone you don’t know have access to your WiFi network. He/she could use it to access your computer or download illegal material, e.g. child porn. In these cases, it doesn’t pay to be a good citizen and share your WiFi with the general public. When out, disable automatic WiFi connection on your laptops and smartphones to avoid connecting with fake WiFi hotspots.

2.     If you are on an unsecured public WiFi hotspot, use encryption. When you log in to personal accounts, make sure your connection starts with ‘https’ (without the ‘s’, it is not a secured connection); do this for your emails like Hotmail and Gmail (unfortunately, Yahoo mail does not offer https encryption). Use https for Facebook, too. Any time you access your bank account, brokerage account, or any website with confidential personal data, make sure you are accessing a secured website as identified by https.

3.     Log off when you are done— don’t stay permanently signed in. Thieves can still access your computer even if you are not using it.

4.     Use different passwords for different accounts. Most of us have multiple accounts. How do we remember all of them? It’s inconvenient, but don’t use default or common passwords, such as 123456, qwerty, password, admin, etc. Check wikiHow for several suggestions to creating and managing passwords. Change your passwords on a regular basis.

5.     Avoid using public WiFi for any banking and financial transactions. Perform sensitive tasks, like online banking or doing you taxes, on secured trusted networks only.

Assume the worst— that you will be infiltrated— and dodge the cyber crooks accordingly.