We live so much of our lives online and we leave so much of our personal data behind. This is the data trail or digital exhaust that can easily expose highly sensitive information about us, be caught in a data breach, or stolen and abused by criminals. Our data trail can betray our privacy and safety.
Some common, everyday activities we do online compromise our privacy more than others. Here, we go through 10 places you might be compromising your privacy, what the risks are, and how the all-in-one privacy app MySudo can help mitigate those risks.
Food delivery platforms
In return for easy takeout, we give out lots of personal information, like our name, exact street address (unit number, for example), and credit card details. This data is stored, particularly if we tick the box that says we agree to the company saving our information for faster checkout next time. Phishing scams, where a criminal impersonates the food delivery platform, can easily trick you into sending them your address and phone number, for example. What’s more, the stored data may be caught in a data breach, particularly if you use the larger, better known providers who are likely to have large caches of personal data. Remember DoorDash’s breach affecting nearly 5 million users in 2019?
To protect your personal information, you could elect not to save your details in the platform (enter your information manually each time), use strong and unique passwords for each platform you access, and apply two-factor authentication if it’s offered.
To go further, you could download MySudo and use one of your nine secure and private digital identities called Sudos for all your online food ordering. You’d give that Sudo a label (you might call it ‘Food Sudo’) and its own set of details that differentiate it from your personal data:
- phone number
- email address
- virtual card for secure shopping
- browser profile (all your bookmarks and any cookies that sites set are compartmentalized to the browsing Sudo)
- notification settings for phone, email and message
- contacts and more.
Then every time you order food, you’d use your ‘Food Sudo’ details instead of your own. Your personal identity is protected, and the contact details you use for food delivery are compartmentalized off from your personal data as well as from the information in your other eight Sudos. If your food delivery platform is breached, only your Food Sudo details are affected; not the rest of your Sudos and your personal information. Sudos are built on the powerful data protection strategy of compartmentalization, and make it easy to achieve.
Social Media Platforms
Most of us engage on social media and for an average of 2.5 hours a day. We divulge a lot of personal data on those sites: our name, date of birth, employer, kids’ schools, employment history, friends and contacts, likes, shares and favorites etc. The risks here are that white-page sites can scrape your information and expose your data, and cybercriminals can easily piece together your digital exhaust to get a complete picture of you for identity theft, credit card fraud and other crimes.
To protect your information, you could set your accounts to private and limit what you share online, plus use a strong and unique password for each social media account you have.
To go further, you could use MySudo in much the same way we just described for food orders, but this time with a dedicated ‘Social Media Sudo’ in play. You break the data trail that leads directly to your personal information and, if one of your social media accounts is breached, you can better recover and the data you lose won’t be associated with your personal data.
You get the idea of how this works. Here are eight more privacy compromises you might be making, and how MySudo can help with them all:
You give up your email and phone number, account logins and payment card information. You risk criminals hacking that data or infiltrating your computer for crimes like active listening if your mic or camera are on. These bad actors can then use your personal information for scams like swatting and doxing and sell your credentials on the dark web.
To protect your information, you could use security software or a VPN to encrypt your activity. You should use strong and unique passwords for your logins and change them frequently, plus apply two-factor authentication if it’s available.
To go further, you’d use a dedicated Sudo for all your online gaming. You’d use the secure, alternative Sudo details (email, phone, virtual card, browser etc.) you’ve assigned to your ‘Gaming Sudo’ and so protect your own personal data. Again, you’d be bringing the power of compartmentalization to your privacy toolkit.
The data you give up to join, and the private conversations you have during meetings, make video conferencing platforms a privacy compromise, especially during the pandemic. And while some experts say these tools are less of a risk than many other apps and web sites, depending on the platform, there is still some degree of risk to your privacy from the company’s use of your data, intercepted communications, spyware infiltrating your computer and other illegal access to stored data.
To protect your information and privacy, check the platform you’re using has end-to-end encryption of video, audio and sidebar chats, think about what your webcam might be exposing of your home and personal belongings and use a virtual background if necessary, cover your webcam when not in use, and think about using a VPN.
To go further, use a dedicated Sudo for your video conferencing account set-up and login information, and access these platforms via your Sudo’s private browser to disaggregate your personal data. If you are dialing into a call audio only, you could use a MySudo phone number instead of your cellular phone number. This limits the disclosure of your personal cellular number to your co-workers or business associates.
We wrote about this interesting use case for MySudo here. With more people staying at home during the pandemic, and the recent Peloton breach, using a Sudo for your online workouts has never been more important.
Our financial information is some of the most sensitive data we possess, and criminals regards banking websites and apps as some of the most lucrative targets.
To protect your information, you should use strong and unique passwords for your online banking accounts and change those passwords often, and apply two-factor authentication where it’s available.
To go further, you could use a dedicated Sudo and compartmentalize your interactions with your bank. In fact, this is a good example of the value of long-lived and short-lived Sudos. If the relationship you have with a site or service is long and enduring (e.g. with your bank), then you would set up a separate Sudo for just that purpose. If the interaction you plan to have is short-lived and of little value to you (e.g. a pizza restaurant deal you want to get one Friday night), then you could use a dedicated Sudo for just that function. The idea here is that you and your bank will communicate a lot over time, and you can organize and separate those communications from other less important communications. But even more importantly, if the pizza restaurant sells, loses or otherwise misuses the Sudo email address or phone number you gave them, you can simply mute the notifications on, or delete, that Sudo profile* and move on. No real harm done.
Another thought: Banks have joined the masters of surveillance capitalism such as Google and Facebook in profiting from your personal information. As Big Tech moves more into banking and financial services, banks are moving more into the data economy. Your credit and debit card activity and activity within loyalty programs are highly lucrative “data lakes”. You can intervene in this data gathering by using a MySudo virtual card for your online purchases. MySudo virtual cards are not linked to your name, age, address, phone number, SSN, or any other identifying information, so your private data stays private. What’s more, the charges you make with your MySudo virtual cards are simply described on your bank statement as ‘MySudo Transaction’. This means your spending habits can’t be tracked and so your data isn’t worth much to your bank or the data brokers they sell your information to.
Shopping is one of the most popular uses of MySudo. You know how much personal data you leave behind on shopping sites, so it’s crucial to use MySudo to mitigate the risks of having that data breached or sold by the companies you’re buying from. We’ve written plenty about shopping using a Sudo such as:
- Why you don’t need guest checkouts when you shop with MySudo
- How to use MySudo for holiday shopping and house hunting
- Why the MySudo private browser is particularly useful for shopping
- Why a MySudo virtual card is more private than one from your bank.
Again, this pandemic-driven privacy compromise is incredibly important to address. Your family is at risk of phishing scams impersonating your child’s school or related activities, and your home Wi-Fi network being breached.
Keep your family safe by using a Sudo for all account login, online chat and assignment material between your child and their class, and follow the advice for video conferencing we covered earlier.
This one is so important during the pandemic that we wrote about the risks and how MySudo can help protect the privacy of your highly sensitive health and medical information here.
Couch time comes with its own privacy and safety risks. If you use your personal email and phone number plus payment card details to sign up to streaming services, you risk that information being breached and sold on the dark web.
To protect your privacy, use strong and unique passwords for each streaming account, and apply two-factor authentication if it’s available.
To go further, use a dedicated ‘Streaming Sudo’ to create alternative credentials for accessing streaming services, and compartmentalize that data from your own personal details.
As the pandemic rages on and data privacy remains a growing global issue, it’s worth asking yourself how many of these privacy compromises you have and using MySudo to fix them. MySudo is available in iOS and Android.
* Deleting a phone number or its Sudo profile does not refund your entitlement for that phone number. For example, SudoMax plan provides nine phone numbers over the total lifetime of the account, as opposed to always allowing up to nine phone numbers concurrently. Once used, the only way to get another phone number is to purchase a line reset.
Photo By SFIO CRACHO