Privacy |
On this page I will be sharing resources and writings about how you as a consumer can better protect your privacy. Many of these resources are derived from classes that I teach at the University of Vermont.
These materials are my personal work product developed as a university lecturer and do not reflect the policies or priorities of the Vermont Attorney General. These materials do not constitute legal advice.
Weekly Privacy Prompt
There are so many things you can do to protect your privacy, that it can seem overwhelming. Here I will post a new idea for how you can protect your privacy, and will (try to) provide a new prompt every week. I'm going to start with the easier/more obvious things. If you're just starting, here is a list of all the previous prompts.
Privacy
|
Last week you learned about high-risk accounts and created a list of them. This week's task is to change your password on one of them to a strong, unique password (here's everything you ever needed to know about passwords). You can change more than one of course, but let's start small. The first one is the most challenging because it's not just about changing the password. You also should come up with a way to generate a strong, unique password that you'll be able to remember.
That's the challenge, isn't it? One way to do it is to install a password manager and have it generate the password. There are pros and cons to this technique which we'll discuss in a future prompt. This week I'm going to teach you a method for developing strong, unique, and memorable passwords. The Strong and Memorable Password Formula: Step 1: Think of a memorable phrase and take its acronym “Can’t Buy Me Love” = cbml Step 2: Add a special character (because most websites require one) cbml? Step 3: Look at the name of the website and drop the last character (or the first, whichever you want – some websites won’t let you use the full website name in your password) cbml?amazo Step 4: Capitalize one of the letters, according to a formula you know (like second letter of the website) cbml?aMazo Step 5: Add on a number of some length (the three digits of your phone number after the area code? Your parents’ zip code?) cbml?aMazo25609 And you’re done! Believe it or not, this is a very easy password to remember. The first few times you use it you’ll run through the steps, but quickly it will become second nature to type it. And each password will be unique to a website: cbml?fAceboo25609 cbml?gOogl25609 This is a password that is unguessable, not in any hash dictionary, long, and unique. You can now go through all your high-risk accounts and change the passwords, or you can just do one, and next week when you get the next Privacy Prompt, do the next one. Eventually you'll have gotten through them all. |
Resources
There are a lot of great resources available online. Here are some that I prepared for my classes, pages with more up-to-date information, and links to particularly interesting writing on the subject.
My Publications
- Regulators Should Rethink 'Reasonable Data Security' (originally published in Law 360 April 8, 2019)
My guides, primers, and checklists
Protect Yourself Checklist
|
I am often asked, "What can I do to protect my privacy?" Here is everything I could think of to protect your privacy. Not everyone will want to do everything, so I highlighted the big ones. Feel free to propose other ideas.
|
Passwords & Dual-Factor Authentication
|
You have probably been told a million times that you need a strong password. Here I explain in excruciating detail why you need to change your password behaviors, and how.
|
Privacy-Mindedness
|
While much of privacy involves technological fixes and adjustments, a lot relies on you changing your behaviors, online and offline. Here is a list of all the ways you can change your behaviors to be more privacy-minded.
|
Opting Out
|
There are many places online and off where you can request that you not be tracked or have your data collected. It isn't ideal that the onus is on you to do this, but here are all the places where you can opt out of data collection.
|
General Online Resources
Consumer News and Guides:
- Consumer Reports is always a good resource for privacy. This guide is frequently updated and has the latest news.
- Consumer Reports is also starting to test products for privacy concerns through their Digital Lab.
- Restore Privacy publishes a number of helpful guides, and also has news and reviews.
- Mozilla has a website that reviews Internet of Things products based on privacy.
- If you are interested in privacy policy and staying up to date on developments in the privacy world, the Electronic Privacy Information Center (EPIC) has a lot of information.
- The Electronic Frontier Foundation (EFF) also focuses on privacy issues, as well as other internet issues.
- The World Privacy Forum does a lot of great work in this area.
- Reddit has a good forum on privacy news.
- The International Association of Privacy Professionals (IAPP). offers certifications for those considering a career in privacy and has a lot of great resources.
Articles and Resources by Topic
I come across a lot of interesting writing and resources online which I share with my students. I will post these here as well, by topic (this will take some time).
|
|
|
Why I care about Privacy
Privacy (and Data Security), started off as a job thing, but it soon became a passion. We are at a critical spot in our country's history (for more reasons than one) -- the decisions we make about Privacy now will shape our society for the next century.
Data has often been likened to oil -- the commodity that fuels the information economy. 100 years ago, oil was the fuel of the industrial economy. Think about how oil has shaped the world since then. If we had adopted different polices in the 1900s, the world would look much different now. I hope we don't make the same mistakes in developing data policy.
As an Assistant Attorney General for the State of Vermont, I approach Privacy from a consumer protection and antitrust perspective. That is, I focus on how privacy policy and enforcement will best protect consumers. In doing so I apply Vermont's Consumer Protection Act and any other laws available. Right now I think a lot of people would agree that consumers aren't being as protected as they could, because the law hasn't developed at the pace of technology.
I like to joke that my job is to help prevent a dystopian future that happened five years ago.
Data has often been likened to oil -- the commodity that fuels the information economy. 100 years ago, oil was the fuel of the industrial economy. Think about how oil has shaped the world since then. If we had adopted different polices in the 1900s, the world would look much different now. I hope we don't make the same mistakes in developing data policy.
As an Assistant Attorney General for the State of Vermont, I approach Privacy from a consumer protection and antitrust perspective. That is, I focus on how privacy policy and enforcement will best protect consumers. In doing so I apply Vermont's Consumer Protection Act and any other laws available. Right now I think a lot of people would agree that consumers aren't being as protected as they could, because the law hasn't developed at the pace of technology.
I like to joke that my job is to help prevent a dystopian future that happened five years ago.
© 2020 Ryan Kriger