Time To Audit Your Privacy Settings — Everywhere

I got a new iPhone last year and configured it to upload photos to Facebook. Imagine my surprise when photos of me and my kids ended up public on Facebook, even though I have my settings set to all photos as viewable by Friends Only by default. So I dutifully reviewed all of my Facebook privacy settings, updated the viewing options for all of my photo albums and went on my merry way.

I wouldn’t call myself paranoid about privacy and security on the web, but I do watch what I post online and I take advantage of privacy options, whenever available. Make it your New Year’s resolution in 2013 to audit your privacy settings on all social networks and think about what information you’re putting out on the web, private or not. Here’s my privacy punchlist to help you out:

Be careful when uploading photos to Facebook via your smartphone. For some reason, Facebook sometimes doesn’t honor my default option to make photos Friends Only and I have to manually change the viewer settings on some photos.

Beware of what other people can do to your posts and photos. Last month, Mark Zuckberg’s older sister posted a photo on Facebook that friends and friends of friends could see. A friend of a friend saw the photo, assumed it was public and tweeted it. What ensued was a very public conversation between Randi Zuckerberg and the tweeter Callie Schweitzer on Twitter. The media had a field day. Check out this story on Forbes​.com. Folks, if you let them, friends and friends of friends can share your posts, share your photos, tag you in photos, yada, yada.

Remember that Facebook apps can access your personal information. Everyone seems to love birthdays and birthday greetings on Facebook. Well guess what? Even apps can access your birthday when you give them permission to access your Facebook account. And since knowing your birthday is a key piece in identify fraud, think about not sharing your account, or not putting your exact birthday (does that violate the Facebook terms of service?).

Know that your company email account is not private.  Your personal gmail account is one thing, but all the courts have upheld the notion that corporations own employee accounts on corporate mail servers, which means they can audit and read your company emails at any time. Most companies even have policies saying they can and will do this when needed.

But hey, even private email accounts aren’t always private. We might be shocked by the General Petraus affair, but equally of interest is how the FBI found the emails between General Petraus and Paula Broadwell in private gmail accounts. What started out as a cyberstalking investigation ended up bringing down a CIA Director! So assume that all of your emails could be made public and that they will exist on some computer or back-​​up for the next generation or two.

Everything we do is  being tracked. When I stop to think about it, I cringe at the data that government and retailers are amassing about me. I use my American Express credit card for nearly all of my purchases, I use my rewards cards at places like Giant, Harris Teeter and Barnes & Noble, my E-​​Z Pass tracks where I’ve traveled on the toll road, Google tracks all of my searching history, Amazon knows what I like enough to buy, and Facebook knows where I’ve been, who my friends are and what I ate last Sunday. If you want to stop some of this tracking, don’t use a credit card, don’t use rewards cards, use a Do Not Track app on your computer (like Abine), logout of Google before doing searches, and turn off cookies or delete them regularly. For me, these steps aren’t exactly practical, but I offer them as suggestions for those who do want to limit tracking.

Ultimately, I always try to remember that anything I do online on the web and in email could be made public at any time.

How about you? How much do you care about privacy and security? Are you doing anything about your privacy settings or changing your behavior?

Many thanks to my friend Shaun Dakin for his help with his post. Shaun is a huge online privacy expert and advocate. Find him on Twitter @shaundakin and Facebook at Dakin Associates.