Aside from personal privacy concerns, both your personal data and NYU data has value and should be protected. Realize that there are hidden costs associated with freeware (free software), which may take the form of personal information collected about you, that can be analyzed and monetized by malicious actors, data brokers, researchers/product developers, businesses, and advertisers. It may be visible to, or stolen by scammers, law enforcement, business competitors, even nation-state actors. In fact, according to Wired, “Personal data is often compared to oil – it powers today’s most profitable corporations, just like fossil fuels powered those of the past.”
Commonly used freeware providers include free email services, and applications, such as internet browsers, Facebook, YouTube and others. Often the specifics of data types collected by free services are unclear and buried in Service Agreements. Gathered data may include your search engine queries, your browsing history, social media posts, locations visited and more. In the same article, Wired also mentions that “There are also few laws governing how social media companies may collect data about their users. In the United States, no modern federal privacy regulation exists, and government agencies can even legally request digital data from companies without a warrant in many circumstances (though the Supreme Court recently expanded Fourth Amendment protections to a narrow type of location data)”.
Free services with which there may be an associated hidden cost include public Wi-Fi, and free use computers or public charging stations for your devices. Protecting yourself means being cognizant of and willing to accept the trade-offs that you’re making when you use free services.
Recommendations include:
- Review your privacy settings periodically for all services you access to ensure that you are comfortable with your chosen selections. Review your selections periodically as when settings change, you may be automatically reverted to default settings.
- To access the policies and settings of many popular services, see the National Cybersecurity Alliance web page, Manage Your Privacy Settings for direct links.
- Limit what you post about yourself, others and your employer online.
- Make sure that the answers to your account security questions cannot be gleaned from your social media accounts or other online sources.
- If you no longer use an app, remove it from your device.
- Only download from known and trusted sources, such as an official company website or the App Store & Google Play. Free software from other sources may come with malware.
- Use only trusted and password protected public WiFi , such as NYU WiFi, and use a Virtual Private Network (VPN) in connection with WiFi whenever possible. A VPN will create an encrypted tunnel to prevent anyone from spying on your network traffic.
- Beware of public charging stations that may have been tampered with, and that may infect your device with malware.
- Free use computers, such as those in a library or hotel may be running non-updated (vulnerable) software and may be infected with malware, such as spyware. If you use these computers, it is recommended that you do not perform transactions or access your accounts or sensitive information. If you must do so, clear the browser cache, and make sure to log out when finished. Finally, change the passwords on the accounts you accessed when next using a trusted device and network.