Keeping Your Privacy Safe

Privacy policy - Before entering your name, email address, or other personal information into a website, look for the privacy policy. This policy should specify how the information will be used and whether or not it will be shared with other organisations. Companies may share information with partner vendors who provide relevant products or may provide the choice to subscribe to specific mailing lists. Look for signs that you have been added to mailing lists by default—failure to deselect those options may result in unwanted spam. If you cannot find a privacy policy on a website, contact the company to enquire about the policy before submitting personal information, or visiting another site. Because privacy policies vary from time to time, you should evaluate them on a regular basis.

Proof that your data is being encrypted — To prevent attackers from stealing your personal information, online contributions should be encrypted so that only the intended recipient can see them. Many websites employ Secure Sockets Layer (SSL) or Hypertext Transfer Protocol Secure (HTTPS) (HTTPS). The presence of a lock icon in the bottom right corner of the window shows that your data will be secured. (For further information, see Understanding Website Certificates.) Some websites also specify whether or not the data is encrypted when it is stored. If data is encrypted in transit but not securely kept, an attacker with access to the vendor's system could obtain your personal information.

Deal with reputable companies. Consider the following questions before providing any information online: Do you have faith in the company? Is it a well-established organisation with a solid reputation? Is there a worry about the privacy of user information based on the information on the site? Is valid contact information provided? If you responded "No" to any of these questions, you should avoid doing business with these companies online.

In online submissions, do not use your primary email address. If you submit your email address, you may receive spam. If you don't want your primary email account to be inundated with spam, try creating a separate email account for internet use. Make a habit of logging into the account on a frequent basis in case the vendor delivers information concerning policy changes.

Avoid giving out credit card details online. Some businesses give a phone number where you can provide your credit card details. Although this does not ensure that the information will not be compromised, it does eliminate the chance of attackers hijacking it during the submission process.

One credit card should be reserved for online purchases. Consider creating a credit card account that is only used online to reduce the risk of an attacker having access to your credit card information. Maintain a minimum credit line on the account to limit the number of costs that an attacker can incur.

When making internet purchases, avoid using debit cards. Credit cards typically provide some protection against identity theft and may limit the amount you are obligated to pay. Debit cards, on the other hand, do not provide this level of security. Because the costs are withdrawn from your account promptly, an attacker who acquires your account details may empty your bank account before you know it.

Use the tools available to limit the exposure of sensitive information. Certain websites' default parameters may be chosen for convenience rather than security. For example, don't let a website remember your password. If your password is saved, an attacker with access to your computer will have easy access to your profile and any account information you have provided on that site. Examine your settings on social networking websites as well. The purpose of those sites is to share information, but you may control who can view what by restricting access.