Of all the things you do to try & protect your privacy, the biggest threat may be coming from your contact lists.
These days your friends, family & acquaintances can be quick to share that link or video that they find mildly interesting. Playing the role of innocent dupe by ignorantly sharing malware with everyone they know. But even if you’ve quashed that behavior those people still have you as one of their contacts.
It doesn’t matter how tech-savvy & privacy conscious you are, if your friends, family & even business contacts don’t share that same savvy, the odds are that they have still unknowingly sold you out to marketers, spammers, & criminals multiple times.
Birthday. Gender. Zip code.
It only takes 3 pieces of information to identify you, find you, & build a complete profile on you. Your birthday, your gender, & your zip code. Odds are that most of the people who have you as a contact has this information about you & more including but not limited to your name, address, home & work phone number(s), email addresses, their relationship to you, company you work for, & any other information that they may have added.
You already know this. But how are they sharing that information with others without your permission?
1. Social Media
One of the easiest ways to find someone is through the “friend lookup” feature that searches for profiles of people that you know. You may be already connected to the people you want to be connected to, but what about those you don’t? Through any social media account anyone who knows your email address can find your existing or abandoned profile & all the information in it including all your posts, images, friends, about info, & history across the platform.
But what if someone searches for you, & you don’t have a profile on that platform? They’ve still input your email address into a data collection company whose entire business model is building personal data profiles on people.
Instead of searching for “friends” one by one, many of these apps can ask to scan your contacts. Now this company has all the information about you that is in their phone. It’s that easy, & you didn’t even have to give permission.
2. Apps & Games
Phone apps & games are notorious for requiring access to your contacts. If the people you know download a lot of games & frivolous apps, the odds are that they’ve given these random companies & app developers access to your contact information over & over again. To make matters worse many app developers have been found to be government contractors who have been using phone apps to gather information about people & sell that info to governments.
One such instance was a Muslim prayer app with more than ten million downloads who sold location data to Predicio, which is linked to a U.S. contractor who works with ICE. Read more about that here.
Ever wonder why there are so many weather apps? Just about every weather app uses the exact same APIs to deliver the exact same information. So why are there dozens of them?
A weather app is a great excuse to track the location of its users because by default it needs to know your location to give you the weather.
For an open source alternative to android weather apps, check out Forcaste in the F-Droid store. No tracking. Just the weather.
3. Internal Links & Videos
It’s long been known that clicking on random links can lead to trouble. But there’s a misconception that sharing links inside social media & messaging apps are somehow safer & shield you from harm. This is NOT true. As a matter of fact the bad guys take advantage of this false belief to syndicate some of the most invasive, privacy tracking scripts & websites on the web.
Another threat to your privacy on social media is the ignorant headline reader. People who only see the headline of a link or video & are immediately enticed to share it with everyone they know without ever checking or caring where it actually leads to.
Then there’s the poor security habits of your friends that have led to many of their social media accounts being hacked or taken over. You probably know someone who has claimed that their Facebook account was hacked at least once. Seriously, why would you keep trusting that person to hold all of your personal details on their phone or trust anything they send you?
Moral to the story, if you don’t trust the security habits of your friends & family, don’t trust the things that they share with you on or offline. You may also want to think about creating alternative credentials just for them so that they aren’t constantly exposing your personal & business details to anyone who asks.