At my university, a number of stories of wannabe Joe Goldbergs have been brought to light: Men who don’t understand the concept of personal boundaries finding information on women that is publicly available online. They then for some reason tell them in really creepy direct messages because they think it’ll get them a date.
Obviously this has left people rightly concerned for their privacy and how to keep themselves safe. While this article will mainly cover internet privacy, here are a few tips on how to keep yourself physically safe.
Physical Privacy
You’re allowed to carry pepper spray anywhere in the state of Texas without a permit and without restriction (if you’re in a different state, give it a quick search). It is considered using force, so take caution with when you use it: Best to ask the campus police for their opinion, but generally it’s whenever you’re in fight or flight mode.
The UTD Police has a self-defense class called “RAD” that they hold frequently (bad acronym, but useful skills).
Most phones have an option to quickly tap the power button five times, and it sends your location and a text to all your emergency contacts along with calling 911 immediately. Make sure that is turned on. If you own a Pixel phone, there’s even an option to automatically start a video recording that saves to the cloud.
Ideally you shouldn’t ever need to use this, but when push comes to shove, police take a few minutes to arrive, and it’s up to you to buy yourself time. Now onto the main section.
Internet Privacy
The recent post about a woman being stalked through LinkedIn highlights two things:
- Guys on campus need to learn to respect boundaries
- We all need to take steps to minimize the information we post publicly, not because it’s our fault if we don’t, but because it’s something in our control
Mitigating stalkers is similar to mitigating hackers/thieves: They go after easy prey. The more difficult you make it to find your information, the more likely they are to give up. These tips aren’t the end-all-be-all of privacy, but they’ll get you most of the way. Similar to protecting your computers from viruses though, you are the first and most important step of security, antivirus (or in this case, privacy settings) are back-ups. So some guidelines to go by:
- Never give strangers your full name
- Never give strangers your real phone number (Google Voice or MySudo)
- Give people a different email than the one you normally use for accounts (can be an alias email from SimpleLogin.io)
If people push back on the above, push back harder. You have a right to give out or withhold information from whomever you please: that is the fundamental definition of privacy. Alright, now onto tips for making your online accounts more private.
Considering the above-mentioned post that inspired this article, LinkedIn generally seems to be where doxxing happens for students. A few tips for your account then:
- Don’t put your address on your resume, only the city you live in
- If you can post a version of your resume to LinkedIn without your email and phone number, do so
- Don’t add every student who requests to add you, only add friends and recruiters of companies you are actively interested in
- From your profile page, click on your photo, and change where it says Public to Your network
Under LinkedIn’s Visibility settings:
- Change so no one can see your email address
- Change the setting “Profile discovery and visibility off LinkedIn” to no
- Change so your full last name is not shown (optional)
This shouldn’t have any negative effect on your job opportunities as you can still be discovered by job searches. Recruiters will get your address and full name later when you apply, and in person recruiters can still get your information from a physical copy of your resume. While you want a LinkedIn for showing off your work history and keeping in contact with past co-workers and recruiters, the best (and most impactful) contacts are ones you physically have met or have been recommended by a friend, not from being discovered purely by search.
Other Accounts
These tips apply to pretty much any account you have or make:
- Delete old accounts and emails
- Make your accounts private
- Make your username not necessarily tied to your full name
- If the account doesn’t require your real name and address, don’t give it
- Use a different profile photo from your other social media accounts (makes it harder to reverse image search you to find your LinkedIn for example)
— Better if it’s not easily identifiable as you in the present (i.e. you in makeup/costume, you when you were younger)
For Discord:
- Make your username and picture definitely not you
- You can also disable direct messages from server members and not allow them to add you as a friend
The next section will cover people search tools, but changing the privacy settings above, limiting where your real full name, address, and phone number appear is key, as websites will sell that information to brokers who may sell it to people search tools. It’s important to stop the source before we deal with the problem.
Also, because sites mainly require your address due to payment methods, I’d recommend using a virtual card from a service like Privacy.com as it allows you to put any name and any address down and the payment will still go through (disclosure: that link is an affiliate link where you and I both receive $5 if you sign up). There are other benefits to that service, but it warrants its own post.
For deliveries, some places will let you deliver to a public location rather than your address: for example, use Amazon lockers. This doesn’t always work, but is convenient for other reasons (stopping package thieves).
One small note: It’s best not to use a fake name for deliveries as this can cause issues if your package gets lost.
It also goes without saying, that the more places your real name, address, phone number, and payment info are, the more likely they are to be caught up in a data breach. Using fake names/addresses, Amazon lockers, and Privacy.com cards helps to limit those potential chances to be exposed. If you want to check if your email or phone number were in a data breach, check HaveIBeenPwned.com
People Search Tools
And finally we reach the most annoying one to fix: people search tools. These sites aren’t illegal by any means, but they do end up putting people in danger of physical stalkers. These sites take information from public records (court documents and such) and sometimes data brokers (the above tips are there for a reason), and make them available to search. They act similar to a physical phone book, but the problem is that the information is now easily available to search by anyone, anywhere, and can sometimes include your phone number and physical address.
These sites generally don’t post people under 21, but you never know if you are on there unless you check (if you live with family, your parents might be on there).
They’re annoying to go through and get rid of, so here are two good sources to follow
- This article by LifeHacker covers the main ones https://lifehacker.com/how-to-opt-out-of-the-most-popular-people-search-sites-1791536533
- This workbook PDF by Michael Bazzell is a pretty exhaustive list.
The main sites to hit are:
- Family Tree Now
- WhitePages
- Spokeo
- PeekYou
- Instant Checkmate
- Intelius
- BeenVerified
Final Remarks and Tips
There’s always more you can do, but making it difficult to find information makes it more likely that stalkers will give up. Keep in mind that your friends and close connections can serve as weak links in your privacy, so ensure they keep their profiles private as well.
Some good resources for further privacy guides are:
- Techlore’s course Go Incognito
- PrivacyGuides.org
- Follow this guide from The Washington Post to lock down your Google account
- Register your phone number at https://www.donotcall.gov/
One final tip: Use a password manager like Bitwarden. It’s important to have secure and unique passwords to keep your accounts and information safe. If you use the same email and password combo for every account, it makes it trivial for someone else to login and either take over the account, message your friends pretending to be you, or steal your information. I recommend Bitwarden because it’s free and available on all devices and browsers (without any limits unlike LastPass), and you can check if you’ve been in a data breach through their online vault.
Using Bitwarden:
- Import your passwords from Chrome (or wherever they’re stored)
- Delete old accounts
- Change the passwords to be secure
- Change the payment info to cards from Privacy.com if possible (with random addresses and names)
- Change to email aliases if possible
I have no affiliation with Bitwarden, I just love their service.
Be careful about whom you give your information out to and how much, and try to regularly clean up old and unneeded accounts. Keep yourself safe.
Some final tips for the men reading this
This really shouldn’t need to be stated, but apparently it does: Don’t try finding out someone’s information from the internet without their consent. Just ask them. If you don’t feel comfortable asking them for something, then you’re asking for too much or too soon. If you want someone’s number, ask them directly. If they don’t want to give it, take the no and walk away.
