7 easy steps to staying safe online and protecting your privacy

So you’ve heard Donald Trump’s about to be given the keys to the world’s biggest surveillance apparatus and you’re wetting your pants. You’re a tea-drinking Brit with… concerns about the crazy powers police now have under the Investigatory Powers Bill. Or like me, you’re an Aussie surviving Mad Max style under unbelievable “mandatory data retention” measures (they’ve been here since 2015, did you even know?!). You might say “Meh, all they’re going to see is that I spend too much time on Facebook and head to my boring-ass job 5 days a week…” But think about this:

Maybe you’re a domestic abuse survivor. Maybe the survivor is your sister, your co-worker. The sh*tty ex works at, let’s say, the Taxi Services Commission or Greyhound Racing Victoria or any of the 61 agencies who can access your data without a warrant (for reals!). That sh*tty ex can now see your whole online life whenever they feel like it: who you’re talking to, where you’re going and so much more.

That doesn’t scare you? Ok, you’re a journalist working a contact who can blow the lid off shady practices in a government department (or you’re the whistleblower, taking down your dodgy boss) and you want to protect your source and yourself. You’re a fancy-pants lawyer who takes legal professional privilege seriously. Or, you know, you just don’t want the hackers that got J-Law and co to access the sexy snaps you know you have on your phone (looking at you, Aunty Ethel, we know you’re sexting bae), or have that cute family memory of your 3-year old in the bathtub showing up in paedophile networks. Whatever it is, there are so many reasons to care about your privacy and to want to protect it.

DW, I got you fam. Here’s 7 steps that even the tech-challenged amongst us can manage (Aunty Ethel! You paying attention?).

1. Subscribe to a trusted VPN service and use it at all times, both on your phone and computer. This is the only step here where you need to be fronting some bills, but it’s the single most effective thing you can do to keep your data hidden from prying eyes. I use Private Internet Access, which costs about $40 a year.
2. Use an encrypted messaging app on your phone for both sending text and making calls. SMS and normal voice calls are so easy to hack that Aunty Ethel’s been stealing sexting tips from your little sister’s convos. Ew. I like Signal; it’s free and handles both text and voice calls. Download it for Android or iPhone.
3. If you use email for critical communication (congrats on your fancy-ass job, schmuck) make sure you use encrypted email. ProtonMail is a nice and easy-to-use email service with built-in encryption, or you can use Mailvelope to add encryption to your existing Gmail account.
4. Password managers create strong, unique passwords for your online accounts. NEVER reuse passwords on different accounts - SxyEthel69 is surprisingly easy to crack. This is the most important thing you can do to prevent your accounts from getting hacked. I recommend LastPass which is free and works on your phone and computer.
5. Register your email at haveibeenpwned to see if any of your accounts have previously been hacked. This service will also tell you if any of your accounts get compromised in the future so that you can change their password.
6. Enable two-factor authentication (you know, that thing where after entering your password they text you a one-time code for added confirmation it’s you and not that freaky-deaky Ethel) for your important accounts such as Google, Apple, Amazon, Facebook, Dropbox, etc.
7. Ok ok, it’s boring and I know I said there was no more money involved but… Support organizations that fight to protect your privacy. In the US, check out the ACLU and the EFF. In the UK support the Open Rights Group and in Australia, give some love to Civil Liberties Australia and the Australian Privacy Foundation.

Seriously though, it’s in the interests of both governments and corporations to hoard as much data about you as as they can; it makes their job easier and their businesses more profitable. You need to take the necessary measure to secure your accounts and to protect your privacy. These steps will not be enough to protect you against a resourceful adversary who is specifically targeting you, say the NSA or the GCHQ or the ASD. But they will go a long way to protect your accounts, and ensure that your data is not trapped and indiscriminately mined by the massive surveillance nets that governments around the world are setting up.

Even Aunt Ethel knows: it’s cool to be Safe Online.