What Are the Implications of the 2016 Election for Internet/Digital Security and Privacy?
BY CASSY DORFF
Key Takeaways:
- While it is unclear how precisely surveillance policies will change under a Trump administration, the ability of the US government to monitor individuals' digital communication is comprehensive.
- It is the responsibility of the individual user to protect their communications from any form of surveillance whether that be from the US government or other actors.
- Individuals can easily update their email, phone, and social media password preferences to quickly enhance their personal digital security.
- Detailed online resources for further security tools, such as encryption of sensitive data stored on hard drives, are available to the public.
Overview
When President-Elect Donald Trump assumes office in January he will become responsible for the conduct of the NSA's already-extensive surveillance apparatus.
As a candidate, Trump often stated that he would give the NSA "as much leeway as possible" to leverage this system in the fight against terrorism. Specifically, he has suggested employing more surveillance in mosques and monitoring or "closing off" Internet access to limit Islamist propaganda. The tech industry has voiced concerns that Trump, supported by recently re-elected Republican Senator Richard Burr, chairman of the Senate intelligence committee, would impose security restrictions on apps, software, and user data. A commonly cited concern is that the government could pass legislation requiring companies to create "back doors" for their products enabling governments immediate access to user-information by overcoming encryption and other protections designed to keep user information private. This concern was highlighted earlier this year following the San Bernardino shootings when Trump called for a boycott of Apple until the company helped the FBI unlock the shooter's iPhone.
Nevertheless, many of the legal effects of a Trump presidency on cyber-security, technology and surveillance are yet to be known. Yet, even under the Obama administration any form of electronic or digital communication such as email, voice calls, text, Skype exchanges—has had the potential to be recorded. Thus, if you have concerns about protecting truly sensitive information you should practice caution with any medium of digital communication. This brief offers a quick guide for those concerned with their personal security and provides key practices any individual can adopt to enhance the protection of their online identities and personal information.
HOW TO EASILY ENHANCE YOUR DIGITAL SECURITY:
General:
- Enable two-step authentication on all of your accounts (places to start: email, dropbox, twitter, bank logins). This feature is typically found under privacy settings and will often include using a password + phone/text verification. Two-step verification will require that you use both a password and secondary step--such as receiving a passcode via text or email to confirm your login.
- Do not use the same password for all of your accounts. Even better, use a different password for each. Unless you recently won the World's Memory Championships, you might want to invest in a password generator.
Phone:
- Different phones (iphone vs. android) will allow you to add longer passcodes for unlocking your phone. Do this! Passcodes > fingerprints.
- Encrypt texts on your phone by downloading and texting via the app, Signal.
- For protected calls on iOS (iphone) you can make calls using the aforementioned app, Signal. For android you can use Redphone, also created by the makers of Signal, whose website you can view here.
- If you don't want your conversations recorded, consider getting a landline. Because they would require a tap at the source, landlines are more secure than mobile phones.
Email:
- Create a junk email for digital accounts that is separate from the account used in primary correspondence. For example, if the email you use for 100% of your accounts and correspondence is tracy.smith123@emailhost.com, consider using tr.smith12@emailhost.com for things like subscriptions, websites that prompt you to build an account even though you might not ever go back to the website, or online shopping. Choose a different password for each. Hacks often occur to social media sites, this was recently evidenced by the hack of multiple social media accounts for Mark Zuckerburg.
- Enable two-step authentication for your email. Again, two-step authentication will significantly lower the chances your email will be hacked.
Easy thing to remember about wifi:
- Public wifi is VERY PUBLIC.
- Leaving your phone on wifi means nearby networks can tap into your phone.
- Use VPN secure wifi and limit your computer's "sharing" capabilities
- Download browser extensions such as privacy badger (for Chrome) to prevent tracking
- If you must be anonymous while using the Internet, download Torbrowser.
RESOURCES
For those interested, there are several detailed guides similar to this one that provide a much deeper assessment of security and possible avenues for protection.
- HackBlossom has already put together a comprehensive guide here. Their "cheat sheet" is an excellent starting point.
- Security in a box is another comprehensive resource.
- Open Canada has a nice article walking you through the logic behind basic tips.
- If videos and tutorials are your thing, check out https://ssd.eff.org/.