Privacy and Security Wrapped in a Bow
If only it were as easy to give the gift of privacy and security as it is a cozy sweater or the latest gaming console.
It's quite a bit more complicated, of course.
Yet, there are small things you can do to keep those around you safe this season. One is staying educated on threats and how to thwart them. Read on to learn how... and then if you're so inclined, share far and wide!

Female hands in winter gloves with christmas gift box
What to know while shopping
Is your stored credit card a sitting duck?
If you have a payment card stored with Amazon, secure your account with two-factor authentication. It's simple to set up and adds an extra layer of security between your card account and the bad guys.
Will that hot gift spy on you?
In a recent visit to the KCWI 23 Great Day morning show, I shared the potential dark side of this year's hottest gifts. Just one of those to watch out for is the Hello Barbie, which records and stores the conversations your child has with her. 

Does it sound too good to be true?

As Carolyn Bigda advised the Chicago Tribune, beware the $20 iPad. If a seriously cheap or super discounted item pops up on your screen, chances are very good it will lead to more of a rip-off than a bargain. 

'Tis the season for scams

Don't fall victim to these crafty swindles
Shoppers in downtown Copenhagen, where I visited a couple of weeks ago.
Secret Sister Gift Exchange: Spread on social networks like Facebook, this scam encourages girls and women to send $10 to receive 36 gifts from friends.

Flimflam: Those of you in retail are probably well aware of this trick in which a shopper gives you a high-value bill, then asks to change it for a smaller one, all in the name of confusing the clerk. But the same can happen to shoppers when buying from a particularly talented salesperson. 
Before you click that link
Watch out for e-greetings, refund links, delivery warnings and other messages that come to you via email. They may contain malware that will infect your computer. 

Really convincing emails from what appear to be legitimate retailers can fool you. If you get a message advertising a bargain, a sale or even just a great gift idea, close out the email, open a new browser window and navigate to that retailer's site on your own. This will help you avoid falling victim to a spoof site 

Patients worry about data security
Our poll results are in!
Healthcare data breaches and inappropriate use of patient information have most people worried about the security of their most private data. In fact, more than 60 percent of participants in a recent Privacy Professor poll said they were not confident at all or only slightly confident that their healthcare provider is safeguarding their patient information.
While disturbing, it wasn't exactly surprising that 7 percent of our poll respondents had already experienced a breach of their patient data. Why not? Because 85 percent of healthcare providers allow staff to connect their personal mobile devices to the hospital network, and 2/3 of hospital workers use mobile apps to view patient data.
Watch for more on this topic in my upcoming Dell blog post

Tivoli Gardens at night in Copenhagen
Hackable medical devices are dangerous 
Infusion systems, pacemakers, MRI scanners, picture archiving gear and more "at the fingertips of miscreants"
More "smart" device manufacturers, engineers and designers MUST prioritize privacy and security. It's something I've spoken on passionately for more than four years. I'm very happy to see more attention being paid to this incredibly important topic:
Thousands of 'directly hackable' hospital devices exposed online: "Not only could your data get stolen but there are profound impacts to patient privacy."

The doctor on a quest to save our medical devices from hackers"We have to keep in mind the tradeoff between wanting security and maintaining usability ... and make it possible that a do-it-yourselfer can still do some things with their device." 
The Privacy Professor's Perspective...

Photo "Gifts" from Facebook and Snapchat 
holidays, winter, christmas, technology and people concept - happy couple of tourists in warm clothes taking picture with smartphone in old town
Facebook wants your pics... before you even post them
If you use Facebook on your phone, you may soon be opted-in to allow Facebook to  examine, tag and prompt you to one-click share each of the photos on your phone. It's all powered by facial recognition, the settings for which you can adjust here.
Remember when Snapchat's value was self-destruction?
Well, now the app has reserved the rights to store and use all selfies taken with the device. It's an interesting about-face for the company which was founded on the concept of self-destructing digital images. (And it is only a concept, mind you... completely self-destructing digital images is not truly possible and never was). 

Thousands of bikes line the sidewalks in Copenhagen. It was a common sight!
When others know where you are  
The average consumer is never more than 3 feet away from his or her smartphone
Where you are, where you have been and even where you are going - all of this info is tracked and shared multiple times a day. Imagine the danger that poses to people, especially domestic violence and stalking victims.
If you know someone for whom this information could be particularly perilous, point them to the Attorney General's new information sheet, Location, Location, Location: Tips on Controlling Mobile Tracking.

Privacy Professor In the News

merry colorful magic christmas lights blurry closeup
Privacy Professor On the Road & On the Air

On the Road Again 

One of my favorite things to do is visit with leaders in different industries - healthcare to energy and beyond. Below is a recording of a recent talk and a schedule of where I'll be over the next few months.
My talk on the need for more privacy controls at Purdue University for their CERIAS program is available on my YouTube channel.
Dec. 10: (Webinar) Best Practices to Prevent Data Breaches in 2016, 1 to 2 p.m. eastern
February 15 & 16: (Two Live Privacy & Security Workshops) Alaska Surveying & Mapping Conference, Anchorage, Alaska
April 30 - May 1: (Live Presentation) 2-day workshop, "Creating a Privacy Program using ISACA's Privacy Principles," ISACA, New Orleans

Taking to the Air Waves

The Great Day KCWI 23 Morning Show regularly covers privacy and security tips with their guest, the Privacy Professor! Each is a brief 10-15 minutes and covers topics ranging from insider theft to connected vehicles. Check out this online library to watch recent episodes. Below are upcoming in-studio visits. 

December 15: How to spot and avoid holiday scams
January 28: Data Privacy Day

Questions? Topics?

Have a topic I should discuss on the Great Day KCWI morning show? Or, a question I can answer in my next monthly Tips? Let me know!

Giving is one of the best parts of the season. Here's my son a few Christmases back enjoying the "receiving" part of the holiday. :) 

As you check off your shopping list this year, be smart, safe, and always merry!

Enjoy the season,


Rebecca Herold
The Privacy Professor

Need Help?

Permission to Share

Want to repurpose the information contained in this Tips? Yes, please forward in its entirety. 

If you prefer to use only excerpts, please use this attribution:

Source: Rebecca Herold, Founder, The Privacy Professor´┐Ż,,, [email protected] 

NOTE: Permission for excerpts does not extend to images; some of which are my own personal photos. If you want to use them, contact me.