Privacy Tip: Assume Everything Online Could Be Public

The Internet collectively freaked out yesterday after rumors swirled that Facebook accidently began posting private messages to users’ public timelines, exposing all the nasty, salacious, and incriminating messages that were thought to be securely hidden from view. Not everyone had cause to worry, however, because they follow a simple rule for avoiding inevitable privacy mishaps: assume everything put online could somehow become public. No website is unhackable and no privacy setting is idiot-proof, so even the most savvy netizens will find some of their supposedly private information revealed. Though prudence may be inconvenient, here’s the case for why you should just assume everything online could be public and how to still be productive with the policy.

Humans Are Not Natural Multi-Taskers

In the rush to see every picture, read every article, and share every (brilliant idea), the probability that you’ll post content to the public that was meant to be private, is disturbingly high. The human brain, which evolved within a world without Twitter and or texting, is not built for performing simultaneous tasks with perfect attention. “One of the most robust findings in cognitive science is that attention has a limited capacity,” writes cognitive psychologists Jason Watson and David Strayer in a study of how just how poorly participants mess up when trying to juggle multiple tasks.

Even social media warriors, hardened through countless hours of messaging a day, are susceptible to mistakes. Our Co-Editor, Eric Eldon, once accidentally tweeted costume advice to a staff writer through our official TechCrunch account (please don’t fire me for using this example!)

In Eldon’s case, it was a harmless mistake; in former Representative Anthony Weiner’s case, who inadvertently tweeted a picture of his bulging member (pardon the pun) to a young temptress, it was a career-ender.

Careful readers will note that Watson and Strayer did find an elite group of participants whose brains could handle multiple tasks seamlessly, so-called “supertaskers.” But, unless you’re one of these rare neurological mutants, it’s safe to assume you’ll mess up. Better to ensure that there’s nothing career-ending about an inevitable mistake.

Everyone Gets Hacked

When the underlying architecture for the web was originally conceived, it was built for transmitting public information; ever since, the capacity to share information has outstripped our ability to conceal it. As this post is written, President Obama is threatening an extraordinary use of executive authority to mandate cybersecurity protocols, because our most sensitive infrastructure organizations haven’t passed basic safety tests. In one telling example, government employees watching porn left nuclear missile defense sites susceptible to hacking. Thus, even if most users are sensible, the Internet is an interdependent network where everyone can pay for one person’s mistake.

Additionally, Google, Microsoft, LinkedIn–they’ve all been hacked, and likely will be again. And if it isn’t cyber-geniuses from China cracking the website itself, it’ll likely happen to individual users. Nearly every month I see Facebook status updates from my friends’ hacked accounts telling me to purchase male enhancement drugs or hop on a shopping deal of a lifetime.

Perfect security requires unrealistic diligence: keep multiple passwords and change them frequently, constantly monitor all of your software for necessary security patches, and update your email and social networks to the latest protocols (currently 2-step verification and secure HTTP).

I spend all day long on this productivity black hole we call the Internet, and not even I can keep up with it. We all get hacked: make sure when it’s your time, you don’t have anything soul-crushing to expose.

Some Tips

1. Use Proxies To Relay Information – I once tweeted out my cell phone number, which was meant as a private direct message. I didn’t worry because I use Google Voice, a telephone service from Google that automatically calls my separate personal number. With Google Voice, I can screen my calls and give out a cell phone number without worrying about giving 24-hour direct access to everyone.

1b. I also have an entirely separate email account for any source or website that could put me on mass mailing list or give out my address. Even though I still only give that fake account to websites and sources who assure me they won’t sell my information, I still get mountains of unwanted spam a day. In other words, if there’s any chance it will get exposed, it usually does.

2. When In Doubt, Don’t Record: At times, most of us indulge our inner demons. I’ve been to Burning Man…but I didn’t record the entire experience. Fortunately, we’re hard-wired to remember experiences that are most the meaningful and bizarre (and for me, Burning Man was both). So, I’ll remember it without photographic evidence.

3. In-Person And Video Is Better: Most often if I need to transmit not-so-nice information, it’s best done in person. Research on distant communication reveals that because humans judge trustworthiness through body language and intonation, we often misinterpret emails, texts and chat. Professor Olson of UC Irvine tells me that the trust spectrum (from best to worst) goes In-Person, Video, Audio, Chat, Asynchronous Messaging (text, email). I often opt for waiting till I can meet for coffee or do a video chat, which not only improves the outcome of the conversation but has the added bonus of not being recorded.

So, if you follow the “everything could be public” way of digital life, the next time there’s a security breach (and there will be), you’ll have nothing to worry about.