"Relying on the government to protect your privacy is like asking a peeping tom to install your window blinds." — John Perry Barlow
In the 21st century, there is little separation between school and the rest of our lives because so much of what we do is online. Most of us love to meet and converse online through email, group-chat platforms like Skype or Webex, games, social media — and sometimes all of those things at once. It’s not unusual for an online class to span four time zones, so having everyone log in for a lecture at a specific time each day simply won’t work. This is why e-learning often means asynchronous communication at all hours of the day, and from anywhere Wi-Fi can be found. But since you’re spending so much time on the Internet, it’s important to know the privacy implications of the information and data you’re sharing with the world.
Your School Records
As an online student, you are entitled to a certain measure of academic privacy under the Family Educational Rights and Privacy Act (FERPA), a federal law that protects the privacy of your education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education. Under FERPA, a school may not generally disclose personally identifiable information from your education records to a third party unless you or your parents provide written consent.
"Education records" are defined as those containing information directly related to a student, such as report cards, transcripts, disciplinary records, contact and family information, and class schedules. These are maintained by an educational agency or institution, or by a party acting for the agency or institution.
Once you reach 18 years of age or attend a post secondary institution, you become an "eligible student," and all rights formerly given to your parents under FERPA transfer to you. Usually, the biggest surprise at becoming an "eligible student" is that your grades go directly to you, and not to mom and dad. You have the right to access your education records, the right to seek to have your records amended, the right to control the disclosure of personally identifiable information from your records, and the right to file a complaint with the U.S. Department of Education.
While there are laws that protect your academic information, your personal information is also up for grabs. As an online student, you may have your online classroom tab open, along with Facebook, Gmail, Google, Twitter, Hulu, and World of Warcraft (WOW). The trade off for all these free services is that they want to know who you are and what you do online. This is called data mining. These sites combine what you freely tell them about yourself, such as your email address and name, along with "breadcrumbs" from many of the websites you visit regularly: credit card information for pay sites such as Hulu and WOW; query searches you’ve registered on Google and Bing; Facebook friends, Twitter followers, and other social media associates; products you’ve purchased from online merchants and retailers; and not to mention your current location. Just a few breadcrumbs can go a long way in putting together a comprehensive profile of your social and spending habits, as well as sensitive personal information.
In a 2009 study titled "Predicting Social Security Numbers from Public Data", researchers demonstrated different ways of using public information (including data from social networking sites) to accurately predict close to 9% of the Social Security numbers in a random sampling of individuals. Given the growing availability of information about Internet users online, it’s important that online students know what they are sharing about themselves and how they can manage this information once it’s out in the open.
Identity theft is not the only negative result of data mining. Some social networking sites have stirred controversy in recent years after admitting that personal data of registered users has been sold to marketing companies, who in turn use our personal preferences and web history to influence advertising campaigns. Generally speaking, if you’d like to avoid being targeted in this manner, then maintain a simple, somewhat un-revealing profile on sites like Facebook, Google Plus, and LinkedIn. As a general rule, there are a few things you should never share with strangers online unless you are purchasing goods from an established merchant or retailer that facilitates a secure transaction. These items include:
- Social Security numbers
- Home addresses or phone numbers
- Documents or sensitive materials associated with your job
- Information about the school your children attend
- Bank accounts, credit card numbers, and other financial information
Certain privacy precautions are common sense, and the Electronic Frontier Foundation has a great list of the top 12 ways to protect online privacy.
- Do not reveal personal information inadvertently: Keep tabs on your browser and computer settings in order to avoid sharing data with unknown third parties.
- Turn on cookie notices in your web browser, and/or use cookie management software or intermediaries: A cookie is a very small text file set to share information between your browser and the web service you’re trying to access, such as Amazon, Netflix, or your local library. In addition to social media, cookies recorded on your computer can be used for data mining purposes — and many banner ads are merely "cookie sharing rings."
- Keep a clean email address: This means your email handle is strictly used for personal and school-related correspondence. Use a different, "throwaway" address for online shopping, newsletters, website contests, and other activities that pose a greater risk of exposing you to hackers and identity thieves.
- Don’t reveal personal details to strangers or just-met "friends": This seems like a no-brainer in the digital age, but a lot of web users still fall victim to hackers after sharing sensitive data with online acquaintances they (wrongly) perceive as trustworthy. Bottom line: don’t give out your important information to anyone unless you’re certain it will remain safe.
- Realize you may be monitored at work, avoid sending highly personal emails to mailing lists, and keep sensitive files on your home computer: Modern technology enables third parties to easily view your incoming and outgoing emails, so be mindful about sending and receiving messages of a personal nature while at the office or using your work computer.
- Beware of sites that offer some sort of reward or prize in exchange for your contact information or other personal details: Everyone likes to win stuff, but any site that openly advertises a contest without providing specific details is, most like, some sort of scam designed to snatch your sensitive data.
- Do not reply to spammers for any reason: Instead, consider flagging their messages and/or reporting them to your email provider. Most of these messages can simply be avoided by filtering your junk emails.
- Be conscious of web security: This is especially true when it comes to using your credit card online.
- Be conscious of home computer security: Is your Wi-Fi network protected against outside web users? Have you taken measures to safeguard all of the computers in your household (as well as smartphones and tablet devices)? Make sure to always turn off your computer when it’s not in use; whenever you are "online," there’s an open door for anyone who has access to your network.
- Remember that YOU decide what information about yourself to reveal, when, why, and to whom: If your birth date is used in your bank account password or your child’s name comprises part of your Internet network login code, then guess what — you’ve just made it that much easier for hackers to access your information. And don’t think for a second that ‘privacy’ settings on social media outlets will protect you every single time.
- Use encryption: Well-renowned programs include Pretty Good Privacy (PGP) from Symantec, FSecure SSH, and SecureCRT.
Fortunately, web developers today recognize the need for increased security. For example, Google Chrome allows users to browse the Internet without permanently storing any URLs or cookies in their history; this function is known as ‘Incognito Mode.’
When it comes to sharing data with others, it might be wise to do so using different forms of technology. For instance, let’s say you’re trying to relay a login password to someone. Whitson Gordon of Lifehacker suggests emailing that person to let them know the password is on its way, and then texting the password "with no context" to the recipient’s cell phone number. Once received, the other person should delete the message. A "less practical, but more secure" alternative to this system is to use a password management system, such as LastPass.
Finally, web users are warned to proceed with caution when accessing sensitive personal, financial, or educational information when using a Wi-Fi hot spot (such as an airport or a popular coffee shop). Professional hacker Tim Pierson told CBS News that bank account numbers, email addresses, and other data can be tracked (and easily intercepted) by identity thieves using the same network. If at all possible, refrain from accessing these materials in public places.
When you interact online, you are not only sharing information about yourself; you are also shaping your personal and professional reputation. Social media outlets such as Facebook, Twitter, Google Plus, LinkedIn, and Foursquare create a whole new set of opportunities to communicate and engage with others. These opportunities bring up a new set of questions about how to make the most of these tools without crossing boundaries or compromising your professional relationships.
For instance, your online instructor probably has an online profile as well, so there is potential for awkwardness if you ask them to be social media friends while you are a student. Usually, as a student, you’ll already have multiple ways of contacting your instructors, including through phone calls, email, Skype, and regularly scheduled office hours. Being their friend and or follower on social media is probably too intimate, and blurs the professional line that normally exists between teacher and student. At least wait until you have successfully completed at least one class before considering whether or not this is a good idea.
In addition to simply determining whether or not to connect with your instructors on Facebook, remember that social media outlets allow you to set the level of privacy you want and need. Verifying your account settings should be one of the first things you do after you sign up for a new account. Since the privacy features of social media sites often change, it is a good idea to check your settings and read the privacy statements listed on the sites on a regular basis.
There are also important rules to keep in mind when conducting yourself online. Remember that anything you create digitally can reappear at a later date, and it can pop up somewhere you never expected it to. This includes texts, iChats, YouTube videos, class assignments, and avatars, so be very careful about what you create and send out. Just think of the Internet as being the largest filing cabinet in the universe, where anything and everything can be brought back, even long after you’ve deleted it. In addition, take into account that your personal information will not necessarily be owned by the same organization 20, 10, or even five years from now. Companies are often bought and sold, and with that, the data ownership is typically transferred without your knowledge or consent.
These are essential points to bear in mind because eventually you will graduate and enter the job market. When you apply for a job, it is common practice for potential employers to look you up on Google in order to get a sense for both your professional accomplishments and online social activities. Therefore, while you want to be social by being on Facebook and Twitter, you will want to control what others see so that potential employers will get the best impression of you. You should be careful about what you post under your name. If you can find it, so can a potential employer.
Start paying attention to all of your postings , and make sure that you restrict your privacy settings so that only friends can see your account. This will limit the possibility of personal and sensitive information leaking out to the public Internet domain. But even this is not foolproof because the potential for leaks is always there, regardless of your privacy settings and of the stated privacy standards of your social media provider. Anything you do online can be captured, manipulated, and sent to others without you even knowing it.
Given all of this warning, you may be tempted to not be on social media at all, but believe it or not, the benefits of online connectivity can be greatly outweigh the drawbacks. For most employers these days, having a social media presence — albeit a positive one — is a great selling point, whereas being absent from social media could be seen as a negative signal because it suggests you may not understand social media, or that you’re anti-social. Most employers understand that the Internet and socializing online is not just a fad, but rather a shift in how people interact and conduct business. As long as you keep your information safe and watch your online conduct, you can enjoy connecting online during your classes as well as prove that you are a up-to-date and professional.