In this entry, I’ll mapping out my media consumption from a day this past week, with a heavy emphasis on privacy and security concerns involving the media I both consume and create.
For added context, my 24-hour day is a bit skewed compared to others, as I primarily operate on a night schedule.
2:30 p.m.: I wake up from the alarm set on my phone. I enter my passcode for my iPhone and promptly check my email and notifications. I recall seeing information highlighting the effectiveness the specific encryption Apple uses for its products involving passwords and passcodes. This makes me feel secure that my iPhone is secure. With this in mind, there are still strategies Apple recommends people take to secure their devices. Some of these best practices include changing your Apple ID password and phone passcode every six months, as well as keeping in mind the longer your password/code are, generally the more secure it is.
2:35 p.m.: After feeding my cat, I check my email on my phone. Upon logging into my email provider, I am greeted with a messenger from my password manager, stating my password has appeared in a data leak and is compromised, highly advising me to change it for my security. I immediately go to change the password as well as set up 2-factor authentication for added security. I’ve been meaning to set up 2-factor authentication on all of my most used accounts, as I’ve known for a while it’s a fantastic security precaution to take by adding an extra layer of protection to one’s accounts, it’s just been something I have been procrastinating on. In a way this alert was a blessing, as it provided me the urgency I needed to enact this change. Security is one of the main reasons why I chose my current email provider, as I know this is an integral component and selling point to their service. Particularly, their end-to-end encryption is a nice, peace of mind feature when sending and receiving emails.
4:30 p.m.: I realized I needed to go buy groceries, as my fridge and pantry were getting quite sparse. I get in my car and head to Winco. I utilize my insurance provider Progressive’s telemetric tracking service, Snapshot. Initially when signing up for my insurance policy, the company was offering a slight discount if I signed up for Snapshot, advertising it has the potential to lower my rates in the future. As someone who does not drive a lot, I was interested in this offer. Sure enough, within my first six month policy, I saw my monthly rate decrease $50. Since then, my rate has stayed relatively consistent, dropping $5 upon my six month policy renewal. I have heard many privacy concerns with these services recently, which prompted me into looking more into Snapshot’s privacy policy (something I admittedly should have done upon signing up for the service). Compared to some of the other privacy policies I’ve reviewed, Progressives’ is relatively straightforward, not disclosing your data unless they are legally required to or to a state department or service providers. While there’s still a part of me that feels uneasy letting a company have all of this data about my driving habits, I staunchly believe the benefits outweigh the negatives in this instance. I pride myself on budgeting and being financially disciplined, and when you’re a single guy in your 20s living on your own, any extra money you can save from required expenses is well worth it in my view.
7:30 p.m.: Before my shift starting at 10:15 p.m. tonight, I wanted to check my classes in Canvas and maybe knock out an assignment or two. ASU requires 2-factor authorization utilizing the Duo Mobile App, which adds an extra layer of security to one’s account. In addition to this, the university also recommends changing one’s password every 180 days for their own security and protection. It reassures me going to school at a university that is prudent about faculty and student’s digital privacy.
4:30 a.m.: After getting off of my shift, I rush home excitedly to listen to a new album that dropped at midnight by one of my favorite bands. Once home, I open Spotify on my phone and am greeted by a notification highlighting the album’s release on the homepage; I eagerly press play. It’s worth noting because of how frequently I use Spotify, I granted the app permission to save my login information on my device, allowing me to access the platform more seamlessly. I am aware of how Spotify uses one’s listening data to feed them recommendations in their proprietary algorithm. Aside from this, I am not aware of the specifics who they are allowed to disclose users’ data with. Upon looking up Spotify’s privacy policy, I find it pretty standard with who they are authorized in sharing their users’ data with. The third party services they share one’s data with are only services that the user connects their account to, meaning it’s a choice inflicted by the user of the account. It makes me feel better being more aware of Spotify’s policy, learning more about the data that’s being collected and who they are authorized in sharing it with.
As I take the time to reflect across my media usage from this day, I realize just how vulnerable we all are across our various accounts. Although I’m proud of the strides I’ve taken in recent years by adopting a password manager into my digital security practices, I realize that doesn’t make me immune to data leaks and that it is still recommended to change passwords regularly on one’s most used platforms. Another takeaway I learned from this exercise is becoming more diligent with reading privacy policies of services I sign up for. Previously, I would assume most of these privacy policies are the same across mainstream platforms, however, after my experience today, that turned out not to be true. Therefore, I will commit to reading these privacy policies upon signing up for any additional services in the future. There are some services I utilize so often however, where unless I discovered something overly-alarming in their policy, it most likely wouldn’t change my perception of the app or change my usage pattern. Spotify is a great example of this.
Ultimately, the most valuable lesson I took from this activity was taking my time when deciding who to give my data to via signing up for services. Even if the service seems reputable, the third party services they may be authorized to share your data with (outlined in their privacy policy) may not be as reputable or safe.