The Dos and Don'ts of Consumer Privacy

Gen Z and Privacy

In honor of Data Privacy Day on January 28th, check out this week's tips on the dos and don'ts of consumer privacy. When has consumer privacy ever been more at the forefront than it is today? Between the ability to post information as fact across social networks, increasing occurrences of identity theft and periodic data breaches, consumer privacy and the protection of it has never been more topical.

The Dos and Don'ts of Consumer Privacy

What do we mean when we talk about consumer privacy? Historically, we’ve been talking about the handling and protection of sensitive, personal information that individuals provide during everyday transactions – your personally identifiable information, PII. This includes things like:

  • Name and address
  • Email address
  • IP address and cookies
  • Phone number
  • Racial identity
  • Religion and religious affiliation
  • Health and genetic data
  • Biometric data
  • Sexual orientation and gender preference

New on the scene, and important to protect is PI, personal information. This includes things like interests, likes, places you’ve visited, pictures, and browsing activity. Think about your Netflix activity. Your viewing activity on Netflix, enables Netflix to make relevant recommendations for what to watch next. Similarly, think about your Amazon shopping activity and how the products you view and buy can be used to create a better experience for you and other Amazon users.

While we’ve come to expect certain levels of privacy due to The Privacy Act of 1974, which prohibits the disclosure of an individual's records without their written consent, we’ve also come to expect protection from corporate America through the establishment of standards for privacy. “Notice and choice” became the standard for online advertising in the 1990s. Today, we have states and countries stepping in with more formal guidelines (and penalties) to protect consumer privacy.

Regulations like General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) are in place for the sole purpose of protecting all non-anonymized personally identifiable information (PII) and further curbing data misuse. Organizations that store or process personal information about “natural persons” (individual human beings) who are “data subjects” under GDPR — defined as European citizens who reside in an EU state — must comply. If you process data about individuals in the context of selling goods or services to European citizens in any EU country, then you need to comply with GDPR. 

Compliance includes appropriately securing personal data and allowing individuals to access, correct and even erase their personal data. As quoted within GDPR, “Where personal data are processed for the purposes of direct marketing, the data subject should have the right to object to such processing, including profiling to the extent that it is related to such direct marketing, whether regarding initial or further processing, at any time and free of charge. That right should be explicitly brought to the attention of the data subject and presented clearly and separately from any other information.”

While these laws and the general expectations for marketers are being raised higher and higher when it comes to consumer privacy,  no one has a greater responsibility and a greater personal interest in protecting our consumer privacy, than we consumers do. So, what can we do to protect our own privacy? Below is a list of some dos and don’ts to put the control in your hands.

1) Reduce unwanted solicitations.

When you give a company your name and address, you can expect that the information will be added to direct marketing lists and used by other companies to send you solicitations. Reduce these unwanted solicitations by registering with the Direct Marketing Association's Mail Preference Service or with dmachoice.org. You can still get ads from the companies you want, while eliminating the ads from companies you don’t want. Register with the National Do Not Call Registry. If you receive a call from a company with which you do business, ask to be placed on its internal "Do Not Call List."

2) Keep your social network activity private.

Whether it’s Facebook, Twitter, Instagram or a host of other social networks, you can determine who can see what you post.

  • Check your Facebook settings and make sure only friends can see what you’re doing. Go to the settings cog in the upper right-hand corner of your screen, then click on Privacy Settings >> Who can see my stuff.
  • On Twitter, click on the settings cog, then Settings. From there you can adjust a variety of privacy settings, such as a box that gives Twitter permission to add your location to tweets as well as the ability to make your tweets private, meaning only people you approve can see them.
  • On Instagram, click on the settings cog and manage account privacy such as who can see your photos and videos in the “Privacy and Security” setting.

3) Be smart about passwords.

Don’t use the same password for different accounts and don’t keep all your passwords saved behind a single password (like on your computer or phone). Get creative. Make your passwords complex, long and make sure they contain punctuation marks, numbers and other random symbols. Never post anything that will make it easier for a bad character to guess things about you. Don’t use your mother’s maiden name, the street you grew up on or anything else that people can find that out if they want to. But, this is easier said than done. It can be nearly impossible to remember a different password for each website or application so consider the use of a password vault or a password manager to not only remember your passwords but also generate strong and unique passwords and auto-populate for you. And, when offered the option to use multiple factor authentication, use it.

4) Use AdBlock, Even if You Don't Block Ads. 

You may have heard about adding extensions like AdBlock Plus, Disconnect, Ghostery, Privacy Badger and uBlock. And maybe you decided against using them because you want to get ads from the sites you visit, like and support. And let’s be honest, Ads are what enable the internet content to remain free. Most of these extensions will let you adjust settings to add URLs to a “whitelist” of sites that they won’t check so you can always receive ads from your favorite websites. These extensions can also keep you protected from malware spreaders. Using extensions like these are simple to implement and create that additional brick on the privacy wall.

5) Be wary of Phishers. 

Phishing is the fraudulent attempt to obtain personal and sensitive information, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication: emails, links within emails, text messaging, and websites. If anything seems out of the ordinary or suspicious, don’t click on it.

Remember, the most important thing you can do to protect your consumer privacy is to take control into your own hands and make it a priority. And remember, not all data collection is bad. In fact, providing data can support the relevant and individualized content you expect. But as a consumer, you have the right to protect your data too. The guardrails are being put into place as the access to data evolves, so take advantage of these tips and gain a better understanding of how your data is being used.

New call-to-action