Firstly e-mail, especially given the recent revelation that Google, and probably other large mail providers allow third party apps to access and actually read your emails. You heard correctly, third party application providers are in some cases allowing not only algorithms but real people the ability to read your mail, all in the name of machine learning and supposedly giving you a better and more tailored experience going forward.
Now think about this, make a booking with an escort and potentially your mail app is letting someone somewhere read this on both you account and potentially the escorts as well, and do who know what with it. Google claims it has strict agreements in place with these app providers, but do we know they are being enforced? It also appears that this may not be something only big bad Google is doing, other mail providers like Yahoo and Microsoft could be doing the same thing we just do not know.
The solution, if of course simple, do not use third party mail apps
Stick with gmail’s own native app, or access it through a web browser, if your in the Apple ecosystem then using Apple’s own mail app is OK as well. This is the route we have taken here, all mail goes through Apple’s own apps, and Apple take security and privacy very seriously!
If you use forms on your website to collect information make sure your deleting old entries regularly. This information is usually held on a server somewhere, and therefore is potentially accessible to a determined hacker. If your using a third party to provide your forms, check their information retention policies, do they back up old data? If so make sure they delete anything they hold on your old forms. Deletion should mean deletion, and if your being prudent and deleting things it’s only reasonable to assume that they are just as discreet.
Next, if your an escort, agency or parlour with your own domain, do some checking as to what information is publically available. It is quite possible or likely, that your private information may be showing on a database somewhere, Google your work name see what comes up, or run a check using one of the many “whois” websites to see what information is held about your domain and it’s history. The new GDPR privacy regulations will clean this up in the future but it’s the legacy and possibly outdated information which may be out there that could cause a problem.
Now for pictures, yes good old harmless pictures, we have covered this briefly before but pictures contain what is called EXIF meta data, that is information embedded in each image about the camera and lens used, as well as possibly location, shoot date and cataloging information perhaps added by the photographer which could be your name when you booked the shoot. Any graphics programme or file manager app can read this so you need to at least be aware of the fact. If your concerned by this, there are programmes to remove or replace this information, ideally every image should have its EXIF data cleaned before upload, yet I would guess most if not nearly all do not.
There are many steps you can take, the email app problem above is probably the most worrying, and here at 69Design we now check every app we use, review its data policies and only use “safe” apps. We also store no historical data online, and now replace all images meta data with “vanilla” info ensuring your as covered as possible, even if your uncovered in the actual picture.
OK that’s it, as usual if your unsure or need help just get in touch and we will be happy to help.