Cyber Safe NJ

New Jersey Division of Consumer Affairs

CONTROLLING YOUR PRIVACY

Web browsers, mobile devices, and social networking sites have the ability to collect a great deal of information about their users – and to transmit that information to advertisers and other third parties, for whom that information is extremely valuable.

A recent study by KnowPrivacy found that consumers are overwhelmingly concerned about the collection of personal information and behavioral profiling, and that they wish to have greater control over how their information is collected and for what purposes it may be used. However, the study found that many consumers lack knowledge about how and to what extent personal data is collected.

The New Jersey Division of Consumer Affairs, with the Division of Law, has fought successfully to protect consumer rights in recent high-profile cases, such as:

Children's Mobile Apps: The Division filed actions against two separate mobile app developers, over apps that were marketed to children. In both cases, the apps allegedly collected personal information about child users, without obtaining verifiable parental consent. The first action, filed and resolved in June 2012, is believed to have made New Jersey the first state in the nation to file and resolve a lawsuit under the Children's Online Privacy Protection Act (COPPA) against a mobile app developer. Thee second action was resolved in November 2013.

Advertising Cookies: The Division in July 2013 obtained a $1 million settlement with an online advertising company that used hidden cookies allegedly to bypass the privacy settings of consumers' web browsers, without the consumers' knowledge or consent. New Jersey is believed to be the first state in the nation to take independent action with regard to an online advertiser accused of engaging in this practice.

Bitcoin-Mining Malware: The Division in November 2013 is believed to have made New Jersey the first state in the nation to enter into a settlement with a software company accused of using malicious software to infect thousands of customer computers, without their authorization, to mine for bitcoins. The company also was accused of accessing and monitoring its users' computer activities without authorization, even when they were not using the company's services.

History Sniffing: The Division in 2013 entered into a settlement with a data analytics firm, resolving allegations that it engaged in unlawful "history sniffing" to track websites visited by consumers without their knowledge or consent.

Google Settlement: New Jersey also served as a member of the Executive Committee that led a multi-state investigation into allegations that Google unlawfully circumvented the default privacy settings in Safari Web browsers. In November 2013, New Jersey joined with 36 states and the District of Columbia in the resulting $17 million settlement with Google.

Protect Your Privacy Online

  • Social Networking: Think Twice Before Posting: Remember that all electronic communications can be saved and viewed forever. And even the most private messages can be accidentally or maliciously shared with others. It is important to think twice before sharing anything via an electronic message, which includes the details on your social networking profiles, your tweets and status updates, entries on your personal blog, and even private emails or text messages. You may restrict access to your message with privacy settings – but someone you trust may still share your message beyond that limited group. Even if you are caught in the moment, stop and think about what you are posting. Consider how you would feel if it were seen by an employer, teacher, relative, or friend. Also consider the privacy of others, especially when posting a photo, video, or comment about a friend or relative. Remember, too, that messages can remain visible to web servers and search engines even after they have been deleted.
  • Social Networking: Evaluate Your Privacy Settings: Review the privacy settings and privacy policies of any and all social networks, blogs, and other venues on which you have a profile or post information. If you can't find the privacy settings, contact the website publisher and ask for this information.   Read through your privacy options, think carefully about them, and adjust your privacy settings to a level of sharing with which you feel comfortable. Consider whether your profile information, status updates, photos, and other information should be visible only to friends, and whether it is possible to restrict certain information only to specific individuals.  As noted above, however, keep in mind that anything you post, no matter how private, can be accidentally or maliciously shared with outsiders or made fully public on the internet. After adjusting your privacy settings, you should re-check them on an ongoing basis.  Some social networking websites have changed their privacy settings and policies over the years.  Some have been accused of deceiving their users by stating their information would be kept private, then allowing it to be made public.    If you suspect your privacy settings have been violated, or changed against your will, contact the New Jersey Division of Consumer Affairs.
  • Social Networking: Defend Against Phishing and Malware Attacks: Some social networking messages, ads, or friend requests may actually be phishing attacks – messages intended to fool you into giving away your personal information, or asking you to click on a link or an attachment that turns out to be malware. These, in turn, may expose you to identity theft. Always independently verify the authenticity of any message or invitation before you click on it. You should also be wary of third-party applications, such as games and quizzes on some social networking sites. These may expose your computer to malware, or collect and transmit information about you.
  • Mobile Apps: Smartphones and tablet computers are capable of tracking users' online activities and more. They may include a GPS that knows the device's current location, and a unique device identification (UDID) number that can never be turned off. A recent report by the Federal Trade Commission found that many children's apps include interactive features, such as connecting to social media; and many apps sent information to ad networks, analytics companies, or other third parties, without disclosing these practices to parents. Consumers should be wary of the information they provide to mobile apps. Parents should pay close attention to the apps their children use. Find out whether the apps include a privacy policy, and contact the app developer if a privacy policy cannot be found. If you suspect a mobile app has violated its privacy policy or has transmitted information about children without informing parents and obtaining parental consent, contact the New Jersey Division of Consumer Affairs.
  • Regularly Delete Cookies: In addition to setting your web browser to block third-party cookies, it is a good idea to regularly delete cookies and other cached or temporary files that may accumulate in your web browser. This will help prevent against unwanted tracking, and help prevent against malware.