Home of internet privacy https://www.expressvpn.com/blog/ The official blog of ExpressVPN Tue, 23 Jan 2024 06:37:47 +0000 en-US hourly 1 https://wordpress.org/?v=6.3.2 What can someone do with a stolen Social Security number? https://www.expressvpn.com/blog/what-can-someone-do-with-your-social-security-number/ https://www.expressvpn.com/blog/what-can-someone-do-with-your-social-security-number/#respond Tue, 23 Jan 2024 04:07:26 +0000 https://www.expressvpn.com/blog/?p=115799 Social Security card in the shadows.

And what to do if you think yours has been compromised.

The post What can someone do with a stolen Social Security number? appeared first on Home of internet privacy.

]]>
Social Security card in the shadows.

For Americans and also some non-Americans, a Social Security number is their de facto identification number within the U.S. It has become extremely important that people keep their SSN to themselves, only ever sharing it with government agencies who need it for identification purposes. That’s because if fallen into the wrong hands, a social security number could be used in all manner of identity fraud.

What is a Social Security number?

A Social Security number is a unique nine-digit identification number assigned to individuals in the United States by the Social Security Administration. It serves as a primary identifier for tracking individuals’ earnings and benefits throughout their lives.

The original purpose of a Social Security number is to administer the Social Security program, which provides retirement, disability, and survivor benefits to eligible individuals. It is also used for other government programs, such as Medicare and Medicaid, as well as for tax purposes.

A Social Security number is often needed for obtaining employment, opening bank accounts, applying for credit or loans, and accessing government services. A paper card bearing the number is issued to individuals and serves as proof of their SSN.

What can you do with a social security number?

People living in the U.S. are asked to provide their social security number for various reasons that are usually financial in nature but also purely as identification. Here are some examples:

  • Employment: When you start a new job, you typically need to provide your SSN to your employer for tax and wage reporting purposes.
  • Government benefits: Your SSN is used to determine eligibility and administer various government benefits, such as Social Security retirement benefits, disability benefits, and survivor benefits.
  • Tax filing: Your SSN is used to file income tax returns with the Internal Revenue Service (IRS) and to track your tax obligations and refunds.
  • Financial accounts: Banks and financial institutions may require your SSN when opening new accounts, such as checking or savings accounts, credit cards, loans, or mortgages.
  • Credit applications: Lenders and credit agencies may request your SSN when you apply for credit, such as loans, credit cards, or financing for major purchases.
  • Education: Your SSN may be used by educational institutions for administrative purposes, such as enrollment, financial aid, and student loan applications.
  • Healthcare: Healthcare providers, insurance companies, and government healthcare programs like Medicare may use your SSN for identification and billing purposes.
  • Driver identification: You might need to present your social security card when obtaining a driver’s license to prove who you are.

How does Social Security theft happen?

Here are a few possible ways someone could steal your Social Security number to be aware of. Understanding these methods will help you avoid becoming a victim. 

Phishing attacks

Phishing is when someone tricks you into thinking they are someone you could trust, as a way to persuade you to divulge personal information that’s useful to them. An attacker could send you an email or message that appears to be from a legitimate organization, such as a government agency, financial institution, or trusted service provider. They might then trick you into filling out a fake form online that asks for your social security number.

Stolen wallets containing Social Security cards

You don’t need your Social Security card in daily life, so it is not recommended to carry it around. Obviously, the risk is that you’ll have it stolen. Keep it in a safe place at home and only take it out when someone like a bank requests to see it. 

Mail stolen from the trash

Thankfully, the risk of mail containing your Social Security number is decreasing, due to laws restricting the inclusion of it on any document or package sent by physical mail, unless required for specific reasons. However, those specific reasons might apply to you (for instance, where there is no other way to prove your identity), and some mail senders might not follow the law. Be sure to shred your mail rather than throwing it directly into the trash.

Data breaches

If an organization keeps your Social Security number in a database that’s not properly secured, an attacker could potentially steal it in a data breach. A data breach could be achieved with advanced hacking skills, or the attacker could use social engineering, deceiving an employee to reveal passwords and other ways to access the data.

Unscrupulous employees

Workers in companies or agencies that have access to Social Security numbers could record this information for sale.

More often than not, stolen Social Security numbers end up sold on the dark web—for not even that much money. We’re talking single-digit dollars.

Read more: How much is your data worth on the dark web?

What can someone do with your Social Security number?

So what exactly are the dangers of having your Social Security number stolen? In many cases, more than a Social Security number is needed, but it’s still a massive hassle and harm for victims if any of the following happen to them.

File a fraudulent tax return

Fake tax returns are a major issue, with the IRS flagging more than 1 million tax returns for potential identity theft in 2023’s tax season. Scammers use your information, including your Social Security number, to file a tax return as you early in the season and wait for the refund to arrive.

Steal your government benefits

Someone could use your Social Security number to file unemployment claims and collect the benefits, or access your existing unemployment account to change the payment information, whether it’s the bank account number or the mailing address.

Obtain credit cards or loans in your name

Someone pretending to be you could get a credit card or loan, with the bills going to the real you while they go on a spending spree. When someone applies for a credit card, for instance, the issuer will ask for a Social Security number, along with other personal information like your name, address, and date of birth. A government-issued photo ID is usually needed, so the impersonator might have bought it on the dark web bundled with your SSN.

Open a bank account in your name

Similar to getting a credit card, an identity thief could use your SSN and other personal information and ID to open a bank account. They may use it to deposit illegal funds or make big withdrawals that you’ll be held responsible for. This could all impact your credit score.

Get medical care using your benefits

While care providers like hospitals and clinics don’t need your social security number, it might help a fraudster access your medical insurance to get some of their bills (incurred while impersonating you) paid for. Moreover, their activities could create incorrect medical records for you, leading to problems in your future medical care. 

Withdraw money from your bank account

This is everyone’s financial nightmare. While banks require someone to provide lots of information to prove their identity, like one-time codes sent to their phone, for instance, a social security number does get a fraudster that much closer to being able to control the money in your account.

Get a fraudulent driver’s license

In order to issue you a driver’s license, the DMV usually requires proof of legal name and date of birth (like a passport), proof that you’re in the country legally, and proof of address. The department also needs your social security number but this can be proven electronically (the physical card is not needed). So a fraudster who has all of the above could get a driver’s license in your name. Any fines or incidents could then end up pinned on you.

Open a phone account

When buying a mobile phone or phone plan, the customer could be asked to provide a Social Security number. The alternative could be paying a deposit. So for the impersonator getting a phone under your name, not having to pay anything is ideal.

Saying they’re you if they get caught committing a crime

An identity thief could claim they are you if they get caught for a misdemeanor or traffic violation, or even when getting arrested. There are also cases where a crime is committed under someone else’s identity, leading to the arrest of the identity theft victim.

How to check if your Social Security number has been stolen

Whether you suspect something is up or just want to stay vigilant, there are ways to examine whether there have been signs of your Social Security number being used by someone else.

Keep an eye on your accounts

Easier said than done, but it’s always a good idea to monitor your financial accounts, insurance claims, utilities, etc., to make sure all activities are ones you’ve authorized. Of course, suspicious activity doesn’t necessarily mean your Social Security number has been used. But it would alert you to a problem, whether it’s just an error or someone posing as you.

Review your credit reports

You are entitled to a free copy of your credit report from each of the three major credit bureaus (Equifax, Experian, and TransUnion) once a year. You can request your reports online at AnnualCreditReport.com, which is the official website authorized by the U.S. government. Check that your contact details, credit accounts, payment history, inquiries by lenders or creditors, and public records (bankruptcies, tax liens, civil judgments) are as expected.

Set up and check your mySocial Security account

mySocial Security is an online portal provided by the Social Security Administration (SSA) that allows users to monitor their Social Security benefits. If you have an account, check it from time to time to make sure your earnings history and contact information are correct. By the way, organizations like AARP suggest setting up an account to prevent a scammer from doing so in your name. 

Warning signs that your Social Security number has been stolen

While the following are all signs that someone might be using your identity, you have to also make sure any unexpected notices or letters are genuine and not themselves part of a scam to get your personal information.

  • Anything incorrect on your credit reports
  • Letters or calls from creditors when you don’t owe money
  • A change-of-address notification from the post office, when you did not request any such change
  • Statements for accounts you didn’t open
  • Tax notifications that don’t seem right
  • A company verifying your eligibility to work when you haven’t applied for a job
  • Even getting arrested for a crime you did not commit

What to do if your Social Security number is being used for identity theft

If you are fairly sure someone has your Social Security number and is using it for fraudulent activity, the U.S. government has a comprehensive list of steps to take. Which steps you take will depend on what your identity has been used for. Here are a few of the main ones to follow:

1. Report the theft to identitytheft.gov

This site belonging to the Federal Trade Commission is the federal government’s one-stop resource for identity theft victims. Once you describe what happened, it will take you through the next steps you should take. It provides streamlined checklists and sample letters to guide you through the recovery process. 

2. Contact bank and credit card companies

Contact their customer service or fraud department through the appropriate channels, such as their dedicated fraud hotline or email address. Depending on the severity of the identity theft, your bank may recommend freezing or closing the affected accounts to prevent further fraudulent activity.

3. Freeze your credit reports

Contact the three credit reporting agencies and ask them to place fraud alerts and a credit freeze on your accounts. Examine your credit reports to look for discrepancies. 

4. File a police report

Tell the police someone stole your identity. Make sure you ask for a copy of the police report. It might be helpful when you report the issue to other agencies or companies.

5. Close any new accounts opened in your name

If you’ve found any new accounts opened in your name listed in your credit report, call up each company to explain that someone stole your identity and request that it be closed. These could range from bank accounts to utilities and student loan accounts.

Can someone access your bank account with your Social Security number?

It’s unlikely they could access your account with your Social Security number alone. Banks usually verify identities using multiple pieces of information, such as previous address, mother’s maiden name, etc. In person, a bank might require your ID and use biometrics (like fingerprinting or facial recognition). But a Social Security number is certainly one of those items and can help a thief gain access.

Can you change your Social Security number if it’s been stolen?

It is possible to change your Social Security number under limited circumstances, and that includes identity theft, when the victim has attempted to fix problems resulting from the misuse but continues to be disadvantaged by using the original number.

Is it safe to give someone your Social Security number?

It is not safe to give your Social Security number to anyone who doesn’t absolutely need it. Entities that commonly need your number include the Social Security Administration; the Department of Motor Vehicles for getting a driver’s license; your employer for tax purposes; financial institutions like banks; the Internal Revenue Service for tax matters; universities; insurance providers.

However, there is no law prohibiting a company or organization from asking you for your Social Security number. You could refuse to provide it, but they could also refuse you service.

The post What can someone do with a stolen Social Security number? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/what-can-someone-do-with-your-social-security-number/feed/ 0
How to delete your Google search history https://www.expressvpn.com/blog/how-to-permanently-delete-your-google-history/ https://www.expressvpn.com/blog/how-to-permanently-delete-your-google-history/#comments Sun, 21 Jan 2024 09:53:59 +0000 https://www.expressvpn.com/blog/?p=15120 How to permanently delete Google search history

And prevent Google from saving your activity in the future.

The post How to delete your Google search history appeared first on Home of internet privacy.

]]>
How to permanently delete Google search history

It might know you better than you know yourself. It knows every smartphone you’ve thought about buying, video you’ve watched on YouTube, every embarrassing ailment you’ve suffered. It’s your Google Activity (formerly known as Google Web & App History) and, unless you’ve deleted your search history, it knows everything you’ve searched for dating back to 2005.

Google uses all this data to construct a profile about you, including your age, gender, languages, and interests, and filters search results and ads for you based on your profile. Might be  clever, but this is also an incredible loss of your privacy.

This post will teach you how to permanently delete your Google history.

Warning: If you use G Suite (formerly Google Apps for Work) at your job, it is vital that you find out your company’s acceptable use and data retention policies before you delete anything!

Jump to…

How to first download your Google search history
How to delete all your Google activity
How to set auto-delete for Google activity
How to stop Google from saving your search history or activity in the future
How to delete your browser search history on a computer
How to delete your browser search history on a mobile
Delete individual items in your browsing history
Delete your Google Maps search history
What happens when you delete and disable your Google search history
Do more to stay private as you browse

How to first download your Google search history

Google’s Takeout feature lets you download data from all of the Google products you use, including your Google Search history, Gmail, Calendar, Chrome, Google Photos, Maps, and more. Here’s how to use Takeout to download all your Google data.

  1. Go to the Google Takeout “Download your data” page and select the data you’d like to download. By default, all of the boxes are selected. Select Next step.

Google Takeout to export Google data.

2. Choose where you want to save your files, whether you want to set your account to export files regularly or just once, file type, and file size. Then select Create export. Google will put together the files you’ve requested, a process that could take a few minutes to a few days.

Google Takeout Create Export.

3. Google will send you an email once the exporting is complete with a link to view your archive.

Now that you’ve downloaded an archive of your data, you’re ready to delete your history.

How to delete all your Google activity

Use these steps to delete data about all your Google activity, including your searches, video searches, and any ads you’ve clicked on across all your devices.

Delete your Google activity on your computer

1. Go to the My Activity page, select Delete activity by on the left-hand menu.

Select “Delete activity by”

2. You can choose how far back you want to delete your Google search history and activity. Select All time from the range of options to delete everything.

Delete all your Google data

3. Choose which Google services to delete your search history and activity from. Click the Select all option or specify the services, then click Next.

Message from Google before you delete

4. Google will ask you if you want to confirm that you would like to delete your activity. Select Delete.

Confirmation screen before deleting app activity for all time

5. Your screen should now say “Deletion complete.” Click OK.

No activity will appear.

Delete your Google search history and activity on your mobile device

  1. On your Android or iOS device, go to myactivity.google.com on a browser.
  2. Tap Menu > Delete activity by.
  3. Below “Delete Activity” tap All time.
  4. When asked which services to delete your activity from, make sure the Select All box is ticked.
  5. Tap Next > Delete.

How to set auto-delete for Google activity

You can have some of your Google activity deleted automatically after a set time period. This ensures your history is cleared while still offering the convenience of keeping it for a short time to help you find what you’ve looked at recently.

  1. Go to myactivity.google.com
  2. At the left, select Data & privacy.
  3. Under History settings, select an activity or history setting you want to auto-delete.

Google Activity History settings

4. Select Auto-delete.

Auto-delete Google Activity.

5. Using the drop-down menu, choose how long you want to keep your activity before deletion > NextConfirm to save your choice.

Auto-delete duration.

How to stop Google from saving your search history and activity in the future

Google doesn’t provide a way to permanently disable it from saving your activity, but you can hit pause. Use these steps to hit pause on Google saving your activity.

  1. Go to the My Google Activity page.
  2. Select a section, like Web & App Activity. If a section is “Off,” your activity is already not being saved and you don’t have to do anything.

My Google Activity page.

3. Select Turn off. Choose Turn off in the drop-down menu. You may also choose to Turn off and delete activity if you haven’t deleted your activity yet.

Google turn off web and app activity.

4. You’ll be shown a screen informing you that new activity won’t be saved to your account, but Google still uses other methods to personalize your experience. Select Got it.

Web & App activity is off.

How to delete your browser search history on a computer

Even after clearing your Google history, your browsing activity could still be saved on your computer. If you don’t want anyone who has access to your computer snooping on what you’ve been browsing, clear your browser history, too.

Delete your search history in Safari

  1. In a Safari browser, navigate to the taskbar at the top of the screen, and click History.
  2. In the drop-down menu, click Clear History at the bottom.
  3. You can select the date range for stored Google searches to delete. To clear your entire browser search history, select all history, then click Clear History.

Delete your search history in Firefox

  1. Open a Firefox browser, navigate to the taskbar at the top of the screen, and click History… 
  2. In the drop-down menu, click Clear Recent History… 
  3. In Time range to clear:, select Everything
  4. To clear your entire browser search history, tick the appropriate box, as well as the boxes for any other information you want to clear from your history.  
  5. Click Clear Now

Delete your search history in Chrome and Chromium

  1. In a Chrome browser, click the three vertical dots (⋮) in the top-right of the screen. 
  2. In the drop-down menu, click Settings
  3. Scroll down to Privacy and security, click Clear browsing data.
  4. From the time range drop-down menu, select All time. Tick the box for Browsing history, and any other information you want to clear. 
  5. Click Clear data.

Delete your search history in Brave

  1. In a Brave browser, click the three horizontal lines (≡) in the top-right of the screen. 
  2. In the drop-down menu, click Settings
  3. Scroll down to Privacy and security, click Clear browsing data.
  4. From the time range drop-down menu, select All time. Tick the box for Browsing history, and any other information you want to clear. 
  5. Click Clear data.

Delete your search history in Microsoft Edge

  1. In an Edge browser, click the ellipses (…) in the top-right of the screen. Select Settings.
  2. On the left, click on Privacy, Search, and Services.
  3. Under Clear browsing data, click Choose What to Clear
  4. From the time range drop-down menu, select All Time. Tick the boxes for the information you want to clear from your browsing history.  
  5. Click Clear Now.

How to delete your browser search history on a phone or tablet

Delete your Safari search history on an iPhone or iPad

  1. Open Settings, scroll down and tap Safari.
  2. Scroll down and tap Clear History and Website Data. The setting should turn gray once your browser search history, cookies, and cache have been deleted. 

Delete your Chrome search history on an iPhone or iPad

  1. In a Chrome browser, tap the menu button (≡) at the bottom of the screen (on iPad, the menu will be at the top right).
  2. Tap More and then History from the bottom panel.
  3. Tap Edit 
  4. Select the entries you wish to delete
  5. Tap Delete
  6. Tap Done

Delete your search history on an Android device

  1. In a Chrome browser, click the three vertical dots (⋮) in the top-right of the screen. 
  2. Depending on what you see in the drop-down menu:
    1. tap More if you don’t see History OR
    2. tap History
  3. Tap Clear browsing data.
  4. From the time range drop-down menu, select All time. Tick the box for Browsing history, and any other information you want to clear. 
  5. Click Clear data.

Delete individual items in your browsing history

Each browser is slightly different, but you can choose which items to delete and which to save. In general, browsers have a History page that lets you select specific browsing activity followed by a delete button, rather than choosing to clear all data.

As an example, for Chrome:

  1. Click the three vertical dots (⋮) in the top-right of the screen. 
  2. In the drop-down menu, click Settings
  3. Click History, then select History again.
  4. Choose the specific items you’d like to delete
  5. Hit Delete at the top right of the page.

Delete your Google Maps search history

To see your Maps history before you delete your search history, follow the steps below.

  1. On your Android or iOS device, open the Google Maps app (or just Maps) and sign in.
  2. Tap your profile picture > Settings > Maps history.

On your computer

  1. Open Google Maps and sign in.
  2. Click ☰ in the search bar > Maps activity.
  3. To delete individual items: Next to the entries you want to delete, click Remove.
  4. To delete a group of items: On the right, click Delete. You can specify to delete based on a date range or specific dates, as well as all activity.

On your mobile device

  1. On your Android or iOS device, open the Google Maps app and sign in.
  2. Tap your profile picture > Your data in Maps > Web & App Activity: See & delete activity.
  3. To delete individual items: Next to the entries you want to delete, click Remove.
  4. To delete a group of items: On the right, click Delete. You can specify to delete based on a date range or specific dates, as well as all activity.

What happens when you delete and disable your Google search history

It’s important to understand the consequences of clearing your Google search history.

By default, Google personalizes your search results based on your search activity. So if you’ve clicked in certain websites and certain types of content more than others, Google will start ranking that content higher in its search results for you.

If you delete and disable your Google search history, then your returning search results will be broader and less specific to you. Many people prefer not to receive personalized search results, because they want more diverse information, not just ones the algorithm thinks they’re interested in. It’s also creepy to be tracked, of course.

Do more to stay private as you browse

Deleting your Google search history is a great first step. Now if you really want to step up your internet privacy game, here are more steps you can take:

  1. Use a privacy-focused search engine. Instead of Google, choose a search engine that won’t track you, such as DuckDuckGo.
  2. Use a privacy-focused browser. Chrome is popular but it’s owned by Google and does its best to track you. Some of the best private browsers are Firefox and Brave.
  3. Download a VPN app. ExpressVPN hides your real IP address from websites you visit. It also encrypts your activity, keeping it private from your internet service provider and other snoops.

The post How to delete your Google search history appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/how-to-permanently-delete-your-google-history/feed/ 2
Where do 2024 U.S. presidential candidates stand on privacy, surveillance, and AI? https://www.expressvpn.com/blog/2024-us-presidential-candidates/ https://www.expressvpn.com/blog/2024-us-presidential-candidates/#comments Tue, 16 Jan 2024 23:00:54 +0000 https://www.expressvpn.com/blog/?p=111428

Make sure you cast an informed vote.

The post Where do 2024 U.S. presidential candidates stand on privacy, surveillance, and AI? appeared first on Home of internet privacy.

]]>

Staying informed about the 2024 presidential election is an important aspect of being a voter, even for those abroad who might need to rely on a USA VPN to access campaign news. It’s equally important to be aware of candidates’ positions on privacy issues as our lives become increasingly more connected.

As the 2024 U.S. presidential election approaches, party candidates are fiercely campaigning for the nomination. Their positions on hot-button topics like abortion rights, taxes, war, and gun control are well-publicized, but their views on privacy in the digital era aren’t as well-defined.

In the age of big data and artificial intelligence, it’s more important than ever for voters to understand where their preferred candidates stand on issues like mass surveillance, AI, and cybersecurity. These topics have the potential to revolutionize our society, but they also pose significant risks to our civil liberties.

We delve into a few of the leading 2024 presidential candidates’ views on critical aspects of privacy, and what their potential policies would mean for Americans if they’re elected president.

Who’s running for president in 2024?

In the 2024 United States presidential race, at the time of publishing, 9 candidates were vying for the highest office. This includes two Republicans, three Democrats, and three independent candidates. Notably, the spotlight remains on the familiar faces from the 2020 election: President Joe Biden and former President Donald Trump. 

Among the Democratic contenders, President Biden faces only two challengers: Marianne Williamson and Dean Phillips. On the Republican side, notable figures in the race include  Nikki Haley and Ryan Binkley.

In the independent category, Robert F. Kennedy Jr., Cornel West, and Jill Stein round out the roster. The 2024 United States elections are scheduled for Tuesday, November 5, 2024.

Jump to…

The importance of digital governance

Where do Biden and Trump stand?

Where do other U.S. presidential hopefuls stand?

The importance of digital governance

Digital governance is the use of information and communication technologies (ICTs) to improve the efficiency, effectiveness, and accountability of public institutions and services. It can also foster citizen participation, inclusion, and empowerment in the decision-making processes that affect their lives.

Digital governance is becoming increasingly important when it comes to American civil liberties as ICTs are now used in virtually every aspect of government operations, from delivering services to citizens to making policy decisions. 

While several components fall under digital governance, here are key aspects that voters should consider in the 2024 presidential race:

Privacy and mass surveillance

Privacy is a fundamental human right. It allows us to control our own information and to make choices about how it is used. Mass surveillance, on the other hand, is the collection of data about large numbers of people—usually without their knowledge or consent. Mass surveillance can potentially harm free speech and can lead to the persecution of minority groups.

In the U.S., the National Security Agency (NSA) has the legal authority under Section 702 of the Foreign Intelligence Surveillance Act (FISA) to collect electronic communications without warrants for national security purposes. This has historically included data from tech companies and internet traffic.

Artificial intelligence

AI is a rapidly advancing technology with the potential to transform many aspects of our lives. It also presents risks, such as bias, discrimination, and privacy concerns, particularly with the rise of deepfake technology. Voters need to know how candidates plan to use AI in government, including what regulations and safeguards they propose to address these risks and protect individual privacy.

Digital inclusion

Digital inclusion is the ability of all people to access and use digital technologies. Digital technologies are essential for participation in society and the economy. Voters should consider how the candidates plan to ensure that all Americans have access to the digital technologies they need.

Cybersecurity

Cybersecurity is essential for protecting government systems and data, as well as the personal information of citizens. Voters should consider how the candidates plan to strengthen cybersecurity and protect the government and its people from cyberattacks.

Where do Biden and Trump stand?

As the two leading candidates for the 2024 Democratic and Republican presidential primaries, with both having held a seat in the Oval Office, we examine Biden and Trump’s stances on digital governance.

Joe Biden (D)

Privacy and mass surveillance 

Navigating the delicate balance between national security and privacy, President Biden’s administration has shown support for the Foreign Intelligence Surveillance Act (FISA) Amendments Act of 2008, specifically Section 702. As mentioned above, this important legislation empowers the NSA to conduct extensive surveillance. While argued as essential for national security, this move has also sparked substantial debate. Critics, especially privacy advocates, express concern over the implications for civil liberties, particularly regarding the warrantless surveillance of American citizens. Interestingly, this stance marks a departure from Biden’s previous objections to such surveillance measures.

The Biden administration is also endorsing a comprehensive financial surveillance system, aimed at curbing tax evasion, indicating a propensity to use surveillance tools for regulatory purposes. While intended to address financial malpractices, these measures also raise questions about their impact on financial privacy and the extent of governmental intrusion into private transactions.

AI 

In the realm of artificial intelligence, President Biden has taken a proactive stance. His executive order on AI is a significant leap towards a balanced approach, prioritizing the development of AI that is safe, secure, and trustworthy. 

This executive order is part of a broader strategy to position the United States at the forefront of AI innovation. It involves establishing foundational standards and guidelines that govern the development and use of AI. These standards are designed to ensure that AI technologies benefit society as a whole while mitigating potential risks, such as biases and discrimination.

A key aspect of Biden’s approach is the focus on combating AI bias. The executive order addresses the risks of irresponsible AI use, which can lead to discrimination in areas like justice, healthcare, and housing. 

Digital inclusion 

Digital inclusion is a cornerstone of the Biden administration’s agenda, propelled by the Bipartisan Infrastructure Law. This law funnels substantial investments into programs like the 42.45 billion USD Broadband Equity, Access, and Deployment (BEAD) program and the 2.75 billion USD Digital Equity Act (DE Act). These initiatives represent a concerted effort to bridge the digital divide, enhance digital literacy, and ensure widespread access to technology.

We’re committed to working with all who share those values to shape the rules of the road that are going to govern our progress in the 21st century, including on issues of cybersecurity and emerging technologies so that future generations continue to reap the benefits of liberty and democracy, as we have.

Cybersecurity 

The National Cybersecurity Strategy aims to protect various critical sectors and imposes cybersecurity regulations on sectors like electric utilities and nuclear facilities. This strategy is expected to extend minimum requirements to other vital sectors as well. Additionally, it emphasizes more aggressive regulation to secure critical systems such as banks, electric utilities, and hospitals. A key aspect of this strategy is shifting the responsibility for preventing cyberattacks from individuals to large corporations.

Donald Trump (R)

Privacy and mass surveillance 

Trump’s approach to privacy and mass surveillance heavily favored security and intelligence gathering, often overshadowing digital privacy and civil liberties. His campaign and presidency underscored this priority, advocating government surveillance of specific groups and aligning with practices that broadened the U.S. government’s surveillance reach. 

We will invest heavily in offensive cyber capabilities to disrupt our enemies, including terrorists who rely heavily on internet communications.

Trump’s administration, entering a political climate ripe for surveillance expansion, maintained a critical view of the NSA’s operations under the Obama administration, suggesting an acceptance of robust surveillance powers. His stance on encryption and internet privacy, particularly his signing of a bill that repealed the Federal Communications Commission’s online privacy protections, indicates a preference for surveillance and intelligence over individual privacy rights.

AI 

Trump’s presidency was marked by active engagement in advancing AI. The February 2019 launch of the American Artificial Intelligence Initiative and executive orders to integrate AI into government operations and expand the AI talent pool in the federal government underscored his commitment to establishing the U.S. as a leader in AI development.

Digital inclusion 

Addressing the broadband gap, especially in rural areas, was a key focus during Trump’s administration. Efforts included leveraging federal assets for rural broadband deployment and streamlining federal permitting processes. An executive order was issued to facilitate these efforts, reflecting a targeted approach to reducing the digital divide and promoting digital inclusion in underserved areas.

Cybersecurity 

Trump made concerted efforts to advance U.S. cybersecurity during his presidency. The signing of an executive order in May 2017 to fortify federal network cybersecurity and the creation of the Cybersecurity and Infrastructure Security Agency (CISA) marked significant advancements. 

The administration’s approach to international cybersecurity, particularly in preventing foreign technology companies from gaining influence, and upgrading the U.S. Cyber Command to a unified combatant command, was central to its strategy. These actions aimed to establish a robust defense against cyber threats from adversarial states. Yet, the administration also drew criticism for its handling of election security and the spread of online disinformation, actions that were perceived as undermining the democratic processes they were meant to protect.

Where do other U.S. presidential hopefuls stand?

In the race for the 2024 U.S. presidency, the spotlight often misses how candidates, who haven’t yet served in the Oval Office, view critical issues like digital governance and privacy. While their positions on mainstream topics like the economy, healthcare, and national security are frequently discussed, their views on digital governance often remain in the background.

To get a clearer picture of where these presidential hopefuls stand on the rights of Americans in the digital realm, we focus on their perspective on the NSA. The NSA’s role in surveillance and intelligence gathering offers a window into how these candidates might balance national security with individual privacy rights.

Nikki Haley (R)

Haley’s approach to privacy and social media emphasizes national security concerns. She has proposed mandating social media users to verify their identities with their legal names to counter anonymous posts she views as national security threats. She argues that this measure would help combat misinformation and division spread by foreign bots using anonymity. However, her proposal has been met with criticisms over potential infringements on privacy rights and the historical value of anonymous speech in the U.S. Acknowledging these concerns, Haley later clarified that her issue is primarily with foreign adversaries, not anonymous American users exercising free speech.

Every person on social media should be verified by their name. [An anonymous comment] is a national security threat because it can spread misinformation.

In terms of NSA surveillance, Haley advocates for privacy protections, opposing the collection of basic metadata from citizens’ phone calls without a warrant demonstrating probable cause of criminal activity. This stance reflects her preference for safeguarding privacy rights and ensuring government surveillance is conducted with strict legal adherence.

Jill Stein (I)

Stein’s stance on privacy and surveillance is critical of the NSA’s metadata collection program. She views this program as a stark infringement on civil liberties and privacy rights. Advocating for stringent legal oversight, Stein believes that the NSA should only collect basic metadata from citizens’ phone calls if backed by a warrant showing probable cause of criminal activity. This position underscores her commitment to upholding privacy rights and ensuring that surveillance activities are conducted within the bounds of the law.

We have become the most surveilled population in history, and the potential for abuse is enormous.

Similar to Ramaswamy’s stance, Stein has stated that if elected president, NSA whistleblower Edward Snowden would have a role in her cabinet. By aligning with Snowden, who exposed extensive global surveillance programs, Stein highlights her prioritization of privacy. 

Ron DeSantis (R) – Dropped out

DeSantis’ views on privacy and the NSA reflect a cautious stance towards government overreach. He has expressed opposition to the NSA’s warrantless collection of citizens’ phone call metadata, advocating for the protection of Americans’ right to privacy. 

Our Digital Bill of Rights will ensure Floridians are protected from the overreach and surveillance we have seen from Big Tech companies.

Further emphasizing his commitment to digital privacy, DeSantis—who has since dropped out of the running for president—has championed a Digital Bill of Rights in Florida. This initiative aims to safeguard residents from invasive tech practices, exemplified by his ban on TikTok and other foreign-linked platforms on state government devices. Additionally, his policies seek to curtail Big Tech’s potential influence on free speech and political discourse, as evidenced by his measures to ensure transparency in social media content moderation and to prevent the unjust de-platforming of political candidates. 

Vivek Ramaswamy (R) – Dropped out

Even though he dropped out of the presidential race on January 16, Ramaswamy’s stance on privacy and government transparency is centered around supporting whistleblower rights. He has stated his intention to pardon Wikileaks founder Julian Assange and whistle-blower Edward Snowden, viewing Snowden’s actions of exposing government surveillance as “heroic.” 

[Snowden] took a risk that he didn’t have to take in order to actually expose to the public what the public did not already know, and change that would not have happened in terms of delivering accountability to the government.

Additionally, Ramaswamy opposes the government exerting pressure on social media companies to censor political speech. He advocates for the preservation of free expression, voicing concerns about government overreach in digital communication spaces. This stance reflects a commitment to protecting individual rights to privacy and free speech, emphasizing a balance between government oversight and personal liberties. 

Chris Christie (R) – Dropped out

Chris Christie’s presidential campaign underscores a strong commitment to national security, often at the expense of privacy concerns. He advocates for the NSA’s robust surveillance capabilities, including the reinstatement of the metadata collection program. This stance reflects his belief that national security needs outweigh the debates surrounding individual privacy rights. Christie has consistently defended the NSA’s spying powers, even amid criticism, highlighting his support for expansive intelligence-gathering measures.

The end of the metadata program has made America weaker and more vulnerable. If Republicans in Congress really want to do something to protect American families, they should fight for the restoration of the metadata program and not take no for an answer.

In contrast to libertarian views, Christie argues for enhanced military and surveillance capabilities, challenging opponents of the Patriot Act and similar legislation. He regards concerns over government surveillance as exaggerated, focusing instead on the importance of these measures in combating terrorism.

Cenk Uygur (D) – Dropped out

Cenk Uygur approaches the issue of privacy and surveillance with a critical perspective, particularly regarding the NSA and its collection of Americans’ data. He expresses deep skepticism about the NSA’s integrity in managing the vast surveillance data it accumulates, including information on U.S. citizens. Highlighting alleged instances of abuse, such as NSA agents using their access to surveil ex-partners, Uygur questions the government’s trustworthiness in handling personal data that constitutionally should be private.

Intelligence shouldn’t be a danger to the values of the republic it purports to serve.

His stance reflects a broader apprehension about government overreach and a lack of accountability in handling personal information, emphasizing the need for stronger safeguards against privacy invasions.

What do you think of each presidential candidate’s stance? Let us know in the comments below. 


Disclaimer: The information provided in this article has been compiled through research from a wide variety of reputable sources. These sources include Wikipedia, executive orders from the White House, articles from news organizations such as Slate, ACLU, Reason, Forbes, Daily Dot, Reuters, National Geographic, Brookings, Politico, AP News, and others, as well as official blog posts from organizations like the National Skills Coalition and the National Telecommunications and Information Administration (NTIA).

ExpressVPN is not affiliated or associated with any of the political parties mentioned in these sources. We aim to present this information impartially and solely for informative purposes. We are committed to providing accurate and balanced content to our readers, without any intention of influencing or swaying public opinion or political stances.

The post Where do 2024 U.S. presidential candidates stand on privacy, surveillance, and AI? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/2024-us-presidential-candidates/feed/ 2
Is DuckDuckGo safe? https://www.expressvpn.com/blog/is-duckduckgo-safe/ https://www.expressvpn.com/blog/is-duckduckgo-safe/#respond Tue, 16 Jan 2024 05:34:18 +0000 https://www.expressvpn.com/blog/?p=115167 alt="Is DuckDuckGo Safe in 2024?"

Find out if we recommend using DuckDuckGo for web searches.

The post Is DuckDuckGo safe? appeared first on Home of internet privacy.

]]>
alt="Is DuckDuckGo Safe in 2024?"

Yes, DuckDuckGo is safe to use. Known for its commitment to not tracking users, it offers greater user privacy than widely used search engines like Google, Yahoo, and Bing. In fact, we frequently name it as the best search engine for privacy. However, privacy and security are not absolute, and users should still be aware of the privacy risks while using DuckDuckGo. 

Jump to…
What is DuckDuckGo?
Can you be tracked on DuckDuckGo?
9 advantages and disadvantages of DuckDuckGo
DuckDuckGo vs. other search engines
How to use DuckDuckGo safely

What is DuckDuckGo?

Founded in 2008 by Gabriel Weinberg, DuckDuckGo is a tech company that’s known for its flagship product: the DuckDuckGo search engine. DuckDuckGo’s core philosophy is simple: your data is yours alone. If you don’t willingly hand over your personal info, the search engine won’t hoard it. 

Its staunch commitment to user privacy sets it apart because, unlike more mainstream search engines—like Google, which is used for about 85% of searches worldwide—DuckDuckGo doesn’t track or store your queries. This means greater privacy for users, along with significantly fewer ads in search results. This privacy-focused approach has made DuckDuckGo the default search engine for Tor (The Onion Router), known for its anonymous browsing capabilities.

DuckDuckGo also makes a browser, offering greater privacy while you visit websites, not just while searching. Its browser blocks third-party trackers from companies like Google and Facebook, and does more to conceal your activity from the sites you visit (such as the previous site you visited). However, this article is primarily about the search engine.

Read more: Best private search engines for secure and anonymous browsing

Can you be tracked on DuckDuckGo?

DuckDuckGo’s privacy policy boldly proclaims “We don’t track you. That’s our Privacy Policy in a nutshell.” Because it does not record user information, it cannot create a history of a user’s search queries or the sites they browsed. “Viewing search results on DuckDuckGo is anonymous.” In contrast to Google’s business practices, DuckDuckGo says it has “never sold any personal information. Period.”

So DuckDuckGo isn’t tracking you. What about third parties? Are your searches safe from them? There are ways for someone to track what you’ve searched for—but they require the intruder to have access to your device or for you to reveal your information directly. 

When you can’t be tracked

  • No data collection: DuckDuckGo differentiates itself from other search engines like Google by not collecting user data. When you perform a search, you are completely anonymous to DuckDuckGo, with no history.
  • Secure search transmission: DuckDuckGo uses the POST method for search queries, enhancing transmission security compared to the standard GET method used by many search engines. This reduces tracking and data leakage risks.
  • HTTPS encryption: DuckDuckGo ensures you’re visiting a site with HTTPS encryption if it’s available, which secures data during transmission.

When you can be tracked

  • Activity saved to your device: The encryption provided by DuckDuckGo doesn’t extend to data stored locally on your device. This means that your local search history can still be accessible and trackable on your end.
  • Visual tracking on DuckDuckGo: Certain user interactions within DuckDuckGo, like clicked links changing color (i.e. going from white to grey), are visually trackable on your device:


  • User input on external sites: If you share personal information while using DuckDuckGo, like signing up for services or entering data on websites, these actions can lead to tracking by those external sites. DuckDuckGo doesn’t track your personal information, but it can’t control external site behaviors.

DuckDuckGo’s past tracking concerns 

DuckDuckGo’s policy firmly states no collection or sharing of personal information, even if you willingly choose to share it with them. However, in the past, DuckDuckGo’s browser allowed some Microsoft trackers as part of a syndication agreement. This raised concerns among users about the level of privacy offered. The issue was resolved in August 2022, with DuckDuckGo enhancing its privacy measures to disallow Microsoft tracking scripts in its browsing apps and extensions. However, despite the resolution, the incident highlighted the need for ongoing transparency in privacy-focused services.

9 advantages and disadvantages of DuckDuckGo

DuckDuckGo is renowned for its commitment to user privacy, but like any technology, it has its strengths and weaknesses. Understanding these can help you appreciate the search engine’s value and understand its limitations.

Pros Cons
1. HTTPS by default: DuckDuckGo employs HTTPS encryption which forces sites you visit to use an encrypted connection wherever possible.  1. Local device vulnerability: DuckDuckGo’s encryption doesn’t extend to data stored on your device, which can still be accessed and tracked.
2. No search leakage: By using the POST method for searches and not sending referrer headers, DuckDuckGo minimizes the risk of your search terms being shared. 2. External site data sharing: While DuckDuckGo doesn’t track your information, external sites can still track data if you share personal details on them.
3. No stored user data: The search engine doesn’t track or store user data, and only stores the necessary data for basic functions like spelling corrections and search suggestions.  3. Some tools function suboptimally: Certain integrated tools, like Apple Maps, may not perform as effectively as their counterparts in other search engines.
4. Global Privacy Control (GPC): This feature sends a legally binding request to sites not to collect or sell user data, offering more enforceable privacy than standard Do Not Track (DNT) requests. 4. Slower organic search results: DuckDuckGo’s commitment to privacy, which includes not tracking or storing user data, can lead to less optimized and slightly slower search responses compared to engines that personalize results using user data.  
5. Private search: DuckDuckGo follows a no-logs policy, ensuring no user-identifiable data like IP addresses or search queries are stored. Through its Privacy Essential extension, DuckDuckGo also blocks intrusive ads.  5. Reliance on Bing: DuckDuckGo largely sources its search results from Bing, which might be a downside for users who don’t like Bing search results.
6. Privacy Grade rating: DuckDuckGo evaluates websites for their privacy practices and assigns a Privacy Grade, aiding users in making informed decisions about the sites they visit. 6. Limited privacy with “!bang” feature: DuckDuckGo’s !bang allows quick searches on specific sites directly from the search bar. However, this convenience comes with a privacy trade-off. For example, searching Google through !bang is similar to searching directly on Google, where your searches and data may be tracked.
7. Content Security Policy (CPS): DuckDuckGo’s CSP also prevents your browser from accessing any known malicious sites. 7. Search terms in URL: DuckDuckGo shows search terms in the URL, unlike some private engines that encrypt URLs. This can be a privacy concern, as it makes search terms visible and potentially accessible in browser history or to anyone with access to your device.
8. Pure search results: DuckDuckGo provides unbiased search results not influenced by user location or browsing history. The search engine also offers a single endless scroll instead of multiple pages.  8. Search terms in browser history: Since search terms appear in the address bar, they’re also recorded in browser history. This could compromise privacy, especially if steps to clear history or use private browsing modes aren’t consistently taken.
9. Burn bar: Available via DuckDuckGo’s mobile app, this fire symbol allows for the easy erasure of browsing data and cookies after each session. 9. Optional location sharing: DuckDuckGo allows optional sharing of approximate location for localized results. While it doesn’t share specific details like IP or identifiable information, this feature might raise privacy concerns for some users.

DuckDuckGo vs. other search engines

Choosing the right search engine and web browser isn’t just about finding information quickly. It’s a balance between protecting your privacy and enjoying a feature-rich online experience. To help you weigh the trade-offs between the two, we’ve compared DuckDuckGo, Google, Bing, and Yahoo:

Feature DuckDuckGo Google Bing Yahoo
Privacy  High (doesn’t track or store user data) Low (collects extensive user data) Low (collects user data) Low (collects user data)
Search personalization  None (no user data used) High (tailored results based on user data) Moderate (uses some user data) Moderate (uses some user data)
User experience Simplified, privacy-focused Intuitive and integrated with other Google services Visually appealing with unique daily background images Customizable interface with news and other features
Unique features !Bangs for direct website searches; one-scroll experience Integrated services like Google Maps, Google Workspace Strong video indexing; Bing Rewards program Integrated with Yahoo’s other services like Yahoo Mail
Local search and geo-targeting  Basic (general region estimation) Advanced (precise location targeting) Moderate Moderate
Search verticals Web, Image, Video, News, Maps Extensive (Web, Image, Video, etc.) Web, Image, Video, News, Maps Web, Image, Video, News, Maps
Advertising Based on search results, not the user Targeted based on user data Targeted with an option for rewards Targeted based on user data
Video search experience  Basic Integrated with YouTube Preview and playback features Basic
Web browser DuckDuckGo Browser (privacy-focused) Google Chrome (feature-rich, integrated) Microsoft Edge (integrated with Windows, Rewards) No dedicated browser

How to use DuckDuckGo safely

Even though DuckDuckGo is renowned for its privacy focus, ramping up your safety game is always a smart bet. The most straightforward way to do this? Pair DuckDuckGo with a high-quality VPN like ExpressVPN.

When you use a VPN with DuckDuckGo, your internet connection becomes a fortress. It’s not just about hiding your searches; a VPN encrypts all your browsing activity and app uses. This setup creates a shield against data-hungry internet service providers, nosy Wi-Fi admins, and lurking hackers, ensuring that your traffic is known only to you.

What’s your go-to search engine and why? Share your thoughts in the comments below.

The post Is DuckDuckGo safe? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/is-duckduckgo-safe/feed/ 0
How to use a VPN to change your Google Play country https://www.expressvpn.com/blog/how-to-change-google-play-store-country-with-vpn/ https://www.expressvpn.com/blog/how-to-change-google-play-store-country-with-vpn/#respond Fri, 12 Jan 2024 13:28:05 +0000 https://www.expressvpn.com/blog/?p=112790 How to change your Google Play Store country with a VPN

Your Google Play account affects what you see on the Play Store. Here’s how to change your account country.

The post How to use a VPN to change your Google Play country appeared first on Home of internet privacy.

]]>
How to change your Google Play Store country with a VPN

It’s no secret that what you see on the Play Store is tied to your Google Play country, which could be preventing you from installing apps you really want. But changing your region isn’t as straightforward as you might think. Not to worry—we’ve got you covered with everything you need to know about changing your Google Play country with a VPN.

Before you start, here are some important caveats to note:

  • You can only change your Google Play country once every 12 months.
  • If your account has a payment method linked to it, you’ll need a valid payment method from the country you intend to change to. If you don’t have a payment method for the new country, you may want to create a new account instead and leave off any payment method.
  • If your existing account doesn’t have any payment method linked to it, you may proceed to change the country without it. 
  • Since app availability varies between countries, you may lose access to some apps and content. 
  • If you have Google Play Pass, your subscription only transfers if your new country also supports Play Pass. Otherwise, you won’t be able to install new Play Pass apps and games, though you’ll still have access to past downloads.
  • Your Google Play balance is tied to your current country and can’t be used in your new country. Be sure to make the most of your funds before you switch, unless you intend to revert to your old country later on.
  • Similarly, your Google Play Points and level won’t carry over to your new country. 

You’ll also need to install the ExpressVPN app on your device before you begin. Don’t have a subscription yet? Signing up is quick and easy, and every plan comes with a 30-day money-back guarantee.

Jump to…

Instructions for Android
Instructions for desktop
Best VPN for changing Google Play country
Why is my VPN not working with Google Play?
Should I use a free VPN with Google Play?

Change Google Play country with a VPN on mobile

Step 1: Choose a VPN server in your desired country

Launch the ExpressVPN app, then connect to a VPN server in the country you intend to change your Google Play account to. Users who wish to switch to the U.S. Play Store, for example, simply need to connect to any U.S. server location.

How to change Google Play Store country with VPN on mobile

Step 2: Go to your Google Play profile

Open the Google Play Store app, then tap your account icon in the top right.

How to change Google Play country with a VPN on Android

Step 3: Navigate to the Country and profiles setting

Now, you’ll need to get to the right screen within your Play Store settings. Tap Settings > GeneralAccount and device preferences > Country and profiles. You should see an option to change your Play Store country. Simply tap it to switch your country.

How to change Google Play country with a VPN on Android

Note: If you don’t see this option, you may need to refresh your Google Play Store app data first. To do so, open your Android’s Settings, then tap Apps > Google Play Store > Storage > Clear Data. This doesn’t delete any of your apps or in-app data—it simply ensures that the Play Store reflects your new IP address. Then, follow the steps above once more.

Step 5: Add your new payment method (if applicable)

If your account has a payment method tied to it, you’ll have to add your new payment method from the country you’re switching to. 

If you don’t have one, you might want to sign up for a new Google Play account instead.  Simply select “Skip” when you’re prompted to input a payment method.

Step 6: Confirm that your country has been changed

Re-open the Google Play Store app. If the change was successful, you should be able to browse apps and content from your new country!

Note that it may take up to 48 hours for your profile to be fully updated.

Change Google Play country with a VPN on PC

The steps for changing your Google Play country on desktop are rather different—you’ll have to create a new payment profile for the country you intend to switch to. Here’s how to do so.

Step 1: Go to your Google payments center settings

Open your Google payments settings. Under Country/Region, click the pencil icon, then select Create new profile.

How to change Google Play country on desktop

How to change Google Play country on desktop

Step 2: Set up your new profile

You’ll be brought to a new page to create a new payments profile. Click Continue. When prompted, select the country you wish to switch to from the drop-down list, then click Continue.

On the next screen, input an address from the country you intend to switch to. This can be any address, including homes, businesses, hotels, and other public buildings. Once you’re done, hit Submit, and your new payments profile will be created.

Step 3: Choose a VPN server in your desired country

Launch the ExpressVPN app, then connect to a VPN server that matches the country you’ve chosen in Step 2. For example, if you set up a payments profile in the U.S., simply connect to any U.S. server location.

How to change Google Play country on desktop

Step 4: Confirm that your country has been changed

Simply open the Google Play Store within your browser. If the change was successful, you should be able to browse and download apps and content from your new country!

Note that it may take up to 48 hours for your profile to be fully updated.

What is the best VPN for changing country on Google Play?

When it comes to choosing a VPN for Google Play, you’ll need one that works seamlessly on your device(s) and has secure VPN servers in the country you wish to switch to.

ExpressVPN is the best VPN for changing your Google Play country, with reliable servers in 105 countries so you can easily connect to the country you want from anywhere. A single subscription covers up to eight devices at once, including your Android device, computer, and smart TV.

Why do I need a VPN for the Google Play Store?

If you’re looking to switch your Google Play account region without actually moving to your intended country, you’ll only be able to do so with a VPN. A VPN can also benefit you in other ways:

  • Keep your data transmissions private from third parties like your internet service provider
  • Enjoy better security with strong encryption for all your online traffic
  • Reduce tracking by hiding your real IP address and location as you browse
  • Defeat censorship on any network

Learn more about how a VPN helps improve your everyday experience.

How to download ExpressVPN

ExpressVPN has native apps for just about every device, so it’s incredibly easy to get set up. You can download ExpressVPN on the Google Play Store or Apple App Store, or view our detailed guide on installing for your device here.

Why isn’t my VPN working with Google Play?

If you’ve followed the steps above and were unable to change your Google Play country, it might be due to the following reasons:

  • You’ve changed your country within the last 12 months.
  • Your Play Store app might need to be updated.

However, if you’re having issues using ExpressVPN, please get in touch with our 24/7 Support team.

Should I use a free VPN for Google Play?

While free VPNs might not take your money upfront, they may make you pay in other ways. Many free VPNs track your activity, contain intrusive ads, and can leave you vulnerable to data leaks and cyberattacks.

There is no free VPN that can match up to all that ExpressVPN has to offer, and you can even try us risk-free for 30 days with our money-back guarantee. Here’s what you’ll get with ExpressVPN vs. a typical free VPN:

ExpressVPN Most free VPNs
Monthly data limit Unlimited 10GB
Number of countries with servers 105 <10
Customer support 24/7 live chat Email
Compatible devices All popular devices Desktop and mobile
Tracks your online activity Never Maybe
Simultaneous connections 8 1
Custom VPN protocol Lightway None

 

The post How to use a VPN to change your Google Play country appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/how-to-change-google-play-store-country-with-vpn/feed/ 0
Tech Friend: How can I block YouTube Shorts on my kids’ phone? https://www.expressvpn.com/blog/tech-friend-how-can-i-block-youtube-shorts-on-my-kids-phone/ https://www.expressvpn.com/blog/tech-friend-how-can-i-block-youtube-shorts-on-my-kids-phone/#respond Fri, 12 Jan 2024 08:28:05 +0000 https://www.expressvpn.com/blog/?p=112551 Tech Friend looks at how to block YouTube Shorts.

Just like TikTok videos, Shorts are addictive and provocative—while usually not offering much by way of useful information.

The post Tech Friend: How can I block YouTube Shorts on my kids’ phone? appeared first on Home of internet privacy.

]]>
Tech Friend looks at how to block YouTube Shorts.

Tech Friend is our advice column covering cybersecurity, privacy, and everyday technology. Email your question to techfriend@expressvpn.com. If you have questions about your ExpressVPN subscription or need troubleshooting help, please contact Support.


How can I block Youtube Shorts on my kids’ Android phone?

Submitted by: A.H.

The reasons to avoid YouTube Shorts are obvious. Just like TikTok videos, they are addictive and provocative—while usually not offering much by way of useful information. 

This is in contrast to traditional YouTube videos, which offer tutorials and in-depth discussions about myriad topics. Which is why it’s frustrating that YouTube is peppering its site and app with Shorts in its search results, in addition to listing Shorts prominently as its own section that you can’t just remove from the interface.

It’s especially confounding if you are a parent who wants to prevent your kids from whiling away the day flipping through Shorts, when that’s likely not what they set out to do in the first place. 

First we’ll look at ways to prevent seeing Shorts on the YouTube site and app, then get into what a parent can do to control their kids’ YouTube use.

How to block YouTube Shorts

If you want to avoid Shorts, there are a few ways to achieve that.

On desktop, use browser extensions that block Shorts. There are various browser extensions out there that can block Shorts across YouTube, such as Hide YouTube Shorts (for Chrome). Install it, and Shorts will disappear from YouTube in your browser. While this is the most effective method to hide Shorts, it is only for desktop browsers, so it won’t solve the problem on phones. (We aren’t affiliated with any extensions for blocking Shorts.)

Disable the YouTube Shorts “shelf” on your YouTube home page for 30 days. Note that this method is simple but only affects your feed on the YouTube home page, not the rest of the site. Go to the home page, scroll down until you get to the row of Shorts, then select the “X” on the right side. It tells YouTube that you aren’t interested in Shorts, and the section will be disabled for you for 30 days.

With the Android app, revert to an older version of YouTube (not recommended). While you can’t do this on an iPhone, if you use an Android, you can try installing an older version of YouTube, from before the days of Shorts. That’s YouTube version 14.12.56 or earlier, to be exact. But we don’t recommend this method, since old versions of apps are outdated in their security. 

Use YouTube ReVanced on Android. We are not affiliated with the ReVanced app and cannot endorse its use, but this is how you can avoid Shorts on Android. Always research apps and check that you’re comfortable with their privacy policy and security reputation before installing. This method has numerous steps, requiring you to download three APKs from their respective websites: ReVanced Manager, MicroG, and YouTube. ReVanced applies patches to YouTube, with dozens you can choose from, including the removal of Shorts from your feed and modifications to the layout so the Shorts buttons are hidden. However, it does not block Shorts entirely. Instructions are here.

How to block YouTube Shorts on your child’s phone

The two ways listed above to keep YouTube while disabling YouTube Shorts on an Android are both imperfect. Reverting to an older version of YouTube on Android comes with security risks. Using the ReVanced app will make a difference to the YouTube layout and feed, but Shorts are still accessible in other parts YouTube, and your child could remove the patches if they are savvy enough.

This leaves the option of blocking YouTube entirely, both the app and the website, which can be done using the Family Link app for Android phones and Screen Time for iPhones. 

See Google’s guide for blocking a site and removing an app using Family Link, and Apple’s guide for blocking a site and removing an app using Screen Time.

Parents might be hesitant to block YouTube entirely, given that its vast collection of videos does provide plenty of helpful information and unobjectionable entertainment. Unfortunately, these are the only options YouTube has left us with.

Other ways to restrict YouTube on a child’s device

Even if you can’t get rid of YouTube Shorts, there are various ways to tailor what your kid can see on YouTube. We’ve compiled these tips for parents.

Parental controls with YouTube Kids. With YouTube Kids, parents can set up a separate account for different children and control what they have access to on a granular level. You can do this via the Family Link app or the YouTube app. Here are the main settings:

  • Pick an age range. This is the most basic setting with minimal customization. Choose from three age ranges (4 and under; 5 to 8; 9 to 12), and the videos shown will be age-appropriate insofar as YouTube’s automated system can get it right.
  • Block certain channels. Don’t want your kids getting shown toy-unboxing videos? Choose specific channels to block from their account. (Unfortunately, you can’t block specific topics.) 
  • Handpick approved content. This is the most granular way to control what your kids watch. Specify channels or even videos that are permitted; everything else is blocked. Search is also disabled if you use this feature.

Parental controls with YouTube supervised experience. If you have teenagers, you can tailor their viewing with a supervised account. However, it’s not totally straightforward. You must have started supervising their accounts prior to them turning 13 in order to continue to do so past age 13. And in most countries, kids can choose to manage their own account once they turn 13, although they could allow you to keep supervising—you would ask them to let you do so, for instance, as a condition of their phone use.

With supervised accounts, you can block specific channels, review your child’s watch history, disable autoplay, and control how YouTube recommends videos. You can also choose the “content level,” with three options: Explore (for 9 and older), Explore More (13 and older), and Most of YouTube (which excludes videos for 18+).

Other settings in YouTube. Even if you don’t use parental controls, there are ways to adjust what YouTube shows to you, your child, or anyone else on a device. Even though these settings can be undone by the user, younger kids likely won’t be aware of them (and teenagers might not mind). 

  • Restricted Mode. This basic setting will block content that might be considered offensive or unsuitable for children. Read more about this setting.
  • Exclude specific channels from recommended videos. As your kid watches YouTube, if you notice videos cropping up that you don’t like, remove those channels from the recommendation feed by selecting the three dots under the video and choosing “Don’t recommend channel”.
  • “Like” videos to influence recommendations. For instance, if you want your child to encounter an educational channel more, hit the thumbs-up button to signal you want more of it.

Yes, parenting is complicated in the digital age

While parents can have open discussions with their kids about social media addiction and healthy internet use, it should be the responsibility of services like YouTube to give users more options, such as to turn off Shorts. Instead, parents are left to face yet another uphill digital battle surrounding devices and screen time. 

By the way, parents, we wanted to let you know that we’ve recently added an ad blocker and an adult-site blocker to the ExpressVPN apps at no extra cost. All you have to do is enable those features and ensure the VPN is turned on for the blocks to work. One of the best ways to use them is on our Aircove router: Turn on the features, and all devices using Aircove Wi-Fi, including your kids’, will be covered.

The post Tech Friend: How can I block YouTube Shorts on my kids’ phone? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/tech-friend-how-can-i-block-youtube-shorts-on-my-kids-phone/feed/ 0
DNS vs. VPN vs. Smart DNS: What’s the difference? https://www.expressvpn.com/blog/dns-vs-vpn-vs-smart-dns-whats-the-difference/ https://www.expressvpn.com/blog/dns-vs-vpn-vs-smart-dns-whats-the-difference/#respond Wed, 10 Jan 2024 06:13:28 +0000 https://www.expressvpn.com/blog/?p=112178 dns-vpn-smart-dns-v2

A VPN does everything Smart DNS can do and much more. So are there cases where you’d want to use Smart DNS instead?

The post DNS vs. VPN vs. Smart DNS: What’s the difference? appeared first on Home of internet privacy.

]]>
dns-vpn-smart-dns-v2

In this guide, we look at what DNS, VPN, and Smart DNS are, so that you can decide which of these technologies to use.

Jump to…

What is a DNS server, and what does it do?
Is changing your DNS legal?
Is it safe to change your DNS?
What is a smart DNS, and what does it do?
Pros and cons of a smart DNS
What is a VPN, and what does it do?
Pros and cons of VPNs
DNS vs. smart DNS vs. VPN: When to use each one?

DNS vs. Smart DNS vs. VPN

While VPNs and Smart DNS are tools you can employ to alter your internet experience, DNS is not—rather, it is simply a part of the internet. Let’s start with a comparison table before delving deeper into the differences.

DNS Smart DNS VPN
Main function Translates domain names into IP addresses. Selectively redirects DNS queries through a proxy server. Encrypts internet traffic and routes it through a remote server.
Privacy Limited privacy protection. Limited privacy protection. Strong privacy protection by masking your real IP address.
Security Basic security No significant security enhancements. Enhanced security through encryption.
Data logging Depends on the provider. Depends on the provider. Depends on the provider.
Cost Usually free.  Often free, but paid services tend to work better. Sometimes free, but paid services offer better security and reliability.
Effects on speed The DNS server you use can affect internet speeds.  Often speeds up internet.  Can slow down internet or speed it up by reducing throttling.

 

VPN, DNS, and smart DNS are quite different tools with distinct purposes. Comparing these three technologies is like comparing apples to oranges. DNS is a foundational element of the internet, VPN is a security tool, and Smart DNS is a workaround for geo-blocking.

What is a DNS server, and what does it do?

DNS, or Domain Name System, is the internet’s address book system, and it’s used whenever you do anything online.

A DNS translates human-readable website names like google.com into machine-readable IP addresses that computers can understand. Without DNS, we would have to memorize long strings of numbers to access every website, making the internet a far more cumbersome place.

If you haven’t changed any settings, you’re probably using the DNS your ISP (Internet Service Provider) supplied.

Yes, changing your DNS to any public DNS server is legal. This is because DNS is a fundamental part of the internet infrastructure designed to be open and accessible. There are many public DNS servers available, including Google Public DNS (8.8.8.8 and 8.8.4.4), CloudFlare DNS (1.1.1.1 and 1.0.0.1), OpenDNS (208.67.222.222 and 208.67.220.220), and Quad9 (9.9.9.9 and 149.112.112.112).


There are a few reasons you may want to change your DNS. For example, you could use a DNS server that is faster or more reliable than your ISP’s DNS server. Consider using a DNS server that is more privacy-focused, such as one that does not collect data about your browsing activity.


In general, there are no restrictions on changing your DNS. There are a few exceptions, such as that some ISPs may block access to specific DNS servers.

Overall, changing your DNS is a safe and legal way to improve your internet experience. However, it is crucial to be aware of the potential risks and to choose a DNS server that is reputable and trustworthy.

Is it safe to change your DNS?

Yes, it is generally safe to change your DNS settings. In fact, switching to a public DNS server like Google Public DNS or Cloudflare DNS can improve your internet experience by making your browsing faster and more reliable.

Public DNS servers are often more reliable than your ISP’s DNS server, which means that you are less likely to experience downtime or errors when you are trying to access websites. There might also be increased levels of privacy. 

What is a DNS leak? 

A DNS leak refers to situations where you don’t want your internet service provider to see your DNS queries (i.e., the websites you’re looking at) but that information is leaked nonetheless. 

There are two main types of DNS leaks:

Standard DNS leaks: These occur when your device sends DNS queries to your ISP’s DNS server, even though you are using a VPN. This can happen if your VPN is not configured properly or if your device is bypassing the VPN.

IPv6 DNS leaks: These occur when your device sends DNS queries over an IPv6 connection, even though your VPN is only configured for IPv4. This can happen if your device is not properly configured for IPv6 or if your ISP is blocking IPv6 traffic from your VPN.

To prevent DNS leaks, you can take the following steps:

Make sure that your VPN is configured properly: Check your VPN settings to make sure that DNS leak protection is enabled. You may also need to configure your VPN to use specific DNS servers, although most reputable VPNs (like ExpressVPN) prevent DNS leaks automatically.

Use a DNS leak testing tool: There are several DNS leak testing tools available online, like BrowserLeaks and DNS Leak Test, that can help you identify and fix DNS leaks. Use these if you want to be 100% sure.

Disable IPv6: If you are not using IPv6, you can disable it in your device’s settings. This will help to prevent IPv6 DNS leaks.

What is a smart DNS, and what does it do?

Smart DNS is a technology that redirects your DNS queries through another server in a different region, making it appear as if you were in another country. It’s like if you were using a phone book from another country to get the IP address you want to get to.

This could help you bypass geo-restrictions on some online content. Unlike Virtual Private Networks (VPNs), smart DNS only reroutes DNS requests, enabling faster speeds and broader device compatibility. However, it doesn’t provide the same level of security and privacy as VPNs.

How does Smart DNS work?

Smart DNS works by selectively rerouting specific DNS queries through a server you wouldn’t normally use, called a proxy server. This primarily serves two purposes:

Access geo-restricted content: Smart DNS can help you access streaming services or websites that are restricted to specific regions. For example, if you are located in the United States, you could use a Smart DNS to access BBC iPlayer, a streaming service that is only available in the United Kingdom.

Improve browsing speed: By routing DNS queries through a proxy server, smart DNS can sometimes improve browsing speed by optimizing DNS lookup times. This is because proxy servers are often located in different geographic locations than your local DNS server, and they may have faster connections to the root DNS servers.

Pros and cons of a smart DNS

Pros:

  • Can speed up your internet, which is helpful for streaming or gaming
  • Can help you bypass geo-restrictions by making you appear to be in a different country
  • Low cost and sometimes free

Cons:

  • Usually have to set up manually
  • Not easy to change locations; have to set it up every time you want to change locations
  • Does not offer any encryption
  • Does not replace your IP address

How to use Smart DNS 

Setting up and using Smart DNS is easy, but you generally do have to do it manually. Here’s a step-by-step guide: 

1. Choose a Smart DNS provider 

There are many different Smart DNS providers available, so it is important to choose one that is reputable and has a good track record. ExpressVPN, for example, has MediaStreamer, a DNS service. It comes with an ExpressVPN subscription. You’ll get better security and privacy by using the VPN rather than MediaStreamer, but MediaStreamer comes in handy on devices where you can’t install a VPN.

2. Sign up for a Smart DNS account 

Once you have chosen a smart DNS provider, you must sign up for an account. This will typically involve providing your email address and creating a password. You may also be asked to provide your payment information, if a subscription fee is required.

3. Set up your device 

The specific steps for setting up your device will vary depending on the smart DNS provider you chose and the device you are using. However, the general process is as follows:

  • Log in to your Smart DNS account.
  • Find the device setup instructions for your device.
  • Follow the instructions to enter your smart DNS provider’s IP addresses into your device’s DNS settings and save your changes.

4. Test your smart DNS

Once you have set up your device, you should test your smart DNS to ensure it works properly. You can do this by accessing a geo-restricted website in your area. If you can access the website, then your smart DNS is working properly.

Is a Smart DNS proxy legal?

Yes, using a smart DNS proxy is legal in most countries. Smart DNS proxies simply redirect your DNS queries to specific servers, allowing you to bypass geo-restrictions on certain websites. They do not encrypt your traffic or hide your IP address, and usually, they do not raise any legal concerns.

However, while using a Smart DNS in itself isn’t illegal, what you do while using one could be. For example, it could be a violation of a site’s terms of use to use any method to bypass geo-restrictions on copyrighted content. 

Overall, it is generally legal to use a smart DNS proxy in most countries. However, there are a few exceptions to this rule, and you should be aware of the laws in your country before using a smart DNS proxy to access geo-restricted content.

What is a VPN, and what does it do?

A VPN is an easy-to-use tool to protect your internet traffic by creating a secure and encrypted connection over the internet. Whenever you connect to a VPN server, your data goes through an encrypted tunnel that nobody can see into, including hackers, governments, and even your internet service provider, making it impossible for any third party to observe what you do online.

It also increases your privacy by giving you a different IP address. This change in IP can make you appear to be in a different country, allowing you to break through censorship.

How does a VPN work?

A VPN works by creating an encrypted and secure channel between your device and the server you’re trying to connect to. When you connect to the internet through a VPN, your data is firstly encrypted, and only then it’s transmitted through the VPN server.

This encryption ensures that your online activities can’t be seen by third parties, thereby protecting your data from snoops. Additionally, a VPN can mask your IP address, allowing you to browse the internet with greater anonymity. It also enables users to bypass geographical restrictions by appearing as if they are connecting from a different location of your choosing.

Pros and cons of VPNs

Pros:

  • Encrypts your connection, keeping your transmissions private from your internet service provider
  • Easy to use, often with an app
  • Changes your IP address, allowing you to appear to be in a different country so you can bypass censorship or restrictions on school or office Wi-Fi
  • Can prevent some cyberattacks, including those over unsecured Wi-Fi

Cons:

  • High quality ones cost money
  • Can slow down your internet slightly

How to use a VPN service

Using a VPN is a great way to protect your online privacy and security. Here is a step-by-step guide on how to use a VPN. 

1. Choose a VPN provider

There are many different VPN providers available, so it is important to do your research and choose one that is reputable and has a good track record. ExpressVPN, for example, has an extensive network of servers, easy-to-use VPN apps, and a proprietary protocol called Lightway, which ensures strong encryption without sacrificing speeds.

2. Sign up for a VPN account

Once you have chosen a VPN provider, you must sign up for an account. This will typically involve providing your email address and creating a password. You may also be asked to provide your payment information, as most VPN providers charge a subscription fee.

3. Install the VPN app

Once you have downloaded the VPN app, you will need to install it on your device. This is a straightforward process that is similar to installing any other app.

4. Connect to a VPN server

The VPN app will display a list of VPN servers that you can connect to. Choose a server that is located in the country where you want to access content from. For example, if you want to access content that’s only available in the U.S. or Canada, you’d have to pick a server in either of those countries.

5. Check if you’ve connected successfully

You know you’ve been properly connected to the right server when you’re able to access a website or content that’s only available there.

What’s the difference between Smart DNS and a VPN?

Smart DNS and VPNs can both allow you to access content not available in your region. However, they differ in their approach and functionality.

Smart DNS primarily allows you to access content with fast speeds on streaming platforms, social media sites, or gaming networks. It achieves this by redirecting DNS queries for those websites to servers located in regions where the content is not restricted. It can speed up your connection if the DNS servers are faster.

VPN, on the other hand, creates a secure tunnel for all your internet traffic. It encrypts your data and routes it through a VPN server located in a different region. This masks your actual IP address and makes it appear as if you are accessing the internet from the VPN server’s location. 

In other words, a VPN provides privacy and security benefits, while Smart DNS does not.

DNS vs. smart DNS vs. VPN: When to use each one?

As we’ve covered, a DNS, Smart DNS, and VPN are quite different. However, we can find distinct use cases for each, depending on your specific needs.

It’s best to use regular DNS for the following cases: 

  • You want to browse normally
  • You need to connect at fast speeds
  • Don’t have a particular need for security

It’s best to use Smart DNS for the following cases: 

  • You want to access geo-restricted services
  • The device you want to use to access geo-restricted content isn’t compatible with VPNs
  • You need fast connection speeds
  • You don’t have a particular safety or privacy concern

It’s best to use a VPN for the following cases: 

  • You want an easy way to access all content and enjoy greater anonymity while browsingYou’re connecting from high-censorship countries
  • You want to connect to public Wi-Fi securely
  • Privacy and security are your top priorities

In summary, if you’re looking for a simple solution to access content or websites based on locations, a smart DNS can help you. However, if you’re looking for something more secure and robust, a VPN is a better choice. Many premium providers, like ExpressVPN, also offer smart DNS and other security features like a password manager, providing a more comprehensive suite of tools for a better internet experience.

The post DNS vs. VPN vs. Smart DNS: What’s the difference? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/dns-vs-vpn-vs-smart-dns-whats-the-difference/feed/ 0
10 scams you should know about in 2024 https://www.expressvpn.com/blog/10-scams-you-should-know-about-in-2024/ https://www.expressvpn.com/blog/10-scams-you-should-know-about-in-2024/#respond Mon, 08 Jan 2024 03:33:45 +0000 https://www.expressvpn.com/blog/?p=110746 scams-to-look-out-for-in-2024

“Hello, this is the IRS…”

The post 10 scams you should know about in 2024 appeared first on Home of internet privacy.

]]>
scams-to-look-out-for-in-2024

  • As scams become increasingly sophisticated, with tactics like AI-powered voice cloning, staying vigilant and aware of evolving threats is crucial to protect yourself in 2024.
    v
  • Some of the top scams in 2024 to look out for include easy online job scams, government account takeover scams, and deepfake and AI scams. Find out how they work and how to spot them.
    v
  • Find out the various psychological tactics that scammers use to lure victims into falling for their scams.
    v
  • Being vigilant and practicing a healthy level of skepticism is the best way to protect yourself from scams. Using a VPN for Chrome when browsing online hides your real IP address, so scammers know less about you.
    v
  • Bonus: Look out for six sure-fire signs of a scam. 

As we enter 2024, scams continue to evolve with increasingly sophisticated tactics. 

In 2023, we witnessed the rise of the “pig butchering” scam, in which scammers gradually built trust with their victims before enticing them into ever-larger cryptocurrency investments, only to disappear with their money. 

Additionally, using AI technology to create voice cloning scams marks a new era in fraudulent activities. This technology allows scammers to produce highly convincing audio simulations, impersonating familiar voices to trick people into disclosing confidential information or making financial transfers.

These advancements underscore the importance of staying vigilant against the latest tricks up scammers’ sleeves. Whether it’s the lure of easy money, government account takeovers, or the manipulative use of generative AI, scammers are relentlessly finding new ways to exploit our vulnerabilities. 

To better understand these threats and how to protect yourself—because, let’s face it, getting scammed isn’t part of anyone’s New Year’s resolutions—we turned to Aaron Engel, ExpressVPN’s Chief Security Information Officer. Engel sheds light on potential scamming trends in 2024 and provides essential tips for safeguarding against these increasingly complex schemes.

Jump to…

Navigating the surge of scams in the U.S.
Staying ahead of scams: 10 scams to look out for in 2024
1. Easy online job scams
2. Government account takeovers
3. Deepfakes and the use of generative AI
4. Peer-to-peer (P2P) payment scams
5. Package delivery scam
Other scams to be aware of in 2024
Understanding the psychology of what makes people fall for scams
What are the warning signs of a scam?

Navigating the surge of scams in the U.S. 

In recent years, the U.S. has seen an alarming surge in scams, with a sharp increase in financial losses due to fraudulent activities. A Federal Trade Commission (FTC) report reveals a staggering loss of over 8.7 billion USD by Americans to scams over the past three years. This spike not only signals the growing cunning of scam artists but also the expanding scope of their operations.

Social media platforms: a hotbed for scams

Social media platforms were hotbeds for scam activities in 2023, with Americans losing 2.7 billion USD to social media scams alone. Fraudsters are increasingly leveraging these platforms, exploiting the trust and extensive reach they offer to ensnare unsuspecting victims.

reported-fraud-losses-by-contact-method

These developments stress the need for heightened vigilance in our digital lives. The evolving complexity of scams, especially those woven into the fabric of platforms like social media, demands that we remain ever alert. Recognizing scam types, spotting warning signs, and understanding self-protection strategies have never been more important.

This trend also emphasizes the vital role of regulatory bodies and consumer protection agencies. Their continued and enhanced efforts are crucial in addressing these challenges and protecting the public against these sophisticated digital threats. 

Staying ahead of scams: 10 scams to look out for in 2024

But until comprehensive measures are fully implemented, the onus is on us to stay informed about the latest scams and educate ourselves proactively. To give us an edge, Engel explains what he believes will be the most prominent scams to watch out for in 2024.

1. Easy online job scams  

There’s a notable influx of job seekers in the early months of the new year, particularly January and February. This period coincides with an increase in job scams, especially targeting those searching for flexible or additional income opportunities These scams are particularly insidious as they exploit the common desire for easy, lucrative opportunities, often requiring minimal qualifications or experience and bypassing traditional recruitment processes like interviews.

easy-online-job-scams

Take, for example, the case of a recent graduate looking for part-time work. She came across an online job posting for a data entry position that promised attractive pay for minimal work. The job required no prior experience, and the application process was unusually swift, with no interview. Excited by the prospect, she applied and was quickly “hired.” However, the job was a mirage. After providing her details, including her resume and Social Security number, the company disappeared, and the graduate later found her information was used for identity theft.

Protect yourself from online job scams:

  • Research thoroughly: Verify the legitimacy of the company offering the job. Check for an official website, a physical address (if applicable), and authentic employee reviews. If possible, reach out to current employees to confirm the validity of the job offer.
  • Don’t fall for flattery: Fake recruitment emails could be enticing—but pause before you click. If you receive an email or message with a link, only click on it if you’re sure of its legitimacy.
  • Don’t give out your details: Phishing is a common tactic used to steal personal information. If you are asked to provide your information early on, consider whether it’s a scam.

2. Government account takeovers

IRS_Scams
An example of a phishing email sent from a scammer pretending to be the IRS.

As government agencies increasingly digitize their services, a new threat has emerged in the digital landscape: government account takeover (ATO) scams. These scams represent a significant challenge as they exploit vulnerabilities in digital government services, posing a risk to the personal information of countless individuals.

A prime example of this type of scam is the fraudulent IRS email (see above). This email, masquerading as an official communication, falsely informs recipients that they are eligible for a refund. It urges them to click a link and enter sensitive details to “verify” their account. Unfortunately, this action can lead to the compromise of personal data, as scammers use this information for nefarious purposes.

government-account-takeover-fraud

Engel highlights a key vulnerability exploited in these scams.“To access a website or app, you usually need a combination email, username, or phone number, a password, and a multi-factor authentication,” he notes. 

Engel emphasizes that the tendency to reuse usernames and passwords across different sites can leave individuals particularly vulnerable. Scammers often use this oversight to their advantage, obtaining these reused credentials from one compromised site and attempting to access other accounts, including those on government platforms. 

It is much safer to use two-factor authentication, where a one-time code is sent to you to use alongside your password. But Engel explains that scammers may employ social engineering tactics to obtain your 2FA code. They might pose as government officials or use other deceptive means, such as the promise of a refund, to trick individuals into divulging this critical information.

What’s worse is that in 2024, AI is expected to play a bigger role in the evolution of phishing scams. AI-powered phishing attacks are expected to be more sophisticated, personalized, and difficult to identify. Understanding and preparing for these advanced threats is essential for individuals to enhance their awareness and strengthen their defenses against these advanced cybersecurity threats.

Protect yourself from government ATO scams: 

  • Vigilance is key: Always be cautious with unsolicited communications from government agencies, particularly those that request sensitive information or urge immediate action. Many scammers use phishing emails that look legitimate in an attempt to gain user details. Confirm the authenticity of such messages by visiting the official government website or contacting the agency through known, reliable channels.
  • Use a VPN for enhanced security: When communicating with someone, it’s safer to turn on your VPN to keep your IP address (and thereby your real location) private.

3. Deepfakes and the use of generative AI 

Generative AI has helped multiple sectors, such as healthcare, finance, and entertainment. However, its potential for misuse is becoming increasingly evident, particularly in the realm of scams and sophisticated fraud.

deepfake-ai-scams

Deepfakes, a notorious application of generative AI, enable the creation of highly realistic and convincing media, including videos, images, and audio recordings. Picture a scenario where you receive a video call from someone impersonating your bank manager, urgently requesting your account information, or an audio message from a loved one asking for financial help. A noteworthy example reported by the New York Times detailed how high-net-worth individuals were targeted using voice clones created from their publicly available audio samples. These cloned voices were then used to defraud banks, showcasing the high level of sophistication in these scams.

According to Engel, AI can also empower individuals with limited language skills to refine their scamming techniques. “In theory, AI is all just content creation but at a higher level and degree than what was possible in the past, with a lower barrier for entry. This makes it more accessible,” he explains. As technology advances, we can expect AI-led scams to become widely used, increasingly intricate, and challenging to detect.

Protect yourself from AI-enhanced scams: 

 

  • Verify your contact’s identity: If you receive a suspicious call or message, especially one that seems out of character for the supposed caller or sender, pause and verify the person’s identity through a known number or alternate communication channel.
  • Report suspicious activity: If you suspect you’ve been targeted by a voice-cloning or deepfake scam, report it to the authorities immediately and block the contact.
  • Learn how to spot a deep fake: While many deepfakes are convincing, there are still ways to spot them. Some visual cues include poor blending of facial features, like the inconsistencies in skin tone, shadows, or even blurry and distorted areas of the face. Audio clues can include flat or robotic intonation, like a lack of natural inflection, emotion, or even abrupt breaks in speech.

4. Peer-to-peer (P2P) payment scams

Peer-to-peer (P2P) payment apps like Venmo, Zelle, and Cash App have become ubiquitous for quick and easy transactions. However, this convenience has also attracted scammers, leading to a rise in P2P payment scams. These scams typically involve deceiving users into sending money or divulging personal information for fraudulent purposes.

A notable instance of P2P scams is the recent surge in fraudulent activities on Zelle. Reports have highlighted a marked increase in scams on this platform, underscoring the potential risks for users. The gravity of the situation was such that it garnered the attention of Senator Elizabeth Warren, known for her stance on strengthening consumer protections, particularly in the realm of P2P payment services.

The mechanics of these scams can vary, but they typically follow a pattern designed to deceive and exploit:

p2p-payments-scams

Protect yourself from P2P payment scams: 

  • Transact with trusted individuals only: Limit transactions to people you know and trust. This approach helps avoid common scams like fake buyer or seller schemes and overpayment frauds.
  • Verify recipient details: Always double-check the recipient’s information, including their name, email, and phone number, before transferring funds to prevent sending money to imposters.
  • Beware of unsolicited requests: Be cautious of unexpected requests for money, particularly from unfamiliar individuals. These are often disguised as urgent money transactions, attempting to make you act quickly and without thinking.
  • Avoid suspicious links and attachments: Do not click on links or open attachments from unknown sources, as these could be phishing attempts aiming to steal your login credentials.
  • Report suspicious activity: If you encounter anything unusual, report it immediately to the P2P payment app’s support team and law enforcement authorities. This helps track down scammers and prevent further victimization.

5. Package delivery scams

While package delivery scams often spike during the holiday season, their threat persists well into the new year, capitalizing on the continued excitement and anticipation surrounding online shopping. These scams are not confined to the festive season; they remain a prevalent issue, exploiting consumers’ trust in delivery services and online retailers. A recent incident involving delivery company UPS underscores how these scams operate and their impact.

package-delivery-scams

In Florida, residents were targeted by a scam involving a fake UPS package delivery notifications. The scammers informed residents that they were expecting deliveries, which, in reality, didn’t exist. This type of scam typically uses phishing techniques, where victims are sent messages that appear to be from legitimate delivery companies like UPS. 

These scams often begin with text messages or emails claiming to be from delivery services. The messages might state that you have a package waiting or that there’s an issue requiring your attention. Here’s how they generally unfold:

Whatsapp Package Scam
An example of the message sent by a package scammer trying to build a relationship with their victim and attempt to learn more about them.
Package Scam 2
Another example of a text message scammers of a package delivery scam might send with a link to click on.

Protecting yourself from package delivery scams: 

  • Verify delivery notifications: Always check directly with the delivery company through their official website or app rather than clicking on links in unsolicited messages.
  • Avoid unsolicited packages: If you receive a package you didn’t order or a request to pay for an unsolicited delivery, be cautious. Report any such incidents to the delivery company and avoid interacting with suspicious messages.
  • Research and payment methods: When shopping online, ensure the store’s legitimacy and use secure payment methods like credit cards, which often offer fraud protection.
  • Report suspicious activity: Be aware of the signs of a scam, such as messages creating a sense of urgency or asking for sensitive information. Report any suspicious activities to the relevant authorities.

Other scams to be aware of in 2024 

5G-related scams

The excitement surrounding 5G’s lightning-fast speeds and game-changing potential has, unfortunately, attracted its fair share of scammers. These con artists prey on consumers’ eagerness to jump on the bandwagon, deploying a variety of tactics to steal money and personal information.

5g-scams

Protecting yourself from 5G-related scams:

  1. Don’t fall for false promises: Be wary of sensational claims about 5G unlocking life-changing benefits. Always check official sources from your mobile service provider or trusted tech websites for accurate information about 5G availability and capabilities.
  2. Beware of unsolicited offers: Legitimate providers won’t pressure you into upgrades or offer exclusive deals through suspicious links or phone calls. Be cautious of such solicitations.

Celebrity endorsement crypto scams

Celebrity endorsement crypto scams exploit the public’s trust and affinity for their favorite stars to fuel a dangerous web of deceit. Imagine scrolling through social media and seeing your idol raving about a supposedly “guaranteed-to-skyrocket” new cryptocurrency. They paint a picture of financial freedom, effortless gains, and joining an exclusive community. This is the initial hook, where excitement masks the red flags.

celebrity-endorsed-crypto-scams

Behind the scenes, celebrities are often paid hefty sums to promote these risky ventures, rarely disclosing the hidden risks or their own lack of crypto expertise. This creates a false sense of legitimacy, luring unsuspecting fans into believing the celebrity genuinely believes in the project.

Protecting yourself from celebrity crypto scams:

 

  • Follow the money: Just because your favorite celebrity promotes a crypto project doesn’t automatically make it legitimate. Remember, celebrities are often paid handsomely for endorsements, and their financial interests may not align with yours. Dig deeper into the project’s whitepaper, team background, and any potential red flags identified by independent reviewers.
  • Beware of urgency and scarcity tactics: Scammers often create a sense of urgency by claiming limited availability or promising imminent price increases. Don’t let pressure cloud your judgment; take your time to research and evaluate any cryptocurrency investment.

Climate change scams 

Climate change, a pressing global challenge, has unfortunately also become fertile ground for scammers. Preying on anxieties and the desire to be part of the solution, these con artists weave intricate webs of deceit masquerading as eco-friendly initiatives.

climate-change-scams

Protecting yourself from climate change scams:

  • Beware of emotional manipulation: Scams often use guilt trips, fear-mongering, or urgency tactics to pressure you into quick decisions. Stay grounded and avoid acting impulsively. Remember, genuine action should empower, not manipulate.
  • Be alert of green investment scams: Avoid investing in untested technologies or green energy projects promising unrealistic returns. Conduct thorough due diligence, check regulatory approvals, and understand the risks involved before investing in any climate-related solution.

Charity scams exploiting global crises 

Global crises, from natural disasters to humanitarian emergencies, evoke a powerful urge to help. Scammers, however, exploit this compassion for their own gain, weaving elaborate webs of deceit disguised as charitable efforts.

charity-global-crises-scams

Protecting yourself from global crises scams: 

  • Always verify before donating: Verify the legitimacy of a charity through independent resources like Charity Navigator or GiveWell. If you are planning on donating, avoid sending cash or using unverified online platforms to donate.
  • Don’t donate to personal accounts: If you notice that the donation portal leads you to a personal account instead of a business account associated with the charity, do not transfer any money.

Fake healthcare insurance plans

Fake healthcare insurance plans, much like their namesake, offer nothing but an illusion of security. They may promise comprehensive coverage at rock-bottom prices, but in reality, they leave you vulnerable to significant medical bills and potential legal trouble.

fake-healthcare-insurance-plans-scams

Protecting yourself from fake healthcare insurance plans: 

  • Read the fine print carefully: Always verify the legitimacy of an insurance plan with your state insurance department or a trusted healthcare provider. It’s also worth understanding the plan’s coverage, exclusions, deductibles, and co-pays before signing up.
  • Never share personal information with unsolicited callers or websites: Legitimate insurance providers and agents will never request for personal information over the phone.  A reputable insurance provider will always verify your identity and request information through secure channels before providing any service or discussing sensitive details.

Understanding the psychology of what makes people fall for scams 

A 2023 Citibank survey revealed that while 90% of U.S. adults feel confident in their ability to identify and avoid scams, over a quarter still fell victim to one during the year. So why does this happen?

Optimism bias makes us vulnerable to scams

A key psychological factor contributing to why people fall for scams is optimism bias. This bias leads individuals to believe they are less likely to be affected by negative events compared to others. In the context of scams, this manifests as an overconfidence in one’s ability to detect and avoid fraudulent schemes. Unfortunately, this can result in a lowered guard against potential threats.

Optimism bias can make people more vulnerable to scams as they might not be as thorough in scrutinizing potential risks. They could disregard warning signs such as unsolicited contact, under the assumption that they are too savvy or informed to fall victim. This mental blind spot is precisely what scammers exploit.

How technology contributes

Another factor contributing to susceptibility to scams is the level of technological expertise. Individuals not fully acquainted with the latest technological advancements or trends might be more prone to scams due to a lack of understanding of how these fraudulent operations work. Scammers often leverage new technologies and methods, staying a step ahead of the general public’s awareness.

Tactics scammers use to trick their victims

Time pressure 

Scammers often create a sense of urgency to provoke rash decision-making. For example, consider a scenario where you receive a call from someone claiming to be from your bank, alerting you to unauthorized activity in your account. The immediate threat to your privacy triggers a natural response to regain control, often leading to hasty actions that scammers capitalize on.

Abusing trust and authority 

Authority figures naturally command trust. Scammers exploit this by impersonating officials or known authority figures, thereby lowering your guard and making their deceit more believable. An example is a scam email from a “manager” requesting the purchase of gift cards in an emergency, a typical scenario in the workplace.

Slack Scam
The phishing email above is a good example of how scammers exploit Slack, a tool commonly used in the workplace to abuse trust and lure victims into giving up information. (Credit: Reddit)

Promising financial gain

Despite knowing that free offers usually have a catch, many still fall prey to scams promising easy money or exclusive deals. Scammers capitalize on the fear of missing out (FOMO) and the allure of quick financial gains, which can be particularly effective against those in financial distress or seeking emotional validation.

Recognizing that these strategies can overlap and amplify each other helps us understand why scams can be so effective. This knowledge is a key step towards recognizing the red flags of scams, which brings us to our next section.

What are the warning signs of a scam?

Recognizing the signs of a scam is crucial in protecting yourself from falling victim to one. Here are some key red flags to look out for:

6-signs-it-is-a-scam

Have you ever fallen victim to a scam? Share your experience in the comments below.

The post 10 scams you should know about in 2024 appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/10-scams-you-should-know-about-in-2024/feed/ 0
Which smart cars have the most privacy concerns? https://www.expressvpn.com/blog/which-smart-cars-have-the-most-privacy-concerns/ https://www.expressvpn.com/blog/which-smart-cars-have-the-most-privacy-concerns/#respond Mon, 08 Jan 2024 02:14:48 +0000 https://www.expressvpn.com/blog/?p=111381

Nissan, Tesla, and Hyundai are reported to have the most flawed privacy policies, where drivers are at a clear disadvantage.

The post Which smart cars have the most privacy concerns? appeared first on Home of internet privacy.

]]>

Despite their many benefits, the rise of smart cars brings forth a new set of challenges, particularly in terms of driver privacy. A recent Mozilla Foundation study has placed these vehicles under scrutiny, revealing startling privacy lapses. 

From Tesla’s controversial data collection methods to Nissan’s concerning privacy policy, the findings are a wake-up call for both consumers and regulators. Smart cars, while innovative, are becoming data troves, often collecting more information than necessary and sharing it with third parties. 

Building on our previous discussion in the article How your smart car tracks you, this analysis takes a deeper dive into the privacy practices of leading smart car manufacturers. We scrutinize how these companies handle user data, focusing on key areas like data usage, control, security measures, and AI technology. 

Our investigation aims to provide a comprehensive overview of the privacy landscape in the automotive industry, highlighting areas where car companies need to improve to better protect driver privacy.

What makes a car smart?

Gone are the days of purely mechanical cars. Modern vehicles are a hub of microprocessors and sensors, steering the shift towards digitalization in automotive technology. Today’s cars, especially the luxury ones, boast up to 100 microprocessors. These tiny brains control everything from your airbags to the car’s cruise control, all feeding off data from a myriad of sensors. 

Here’s a closer look at what makes a car “intelligent”:

  • Sensors and cameras: Smart cars utilize sensors and cameras as their eyes and ears, constantly collecting data about their surroundings, including other vehicles, pedestrians, and road signs.
  • Data processing: The car’s computer processes data from these sensors and cameras to make informed driving decisions, controlling steering, speed, and braking.
  • Autonomous driving: This feature allows the car to drive itself by analyzing road conditions and traffic, making real-time decisions for a safer driving experience.
  • Adaptive cruise control and GPS: These ensure smoother and smarter navigation, offering precise location tracking and efficient route planning.
  • Connectivity: Links the car to smartphones and other devices for remote control and monitoring.
  • Smart parking and traffic prediction: Assists in finding and maneuvering into parking spots, and uses real-time data to avoid congestion and suggest alternate routes.
  • Safety features: Automatic emergency brakes and more, for a safer drive.
  • In-car entertainment: Connects to apps and streaming services for a more entertaining travel experience.
  • Eco-friendly tech: Especially in electric models, reducing emissions and boosting efficiency.
  • Car-to-car communication: Smart cars share information with other vehicles about traffic and road conditions.
  • Smart city integration: Interacts with urban infrastructure like smart traffic lights for smoother travel​.

The double-edged sword of smart car technology 

While the advanced features of smart cars offer convenience and enhanced driving experience, they also usher in significant privacy concerns. These innovations, though impressive, pave the way for extensive data collection about drivers.

Data collection 

Smart cars, equipped with their myriad of sensors, cameras, and connectivity features, are constantly gathering data. This includes not just basic vehicle operation data but also personal information like driving habits, location history, and even preferences in entertainment. The interconnected nature of these systems means that this data can be vast and detailed, offering a comprehensive profile of the driver’s behavior and preferences.

Connectivity and surveillance risks

The very features that make smart cars convenient—GPS tracking, autonomous driving, and car-to-car communication—also open up avenues for constant surveillance. This isn’t just about tracking where the vehicle is; it’s about monitoring how it’s being used, who’s using it, and in some cases, even what’s being said inside it.

Implications for user privacy 

While smart cars can make our lives easier, they also pose a risk to our privacy. This data, if not properly secured and managed, can be misused by companies for targeted advertising, by hackers for malicious purposes, or even by authorities for surveillance. The challenge lies in balancing the benefits of these advanced technologies with the need to protect the privacy and security of the individuals using them.

15+ car brands under the spotlight 

So which car companies stand out for their concerning privacy practices? While Tesla is known for its revolutionary electric vehicles, its data collection practices are questionable. Kia’s privacy policy is also problematic, and Nissan’s is probably the worst. 

Here’s what you need to know about a few of the top car brands, ranked from bad to worse in terms of user privacy:

Car brand Data use Data control  Track record  Security  AI
Renault 
BMW
Jeep 
Chrysler (Dodge)
Volkswagen 
Toyota (Lexus) 
Ford 
Audi
Mercedes-Benz
Honda 
Kia
Chevrolet (GMC & Cadillac)
GMC
Hyundai 
Tesla 
Nissan 

Source: Mozilla Foundation 

 

1. Renault 

Renault, a prominent French car company, boasts a long history in Europe and Latin America, though it withdrew from the U.S. market in 1992. While it complies with European privacy laws, there’s some uncertainty about its data collection practices, including personal and driving information. The company seeks consent for geolocation data, as per GDPR guidelines, and refrains from selling personal data, but invests in data ventures, raising some privacy queries. Its association with Nissan, known for privacy issues, adds to these concerns.

2. BMW

BMW, while not the worst in privacy among car brands, aligns with a low industry standard. It amasses a wide range of personal and driving data, including contact details, driving habits, and multimedia usage. BMW extends data collection to third-party sources, like data brokers and social media networks. There’s also uncertainty about the extent of data sharing for advertising, as its privacy policy doesn’t explicitly clarify this.

3. Jeep

Jeep, an iconic American brand known for rugged vehicles, has faced criticism for its user-unfriendly privacy policy. Navigating its website for privacy information is challenging. Jeep, along with parent company Fiat Chrysler Automotive (FCA), collects a broad range of data, from personal details to vehicle information. Third-party data sources are also tapped for targeted marketing, resulting in extensive data sharing and privacy concerns.

4. Chrysler (Dodge)

Chrysler and Dodge, which fall under the same parent company FCA, share a complex and challenging-to-navigate privacy policy with Jeep. They gather extensive personal and vehicle information, creating detailed user profiles for targeted marketing and ad personalization. While security has improved since a 2015 incident that saw 1.4 vehicles being recalled after a hacking incident, concerns remain about potential identification risks with de-identified data (data that has had all of the personally identifiable information removed), especially if it includes location information.

5. Volkswagen 

Volkswagen’s privacy practices regarding data usage, control, and security are also problematic. The company engages in extensive data collection across cars and connected services, encompassing a wealth of personal and vehicle data. VW’s disclosure policy indicates broad sharing, often for targeted advertising. Even de-identified data is not immune to usage, with potential re-identification risks. Security concerns, data breaches, and privacy violations further mar VW’s privacy track record, posing considerable risks to personal and location data.

6. Toyota (Lexus)

Toyota, a Japanese brand and global leader in car sales, also owns Lexus—which shares the same privacy policy. Despite the company’s stature, Toyota’s privacy practices raise concerns. It collects an extensive amount of data, often more than necessary, and shares or sells it to third parties for marketing purposes. 

Its privacy landscape is complex, with numerous policies covering different aspects, making it challenging for users to navigate and comprehend. Data collection encompasses personal, demographic, driving behavior, vehicle, and sensitive information. Toyota claims to process facial geometric features exclusively within the car but concedes that this sensitive information may be shared under legal requirements. On the plus side, Toyota does grant individuals in the U.S. certain rights to control their data.

7. Ford

Ford, arguably the best-known American car brand, has a long history in the automotive industry. However, its privacy track record raises concerns. It amasses substantial personal and vehicle data, ranging from names and emails to location data and driving behavior. This information is used to create detailed user profiles for marketing purposes. Ford also shares or potentially sells this data to various third parties, including dealers, social media platforms, advertising companies, and law enforcement. Its privacy policies are complex, making it hard for users to understand the extent of data collection. In terms of security, Ford has had some publicized incidents, which raises doubts about its ability to protect the personal information they collect.

8. Audi

Audi, the renowned German car manufacturer, known for its luxury vehicles, presents a challenge in understanding its privacy policies, particularly for U.S. consumers. Policies vary based on the car’s model year and selected services, with an additional privacy page for Volkswagen Group of America, Audi’s parent company, accessible only in select U.S. states with stringent privacy laws.

In terms of data collection, Audi accumulates a wide range of personal, car-related, and other information, which includes names, contact details, GPS-derived location data, in-car voice commands, and extensive vehicle usage data. It also extracts information from connected services like navigation and streaming. Audi is capable of creating detailed user profiles based on this data, reflecting individual preferences and traits. This information not only remains within Audi but is also shared, and potentially sold, to third parties for advertising purposes.

Coupled with a track record of data protection issues, as seen in the 2021 incident mentioned above, not all consumers have equal rights to request data deletion or to opt out of data sharing for marketing.

9. Mercedes-Benz

Mercedes-Benz cars are known for luxury, but the company’s privacy practices raise serious concerns. It collects a lot of personal data, including sensitive info like location and biometrics. It also admits to sharing or selling some of this data for targeted ads. The company’s track record isn’t perfect either, with the significant data leak in 2022. Integrating the privacy-sensitive TikTok app into its cars in 2023 doesn’t inspire confidence either. The company’s privacy notice even acknowledges that no information system is completely secure. The German manufacturer admits to sharing sensory data with law enforcement, posing a potential threat to individual privacy.

10. Honda

Honda’s privacy policy raises concerns. While the company claims to prioritize privacy, its policy allows for extensive data collection, potential sharing, and even selling, of personal information. Its interpretation of “data minimization” is broad, enabling substantial collection for “legitimate business purposes.” It also lists a wide range of potentially gathered information, including sensitive data. 

While Honda states it won’t share geolocation info without consent, the terms of this consent are unclear, leaving customers potentially exposed. Additionally, it mentions acquiring data from various sources and using a wide array of personal information for targeted marketing. While Honda’s privacy and security record isn’t the worst, reported vulnerabilities, like a keyless entry system flaw, raise concerns about their reporting mechanisms.

11. Kia 

Kia’s approach to privacy is bizarre. Like Nissan, it claims the right to collect sensitive data like genetic information and details about one’s sex life without providing clear justification. It also has a broad definition of personal information, which means private and sensitive data could fall under this category. 

Kia also collects a wealth of information about driving habits, geolocation, and movements, and may share or sell this information. Past security incidents and vulnerabilities also raise doubts about the company’s commitment to user safety. 

Additionally, its connected services also likely involve third-party providers, possibly exposing user information. Concerningly, Kia also has a “My Car Zone” feature that lets you set alerts to monitor how others drive your car, like curfew violations and speed limits. While it’s designed for parents to keep an eye on their kids, it could also be abused by controlling family members or partners.

12. Chevrolet (GMC & Cadillac)

Chevrolet, GMC, and Cadillac share a privacy policy as they’re all owned by General Motors. They have a complicated privacy setup with at least six separate privacy policies in the U.S. The car manufacturer is really keen on connecting driver’s phones to their cars, even adding a mandatory 1,500 USD fee for its OnStar and Connected Services Premium Plan. This doesn’t leave much choice for buyers. 

OnStar’s policy reveals that the company gathers a lot of personal and car data, and it’s closely linked with law enforcement and government agencies. The service can collect a vast range of information about you and your car, and even draw conclusions about your traits and habits for marketing. It’s not clear when you actually give consent for all this data collection. GM’s track record on data protection isn’t perfect either, with a major data breach in 2022. 

13. Hyundai 

Hyundai, a well-known South Korean car maker, has significantly improved its global reputation since its early days. However, its privacy policy raises particular concerns. It states the company’s readiness to comply with “lawful requests, whether formal or informal,” a statement that goes beyond the language of many other car brands. This gives rise to serious questions about the potential extent of data sharing with government or law enforcement agencies.

What’s particularly worrisome is Hyundai’s extensive data collection practices. The company collects a host of detailed and sensitive information about users’ activities, both within their vehicles and through connected services. This includes geolocation, driving habits, and even sensor data generated by the vehicle. Moreover, Hyundai’s definition of personal information is exceptionally broad, potentially encompassing a wide range of sensitive data.

Hyundai’s privacy policies also show a lack of clarity and transparency. The language is often vague, leaving room for broad interpretation. For example, the policy references collecting “physiological, biological or behavioral characteristics” under biometric information, a term open to wide-ranging interpretation.

Additionally, Hyundai’s data handling practices raise questions about security. Recent incidents, including a data breach affecting car owners in France and Italy, and a vulnerability that could potentially allow unauthorized access and control of vehicles, underscore concerns about data safety and user privacy.

In terms of user control, options to opt out of certain data collection practices are limited, and some functionalities may be restricted as a result. Only residents of select U.S. states and those under GDPR protection in Europe have the option to request certain data-related actions.

14. Tesla

Tesla, led by Elon Musk, is known for its high-tech electric cars. As of 2023, it stands as the world’s most valuable car manufacturer. However, its AI-powered autopilot has raised serious concerns due to its association with a troubling number of accidents and fatalities. This has prompted heightened government scrutiny.

There have also been incidents, like the internal sharing of videos from Tesla’s cameras, that included highly sensitive content, raising serious questions about user privacy. Moreover, a whistleblower leaked multiple confidential files alleging a cover-up of Autopilot system issues, containing extensive personal data. This event is currently under investigation for potential GDPR privacy law violations.

Tesla’s privacy policy also outlines extensive data collection, covering details from personal information to various aspects of vehicle use. While some data processing is done locally on the car, certain elements, like cabin camera footage, are shared with Tesla if data sharing is enabled. Additionally, the opt-out process for data sharing may have unintended consequences, potentially impacting the functionality of the Tesla vehicle.

15. Nissan

Nissan’s approach to privacy is deeply unsettling as it openly admits to collecting and sharing highly sensitive personal information, including details about sexual activity, health conditions, and genetic data—all for targeted marketing purposes. While the company’s transparency is notable, it underscores a troubling approach to handling user data.

The company’s MyNissan app also raises red flags. The Data Safety Information on the app’s Google Play Store page contradicts its privacy policy. Nissan asserts that no data is shared with third parties, directly conflicting with its policy that clearly states personal information is shared with various partners. The issue of data collection also extends to passengers who use Nissan’s connective services while in one of their smart cars. Additionally, the app’s inability to delete collected data leaves users potentially exposed to data mishandling.

Nissan’s data protection track record, while not the worst among car companies, falls short. A 2022 data breach involving a third-party service provider raises serious questions about the overall security of their data-sharing practices. A security vulnerability in January 2023 also exposed a potential loophole for unauthorized remote access to vehicles, emphasizing the urgent need for improved security measures. 

The road ahead

As smart cars continue to evolve and advance, it’s clear that the current state of car data privacy calls for urgent action. The technological prowess that makes cars smarter also makes them potent tools for data collection, far beyond what is necessary for vehicle operation. This excess data gathering, ranging from driving patterns to personal preferences, can potentially be exploited, underscoring the need for more stringent privacy regulations.

This juncture demands a forward-thinking approach to regulation. Legislators and industry stakeholders need to collaborate to develop clear, enforceable guidelines that ensure data collection is transparent, secure, and respectful of user privacy. These regulations should give users meaningful control over their data, including the right to know what is collected and the power to opt out.

The path forward should also encompass stringent security measures to protect against data breaches and unauthorized access, ensuring that the advancements in automotive technology do not come at the expense of personal privacy. As we embrace the future of smart cars, ensuring robust privacy protections will be key to maintaining user trust and advancing technological innovation responsibly.

Learn more about how you can safeguard your personal data from smart car manufacturers.

The post Which smart cars have the most privacy concerns? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/which-smart-cars-have-the-most-privacy-concerns/feed/ 0
Firewall vs. VPN: What’s the difference? https://www.expressvpn.com/blog/firewall-vs-vpn-whats-the-difference/ https://www.expressvpn.com/blog/firewall-vs-vpn-whats-the-difference/#comments Tue, 02 Jan 2024 08:42:05 +0000 https://www.expressvpn.com/blog/?p=111125 firewall-vs-vpn-difference

Find out what firewalls do and whether you should use a firewall or VPN, or both, for your online security.

The post Firewall vs. VPN: What’s the difference? appeared first on Home of internet privacy.

]]>
firewall-vs-vpn-difference

In this article, we’ll explain the key differences between firewalls and VPNs to help you decide which one is right for you—and whether you should use both at the same time.

Jump to…

Key differences between VPNs and firewalls
What is a firewall?
How does a firewall work?
How does a VPN work?
When to use a firewall vs. a VPN?
Should you use both a VPN and a firewall?
Can a VPN bypass a firewall?
Can a firewall block a VPN connection?
How do I bypass firewall blocking VPN?

Key differences between VPNs and firewalls 

Both VPNs and firewalls offer digital security, but they work in different ways. We start off with a comparison table before getting into the details of each tool.

Features VPN  Firewall
Primary function Encrypts internet activity and masks your real IP address with one belonging to the VPN company. Monitors incoming and outgoing traffic, filtering out unauthorized activity from your network.
Type of protection Secure and private data transmission.  Keeps out unwanted traffic from a network based on predefined rules.
Benefits 1. Keep traffic hidden from third parties like internet service providers
<r>
2. Break through censorship
<r>
3. Stay secure via encryption when using unsecured networks like public Wi-Fi<r>

4. Access private networks remotely (with business VPNs)
1. Block malicious traffic
<r><r>
2. Prevent unauthorized access to devices and networks<r>
<r>
3. Block traffic from specified applications, ports, or IP addresses<r>
<r>
4. Monitor network activity for suspicious behavior
How to use  Typically a subscription-based service offering apps for your devices. Software built into your operating system or bought separately as hardware or software.

What is a firewall?

Firewalls monitor incoming and outgoing traffic, deciding what’s allowed to pass through and what’s blocked. They analyze data packets based on predefined rules, filtering out malicious content like malware and hack attempts. They can also be set to block traffic from certain locations, applications, or ports.

Most large companies use firewalls. They protect the company by keeping out viruses and preventing unauthorized people from accessing the network without the right credentials. Companies often also block popular sites like social media platforms to keep their workers focused. But individuals can also benefit from firewalls by configuring them to block traffic that might be unsafe.

There are several types of firewalls, and they vary in sophistication. Here are a few prominent ones:

  • Stateless packet-filtering firewalls. These are the most basic firewalls, and they simply inspect IP addresses and ports and reject those disallowed by administrators. This type of firewall is not widely used due to lack of functionality and flexibility in modern environments.
  • Stateful firewalls. This type of firewall uses various information about a data packet to decide whether it should be allowed in. It does this by analyzing the state and context of active network connections.
  • Proxy firewalls. These offer the most features and customization, serving as a gateway between devices on a local network and servers on the internet

How does a firewall work?

Every piece of information seeking entry to your network, like emails, downloads, and website data, is a data packet. The firewall inspects each packet based on set rules: its origin, destination, type, IP address, port number, the way it’s sent, etc. Based on the set rules, the firewall determines whether it’s allowed entry or blocked. This constant vigilance helps keep your computer and network safe from online threats.

Although firewalls can control both incoming and outgoing traffic, they are sometimes not configured to block your outbound traffic. However, it can be helpful to block questionable outgoing traffic as well, to mitigate what an attacker can do on your network if they make it into your system.

Someone wanting to use a firewall has two broad options: a hardware firewall or a software firewall.

Software firewalls

A software firewall is a program installed on your device. While your computer might come with a software firewall, you could also buy software that’s more advanced.

Benefits of software firewalls

  • Often free. Popular operating systems like macOS and Windows include firewall software.
  • Easy to use. You can simply turn it on and set it up on your computer.

Hardware firewalls

A hardware firewall is a physical device that sits between your network and the internet. Instead of plugging your router cable into your computer, for instance, you can plug it into the firewall device first. The firewall analyzes each data packet based on predefined rules, checking for and blocking suspicious traffic like malware.

Benefits of hardware firewalls

While hardware firewalls are costlier (versus software firewalls, which are often free), there are reasons they could provide better security.

  • Configure just one device for your network. With software, you would configure the firewall on every device, causing more work and more room for error.
  • Offers protection even before reaching the device. With a software firewall, the traffic doesn’t get filtered until it’s already reached your device.
  • Greater flexibility. Hardware firewalls let you set up complex rules to customize the filtering with granularity.
  • Your devices don’t have to expend processing power. The work happens on the firewall device itself, so it won’t slow down your devices.

What is a VPN?

A VPN forms an encrypted tunnel for your internet traffic to keep it private. It creates a secure connection between your device and the internet, making your data transmissions unreadable to third parties like your internet service provider or your network admin. Even if someone were to steal your data as you transmit it, it would take them hundreds of years to decrypt it.

A VPN also replaces your real IP address with one belonging to the VPN company. This increases your anonymity as you browse while concealing your location, since IP addresses are an indicator of where you are. The change in IP address also allows you to access content that’s censored in your country or blocked by your school or office.

Ideally, a VPN does not at any point leak your real IP address. For strong security, a reputable VPN company like ExpressVPN also does not record your activity or your VPN connections. This is to keep your activity private even in the extreme case where they are legally compelled to turn over any records or actual servers to reveal information about user activity.

How does a VPN work?

A VPN usually comes in the form of an app on your phone or computer, although you can use a VPN on any internet-connected device. Just turn on the VPN in the app, and your data is encrypted, meaning it’s scrambled into a code that only the person or website you’re communicating with can decrypt. Any information you send or receive, whether browsing a website, sending an email, or streaming a video, is encrypted. 

Once encrypted, your data travels through the secure tunnel to the VPN server. The server acts as your digital intermediary. Instead of showing your actual IP address, a VPN uses its own IP address, which masks your location and makes it harder for anyone to track your online activity.

When the data reaches its destination, the VPN server decrypts it. The decrypted data reaches its final destination as if it were sent directly from your device.

When to use a VPN vs. a firewall

Use a VPN if… secure data transmission and access to information are paramount. 

For instance:

  • You use public Wi-Fi frequently. Public Wi-Fi such as networks in airports and hotels could be unsecured or accessible by network admins, but a VPN keeps your data encrypted.
  • You are an expat or travel a lot. A VPN can help you unblock content censored in your location and help you avoid government monitoring.
  • You shop online. Keeping your connection secure gives you peace of mind as you enter sensitive information like credit card details and your phone number into websites.
  • You want anonymity. A VPN’s ability to hide your real IP address increases your anonymity as you browse.

Use a firewall if… you want to ensure your home or office network is protected from unauthorized access. On your computer, you already have firewall protection, unless you’ve turned it off. It’s rare for someone to get a hardware firewall or enhanced software firewall for personal use. So getting a separate firewall is mostly a consideration for an organization.

For instance:

  • You run a business. Corporate offices almost certainly use firewalls, but small businesses need to practice good cybersecurity, too, and using a firewall is one method to employ.
  • You run an organization like a school or hospital. Schools often use firewalls to block inappropriate and distracting content. In all organizational contexts, a firewall can help to defend against attacks that would jeopardize the personal information of staff, customers, students, etc.

Should you use both a VPN and a firewall?

Yes. These security measures do different things to protect your online security. However, sometimes the two don’t work well together. A firewall might prevent you from accessing the internet with a VPN. This would require some adjustments to your firewall’s rules.

Can a VPN bypass a firewall?

Yes, it is possible for a VPN to bypass the rules set by a firewall. For instance, if your school Wi-Fi is set to block access to popular social media sites from within the network, turning on a VPN could allow you to regain access by hiding the fact that you are someone within the network.

However, this doesn’t always work, as many company firewalls block VPNs. They will detect the VPN and block your access. In such cases, a VPN won’t help bypass the firewall.

Can a firewall block a VPN connection? 

Yes, a firewall can block a VPN connection. Firewalls can be configured to block specific ports and protocols commonly used by VPNs, such as OpenVPN’s UDP port 1194 or PPTP’s TCP port 1723. This essentially bars the VPN connection at the entry point. Some advanced firewalls employ DPI technology to analyze the data packets flowing through the network. They can identify traffic patterns characteristic of VPNs and block them before they’re established.

How do I know if my firewall is blocking my VPN?

  • Connection failure. The most obvious clue is if your VPN refuses to connect on a specific network but works fine on others. If you try establishing a connection and it constantly fails, your firewall could be the culprit.
  • Slow internet speeds. While VPNs can sometimes affect speed, a significant drop in performance after attempting to connect through the VPN might indicate the firewall throttling or blocking some of the traffic.
  • Error messages. Some firewalls display specific error messages related to blocking VPN connections. Check your firewall logs or notification area for any suspicious messages around the time you attempt to connect your VPN.
  • Check firewall configuration. If you’re comfortable digging deeper, you can check your firewall settings directly. Look for rules blocking your VPN application or specific ports and protocols commonly used by VPNs. 

How do I bypass firewall blocking VPN?

Bypassing a firewall blocking a VPN isn’t always recommended due to security concerns and potential violation of network usage policies. However, if you find yourself in a situation where you need to your VPN to work, here are some methods you can try:

  • Switch to data. If you are using your phone on company Wi-Fi, for instance, rather than trying to bypass the firewall, simply change to using your data plan on your phone. You won’t be hindered by the firewall.
  • Change VPN protocols and ports. Most VPNs offer different protocols and ports for establishing connections. Try switching to different protocols like OpenVPN (TCP/UDP), IKEv2, or WireGuard, and different ports like 443 (HTTPS) or 80 (HTTP) commonly used by websites, which might be less likely to be blocked.
  • Use obfuscation techniques. Some VPNs offer obfuscation features that disguise VPN traffic as regular internet traffic, making it harder for firewalls to detect and block. Explore your VPN’s settings for such options.
  • Shadowsocks or SSH tunneling. Shadowsocks is a secure socks5 proxy protocol that can be used to tunnel your traffic through an intermediate server, potentially bypassing firewall restrictions. Additionally, setting up an SSH tunnel can also serve as a way to encrypt and route your traffic through another server.

The post Firewall vs. VPN: What’s the difference? appeared first on Home of internet privacy.

]]>
https://www.expressvpn.com/blog/firewall-vs-vpn-whats-the-difference/feed/ 1