By Haylee Barber, NBCNews.com
“Do you want to turn on location services?”
It’s a phrase that has become almost as common as, “Please enter your passcode.” And in our busy lives, with more applications on our phones than we may care to admit, it’s hard not to take a laissez-faire attitude with our online footprint. This can lead to a nearly subconscious – or, at least, passive – click on “yes” to allow our phones to track our location. As a college student, I was guilty of this — thought nothing of it. And I became a target for something terrifying.
It was a warm Friday night in southern California and I had just picked up my parents from the airport. They were visiting me for the weekend at my college in Orange County. After I dropped them off at their hotel, I drove home to the house I shared with roommates. After I entered my house, I began to get ready for bed. And then I heard footsteps in the bedroom at the back of the house. I froze. My roommates had left for a party earlier that night, so I assumed I was alone in the house. I turned to see that one of my roommates’ bedrooms had been ransacked. All of her drawers were open, and the back bedroom window was shattered.
I moved quickly through the house, realizing, in what felt like slow motion, that we were the victims of a burglary. I dialed 911 and left the house. As I waited for police to arrive, I asked myself a question many victims of home invasions ask themselves: What could we have done to prevent this?
In the weeks following the burglary, several of my friends in the area fell victim to similar crimes. Our clothing, electronics, and personal items like underwear and prescription medicine were taken. We all came together around campus to discuss what might have happened. Was it someone on campus we knew? A stalker? All of the victims had something in common: We were all women living in houses near college campuses with female roommates. But our couch-detective sleuthing led nowhere, and neither did police investigations.
When I graduated from college more than a year later, I left the without answers as to who was responsible for our break-in. I moved across the country to New York City and began working for Dateline NBC. Then, almost two years after the incident, I answered a call at my desk. It was the Orange County District Attorney’s Office. Working at Dateline, it’s not unusual to get calls from cops, lawyers, or detectives about cases we are covering. But this call was meant for me.
On the call, the detective told me that 44-year-old Arturo Galvan had been arrested while peeping through a window at a residence near my college in December 2015. Galvan, I learned, had used GPS information to find women who had “checked-in” to locations using social media websites like Instagram or smartphone location services. He then followed their online movements, found out more information on them, and would later burglarize their homes. Galvan pleaded guilty to one felony count of attempted first-degree residential burglary, and one misdemeanor count of resisting and obstructing an officer. He is serving eight years in prison, according to the Orange County District Attorney’s office.
To this day, my home-invasion experience haunts me, and working on Dennis Murphy’s Dateline episode “A Villainous Plan” has brought it all back up again and got me again thinking about personal security.
Kelvin Coleman is the Executive Director of the National Cyber Security Alliance and formerly held Cybersecurity posts at both the White House and the Department of Homeland Security. In his current role at NCSA, Coleman works directly with companies and organizations to help them better secure their online presence. Coleman compares educating ourselves online to trying to stop the spread of germs during flu season.
“Health officials have said for years to cough in your elbow and wash your hands,” Coleman said. “It’s not terribly sexy, but it’s very, very effective.”
Coleman said our personal information is increasingly available in a digital world. Here are a few of his tips to help keep yourself safer online.
1. MIND-SET IS IMPORTANT: Coleman suggests getting into a mind-set where you value your personal information as you do your money. “Information about me, about you — our purchases and our locations — have value, just like money,” Coleman said. It’s important to be thoughtful about who gets your information and how it is collected.
2. “LIKES” CAN BE DANGEROUS: “Getting a high number of likes can be something we want to do, but can also lead to a very unfortunate circumstance,” Coleman said. Be mindful of not only of who is following you, but also who and what you are liking. Coleman said stalkers might target you based on companies or restaurants you like, or places you frequent.
3. LOCK DOWN YOUR LOG IN:“Begin your spring cleaning by fortifying your password tools,” Coleman said. While two-factor authentication can seem like a hassle, it can save you a lot of trouble when it comes to information protection.
4. ONCE IT’S OUT THERE, IT’S OUT THERE:“You can press delete on your phone, but it’s still out there,” Coleman said. “When you put information out, it is out there, indefinitely.”
5. DIGITAL SPRING CLEANING:“Declutter your email, empty your trash can, and remove unused applications,” Coleman said. Each spring, Coleman and the team at NCSA lead an initiative to purge digital information. He suggests copying important files to a backup drive and deleting unused documents, applications, and photos.
6. DELETE UNUSED APPLICATIONS AND REVIEW APPLICATION PERMISSIONS:There’s an application for just about everything, and sometimes we keep those apps on our phones when they are no longer needed. Coleman says it’s important to be mindful of the applications using our information and delete them when you are done with them.
7. SHARE WITH CARE AND BE SELECTIVE: “Think before you post anything about yourselves and others online and consider how it might be perceived,” Coleman said. On social media sites, he says it’s important to consistently review who is following you and allow access only to people you know. Coleman keeps his sites up-to-date by checking his followers from time to time and deleting people he doesn’t know personally.
8. OWN YOUR ONLINE PRESENCE:“Set the privacy and security [settings] on websites and applications to your comfort level,” said Coleman. Applications provide varying settings for visibility and privacy, and it’s important to review them frequently and keep them up-to-date.
9. BE CAREFUL “TURNING ON” LOCATION SERVICES:In my particular situation, my cell phone’s location services were used to exploit my whereabouts. “Be careful in understanding implications in allowing people to see where you are on a continuous basis,” Coleman said. “If you’re taking your usual jog every day at the same time and route — people have been harmed through folks knowing your route — that’s probably not the best use of locations.” Coleman added that we can protect ourselves by “turning off” location services when they aren’t needed, switching up frequent routes, and being mindful of when we post our whereabouts.
10. “We are so connected these days,” said Coleman. “I remember when everybody thought it was a hassle to put a seatbelt on, but that culture has changed. In the same way, we are now saying we have to value and protect our personal information to save you a lot of heartache.”