Subject Guides

Data Privacy Best Practices: Home

An overview of data privacy best practices for personal and professional activities.

Privacy Best Practices

Why should you be concerned about privacy? It affects all areas of your personal and professional life.

Not sure what the current issues in privacy are?

There are a variety of sites and tools you can use to limit your presence online and in your personal and professional life.

Data brokers and trackers monitor what you search for, what you share with others, and collect this information for marketing and other purposes. This behavior has been considered by many to be predatory and unethical. 

This informative TED talk from Madhumita Murgia, currently the Tech Correspondent for the Financial Times.

1. Check your browser security settings and opt for incognito search settings whenever possible. Use a privacy inspector to check security of web sites.

Manage your Privacy Settings Online (National Cybersecurity Alliance): Settings information details for major browsers, apps, and online tools to maximize privacy.

Blacklight (The Markup): Real-Time website privacy inspector that allows you to see user tracking details for web sites.

2. Search for items using a private search engines. Two good examples are Duck Duck Go and Glow

Private Browsing: How To Turn Incognito Mode On and Off (Avast): Details on how enable private browsing on a variety of browsers.

3. Install ad blockers with browser extensions to limit advertisers and third-party trackers monitoring your search activity.

Ghostery (Crownpeak)

Privacy Badger (Electronic Frontier Foundation)

Ultrablock (Ultrablock)

Content and sites for courses and lectures:

Algorithmic Bias and Fairness: Crash Course AI #18, 12/19/2019 (12 min.) (Crash Course/PBS): Explains concepts behind algorithmic bias and how it affects privacy.

Atlas of Surveillance (EFF): Documents the extent of police technology via open source data sources. 

Behind the Tech (Microsoft Academic): Podcast hosted by Kevin Scott with topical episodes on a variety of privacy discussions and technology research.

Building Consentful Tech (Allied Media Products): Framework and guide for discussing how consentful are the technologies we’re using, and how much we consider consent in the ways we interact with each other,

Digital Wellness Workshop Presentation (ACRL/Penn State University Libraries): student-based instruction and best practices for minimizing your digital footprint online. This is part of a wider privacy education project, the Digital Shred Workshop

Privacy Field Guides (ALA): targeted to librarians, these guides cover various aspects of privacy ( within the classroom and the academic environment.

Privacy (Electronic Frontier Foundation): Updates, topical issues, and ways to keep current on emerging issues in privacy.

Privacy Field Guides (ALA): topical guides covering various aspects of privacy within the classroom and the academic environment, including Digital Security and How to Talk about Privacy.

California Consumer Privacy Protection Act (CCPA) (State of California): Passed into law in 2018. This law provides rights to consumers regarding the information a business collects about them and the right to delete personal information collected.  

Family Educational Rights and Privacy Act (FERPA) (US Department of Education): Federal law that protects the privacy of student educational data. 

Freedom of Information Law (FOIL) (New York State): Contains online resources and FAQs for placing FOIL requests for publicly available information. 

General Data Protection Regulation (GDPR) (European Union): Enacted in 2018, sets out seven key principles for protecting data collected for research and commercial purposes including fairness and transparency for data collected, as well as accountability and data minimization. This law affects US companies that do business within the EU as well as citizens of  EU countries.  

Health Insurance Portability and Accountability Act of 1996 (HIPAA) (US Department of Health and Human Services): Federal law that provides national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge.

Identity Theft Protection and Mitigation Services Act (New York State): Enacted in 2019, it requires a a business suffering a breach involving Social Security numbers to provide five years of identity theft prevention and mitigation services to anyone affected. 

Personal Privacy Protection Law (PPPL) (New York State): Passed in 1984, PPPL requires SUNY to take steps to protect privacy rights of individuals where state agency records exist and to provide individuals with an opportunity to review and correct such records.

Stop Hacks and Improve Electronic Data Security Act (SHIELD) (New York State): Enacted in 2019, the SHIELD Act requires any person or business handling New York residents’ private information to implement and maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of private information.