How Privacy Savvy Are You?

9 Questions

5 Minutes

Know how well you are protecting your own privacy in these vulnerable areas,

and how to improve where you have privacy risks!

In honor of International Data Privacy Day 2017 we created a short, free, evaluation for you to quickly determine how well you are protecting your own privacy in three key areas where privacy failures often take place.

Besides being a fun and awareness-raising activity for individuals, this personal privacy evaluation also supports business and organization requirements for doing risk management activities throughout their organization, complementing the legally necessary business-focused security risk assessments.

This personal privacy risk evaluation can also be used for providing privacy awareness raising communications, supporting a wide range of legal requirements for providing employee privacy and security education.

Before you start, please review the following statement:

By participating in this survey, I agree to not re-post this evaluation, or similar versions of it, to any other business sites to be re-used there without explicit written permission from Rebecca Herold or SIMBUS, who own the intellectual property rights to the content and delivery mechanism respectively.

I also give permission to send the results to my email address, which I will provide at the end, and to allow SIMBUS to incorporate my non-identified answers into generic, bulk summary results.

By taking this free evaluation you are indicating that you understand and agree to these terms.

NOTE: This evaluation is not written for, and must not be taken by, children 13 years of age or younger.

Basic Information About You. Answers provided in this section will not be associated with your specific individual evaluation answers, but will be aggregated into a non-identified database to identify overall personal privacy risk trends.
  • If you are in the USA, in what state do you live? If outside of the USA, in what country do you live? This will help us aggregate answers and provide tallies to determine how privacy activities vary throughout the globe.
    What is your general age range? Please specify: Less than 20, In my 20's, In my 30's, etc. This will help us aggregate answers and provide tallies to determine how privacy activities vary by different age groups.
    Please let us know your gender. This will help us to determine what, if any, privacy trends exist between the genders.
Section 1: Passwords and Authentication
  • 1. Passwords Format. Choose the one answer that *most closely* matches what you do consistently and whenever possible when choosing passwords.
    A. I use the least number of characters allowed so they are easy to remember. I stick primarily with words found in the dictionary.
    B. I use strong, long, and complex (upper and lower case characters, numbers and symbols) passwords in some places, but not all.
    C. I use strong, long, and complex (upper and lower case characters, numbers and symbols) wherever possible for all my passwords.
    D. I use combinations of words and numbers that are easy for me to remember wherever possible.
    2. Password Changes. Choose the one answer that *most closely* matches when you typically change your passwords.
    A. I change my password for sites that report hacks or when I suspect someone may have seen or discovered my password.
    B. I change my password when I'm notified there has been a verified hack, but not usually at other times.
    C. Once I set a password, anywhere, I never change it unless I'm forced.
    D. I change my password for sites that report hacks even when passwords may not have been compromised. I have not thought to change passwords if someone may have seen or discovered it.
    3. Two-factor Authentication. This is also commonly called two-step verification. Choose the one answer that *most closely* matches your use of two-factor authentication.
    A. What the heck is two-factor authentication? I probably am not using it anywhere.
    B. I use two-factor authentication everywhere it is offered.
    C. I use two-factor authentication in a few places, but not on my social media accounts (e.g,.Facebook, Twitter, Instagram, Pinterest, etc.).
    D. I use two-factor authentication only for my banking/financial sites; nowhere else.
Section 2: Daily Activities
  • 4. Using Self-Pay Checkouts and ATM machines. Check the one action that *most closely* matches what you do when using credit/debit and ATM cards.
    A. I swipe/insert as quickly as possible, enter my PIN as quickly as possible, and then go! I love the convenience and speed of these self-pay checkouts and ATM machines. I trust them to be secure.
    B. I love the convenience, but I am cautious about security. I always give the card reader a jiggle to check for any skimming devices or recent tampering. I do this even for those devices within eyesight of the clerk. I cover my keypad with my other hand when I am entering my PIN.
    C. If the ATM or card reader is not close to a checkout clerk or within view of the gas station attendant, I will jiggle the device as a precaution. I also usually cover the PIN keypad if someone is close by. Everywhere else I swipe/insert and do my PIN as quickly as possible.
    D. I am pretty cautious with these machines. Typically, I swipe/insert, but then, if others are close by, cover the keys when I type in my PIN.
    5. Social Media. Check the one action below that *most closely* matches what you do on social media sites (e.g., Facebook, Instagram, Twitter, etc.).
    A. I include my birthdate in my profile; but I do not put any other personal information in my profile.
    B. I put my birthdate and one or two other personal information items (e.g. email address, address, phone number, etc.) in my profile.
    C. I include all personal information requested in my profile.
    D. I do not include any of my personal information, beyond my name, in my profile.
    6. Digital Communications. Check the one action below that *most closely* matches what you do when getting a link within emails, texts, other types of digital messages.
    A. I only click links in messages from people I know, businesses, organizations, or government agencies, but not others.
    B. I will click links in messages from my friends and co-workers, but not others.
    C. I rarely click links in digital messages. When I do, I first check to see if they are safe.
    D. I click any link that looks interesting.
Section 3: Consistent Habits
  • 7. Data Disposal. Check the one action that *most closely* matches what you do when getting rid of (selling, putting in trash, donating, etc.) digital storage and computing devices.
    A. I irreversibly remove all data from computing devices, smartphones, and storage devices, or physically destroy them.
    B. I do not remove data from storage and computing devices that I get rid of.
    C. I think I have removed data once or twice from computing devices that I got rid of, but I do not typically remove data.
    D. I remove data from computing devices I sell or donate them, but do not remove data in other situations when I stop using or dispose of them.
    8. Backups. Check the one action that *most closely* matches your data backup activities.
    A. I have never made a backup in my life, well maybe once, but I have not made any in a long time.
    B. I make full backups of my smartphones and computing devices. I back up my critical, financial, photos/videos, and work files frequently. I store backups in a drive not connected to my computing devices (except for when I am actually make the backup or restoring a file).
    C. I make full backups of my smartphones, computing devices and critical files every month or two. I try to make a backup of important files when updating them. I store backups in a drive not connected to my computing device (except for when I am actually make the backup or restoring a file).
    D. I make backups of my important files, photos, videos around 1 - 3 times a year. I store backups in a storage drive that is always connected to my computing device.
    9. Encryption. Check the one action that *most closely* matches how you use encryption.
    A. It is hit-or-miss for how I use encryption. If I give an online site personal information and it uses encryption, then I consider it encrypted. I occasionally encrypt some of my own files, such as photos and videos. I have used encryption a few times for email. I do not take time to read privacy notices to see if the provider uses encryption, but I sometimes notice if they have HTTPS in their web address.
    B. What does encryption mean? I am not sure if I use encryption or not.
    C. I strongly encrypt my data in storage, and my data in transit (being sent through email or through the Internet). I look to see if HTTPS / SSL is used for online sites where I submit personal and other sensitive information. I do not take time to read privacy notices, though.
    D. I strongly encrypt data in storage, data in transit (being sent through email or through the Internet), and I ensure all online sites where I submit personal and other sensitive information is encrypting my data at collection, as well as in transit and in storage, by reviewing privacy notices.
Final Step: Please enter your name & email so we can let you know when we have more helpful information security and privacy tools available for you to use.
  • Contact Name  (Optional,but we use this to personalize your printable report)
  • Email (Required to send you notices when we have more tools for you to use.)

REMINDER: By taking this evaluation you are agreeing to not re-post this evaluation, or similar versions of it, to any other business sites to be re-used there without explicit written permission, and you are also giving permission to send the results to your email address, which I will provide at the end, and to incorporate my answers into generic, bulk summary results. Exit now if you do not want to agree with this.