Taylor Lorenz’s Power User - How To Become Invisible Online (Delete Your Digital Footprint and Protect Your Privacy Forever)
Episode Date: September 29, 2025Visit https://joindeleteme.com/Taylor20 and use code Taylor20 for 20% off and protect yourself today! SUPPORT ME ON PATREON: https://www.patreon.com/c/taylorlorenzAds are following us everywhere, data... brokers and hackers are stealing our info, social media companies and AI are hoovering up our data. It can all feel SO overwhelming. In this final installment of my data broker series, I sat down with two of the top security experts on YouTube, John Hammond and Josh from All Things Secured, to break down how vulnerable you might be and what practical things you can do to protect your information online. If you like this video, please support me on Patreon!! https://www.patreon.com/c/taylorlorenzFollow me:https://www.instagram.com/taylorlorenz https://www.instagram.com/taylorlorenz3.0 https://www.tiktok.com/@taylorlorenz
Transcript
Discussion (0)
I don't ever remember giving them a facial scan,
and yet I stood in front of a camera,
and then a green light came on and said,
you're clear to go, and I walked through.
We may not have that privacy by default.
Like, that's gonna probably go away.
Hi, everyone.
Welcome to part three of my series on Databrookers.
The past two episodes of my series,
I've dug into kind of how data brokers work,
what they can do with your info, why they're so dangerous.
And the number one comment that I've gotten is like,
okay, how can I protect myself?
You're constantly telling me all this terrible information,
What do I do with it? How can I even protect myself?
So I spoke to two of the top security experts on the internet.
They're both amazing content creators.
John Hammond is a long-time security expert and consultant, and Josh is the founder of all things secured.
They're both amazing YouTubers, and I think you should really check out their channels as well,
where they have tons of privacy tips and more.
But today we're going to break down how you can protect yourself in a safe and sustainable way
from data brokers, hackers, any of the many threats that I'm constantly covering on this channel.
Also, I filmed this video over the course of a month in several different locations.
So just ignore the fact that my outfit is sort of constantly changing throughout.
Welcome to the podcast.
Thank you for having me, Taylor.
Hey there, Taylor.
Thanks so much for letting me join you.
To start things off, can you explain why the average person should care about what information
is out there about themselves online?
Because I hear a lot of people that say, well, I don't have anything to hide.
Well, I think it's funny.
You know, all of us tend to have whatever computer in their pocket,
hey, whatever cell phone or whatever digital device that is pretty well interconnected to the whole
wide world.
And with that, the whole worldwide web.
So you've got, oh, all these websites, all these online shops, online stores or things that
really they want to sell to you because that's kind of their, that's their whole schick, right?
So your info, your information, your data, what your interests are, what you like to do,
your passions, all those things, even if you don't consider them secret or,
oh, it's nothing to hide, well, it could still be something not to say used against you for
right or wrong reasons, but it's still floating around out there without a doubt.
And it's a natural response from a lot of people.
And I remember Edward Snowden once said, you don't just take away free speech just because
you don't have anything to say right at that moment.
And I think it's a very similar idea here with privacy, where you don't want to give up your
privacy just because right now you don't think you have anything to hide.
Because once that's given up, it's almost impossible to claw all that back.
I remember back in the days when MySpace and like the internet was was very young and people started throwing anything and everything about their personal lives on MySpace and Facebook not realizing what they had done.
And now that that information was out there, it was it's really hard to pull that back.
And whether it's companies, whether it's businesses, whether, I don't know, we get spooky, scary government, I don't know, it's still something that could be a risk or a concern.
Maybe someone will raise their eyebrow when they think, oh, I didn't expect.
that info to be that public.
And where is this data being collected?
You mentioned websites.
And I think a lot of people feel safe on their Apple devices.
They think, well, Apple is such a security-focused company.
It's so focused on privacy.
So, you know, I've seen people that might be a little bit more cavalier on their phone
than the stuff that they would access on, like, their computer.
Yeah, where is stuff being collected?
Is it happening as often on your phone, is your laptop?
Like, where are they harvesting all of our information from?
To be honest, short answer is yes.
kind of the asterisk, you know, sort of answer E, all of the above, really whenever you get a chance
to interact with probably sites that you're most used to, again, whether it's social media or online
shopping, like, sure, we could pull Amazon or pull Facebook or whatever example we kind of want
to pull out of the sky. Again, that's all to, hey, really open the door so they could use that
information to give you more content or more ads in some cases or more material that is tailored
and purpose built for you. And with that, they will share that around, sell it with other vendors,
with other websites, with other orgs that will then do the same thing. So you get to a point where
your info and your data is sort of a kind of currency. Well, it's definitely a currency for these
companies that pay top dollar for it. What is some of the most valuable data? Yeah, and I don't mean
for this to get too spooky, right? But obviously, geolocation data is valuable because, oh,
Hey, let's look at offerings.
Let's look at things.
Let's find the info that's pertinent to you in your area where you live, where you have the vicinity
to, oh, make a purchase and explore and interact with something.
And with that especially, contact info, whether it's your email, whatever, whether it's your phone
number, that could be maybe annoying if you keep getting phone calls here and there.
But stuff that really makes up you, that your metadata is still an attractive thing.
It's hard to say, oh, what's the number one?
what's the top spot for the best data to get?
Truth be told, hey, you want to cast a wide net?
Let's try to soak up as much info as you can.
I actually went on a little fishing expedition myself once where I just decided, hey, this,
you know, famous person that I know, I wonder if, and I'm not going to name the person,
but I wonder if I could figure out exactly where they live in their phone number.
Like, how easy would that be?
The surprising answer is, like, it wasn't through him.
It was actually through his wife.
I was able to find his wife, get her cell phone number, and therefore,
get her address, which of course is connected with her husband, who is, you know, a famous personality
online. And it's just surprisingly easy to, you know, all that type of information. So whether it's
stuff like your phone number, your address, who you're related to, data brokers get a lot of
information from court documents and from various places like that. So there can be a lot of different
things that are part of your data profile that you don't necessarily want to have as part of your
data profile that's out there.
And then thanks to stuff like data breaches,
there is even information such as logins and passwords
that are out there.
So even if you don't think you've been breached in any way,
chances are statistics show that more than likely
your information is out there in some way, shape, or form.
I feel like also it's so hard not to give geolocation data
at this point.
It's kind of like in everything.
When you look at sort of like a daily person's
like internet use and how they're navigating the technology in their lives.
Where do you see the most exposure? Where are the places in our lives that are
harvesting the most data? Because I feel like not only are we using cell phones and
laptops, but a lot of us also have like smart devices that collect data or you know
like refrigerators and even I guess washing machines have screens on them now.
It seems like everything is is kind of like harvesting information about us.
Everybody has their own risk profile. Like what is it that you're
protecting against and what is it that you're most worried about. So for me, I had the choice.
I remember of replacing my garage door opener and one was just a, you know, a radio garage door
opener and one was the Wi-Fi where I could literally be across the world on my phone
and open my garage door. And I just personally wasn't comfortable with that. Now, I don't judge
you, Taylor, if you decided that you wanted a Wi-Fi-enabled garage door opener on yours,
but my risk profile and what I was comfortable with, just that wasn't it.
And I think that's one of the things that we all have to kind of take into account for ourselves is what are you worried about?
And then does this cross a line for you?
So for me, I don't have an Amazon Alexa listening to me at all times.
I have a camera, but it's on the outside of the house.
I wouldn't want to put like a ring or anything like that inside of my house.
And when it comes to the internet of things, these devices, these smart refrigerators, smart TVs.
I mean, eventually it's going to be hard to avoid it.
let's just be honest but there are steps that you can take so you know for example i have a a little
camera cover for my my phone and my computer that i can easily just cover up that camera because i don't
want that always on me always looking at everything that i do and then you know if there are other
things that that i can control within my home environment i want to make sure that i've got as much
privacy in my home as i possibly can but i think the foundational answer here for me
is it's really a subjective answer that it depends on every single person that's going to be a little bit different for everyone.
Yeah. And I don't mean to be as, I don't know, doom and gloom, right?
No, let's be doom and gloom and scare people because I think people need to care about this.
Look, I guess it boils down to where you have an account. And I know that kind of blows the doors off because like, well, you have an account for everything.
And I don't mean, again, yeah, just all the website stuff, I don't mean to be beating a dead horse.
but think a lot about, hey, stuff that ties to your identity for just how you live and operate in the world.
So if we're putting in, okay, one entity, one player in our cast of characters here,
data brokers are the ones that do most often this work of buying and selling and collecting that info.
But they might source info not always from the Facebook or Amazon or whatever equivalent we were chatting about.
Keep in mind, there are also so many public records that just have to be,
out and about, whether that's your property that you own or your DMV info for your car,
your vehicle registration, et cetera, et cetera. Commercial sources, right, third party trackers,
a lot of those things that, again, boil down to, oh, apps selling that info, et cetera.
You don't always think about how many of those different outlets there are, but there are a lot.
So there is risk there without a doubt, but you really have to make the call. Is it a risk for you?
There are a lot of different data brokers, like most internet companies have turned into data brokers.
But then you have like this niche industry that started with like the yellow pages.
Taylor, do you remember like did you ever have like the yellow pages in your house?
When I was a kid, we had the phone books.
Yeah, like I vaguely remember having that like physical thing, which I guess had everyone's
phone numbers in it.
It did. It had everyone's phone numbers and sometimes even their addresses in addition if it
was a local phone book.
Like it would have the address of the person, like if it was a neighborhood phone book or a citywide
phone book, like it depended on the phone book.
But the difference there is that this was pre-internet and it was very localized.
The industry has been around for a long time.
The problem is the internet has allowed that industry to gather and spread that information
to every corner of the world.
Well, also, I mean, I feel like our data is also collected by nefarious means, right?
I mean, whether it's like a spammy app or like hacking.
And so I want to kind of like dig into some of the means.
maybe the more creative ways that you've covered, that people will harvest data or get into people's
accounts.
Well, let me do a quick crash course, if I may.
I'll admit I'm kind of a nerd.
I'm a little bit of a geek.
I like to do a whole lot of that cybersecurity research.
So for my day job, for stuff that I tend to chase, it's looking at malware.
It's trying to chase hackers.
So you get to the easy, I don't know, conclusion.
Oh, you're talking about like fishing emails and things that will lure or trick or deceive a victim to enter their password or
a lot of their info. I know that's one aspect, but there's this thing that us nerds and geeks
tend to chat about a lot, really, because it's kind of running rampant. Are these things called
like Info Steeler malware? And it does exactly what the name suggests. Or, hey, it's something
that runs on your computer or on your phone after you've fallen for some scheme or scam or ploy.
That's kind of going to be, hey, digging along in the dumpster, trying to track down what are all
the corners and crevices of this computer or this device where we can find, sure, passwords,
but even the other things that you might have saved or cash, like the auto fill info
for your address, like if you're making a purchase online or your banking info or your
credit card info or anything that you might have saved, like, oh, cookie information for websites,
you visit sessions that you browse and your web browser. And they collect even more than that.
Hey, can we get your IP address? Can we see the size of your screen?
We know what operating system, even what antivirus software you're running.
They'll try to collect, just as we're talking about, as much info as they can.
Well, I feel like all of us, at least like millennials and younger, are aware that you can get viruses through like MP3s, I guess, because we downloaded a lot of like Napster.
I don't know.
I probably downloaded so many viruses to my computer back in the line wire days.
Exactly.
But I mean, they can sort of travel through any file, right?
Yeah.
There are, of course, pockets where things aren't quite as easily weaponized, I guess,
is the word that I'll use, but some that you can kind of bundle together.
You mix and match and you make something that is unexpected, really esoteric.
And those are always the tricks that hackers and malware developers have up their sleeve.
Well, I want to talk about, like, who's buying the data, actually?
And I'm curious, like, how much insight you have into that.
Like, who are these companies that are buying it?
Because I think, obviously, we know advertiser.
And everybody is familiar with the concept of like a targeted ad.
And they've, you know, somehow got a hold of your data and they're selling you something on Instagram.
But are there any kind of other people buying data that people might be surprised by?
I mean, I think that, one, anybody can go on and buy it.
Like, I can go on to whitepages.com and see if I could find Taylor Lorenz and buy your information that would potentially include past addresses.
Now, I believe that you've had your scrubbed.
But, like, if that was the case, then you could buy that.
Just a regular person could do that.
Yes, advertisers, most of the time we think about that from the perspective of just like
companies online that are trying to, you know, advertise to you through Facebook or Google.
But really, even the things that you get in like the mail, the junk mail that you get,
that is usually somebody going to a data broker and saying, hey, I want to get the addresses for everybody in this zip code
that has bought a car in the past year and is between the ages of 40 and 60 years old.
They can narrow down all of those filters and buy a list off of these data brokers.
Now, there might be plenty of other types of people that are buying these, this data, but
I'm not exactly sure who that would be.
But I know that there's plenty to keep a lot of these data brokers in business.
Can you talk to a little bit about like cookies and what that means?
Because I feel like increasingly we're seeing, and maybe this is because of GDPR and other
sort of tech legislation abroad, because we're certainly not cracking down on data privacy
here, I think.
But you see this like prompt to accept cookies.
What does that mean?
Say when you were to visit a website or you're to go online, maybe you're going to Amazon,
you wanted to purchase whatever item, some online shopping.
So hey, you'll try to log in.
You'll sign in to your account.
Say you are who you say you are because you're at this address and you want all the mail
and the packages delivered to you.
Well, it's like you're kind of walking up to this website.
You're wearing like a hi, my name is name tag.
But every time you try to load.
a page or click next to see another listing of items, the website still needs to keep track of
who you are.
So that's why you're wearing that, hello, my name is name tag, right?
It keeps track of your identity and your account and your session.
So you can think of that name tag as a cookie, right?
No, it sounds weird, but those are the nerd and geek techno babble to use that idea and concept.
So if any hacker or Fred actor could kind of get their hands on those cookies,
or that name tag, they get to impersonate you.
They don't even need your password or your two-factor authentication because, hey, you're wearing
the name tag.
The websites trust that you are who you say you are because it says that.
So that is really where you get to the concern of the cookies.
Back to your question, and I'm sorry if I'm rambling, but I know you're asking about the GDPR
aspect of this and sort of the consent that now you have to click on for just about
every website. Well, look, they're kind of asking, hey, are you willing to wear this name tag?
I know we're putting this on you. I know we're putting this on your person.
You slap it on your clothes and this analogy here. That means it's stored on your device,
like on your computer or on your phone, which is why a lot of info stealer malware can steal it.
But because it's that transactional, oh, we're going to put this on you, do we have your
permission? Can we do that? So you always have to click, I agree or reject. And that's the
cookie consent banner for sure.
I feel like you can never click reject because then it just won't let you in the website.
You can't do your online shopping.
I feel like another big concern in terms of like privacy.
How does somebody know how much information about themselves is out there?
Because I feel like at this point, we all assume that some level of information is out there.
And I feel like when the government tries to do things like ban TikTok, you know, because they're saying data privacy.
Everyone's like, give me a break.
Like everyone has our data.
China has our data.
Facebook has our data.
Any company in the world has our data.
But I feel like I don't know.
Maybe that's a little nihilistic.
Like is there any data that they might not?
not have, like, how can we get a sense of how exposed we are?
Well, this maybe sounds a little too easy, but I think it is just kind of scratching the
surface.
It's kind of the tip of the iceberg.
But really, genuinely, try to Google yourself, like, research your name.
Look up, okay, what's the easiest first, like, low-hanging fruit?
What does anyone just trying to do some research and investigate me?
Just have readily available.
What info is out there?
If you go and look up yourself and maybe even your address or your phone number,
in Google, you might find some of these data brokers
that have your information.
The reality is there isn't like this tool
that I know of at least that can go and just tell you,
okay, here's where all of your information is found.
Like it is constantly being, you know,
like there are new data brokers
and new places where your data is being found
or is being updated and put on these databases,
but like for us to be able to go in and look for it,
like we've gotta be able to see it
from the perspective of where you're not logged in
your computer. There's a cool resource I did want to share with some of you. I think it was
Just Delete Me.xyZ. That's one of those opportunities where you could try to remove your account
from all of the sites that are tracking you based off your accounts. All those things with the footprint
could still be there. What about using incognito mode? Like, does that do anything?
Yes and no. When you use incognito mode or private browsing from your web browser,
whatever they call it. It just means that the web browser, like that program, can't store any more
information on your computer. So they can't put the name tag on you for hi, my name is. But, hey,
you're still trying to go reach out to websites. So you are asking for some external server way out there
on the internet to give you a website. So your traffic still has to funnel through and talk to like
your internet service provider, phone carrier scenarios, et cetera. So you're not anonymous. I feel like it's
the more data you can not put out there, the better.
I mean, I also think of political campaigns and messaging like that.
We saw so much of this around the election where people were like,
how am I getting all of this stuff or why am I getting all of this stuff?
That's a great point.
I totally forgot about that one.
I mean, political campaigns are a gold mine.
I mean, they are buying those type of lists left and right.
I feel like we think of Apple as a privacy-focused company,
but, you know, are there any efforts to push these companies to be a little bit more accountable
in terms of the way they collect our data?
Yes and no, but probably a little bit of a bigger yes than there is no.
Because without a doubt, hey, we, I don't know, you might know, be familiar with a lot of alternatives that try to make sure and say, look, we're privacy first, we're security minded, we want to make sure that you stay as safe and secure as you can be.
Delete me as one of those services that would help with data broker takedowns.
Others that are familiar in that realm, I think, are aura and incogni.
Some folks that I'm really having some fun getting to know are these folks over at a company called K.
but they do like a privacy focused mobile carrier,
like your cell phone provider like AT&T or Verizon,
hey, they want to make sure we can make still
that secure and privacy focus anonymity, et cetera.
Oh, that's so interesting.
Yeah, Cape is really cool.
We give them some love for sure.
Yeah, so like if I have a different mobile service provider like AT&T or something,
is that, I mean, are they collecting my data too?
I guess I can't say not speaking at from AT&T.
Actually, I mean, now that you say that too,
I kind of remember when like, I think it was Verizon maybe got hacked or like tons of location data came out.
So maybe that was a dumb, dumb question because of course they're tracking.
Everything that can be tracked will be tracked.
I want to get more into like how people can use it.
Because I mean, you mentioned like the commercial uses of it.
Like I understand people target you for advertising and that's annoying.
But I just feel like to people like the stakes feel kind of low.
What else would you tell people that are just like, okay, I get it.
Yeah, I should be more careful with my data.
Who cares really? Like, who cares? Because they're going to have it anyway. And so I'll get a few more ads than I would otherwise. Or maybe my ads are actually more relevant. So I really don't care. In my opinion, and maybe this is bad, maybe some folks will agree or disagree. But I try to take that problem away from just me, like as John. It's pretty easy, yeah, for me to scoff and claim apathy. But I've got a wife. You know, some folks have kids. Some folks have a family or maybe people or property or assets that they just really care of. And they know.
know that this is going to be something for the future. And you want to make sure that that is safe,
that they are safe. When it comes to privacy security, we often just focus on ourselves, on our own
personal data, on our logins, setting up password managers, setting up all this stuff. It is almost
just as important, if not more important, to make sure that your spouse is also covered and
set up or my parents, right? I don't want my parents to call me and say, hey, sorry, we're
We have to let you know that we just got cleaned out of our accounts because we got
scammed.
One of the things that is kind of like this unwritten rule that I have with my mom is she is
allowed to email or forward me anything that she gets with the question, is this real or is
this spam?
And I will never make fun of her for it because I don't want her to feel stupid.
I want her to know that I'm a safe person to ask and that I will give her honest feedback
and helpful feedback on a lot of the stuff.
So I've set them up with password managers.
I'm basically on call with my parents
when it comes to those type of, you know,
scam messages that they get.
That's why I tried to, hey, level up my own Opsack
and operational security to keep that privacy,
keep that data out and off the internet,
because like I want to protect the people around me.
Well, yeah, and I feel like identity theft
is such a major risk.
I mean, there always is that risk of identity theft.
Have you ever had a family member that's, you know, had their identity stolen?
No, but I've interviewed people that have had their identity stolen and it seems insane and like a nightmare.
And it's one of the things that made me realize, like, that I should take privacy more seriously online.
And I think people that haven't had their lives, like, ruined by that type of stuff, like, might not understand how intensely people can get your information and just, like, wreak havoc on your finances or your credit or just all these other things.
I, it's really hard to express that, the severity, the gravity of that until you've had that
firsthand experience.
But then it's too late.
So tough battle to fight.
It really is a nightmare to have your identity stolen.
And it's just like this weird feeling of having to prove that you're not, this deadbeat,
haven't paid their debts, you know, like all of these things.
So when it comes to thinking through, how do I make myself the least real real,
for any type of identity theft.
And there are a few things that I usually tell people.
And thankfully, they're not incredibly hard to do.
The very first one is freezing your credit.
Most people that I know haven't frozen their credit.
And it's somewhat simple and thankfully free to do.
So you go into the three major credit bureaus
if you're in the US.
There are other credit bureaus around the world
that are starting to pop up as well.
And you can go in and say, hey, I want to freeze my credit,
which means that if anybody, including yourself,
tries to open up a lot of you,
open up a line of credit, a loan, or even does an identity check through one of these credit
bureaus, they're going to be denied immediately. And so, you know, I was telling you that I was
trying to get a loan for an investment property, in order for me to be able to get that loan,
I had to log in to Experian and thaw that credit freeze. I was able to actually schedule that
thaw. So I started it then. I said, in four days, I want you to, you know, bring the freeze back
into effect and then I emailed the bank and said okay my credit has been thawed you can do the credit
check and do everything that you need to do it'll be available for the next four days so it's not something
that you can't reverse but it is a very easy thing to set up the the next thing that I would make
sure that I do when it comes to reducing the risk of identity theft is to start implementing
what I would call virtual pieces of personal information so in other words
I told you again going back to that story of me in the bank the reason why I can show you that list of all of the
spam text is because I didn't give them the phone number that actually rings my phone I gave them my
virtual phone number it's a secondary phone number that I purchased and it just sits there and it's
the phone number that I give out whenever a loyalty program asks for my phone number whenever
you know anybody other than basically my family or the government asks for my phone number
they get this virtual phone number. Same with my address. I've actually gone so far as to have
purchase a virtual address. It's kind of like a PO box in a way. And I can give that address out
and I receive the mail. So it's not like I don't receive the mail, but now I'm not exposing my home
address. And you can do the same even with credit cards. There are masked credit cards where you can
use a different number than your actual credit card. So all of these are just ways that I can
control my information and give you the information that you need without necessarily giving away
all of my personal information.
So again, one of the ways to reduce the risk of identity theft is to not necessarily give
away every piece of your identity when you're doing all of these things that we are required
to do now online, writing in our names and our addresses and our phone numbers, there are ways
that you can use secondary information in those places.
is brought to you by Delete Me.
As a high-profile journalist dealing with stalking,
death threats, harassment, and more,
I know how crucial it is to protect your privacy online.
Unfortunately, no matter how careful you are,
data brokers will collect and sell your personal information
to anyone willing to pay for it.
This includes your name, address, phone number, and more.
When someone buys your data through a broker,
they don't just see you.
They see your spouse, your parents, your loved ones,
anyone you're connected to.
Removing this information off the internet
helps keep you safe from things like,
identity theft and stalking.
But how do you remove your information from the web when there are thousands of data brokers?
Delete Me is a subscription service that will automatically remove your personal information being sold online.
It's been an absolute game changer for me as somebody that values privacy.
Delete Me scours the internet for your information and handles takedown requests.
They provide regular privacy reports so you can see how much data they found on you, where it was found, and where it was removed.
You can even make custom removal requests.
Their family plans are especially crucial because when your time,
targeted, your loved ones usually are too. Get 20% off DeleteMe Consumer Plans when you go to
JoinDeletMe.com slash Taylor20 and use promo code Taylor 20 at checkout. That's join
deleteme.com slash Taylor 20 and use code Taylor 20 at checkout. Don't wait until it's too late
to safeguard your privacy. Make sure your data and your families stays protected. You know, I think
most people when they think of privacy, they think of changing their passwords. How much does changing
your password make a difference? Like if all of this data is being collected on you and you're sort of at
risk so much, is it really worth it to spend that extra time and use a password manager and
try to take those steps? So yes, a thousand percent absolutely hands down without a doubt.
I'm very glad, hey, I can get a concrete answer for this. Passroom managers without a doubt,
because I know we were talking about some of that info stealer malware, well, if it's tracking down
those passwords, keep in mind that's a snapshot in time. So if that info gets put out and about
on the spooky, scary dark web
or info sold, changed hands, whatever.
If you change your password, well, okay,
there's at least another barrier
and something that can prevent and protect that.
That's why we keep screaming and shouting
about multi-factor authentication
and long, secure, complex passwords
and using a password manager.
I personally am a huge fan of Proton.
They're another, hey, kind of privacy forward
or a privacy first company and spot
that really, really wants to make sure
you're anonymity and secure. They offer the password manager, along with even generating like
aliases or sort of fake email addresses so that they'll all be pointed and redirected back to you.
That way, you don't have one singular email address. You can make one off the cuff in the moment
for any specific account or service. And just keep giving yourself more layers to protect your
real identity. I'm curious about AI, because I feel like, you know, we're all familiar with kind of like
browsers and Google and sort of like traditional, I guess, like things that you do online.
But now the world is moving more towards AI. People are using these AI agents and chat bots and
things like that. So can you talk a little bit about kind of like data privacy in the world of
AI and like what you're seeing? Well, first off, I'll start by saying that I am still like trying to
process the information that I'm learning about all of this because it's constantly evolving. And it is
really hard. I sat in the room with about 40 other really, really smart people who were talking about
all of the ways that they were using AI. They weren't coming from a privacy standpoint, but they were
talking about all the ways that they were using AI within their business. And it was almost
overwhelming to me just because it's like, wow, this wave is so big. And I know I haven't been
able to figure out where privacy kind of stands and all of that. And I haven't really seen or
found anybody who has got it figured out. I think what we do know is that these AI, these large
language models, these these things that are just consuming information and doing a lot of great
things, it is us like providing a lot of this information, right? And frankly, I don't even know
how I would stop providing some of that information, right? It's just really hard to even think about.
Yeah, I know. I was thinking of this recently because I was using one of these like chat tools for
work and like looking, you know, I cover chat GPT and some other things. And I'm, I've gotten so
nervous about what I put in it because I feel like I'm aware of things like when I Google it,
but you end up having like these conversations. And I think people end up revealing a lot more
data than they probably would in a simple Google search, you know. But on the flip side of that,
if you are worried about some of the things that you're sharing, there are private ways to
access AI. So for example, there's one that I know of called hoodie.aI, which allows you to use
those AI models, the big ones like Gemini or Lama or chat GPT, but do so without having it logged in
and tied in to your account. So if there are things that you're searching for that you're a little
bit concerned about, then that's a way that you could do it without necessarily tying it to your
identity. Another thing, and I think this is something that most people don't think about, especially
when we're dealing with AI. There are new scams coming out where you are
will get a phone call and it sounds like your mom or it sounds like your spouse and they're asking for
money they're in some kind of troubled situation and there are probably a handful of different ways that
you could find out whether or not that is a real phone call or not but one of the easiest ways and
this is what I've set up with my parents with my wife and with my kids is we have a safe word a
code word and this is the word that no AI is going to know it's just if if a
somebody calls me if my wife calls me and she says I am in trouble I need you to
give me money right now and say hey what's our code word she can say it okay all
all right well then I know that this is a legitimate concern this isn't something
I need to be worried about but getting all of this set up for your family members
particularly your spouse your kids and your parents can be so important because
often we don't realize how much their privacy and security affects us not to
mention the fact we just don't want our friends and our family to get, you know, hit with identity
theft or hit with any of these privacy concerns as well. For people that have kids, how would
you recommend talking to them about privacy and security online? Well, I really think, hey, if you can
start early, as early as you can, that's the best thing first, first and foremost. But I try to
impress those very same, and I know it sounds boring, right, but like the security privacy,
basics. It is that
use a pastor manager, it is that
two-factor authentication,
it is that, oh, don't enter
your info or it doesn't need to go,
et cetera, et cetera. It's just really having
that kind of skeptic mindset and
mentality and just being vigilant. Like,
you don't always trust everything out on the
internet and make sure that still
rings true as frequently and as often
as it can. Another thing that I'm curious
about is biometric data, because this is
another thing that I feel like people are giving
a lot more of online. We're
seeing a lot more like facial recognition or, you know, even I think to get into the Dodgers
Stadium, they're putting like the face scanning thing or you can pay with your palm now at Whole Foods.
So how much of people sort of like biometric data should they be worried about? Like, is this a new
sort of frontier of data collection that we're being, I guess, like, acclimated to?
It is weird. The fact that our biometric data has become such a critical part of how we do
certain things, whether it's logging in or even paying for something. And there are ways in which
we don't even realize that. So there was, did you ever do the 23 and me or see about those,
those DNA testing kits that they had? I saw those. I never did it. A lot of people did that.
Millions of people did that. And suddenly, earlier this year, I think it was, 23 and me went bankrupt.
And now suddenly they're trying to sell all of their assets, which includes the biometrical
for millions and millions of people who don't necessarily have a choice of whether that gets sold.
So, I mean, again, going back to your original question, privacy doesn't seem like something
you really need until you really need it, and then it's too late, right?
So that being said, I was going through TSA check, going through, you know, an airport the other day.
I have global entry, and so what that means is I'm cleared to be able to go through customs
pretty quickly when I enter into the USA as a US citizen.
And I did a lot in order to get that.
I had to do background checks.
I did do all this stuff.
I don't ever remember giving them a facial scan.
And yet, as I walked through, all I did,
I did not give them my ticket, I did not give them my passport.
I stood in front of a camera.
It gave me about one second, and then a green light came on
and said, you're clear to go.
And I walked through, and it was like,
what just happened?
That is kind of a...
I mean, yes, very convenient, very nice, but I don't remember giving permission to have my
biometric data.
And I think when it comes to stuff like the government, we may not have that permission
base or, you know, like privacy by default, like that's going to probably go away.
When it comes to private companies, like I think you mentioned, you know, a grocery store
chain or something else where you could use your biometrics, I would be a lot more hesitant
to do something like that.
Like personally, I'm happy using my face ID
or my fingerprint back when that was a thing
to open your phone.
But mostly because I trust,
and hopefully this is well-grounded trust,
but I trust when Apple says,
or when Google says,
that your biometric data stays on the device.
It doesn't get uploaded to their servers.
So any time that that check happens,
that face ID check,
it is being done on the device itself.
It's not being sent anything to Apple.
servers. So I'm a little more okay with doing it on my personal device, but you're right to be worried
about like, hey, how much of this biometric data is safe to give out? I would say as little as you
possibly can, especially when we're dealing with private companies. Yeah, I think it is this constant
tradeoff between convenience and privacy. Because, I mean, you mentioned the TSA and I try to opt out of that
face scanning thing because it stresses me. I just don't like having my face scanned in the airport
anyway. But, you know, it is convenient. And especially I could imagine at a sporting event,
right, if the option is to wait in line and scan your ticket or just be able to walk through
and scan your face, you want to get to your seat, you know, like you're going to make these
little tradeoffs that you don't think about until, like you said, a company goes bankrupt or
that information is increasingly, too, as we've seen with like some of the immigration crackdowns
here in the U.S., like they're using private data to try to determine where people are or
like really in relation to like for immigration reasons or things, you know, like it seems kind of like
liability. I feel like we've talked about so many different topics, you know, in this conversation,
but if there is one thing that you want people to take away regarding data privacy and cybersecurity,
what is that one takeaway you want people to have? I would really, really encourage folks to sort of
take inventory. And I don't know if that sounds weird, but like when I said it, and I really mean it,
Try and Google yourself.
And I know that's just scratching the surface.
I know that's just a tip of the iceberg, but see what you find, see what's out there.
And then think about, oh, some of the other services or websites or apps that you use.
Maybe look at the attack surface, so to speak, on your phone, on your computer.
Make a list, take inventory of where is your digital fingerprint and then try to contain that.
So later on down the line, if there is, I don't know, something hits the fan, hey, you limit the blast radius the best you can.
can. Thank you so much for joining me today. Where can people continue to follow your work?
Yeah, well, I have a weekly newsletter that I put out. This is at all things secured.com
slash newsletter or one of my favorite places is on YouTube where you can find me at All Things
Secured. Well, hey, Taylor, this is a sweet treat. Thank you so much. I'm a big fan of your work and
it was really an honor for you to reach out and for us to get a chance to chat. But look, if anyone
wanted to tune into what I'm up to, look, I've got all the silly YouTube content, social media,
online stuff. YouTube is kind of the main platform for me, but Twitter, X, LinkedIn. You could track me down
just my name, John Hammond, and you'll see my ugly mug, stupid red hair, and you'll find me there.
Awesome. Thanks so much for joining. Thanks again to delete me for sponsoring this video. To get your data
removed from the internet, check out join deleteme.com and use code Taylor 20 at checkout for 20% off.
All right, that's it for this video. Please hit the Patreon link below to support my work,
or you can buy a paid subscription to my substack newsletter, UserMag. That's usermag.com.
usermag.co or the Patreon link below.
Every single dollar helps.
I'll be back later this week with even more content.
Thanks so much for watching.