This week should be both interesting and informative! We will talk about online privacy, safety, bullying and consent.

Learning Objectives:

  • Be able to explain the concept of digital footprints, and be able to identify what your current personal digital footprint looks like.
  • Describe what Orange Shirt Day is and why it is important.
  • Identify the key practical issues around online privacy, safety, bullying, and consent as a future K-12 teacher.

Pre-class Activities:

Citizenship Online

Decorative

Read the BC provincial government’s Online safety document. Please make sure to click on the “Expand All” button for each section of the document so that you can see all the tips and suggestions. After you finish reading the document please ask yourself:

  • What can you do as a teacher if you become aware of a student being bullied on social media?
  • Why should you avoid interacting with your students on social media unless it’s directly related to school work?
  • How can we help our learners manage their digital footprints?

Class Time:

Citizenship Online: Privacy, Safety, Bullying, & Consent

Watch the Common Sense Media’s Digital Footprint video (2 min):

Discussion: What can we do to model good digital citizenship or digital hygiene?

Is My Phone Listening to Me? How Data Brokers Sell Your Digital Footprint & How to Stop It

Has this happened to you or someone you know? Your friend mentions that you should take a trip to the south pole, and an hour later, there it is, a “sponsored” post on your feed… And you didn’t Google anything about the South Pole. So what’s happening here? Is your phone listening to you?

The Short answer is No. While it feels like your phone must be eavesdropping, the reality is often more complex (and arguably more impressive) than simple audio recording. Here is the “behind the scenes” look at the digital trail that creates that uncanny “listening” effect.

Browser Fingerprinting

This is a more advanced way to identify you across the web. Some websites (like Facebook) collects a unique “snapshot” of your settings:

  • Your screen resolution and battery level.
  • Installed fonts and browser version.
  • Your exact time zone and hardware specifications.

When combined, these traits create a signature so unique that companies can recognize you even if you clear your cookies or use “Incognito” mode. This allows them to link your “South Pole” research on a laptop to the Instagram app on your phone.

Data Brokers

Decorative.
Created with Gemini 3.1

Data brokers are companies that exist solely to buy, aggregate, and sell your information. They pull data from thousands of sources including websites you go to both when you’re logged in (FB) and sites you browse using Browser Fingerprinting.

When you or your friend talked about the South Pole, you’ve likely already left clues. Maybe you looked at a weather app for Antarctica, or your friend, who is connected to you on social media, searched for “winter parkas.” Data brokers connect these dots and sell the “prediction” to advertisers.

Lookalike Modeling

Decorative
Created with Gemini 3.1

This is the most common reason for the “listening” illusion. Algorithms know your social graph, the people you spend time with.

  • Location Data: If your phone and your friend’s phone are in the same living room for two hours, the algorithm knows you are interacting.
  • The Chain Reaction: If your friend goes home and searches for “South Pole flights,” the system assumes you might be interested in the same thing because you were just together. It serves you the ad based on their search.

Myth vs Reality Summary…

The MythThe Reality
“My phone is recording my voice.”Constant audio streaming would drain your battery and use massive amounts of data, both of which are easily detectable.
“They knew what I was thinking.”They knew what your friends were searching for and where you were standing.
“I never searched for this!”You didn’t, but you might have bought a related item (like thermal socks) or followed a travel influencer.

What Can we do?

We can significantly disrupt the “surveillance machine” by cutting off its primary fuel sources: tracking, profiling, and persistent data storage.

Here are three practical steps to protect your digital life in 2026:

1. Kill the “Social Graph” (App Tracking)

The “listening” illusion often happens because apps like Instagram or Facebook link your location to your friends. You can break this chain by disabling cross-app tracking.

  • On iPhone: Go to Settings > Privacy & Security > Tracking and toggle off “Allow Apps to Request to Track.” This prevents apps from accessing your device’s unique Advertising ID (IDFA).
  • On Android: Go to Settings > Privacy > Ads and select “Delete Advertising ID.” This makes it much harder for data brokers to stitch your activity across different apps into one profile.

2. Switch to a “Shielded” Browser

Standard browsers (like Chrome) are designed to facilitate tracking. Switching to a privacy-first browser can stop Browser Fingerprinting by default.

  • Brave or Firefox: These browsers include built-in protections that “randomize” your fingerprint, making your device look like a generic one instead of a unique target.
  • Must-Have Extension: Install uBlock Origin or Privacy Badger. These tools block “trackers” from loading at all, which not only protects your data but also makes your web pages load significantly faster.

3. Evict Yourself from Data Broker Databases

Even if you stop tracking today, data brokers already have years of your history. You can force them to delete it.

  • The Manual Way: You can visit the “Opt-Out” pages of major brokers like Acxiom and Epsilon. I understand that it can be time-consuming but is free.
  • The Automated Way: Use a service like Incogni or DeleteMe, but both of these services charge start at $20 for one month and over $140 per year for their services. These services automatically send legal “Right to Erasure” requests to hundreds of data brokers on your behalf and, critically, keep monitoring to make sure they don’t re-add you later.

Pro Tip: If you want to see exactly how “unique” your browser looks to a tracker right now, visit the EFF’s Cover Your Tracks tool. It will give you a report on how well you’re currently protected against fingerprinting.

Pay The Game!

Is My Phone Listening to me Game

Reflection

After learning about this, do you think you’ll change any of the ways that you use your phone or interact with websites or online?

Have You Been Pwned?

A couple of months ago my partner needed to travel to help one of our children to recover from a surgery. She went onto her Save-On-Foods More Rewards website to see if she had enough points to book the flight. She didn’t have enough points, but noticed that someone had booked a $700 ticket from Winnipeg to Toronto a couple of weeks before. She asked if I’d booked it, but I hadn’t…

She then spent several hours on the phone with customer support, while I went to the “Have I Been Pwned” website to see if her account information had been compromised… And yes, one of the passwords that she regularly re-used on More Rewards website. She was able to get the money back, but a more complicated, non-reused password would have saved her a lot of inconvenience and time on hold with customer support.

Have you been Pwned? Or in other words, has any of your data, including passwords been stolen from hacked servers and sold online?

Find out by going to the Have I Been Pwned website and use your email address to see if any of your personal information has been hacked: http://HaveIBeenPwned.com

Password Managers & PassKeys

Password Managers & PassKeys are the unsung heroes of internet security. Here are the major high risk behaviours people engage in with their passwords:

  • Systematic Password Reuse: Using the exact same password, or minor variations of it, across multiple platforms. If a single low-security website suffers a data breach, threat actors harvest those credentials and feed them into automated botnets. Attackers use automated attacks to systematically try out leaked username-password pairs into major websites until a match is found.
  • Utilizing Predictable and Low-Complexity Passwords: Relying on sequential numbers, keyboard patterns, or common dictionary words (e.g., “123456”, “password”, “qwerty”) is extremely risky.
  • Relying on Obvious Personal Information for Complexity: Incorporating easily discoverable information into the password string, such as birthdays, pet names, sports teams, or local geographic markers. Attackers scrape public social media profiles to build custom wordlists tailored to a specific individual, feeding these personalized terms into websites.
  • Unsafe Storing and Sharing Practices: Writing passwords on paper (like sticky notes under keyboards) or sharing credentials via unencrypted digital channels like SMS, email exposes passwords to local or online capture.

How can password managers like Bitwarden (cross platform) and the built in Password Manager in iPhones (Apple only), can help you secure your passwords and make it easy to access them?

Created with Gemini 3.1
  • The automatically creates and saves random, impossible to guess passwords for each of your accounts.
  • To access all your passwords, all you have to do is memorize the master password for your password manager.
  • The password manager autofills your user name and password for all websites and across all your devices (both phone and laptop).
  • Most password managers also monitor for data breaches and will let you know if a site you use has been hacked and will help you change your password for that website.

Passkeys are a new security feature and make your accounts on websites that support them more secure, and more convenient for you to access the website.

Created with Gemini 3.1

Why should we start using Passkeys?

  • Absolute Phishing Resistance: Passkeys cannot be tricked into logging you on a lookalike or fraudulent website site.
  • Elimination of Password Theft: Because passkeys use asymmetric cryptography, a data breach on that website cannot expose your login credentials or compromise your other accounts.
  • No Memorization or Complexity Requirements: Users do not need to create, update, or remember complex text strings, removing the need you to remember multiple difficult passwords.
  • Seamless Biometric Authentication: Logging into accounts is made easier as you can authenticate using your fingerprints, facial recognition, or a simple device PIN.

Grammarly vs Harper

Harper is an Open Source grammar checker that always respect your privacy unlike some commercial cloud based grammar checkers.

Created with Gemini 3.1

Harper is a trustworthy alternative grammar checker for all your documents because:

  • Harper only runs on your laptop, so your documents are never sent to cloud based servers in the USA.
  • Grammarly runs on Amazon Web Servers in the cloud.
  • Harper is ideal for people who value their privacy, plus anyone in Education, Legal, Healthcare, and Government sectors.

Ad Blockers

Why would anyone consider using an Ad Blocker on their laptop or phone?

  • Stop distractions & clutter
  • Load webpages & website faster
  • Enhance your privacy by making it more difficult for advertisers to track you online
  • Helps secure your personal browser history from data brokers & advertisters

If you’d like to try out an Ad Blocker on your Chrome or Edge web browsers, please check out Ublock Origin Lite which has consistently been on of the top free Ad Blocking browser plugins for several years now.

Hands-on Lab Time:

Learn more about your Digital Footprints & Google yourself: 

  1. Open a new table in your web browser and Google yourself!
    • For example, I’d search for: “Rich McCue”, and possibly the city where I live or grew up to the search string if you have popular names: “Rich McCue” Victoria BC
    • If you still can’t find any references to yourself, which often happens if you have a common name, add “UVic” to your search string (E.g.: “Tracy Smith” UVic), and see what comes up.
    • If possible do your search in “Incognito” or the private mode for your web browser so you can see your search in the way someone else would see it.
  2. Did you find any web pages or images of yourself?
  3. Will the web pages or images be helpful during your job search when recruiters search for your name (possibly along with where you live and/or UVic)?
  4. How can you add positive posts or images that will show up when people search for you on the internet?
  5. Can web pages or images on the internet be removed?
  6. What do you think recruiters would think if searched for you but found nothing?
  7. Do you think that your website for our class could become a portfolio showcasing your best work that school district HR folks could find when they google your name before interviewing you?

Homework:

  1. Please do your weekly critical reflection on:
    • Any one of the digital citizenship & digital safety topics we covered in class.
  2. Catch up on any outstanding blog posts!