Privacy Please is an ongoing series exploring the ways privacy is violated in the modern world, and what can be done about it.
Computer security and privacy are daunting subjects that call to mind global ransomware gangs, targeted espionage, and data-hungry behemoths. And yet, often overlooked in this roiling digital miasma is the fact that there’s one simple step you can take to protect both your privacy and your security: Encrypting your computer.
Cooper Quintin, a security researcher with the Electronic Frontier Foundation, likens encrypting your computer to the most basic of preventative health measures.
“It’s a really fantastic bit of basic security hygiene, like washing your hands or wearing a mask, that anyone can do that really gets you a lot of benefits,” he explained over the phone.
Why you should encrypt your computer, and what that means
Encryption is complicated. But you personally don’t need to understand all the behind-the-scenes math, as smart and dedicated people have already figured it out for you.
When discussing encrypting data, experts typically talk about two distinct categories: encryption of data in motion, and encryption of data at rest. For the former, think of things like text messaging. Apps like Signal use end-to-end encryption to ensure messages (data in motion) can’t be read by third parties. And that’s great! For the latter, which is what this piece is focused on, think about the data that lives on people’s computers or phones.
Data that, presumably, you want to keep private.
“Even if you’ve deleted stuff, people can recover the deleted files from your hard drive.”
A properly encrypted hard drive is functionally unreadable to anyone who doesn’t have the decryption key. When it comes to an encrypted computer, that’s usually just the password used to log in. Unlike deleted data, which is often trivial to recover, encrypted data is truly private — appearing as a jumbled mess to any unwelcome eyes.
“Even if you’ve deleted stuff, people can recover the deleted files from your hard drive,” emphasized Quintin. “But, if you’ve encrypted your hard drive, people won’t be able to recover those files.”
People store a lot of personal data on their computers — tax documents, private photos, health records, journal entries, and who knows what else — and even if there are no plans to share that information with the world, if your hard drive isn’t encrypted, the chances are a lot higher that its contents will get out.
“The most important reason to encrypt your computer or phone, and this may seem obvious, is so that no can read, without your permission, what’s on your computer or your phone,” added Quintin. “This is really handy, for example, if somebody were to steal your computer or steal your phone — or you were to lose your computer, or your phone.”
In the scenario that Quintin lays out, even if thieves get their hands on your computer, the files on that computer remain inaccessible to them.
It’s a reminder that even supposed experts occasionally need.
In 2009, journalists studying global e-waste stumbled across a computer hard drive loaded with documents tied to U.S. defense contractor Northrop Grumman. The hard drive was unencrypted, and the journalists reportedly found “hundreds and hundreds of documents about government contracts” and files marked “competitive sensitive.”
In August of 2021, Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency, reiterated the importance of strong encryption — calling it “absolutely fundamental.”
Essentially, encrypting your computer is a vital step. It’s one that should be done today, right now, before you lose, sell, or recycle your computer.
How to encrypt your computer
Thankfully, these days encrypting both Macs and and PCs is an easy process — even if the onus is on you to make it happen.
“It’s a shame that operating systems for laptops and desktops, such as Mac and Windows, are not presenting [encryption] as a default because it’s really such a basic step that everyone should take,” observed Quinton.
Those looking to take that basic computer hygiene step are in luck, as often there’s no additional software or skills required. Most modern computers provide owners a baked-in process (as long as they know where to look).
“The ways that Mac, and Windows, and all of your mobile phones allow you to encrypt your computer are perfectly fine for the vast majority of people,” Quintin assured.
How to encrypt a Mac:
- Click the Apple logo in the upper-left corner of your screen
- Select System Preferences > Security & Privacy and then click the FireVault tab
- Click the lock icon in the bottom left of the window, then provide the admin name and password (if it’s your computer, that’s likely just your login info)
- Select Turn On FileVault
- Chose a recovery method in case you forget your password (Apple explains that part in detail, but a local recovery key is perhaps the most straightforward of the options)
- Click Continue, and go about your business as your hard drive encrypts in the background
How to encrypt a Windows PC:
- Sign into your Windows admin account (if it’s your computer, that’s likely just the account you use day to day)
- Click the Start button > Settings > Update & Security > Device encryption
- If you see the Device encryption option, select Turn on
- If you don’t see the Device encryption option, then Windows explains that you should search for “Manage BitLocker” using the taskbar, open it up, and then turn the feature on
That’s it. You’re all done.
Keeping things secure
Encrypting your hard drive is a great way to protect your personal data from prying eyes. Of course, if you’re not careful, it might also protect your data from you.
Unlike with an unencrypted computer, if you lose your password there is not an easy way to retrieve your data. In other words, encryption is like locking your files in a safe — forget the combination, and you’re in quite the bind.
SEE ALSO: How to blur your house on Google Street View (and why you should)
“Encrypting your hard drive should be the norm.”
Thankfully, the EFF’s Quintin suggests a few steps you can take to make sure you never get locked out of your newly secure computer system.
For starters, use a password manager to keep a copy of your password. You can also write the password down and give it to a trusted friend or relative, or put it in a safety deposit box.
“Encrypting your hard drive should be the norm,” reiterated Quintin.
A norm where all your data is secure and private sure sounds nice. Thankfully, you now know how to make that a reality.