⚠ Convenience Has a Price

Every "free" app, every one-click sign-up, and every smart device asks you to trade a small piece of your privacy for a small amount of convenience. Individually these trades seem harmless. Added together over years, they can hand strangers a detailed map of your family's life — your location, your habits, your finances, and your children's routines.

Our mission: Help ordinary families build simple, lasting habits that protect their privacy and security, without fear-mongering and without needing to become technical experts.

🗺 Threat Map — Who Wants Your Data?

  • Governments collect data for law enforcement, taxation, and services — sometimes with strong oversight, sometimes with less than families expect.
  • Criminals want your data to commit fraud, identity theft, or extortion.
  • Corporations want your data to predict and influence what you buy, watch, and believe.

🎯 Family Goals

  • Share only what is truly necessary, with people and organizations you trust.
  • Make it hard for strangers to impersonate or defraud you.
  • Understand the true cost of "free" services before signing up.
  • Teach kids and seniors in the household the same habits.

The Three Major Privacy Threats

Privacy risks generally come from three directions. Understanding each one helps you decide which defenses matter most for your family.

🏛 Government

Government agencies collect personal information for legitimate purposes such as taxation, benefits, and public safety. The risk is scope creep: data collected for one purpose being reused, retained too long, or shared beyond its original intent.

  • Read privacy notices before providing information to government portals.
  • Know your rights to access and correct your own records.
  • File a complaint with a privacy commissioner if you believe your data was misused.
  • Use official ".gc.ca" or ".canada.ca" sites — never a link from an unsolicited email or text claiming to be from a government agency.
Canadian context: The federal Privacy Act and Personal Information Protection and Electronic Documents Act (PIPEDA) govern how government and businesses handle your data. The Office of the Privacy Commissioner of Canada (OPC) investigates complaints and publishes plain-language guidance for individuals.

🕵 Criminals

Scammers use stolen or leaked personal details — names, addresses, phone numbers, even the names of grandchildren — to run phishing, romance, and impersonation scams. Seniors are frequently targeted because scammers assume less familiarity with digital tactics.

  • Never give personal or financial information to someone who called or texted you first.
  • Verify unexpected requests by calling the organization back using a number you look up independently.
  • Use unique, strong passwords and enable two-factor authentication everywhere possible.
  • Report suspected fraud immediately — the sooner it's reported, the better the chance of stopping it.
Canadian context: The Canadian Anti-Fraud Centre (CAFC) tracks scam trends and accepts fraud reports from across the country. Common scams reported include the "grandparent scam," CRA impersonation calls, and romance fraud.

🏢 Corporations

Many companies build revenue models around collecting behavioural data — what you click, where you go, what you buy — to build advertising profiles or sell insights to third parties. This is usually legal but is often more extensive than customers realize.

  • Read the "data collected" section of privacy policies, at least in summary form.
  • Turn off location tracking and ad personalization for apps that do not need them.
  • Use separate, disposable email addresses for one-off sign-ups.
  • Regularly review which apps and companies have access to your accounts, and remove ones you no longer use.
Canadian context: PIPEDA requires organizations to obtain meaningful consent before collecting personal information for commercial purposes, and to explain why the data is needed.

Family Privacy Principles

These three principles form the foundation of good household privacy habits. Post them somewhere visible.

1. Minimum Disclosure

Share the smallest amount of personal information needed to complete a task — nothing more.

  • Leave optional form fields (birthdate, phone number) blank unless required.
  • Use "guest checkout" instead of creating an account for one-time purchases.
  • Avoid posting full birthdates, addresses, or travel plans on social media.
  • Ask "why do you need this?" before handing over ID or personal details.

2. Convenience Has a Cost

Every shortcut — saved passwords, one-click logins, "always allow" location access — trades some privacy for ease. Make that trade consciously.

  • Review app permissions every few months and revoke ones that aren't needed.
  • Choose "ask every time" for location and microphone access where possible.
  • Avoid linking accounts together (e.g., "log in with Facebook") unless necessary.
  • Pause before agreeing to smart-home or voice-assistant "always listening" features.

3. Strong Authentication

Weak or reused passwords are the single biggest cause of personal data breaches.

  • Use a password manager to generate and store unique passwords for every account.
  • Turn on two-factor authentication (2FA) for email, banking, and social media.
  • Never share passwords or verification codes with anyone, including "tech support" callers.
  • Use a passphrase (a short sentence) rather than a single word for anything memorized.

Real-World Examples

These illustrative stories are fictionalized composites, not accounts of real people. They show the difference a few habits can make.

Example 1: The Phone Call

Bad Example

What most people do: A caller claiming to be from "the bank's fraud department" says there's suspicious activity and asks the person to confirm their card number and a text code to "verify identity." Wanting to help stop the fraud, the person reads out both.

Consequence: The caller was the actual fraudster. The verification code allowed them to complete a real-time transfer, and the family lost access to the account for days while it was investigated.
Better Example

The correct behaviour: The person hangs up, finds the bank's number independently (from a card or statement, not the caller), and calls that number directly to ask about the "suspicious activity."

Consequence: The bank confirms there was no real alert — it was a scam call. No money is lost, and the incident is reported to the bank and the Canadian Anti-Fraud Centre.
Family Rule: We never confirm account numbers, passwords, or verification codes to anyone who contacts us first. We call back using a number we find ourselves.

Example 2: The Free App

Bad Example

What most people do: A free photo-editing app asks for full access to contacts, location, and the entire photo library. The person taps "Allow All" to get to the feature quickly.

Consequence: The app's business model involves selling anonymized location and contact data to advertising networks, and personal photos are used to train a third-party AI model per the fine print in the terms of service.
Better Example

The correct behaviour: The person only grants access to the specific photo being edited, denies contacts and location access, and skims the app's data-collection summary before installing.

Consequence: The app still works fine for editing photos, and the family's contact list and location history stay private.
Family Rule: Before installing any app, we check what it asks to access, and we only allow what the app actually needs to function.

Household Privacy Checklist

Print this page or copy this list somewhere visible. Work through it as a family, one category at a time.

Devices

  • Install security updates on phones, tablets, and computers promptly.
  • Turn on automatic screen locks with a PIN, password, or biometric.
  • Cover or disable webcams and smart speakers when not in use.
  • Set home Wi-Fi to a strong, unique password (not the router default).
  • Enable "find my device" and remote-wipe features in case of loss or theft.

Accounts

  • Use a password manager with unique passwords for every account.
  • Enable two-factor authentication on email, banking, and social media.
  • Review and remove unused apps connected to your main accounts.
  • Set a "family password" that real family members use to verify identity by phone.
  • Freeze or monitor credit reports if identity theft is a concern.

Mindset

  • Pause before clicking links in unexpected emails or texts.
  • Ask "why do they need this?" before sharing personal information.
  • Talk openly as a family about scams and near-misses, without shame.
  • Teach kids and seniors the same rules — privacy habits work best when shared.
  • Review this checklist together every six months.

Trusted Sources

Start here for authoritative, up-to-date Canadian guidance. Laws and best practices change, so always check the source directly for the latest information.

Disclaimer

This page is provided for general educational purposes only. It does not constitute legal, financial, or professional security advice, and it is not a substitute for guidance from a qualified lawyer, financial advisor, or cyber security professional.

Laws, scam tactics, and technology change over time. Always verify current information with the official sources linked above, or consult a qualified professional before making decisions based on this content.

All examples on this page are fictionalized composites created for illustration. They do not describe real individuals, companies, or government agencies, and no wrongdoing by any specific organization is implied.

For more from the author of this guide, visit tedlee.ca or about.tedlee.ca.