Stella is a privacy and inclusion training specialist. She does private training for targeted groups such as domestic violence victims and works with businesses that are interested in improving online privacy. We asked you to share any questions you had about keeping yourself (and your nudes) safe online.

First, the broad advice that I give to anyone is:

1. Use 2 Factor Authentication (it is explained here). 2 FA prevents someone from being able to open your Facebook or Google account on a device that you have previously logged in to. It requires them to have a login and a code.

2. Use a password manager, such as OnePassword or Lastpass.

3. Turn off location services in apps and on your phone until you need them on. So for example, Uber or Lyft require location to be turned on, but you can turn them off after the ride. As I will explain below, location ends up in metadata on your photos and you want to avoid that.

4. Consider using search engines like duckduckgoTor or Privacybadger to make your internet searches more private and secure.

Now onto your questions...

What are the steps you should take if a photo of yourself ends up online without your knowledge/approval?

The first thing you should do is notify the platform that is showing the photo. Most sites such as Facebook or Reddit have specific “help@” or “security@” email addresses that you can contact.  They are required by law to remove such content. Some are slow in taking action, but do not hesitate to escalate. You can find more detailed advice at the Cyber Civil Rights’ Online Removal page.

Cyber Sex SecurityIs there anything magical I can do about all the nudes I’ve sent already? (Mostly shared through messenger and I don’t think there’s a way to delete them).

Unfortunately these are not possible to retrieve.

My advice for the future would be to use one of the secure apps listed below, use timed messages, ad make sure there is no metadata like location in the pictures you do send. You can also use apps like Metapho, but they have in-app purchases. The Norton safety page has some good advice I have copied at the end of this article.

I occasionally get DMs on Tumblr from people asking for my Amazon wishlist or PayPal or things in order for them to "spoil me." I’m not a cam girl, but I sometimes post bomb selfies or provocative pics, and that’s when I’ll get DMs. Only replied to one ever and he said he had specific photo requests so I ignored it. Tips on how to execute this safely in the future?

For payments or cash gifts, I suggest using Square or Venmo. Square is more confidential in setup than Venmo, although both are secure. Venmo has privacy settings–always check and make sure your profile isn’t revealing your name or personal details.

If you do choose to receive Amazon gifts, I would advise setting up a PO box or locker. Ideally not near your home. I would also suggest asking another person to collect packages for you.

Any advice for cam girls? What are ways to keep our location and identity safe?

Keep location services turned off on any devices you use to record. Use a camera cover so that you can avoid being viewed without consent. Even Mark Zuckerberg has a cam cover on his laptop!

Mark Zuckerberg laptop cover

Also, be really careful that nothing in the background of your shot could be used to identify you. So no mail, personal photos, college or other pennants, local sport team flags, calendars, mail order boxes, etc. Make sure blinds are closed so they can’t locate you from a window view. Even things like birthday cards can give away information about you or your family.

What are the best ways to keep my password safe?

Best advice is to use a password manager such as LastPass or OnePassword. These manage your passwords securely. They are explained nicely here. Simple and best advice is do not reuse them, do not stick them on a post-it note on your PC, try to use random numbers and letters rather than pet names or birthdays.

What apps are safest for sexting?

I strongly advise using apps such as Signal, TelegramWire or WhatsApp. These are encrypted, so they cannot be read or intercepted.  Telegram, Wire, and WhatsApp can be locked using 2FA. They are all available in the Android and Apple app store.

Aside from WhatsApp, all of them offer a timed message option. It’s similar to Snapchat but more secure. All of them offer the option to delete a message for everyone. You can completely clear histories in Signal,Telegram, and Wire. Telegram and Wire also notify you if someone takes a screenshot of a conversation.

Additionally, I would not use your real name or number to set up any messaging service. Wire is good because it only requires a username. Use a name that has no connection to you at all.

To set up a messaging service or any account, I would advise using Proton Mail. This is a secure, encrypted email service.

If you use Gmail or another Google mail service, set up 2FA on that account. That way you will also be notified if anyone tries to access it. The set up is explained here.

What "rights" do employers have (if any) if it is discovered that you have nudes online/do cam work? (In Maryland if that helps narrow it down a bit).

I am not legally qualified to answer this definitively. I would suggest that you check any employment contract to see if it has specific clauses relating to freelance work or “moral” clauses. Here I am thinking particularly of the Oxfam workers who recently were fired due to paying sex workers while abroad because they violated a specific contract clause.

As a separate point, you have a basic right to privacy as an individual. So an employer does not have the right to sanction you for private photos. However, make sure that you do not use work devices or send any pictures, etc. over your work network. This could be a breach of contract, but is also best to avoid in general! I advise people to assume that any work device can be and probably is being monitored in some way. So use them strictly for your work. Definitely consult an attorney or legal advisor if you have questions relating to employment law.

I hope this all helps. I am always delighted to help if you need more information. Wishing you all much love, luck and happiness.

Norton safety page excerpt:

How Do I Get Rid of EXIF Metadata?

Windows Explorer makes it easy to delete EXIF metadata from one photo or an entire batch of photos at once. Follow these steps:

● Open the folder containing your image files.
● Select all the files you want to delete EXIF metadata from.
● Right-click anywhere within the selected fields and choose “Properties.”
● Click the “Details” tab.
● At the bottom of the “Details” tab, you’ll see a link titled “Remove Properties and Personal Information.” Click this link.
● Windows will ask whether you want to make a copy of the photo with this information removed, or if you want to remove the information from the original. Choose the option you prefer and click “OK.”


jessysaurusrex: Jessy has a great blog on security advice and is very approachable on Twitter.

Electronic Frontier Foundation (EFF): EFF are a wonderful source of privacy advice and advocacy.

The Smart Girl's Guide to Privacy: A Privacy Guide for the Rest of Us@violetblue wrote this book, which could be very useful to all of you. I have it and base my talks around some of it. She is active on Twitter and posts lots of useful advice.

@sectrashpanda is an account I run as a privacy advice page, hopefully it might be useful.