at how much information they unknowingly give away online

and how that can leave them vulnerable when people like me

come along and collect all of that information.

It's incredibly easy to track anyone with any modern technology now.

It's incredibly difficult for anyone to try and avoid detection.

When I went on the run back in the 1990s

there was still, just about, a chance to do it

because it was very resource intensive

for either spies or corporations to track people who went on the run.

I'm Scott Helme, I'm a cybersecurity researcher and an ethical hacker.

I'm Annie Machon, I'm a former intelligence officer with MI5,

the UK domestic security service.

So I think many people would be very surprised

about what we can find out about them online.

I met someone recently where we demonstrated this

and with just their name and knowing the general area where they lived

we were able to narrow down their social media profile.

We have things like the births, marriages and deaths register

in the UK where we can look up your marriage certificate

or your birth certificate.

From there we can see, parents and spouses

and we can start to spread out this net of information

that we can gather about you from very simple resources.

Social media over the last decade has become the spies dream.

Back in the 1990s, my job as an intelligence officer

was to build up profiles and investigate targets

and that could take weeks; trying to get a shape of someone's life.

Their contacts, where they worked, their relationships,

their views, their activities, their hobbies, everything.

Now of course with social media,

we just offer it all up for free, voluntarily.

I think privacy has changed so dramatically in the last 10 years

if we go back 10 years it would have been very difficult

to gather information about someone, very analogue, very offline.

We may have to collect pieces of paper or documents

and now in the digital world it's

a click of a finger and a search on the internet

and we can have a lot of information about someone.

Social is really easy where you can pick up Twitter, send a tweet

that my internet has stopped working so I might tweet my internet company

or more recently, my water supply stops working

and the water company will have status updates

and people will comment on them and we now know that all of these people

are users of this company's services

so if I wanted to impersonate them I could call one of those individuals

if I had their number and say, "Hey, Sarah, I'm from the water company.

Just regarding your complaint, could we go through account security,

could you confirm your postcode for me please?"

And I'm then extracting more information

using the original tweet as the leverage to get you to trust me.

It's interesting to ask, "Who might be spying on us?"

I mean, obviously for someone who worked in the intelligence agencies

I think of espionage and spying and surveillance in a particular way

where you are given targets to investigate.

First of all, yes it might be the law enforcement intelligence agencies,

depending on what you're getting up to.

It could be political activism, as simple as that.

Two, it will definitely be the big social media corporations

because we are their product

and the question is then to realistically say,

"OK, what might be the threat to me personally?

How can I best protect myself from those threats?"

You don't have to be on the run from the government or MI5.

You might just want a bit of privacy.

Smart phones are little spy phones in your pocket.

Turn off your smartphone; ideally leave it at home.

Another really good thing for people to look at is the privacy settings

on applications on their smartphones.

So maybe you don't want an application

to be able to look through your photographs.

You can go into the settings on your phone and disable these things.

So go into your device's settings,

have a look through those and just think,

"You know, this app doesn't need my microphone.

So I'm just gonna turn that off, make sure it can't listen to me.

It doesn't need my location, I'm just gonna turn that off as well."

And just start to take a little bit more control

over all of the information that you're sharing.

One thing you can do of course is to invest in older technology.

Get an old burner phone

that you might just use for phone calls and that's it.

Use an old laptop and then a whole suite of privacy software

on that laptop as well.

Another really great way of protecting yourself

if you're travelling a lot using public WIFI

at an airport or a train station,

they commonly ask for your first name and last name in order to log in

what you can do is

give them a different first name and last name to log in

and you'll still be able to use the WIFI network afterwards.

This may sound a little paranoid but when I was in Berlin a few years ago

at the height of the Snowden disclosures

if you went to parties you were expected to

put your mobile phones in a tin, a biscuit tin

which then went into the fridge to stop signals going in and coming out

to stop the phone snooping on you.

I think it's really important that people make conscious decisions

about the information that they share

because often when we share this information

you can never guarantee to be able to take that back.

If I send a tweet to a company

and I want to make a complaint about their service

I may be able to delete that tweet later

but everyone's already seen that and knows that I had that interaction

so making this conscious decision before I take those actions

would help me prevent leaking that information later.