You may want to safeguard and protect your data, but it’s not always easy in this digital world of ours.
Think about it.
How often do you flip through apps and websites on your phone?
Probably more than you can count.
Reports indicate that by 2019 there will be 2.5 billion people worldwide connected to smartphones, which accounts for 50% of all mobile phone users.
We can’t help it. Flicking multi-colored, super-powered birds into circular pigs is endlessly entertaining.
The issue is that large corporations are capitalizing on our smartphone dependency to track our activity, our location, and gather personal information about us that they can sell off to advertising agencies.
And what happens if those databases filled to the brim with our information get hacked? How easily could cybercriminals gain access to some of our most private details?
That’s why it’s important to protect yourself on the phone, computer, and other internet-connected devices. Here is a list of the worst offenders, and how to safeguard your personal data.
Who are We Hiding From?
Most internet users are scared of hackers.
For good reason.
Because if they’re not, they probably don’t know exactly how much they can harm them.
Cybercrime is a global pandemic, costing the world hundreds of billions a year (and growing).
There’s a lot of money to be made when hackers break into your system to silently steal your precious information, turning around and either selling it off on the black market or using it to steal your identity.
But it’s not just shady hackers wearing Guy Fawkes masks while hunched over a computer in a dark room that we have to be worried about. Some of the largest threats to our personal privacy come from the corporations that we place our trust in.
Advertisers want a lot of information on us, and they get it by the truckload.
They want to know about your spending habits. Knowing what you previously purchased can help them predict what you might be interested in over the next few weeks.
They also want to know your likes and dislikes. They can easily scoop that information out of your Facebook profile. So, if you say on Facebook that you like video games, you might notice that the ads you see are video game focused. Or you might notice services tailored to your geographic area.
That’s the name of the advertising game in 2018: Personalization.
Have you ever been looking at a website, navigated away from it, and suddenly started to see ads for it everywhere? That’s not some grand coincidence. It’s remarketing at work.
These ad agencies want your browsing history, your address, your birthday, and any other bit of personal information that they can get to predict your spending habits and create a customized ad experience.
While some may see this as a service, others believe it to be an invasion of privacy.
“The government is spying on you!”
Says the crazy homeless person on the street corner.
But when a former CIA operative says it, and releases a series of documents proving it, that’s another thing entirely.
Thanks to Edward Snowden, we now know a whole lot more about how the NSA spies on the American people.
Unfortunately, it’s not just the US government that we have to worry about. Thanks to a series of surveillance alliances, the United States pools its espionage information with other nations.
So once one of them gets their hands on your data, it’s immediately accessible to some of the biggest countries on the globe.
Imagine that your internet activity was not only being watched by your government, but that it could potentially be shared with 13 other nations.
Talking about something like that used to make you seem paranoid. But now? It means your realistic.
7 Simple Tips to Protect Your Data Once and For All
The battle for internet privacy is a war fought on three fronts.
You’re fending off cybercriminals, while defending against pushy advertisers, all while shielding yourself from government agencies.
That’s quite the uphill battle.
The deck may be stacked against you, but there are ways to defend yourself.
Here are some of the best place to start.
1. Clear Your Browser History
You should constantly clear your browsing history because your spouse could check it any minute.
You should also clear your browsing history because it’ll help protect your privacy from falling in the wrong hands.
When you visit a website, you’re tracked via your IP address by internet messages called cookies. They may be called cookies, but they’re actually more like crumbs. Picture a trail of cookie crumbs weaving from website to website, leaving a tangible log of your internet activity.
Every site you visit. Every item you download. Every query on Google.
These cookies remain on your system, keeping a record of everything you’ve done. That’s why sometimes, when you go to a site that you’ve previously visited, your login credentials are saved even if you never checked that little “Remember Me” box.
So what type of data are companies gathering on you? Well, they want to see what you’re viewing and what you’re buying. They want to know what articles you’re reading and what information you’re doing research on.
Internet companies are like a guy trying to impress you on a first date. They look up your likes and dislikes and try to use those to engage with you. And much like dating, sometimes those advances are unwanted.
If you clear out your history after every browsing session, you’ll help blind the eyes of those services. You can also disable cookies and set your viewing patterns to private. This is a service that all major browsers offer.
There is a trade-off, however.
By disabling cookies, you’ll have to enter your username and password into every website that you visit. But password-storing services can help with that.
2. Beyond Cookies
Every computer has its own unique fingerprint that can be logged to identify you.
Beyond Cookies sounds like an amazing name for a bakery. But that’s not exactly what we’re talking about here.
Disabling your browser-based cookies is a fairly easy process. Info-gathering companies realize this and want to dissuade you from throwing them off the trail. That’s why they’ve moved their efforts beyond cookies and into the realm of fingerprinting.
Fingerprinting identifies information about your computer. It can track your battery status (including the rate it depletes), the size of your browser window, and more to identify you. This works because, much like a human fingerprint, no two computers are identical. Even machines of the exact same model using the exact same browser at the exact same size will still contain some subtle differences that can be used to differentiate.
Companies log this device fingerprint and use it to identify you when you come back.
Some other factors that can lead to a company identifying you through fingerprinting include:
- Your IP
- The fonts installed on your device
- Browser plugins
- System files
- Graphics capabilities
- Browser technical information
Fingerprinting does have a beneficial use. Many websites use it to identify botnets through their unique characteristics, so there is a saving grace.
Unfortunately, there is no way to fully protect yourself from fingerprinting. Some of the methods we will describe today can be helpful, but as of now, there is no software or method for completely disabling the tactic.
3. Read Privacy Policies
Spoiler alert: No one has.
That’s the real kicker about information privacy. Companies can’t collect our data unless we agree to it. Unfortunately, the overwhelming majority of users either do not realize this (or they don’t care).
Thankfully, the European Union passed the General Data Protection Regulation (GDPR) in 2018, forcing companies to be more transparent with their data-gathering efforts. While this law only applies to the EU, most large organizations like Facebook have made their changes worldwide.
That’s why back in May you likely had to re-accept most of the privacy policies for the websites that you use. They were changing things to come into compliance with the GDPR.
The new law made a number of alterations in how businesses are required to conduct their data gathering efforts throughout the EU.
The last two are the most useful:
The right to access your information means that companies are required to provide you with a full accounting of the information they have on you in electronic format, on demand, and for free.
The right to data erasure states that on your request, those entities must permanently delete all of your gathered information from their system. This can be done if the data gathered is no longer relevant, or for no other reason than a withdrawing of consent.
Make sure you read all privacy policies for the companies you’re looking to do business with. If you have to, copy and paste them into a word document to read later and don’t sign up for a service until you do. If you find the verbiage confusing, reach out to their customer support department and ask questions.
I spoke with Lesley Carhart, Principal Threat Analyst at Dragos Inc., about the key things you should look out for when going through privacy policies:
It’s important to take some time and read the policies carefully – especially for free or cheap services on the internet, video games, or software. Pay particular attention to how your data can be shared, what data is shared with the service, and how your usage is tracked when you’re using and not using the service. How long is your data kept? What happens to your data if the company goes out of business or it is sold? A reputable business should answer these questions clearly.
Once you have a clear understanding of how and why a company gathers data, you can better decide whether the positives of their service outweigh the negatives.
And remember, companies will also change up their privacy policies constantly, so be on the lookout before blindly agreeing to new terms you haven’t had the chance to vet yet.
4. Use Search Engines that Won’t Track You
Google is essentially a monopoly.
Nearly 75% of all global searches pass through it. Google sees 3.5 billion internet searches per day, which adds up to 1.2 trillion per year.
Oh. And they also happen to collect your information.
Google’s data-collection efforts extend beyond search engines and into the realm of smart devices (more on that later).
They know what you’re searching for, which links, images, and videos you’ve clicked on (yup, those too), how much time you spend on sites, whether you made a purchase while there, and much more.
Bing, the second largest search engine in the world, also tracks some information, though not to the extent that Google does. Bing mostly tracks users while they’re logged into a Microsoft account. (Which no one is.)
Some safer search engines include:
- DuckDuckGo: No logging whatsoever with no way to identify unique user data.
- Bitclave: Built on the Ethereum blockchain. Uses decentralized tech to increase the security of users.
- StartPage: No tracking or recording a user’s IP. Stores no personal information whatsoever.
5. Use Incognito Mode (But Don’t Rely On It)
A common misconception is that using an anonymity setting like Google Chrome’s Incognito Mode or Microsoft’s Do Not Track function makes you completely invisible.
That’s not true at all. But they can help a little.
Google’s Incognito Mode is very upfront about its lack of protection. It states right away that it “doesn’t hide your browsing from your employer, your internet service provider, or the websites you visit.”
So even though you’re ‘incognito,’ that doesn’t mean you’ve got VPN-level privacy. Your ISP still knows where you’ve been, the websites that you’re clicking around on know that you were there, and if you’re on a work network, your boss knows what you’re doing.
That also goes for government agencies. If you think clicking a button on Google Chrome is going to hide your activity from the NSA, think again.
Google goes on to say that Incognito users should beware of surveillance by “secret agents.”
Incognito Mode was not created to protect you from the World. It was meant to hide your activity from the computer you’re using it on. If you’re using a social media account on a friend’s computer, Incognito Mode ensures that none of your login credentials will be saved. If you want to hide the websites you’ve been visiting from other users, Incognito Mode works too. (We don’t judge)
What Incognito Mode does do is disable history, cookies, and browser extensions. Without cookies, websites won’t be able to track you.
That makes incognito mode a fantastic way to fight back against advertisers, but it remains useless in the battle against malicious actors and governmental oversight.It’s time to get yourself a privacy-friendly browser.
6. Enable Facebook Privacy Settings
Facebook collects a lot of data. Not exactly a surprise.
They keep track of what you like and don’t like. They know who you regularly talk to. They understand your political views, what services you use, what goods you buy, what sites you visit, and where you go.
Their bungling of the widely publicized Cambridge Analytica scandal is proof that this can be problematic. Facebook users who took a personality test offered by a political consulting group called Cambridge Analytica were unwittingly agreeing to not only have their personal information collected, but the information of their entire list of contacts.
Through this unfortunate loophole, 87 million of Facebook’s more than 1 billion users had their information recorded by Cambridge Analytica and sold to the political campaigns of Donald Trump, Ted Cruz, and officials involved in the UK’s Brexit vote.
Good company, that.
Facebook’s creator and CEO, Mark Zuckerberg, called the fiasco a mistake and personally apologized on behalf of the company. But the eyes of the world soon fell on the social media giant, wondering how much information they were gathering, and how we could stop them from doing it.
One of the easiest and most effective ways of controlling who can see the information you put on Facebook is by making your posts visible only to friends. While this hides nothing from Facebook itself, it can keep your information from being seen by outside parties.
It takes less than a minute to opt out of targeted ads on Facebook. You can do so on their ad preferences page. The settings that track you by default can be turned off. Once you’re on the page, switch all options to either “no” or “no one.”
However, an important note here is that Facebook has code capable of tracking you in a large number of free Android and iOS apps. This means even if you follow those steps within the Facebook platform, your activity is still likely being tracked by Facebook elsewhere.
During my conversation with Lesley, she also made a great point to keep in mind here:
Understand that anything provided to you for ‘free’ on the internet has hidden costs behind it. Web hosting, content generation, and marketing content must be paid for. So, if there isn’t a bill being sent directly to you for the services, those costs are likely being recouped through donations, advertisements, and/or the monetization of activity and usage profiles.
Apple and Android devices do have a built in ad tracking limiter in their settings that can help with this.
7. Use a VPN
The best defense against privacy-related issues online is a Virtual Private Network.
These services create an anonymous web browsing experience by tunneling your internet signal through a secure protocol and encrypting all of the data inside.
What does this mean? No prying eyes can track what you’re doing. Malicious actors, government agencies, and ISPs can no longer access any of your activity or information.
Unlike many of the other tips on this list, you’re not just protecting a single browser or device, either. Most (good) VPNs can be set up on your router, so the entire internet connection is protected from head to toe. That means you’re good to go on any device or browser.
Also, by sending your information to a server in another part of the world, you essentially trick the internet into thinking that you’re somewhere else.
For example, someone using a VPN in Seattle, Washington can connect to a server in Munich, Germany. And all web services will believe that this person is actually sitting in Germany, providing a simple workaround to stream geo-locked content and more.
Cybercriminals target torrenting websites to help them gain remote access to a person’s computer, where they can steal their information. Using a VPN, you take that option away from them by encrypting all of your data and download peacefully.
This encryption is also the NSA’s greatest kryptonite. A strong VPN will keep you invisible from government oversight. What’s more, they’re perfectly legal in most countries around the world.
Just make sure the VPN you’re using is based outside the extended Eyes surveillance alliance. Otherwise, country courts could demand your data from the VPN company themselves at any minute.
A Recipe for Privacy
There you have it.
A number of different ways that you can anonymize your personal data and hold onto your internet privacy. It should be noted that no system is perfect, but we’ve compiled a cocktail of various options that, if used together, should provide the safest experience possible.
- 1 Part VPN software to anonymize your data and protect you from cyber criminals and government agencies. Choose a VPN that comes equipped with an ad blocker. (Like CyberGhost)
- 1 Part Google Chrome Incognito Mode to disable cookies and local tracking efforts
- 1 Part opting out of Facebook’s tracking methods
- 1 Part anti-tracking browser extension
- Turn on VPN
- Activate Incognito Mode
- Deactivate Facebook tracking (one time only)
- Avoid free Android and iOS apps
- Open safe browser
- Read privacy policies
- Mix together until a regular part of your daily routine.
- Repeat for all web browsing experiences.