This year, I’ve decided that I wanted to take back my privacy online. Our digital lives are forever being followed, tracked and bombarded with tailored ads or incentives. Although this makes life easier and the tailored experience may be nice for some, it does come at a cost.
Large companies such as Facebook and Google are digitally profiling you and selling/sharing your data for profit. Every search you’ve made, every picture you’ve liked, the people you follow and the videos you watch. All this data is valuable to somebody and you don’t really control who they are sharing it with. This information can be used to target you with advertising or worst; social engineering or phishing attacks.
The reason they can collect this information is because we let them. When you sign up for their services you agree to their terms. They will often spin it to say they need this information to provide a personalised or “better” experience. Most of this privilege we agree to is bloated and over stretched.
So how do these big companies know everything about us?
Well, because we are forever signed-in and accept their terms. Look at your phone and computer. Are you left signed into Google, Facebook, Twitter or any other services? If so, this leaves a fingerprint.
Say you use Chrome and you’ve logged into your Gmail account. You then start to search for Hotels in London. Google and its partners now know about this and tie this to your account (history/profile) and device (cookies). You will then start to notice the majority of adverts you are seeing will be tailored around “cheap hotels in London”.
This is partly because of tracking cookies. You’ve probably noticed that suddenly every site is asking for permission to stored cookies and doesn’t let you pass until you accept.
This started to happen after regulations such as GDPR came into play. Now companies are bound by law to ask for your permission before they store/use these cookies.
Just because they ask, doesn’t mean every site is being friendly though. In simple terms, there are two types of cookie categories; Required and Personalised. The required is needed for functionality and cannot be denied. An example being, If this wasn’t used, you would have to login to Facebook every time you visited the site.
Personalised, is how they make their money so is therefore optional. These are the cookies you would need to manual deny should you wish to remain somewhat private.
This responsibility is on you and not them. Companies will often make the “just accept button” brighter and more appealing because it means adverts. Adverts equals revenue so the accept button will often mean Allow All, so be careful.
If you should see these prompts, always choose to manage the settings.
Some companies such as Facebook will just blend it in and make it harder to customize. For them, you need to login and then change the settings to allow only the required.
For the ones that prompt; After you click to manage the cookies, you will be presented with a few options. Here you can untick, advertising. As you can see, some sites have a lot more than others. Notice the scroll bar…..
Cookies are stored locally however and can be easily removed. Whilst in your browser, press the following buttons on your keyboard at once: Ctrl, Shift and Delete. You will then have the option to delete the Cookies stored on your device. Remember it’s per browser so if you’re logged into two and wipe one, it’s still stored within the other.
If you are using a mobile device such as a Mobile phone, you will have to manually go to:
Settings > Privacy and select Clear Browsing Data.
Doing this might actually save you a penny or two as well. You may have noticed when booking hotels or transport that the prices suddenly spikes when you revisit it (should you have not purchased the service on the first visit). This is because they know you have visited here before due to your cookie. When booking hotels, flights or any limited service, it might be beneficial to browse in incognito. Right click the browser icon and select Private or Incognito. Remember that although you are in this private browsing your presence may still be recorded. It just means it won’t store any cookies and history during that private session.
As I say, wiping cookies only removes them from your device and not your online profile. As I mentioned at the start, if you are signed into Google or Facebook they may have collected this information already which will be stored on their end. For this, you will have to make a right to be forgotten request to each provider. Seeing as you don’t know who has your data though, this may be an impossible task.
So, what can you do?
Find a balance. Even if you were to use disposable accounts and devices to access these services, there will always be a trail. Plus, what kind of life is this? The majority of people won’t want to do this so it’s all about privacy in moderation. What works for you and what do you want to share.
It all starts with changing your behaviour slightly and starting to be less independent on certain services. Below are some of the basic steps you can take back a little control.
Checking your privacy settings
Once you’ve signed up for a service such as Facebook or started to use a browser such as Chrome, it will always be worth running through the settings. You will often find that the defaults will send data back to themselves or allow personal ads. If you have a spare minute or two, just run through Facebook and see what settings are enabled. It is also worth making the time for any other services you are using frequently.
For Facebook on mobile, go to Options > Settings & Privacy > Settings > Privacy Settings and review them.
For Google, go to your account and select Privacy Checkup
DuckDuckGo is a search engine that focuses on privacy. You will still be able to search the web just as you would with Google however, none of your search results will be stored/recorded. You can either go to them directly or set you browser to use them be default.
Chosen Browser: Settings > Search Engine and select DuckDuckGo.
For mobile devices, they even have their own browser which is pretty neat.
You may need to enable Location services when using Google maps, but does Facebook or Windows need it? Most likely not, so for both your privacy and battery life, it might be worth reviewing permissions and even turning off. There was a story a couple of years back where a person was caught out due to their partner having permission to see where they have been over the last months. The story flagged a huge concern and exposed some of the defaults Google had enabled when using its service. It’s not just Google though so be careful who you share this information with.
Google Location History: https://support.google.com/accounts/answer/3118687?hl=en
Request to do not track
Each browser can send a Do-Not-Track request to each site. You will just have to enable it per browser as by default it will often be turned off. The reason why is that it might affect certain sites which will refuse to function, should the cookies be blocked.
The settings are often found by going to: Options > Privacy & Security.
Some browsers are better than others and will give you a range of options to control your tracking. Should you wish to enforce this, you can also look to use browser extensions such as DuckDuckGo and Privacy Badger.
These extensions provide further customization for your browser experience. If for instance, your stricter policy breaks a certain site you need to use, you can either turn it off temporarily or whitelist the site.
Now this may only be a small win, but certain browsers often provide more customization than others. For example, FireFox allows you to customize your Do Not Tracks whilst Google is an on or off switch. Firefox is also open source and not built by a company which is funded by data harvesting. You will still get all the bells and whistles however, it’s down to preference and what you like. The above features/extensions will still function on Google Chrome for instance and can still allow you to remain private.
Using a Virtual Private Network (VPN)
VPNs are now becoming popular and have even made their way onto the tele. VPNs will allow you to secure your network traffic and prevent anyone from sniffing or monitoring you (Excluding the provider in certain cases). Using a VPN is a great way to stay secure and private online and will only come at a small cost. I would advise staying away from certain “free” options due to the potential risks (Covered here). I’m not saying all of them are bad but a lot of the random “Free VPNs” have been flagged to be malicious.
It’s also worth checking how the provider is handling the service. For instance, certain VPN providers don’t record or retain any logs whilst others might. It’s always worth balancing the cost and security when choosing a provider. Should you use public wifi a lot, you should defiantly consider using one.
Review IoT devices
You may own an Alexa or Google device which is linked to your account. Take note that these searches will be recorded and during the setup will most likely ask for basically “everything”. It’s always worth reviewing what these devices and applications have access to and what data they are sending.
If you just use your nest for playing music, then it doesn’t need access to your contacts and messages does it?
These are just some of the basic steps that you can take to retain your privacy online. As I say, it’s all about balance and unless you understand how to use services such as Tor (correctly) and wish to live your life through fake accounts, it’s worth doing. Even if you chose to do one of the above options or simply log out of service you don’t use frequently, it’s a start.