How to Protect Your Privacy Online

It isn’t easy to protect your privacy online. Private companies exploit and sell personal data indiscriminately – often without asking for permission or telling anyone they’re being watched.

The surveillance marketplace commodifies the personal data of private individuals. Legal entities, such as the Federal Communications Commission and the U.S. Supreme Court, have issued judgements and imposed fines to safeguard Americans’ privacy. But they’re a step behind the surveillance industry, reacting to new privacy violations only as they’re discovered.

Short of disconnecting completely, it’s practically impossible to fully extricate yourself from the all-seeing eyes of data-hungry companies. There are, however, steps you can take to safeguard your privacy. Read on for some practical pointers on how you can protect your privacy online.

Choose Your Devices Carefully

Every time you purchase a smart device, you are making a decision about your privacy. The most private – but least practical – method would be not to own any smart devices. Realistically, though, few people would want to go without a smartphone and computer. Some devices, however, are safer than others.

As a general rule, Apple products are better for privacy than Google products. Google derives most of its revenue from targeted advertising. Though they offer privacy controls, these do not prevent Google from collecting your personal and behavioral data.

Apple is primarily a hardware company, not an advertising company like Google. Because Apple makes most of its money from selling computers and iPhones, privacy doesn’t have to come second to ad revenue. Not that Apple’s perfect – Google pays them up to $12 billion a year to remain the default search engine on Apple devices.

Of course, Android and iPhone aren’t the only smartphones available. You could also buy a privacy-focused smartphone, such as the Purism Librem, or install a custom Android OS with better privacy controls, such as Lineage. These options might make sense for the most privacy-concerned individuals, but I expect most to stick with Android or iPhone.

For privacy purposes, I would strongly recommend an iPhone over an Android smartphone. But that can be a tough switch if you’re already invested in Google’s tech “ecosystem”. But there still exist some ways to protect your privacy on Android.

Android Privacy Settings

On Android 11, you can access your privacy settings by navigating to Settings à Privacy. Let’s go over a few important checks.

First, start with the Permission Manager, which controls whether various apps can access your camera, location, and other data and features of your smartphone. For each setting, you have three options: allowed all the time, allowed only while in use, and denied.

It’s worth looking through all of these to see which apps have access to your data. I would pay special attention to your Location, Camera, and Microphone. You’ll want to limit access to these features as much as possible.

On Android’s privacy settings, you can also turn off ad personalization, Google location history, and device personalization. But these features can be deceptive. Turning off ad personalization, for instance, does not stop Google from compiling your data – it simply means they will not leverage their profile on you to personalize advertisements. Likewise, turning off location history only turns off the location history visible to you. Google will still maintain data on where you’ve been.

To read more, see our full article on Android Privacy Settings.

iPhone Privacy Settings

Just because you have an iPhone doesn’t mean your privacy is perfectly protected. Your safety still depends on what apps have access to your smartphone; just like with Android, I strongly recommend auditing the privacy settings of every app on your phone.

To do so, navigate to Settings à Privacy. From there, you can see what apps have access to features such as your microphone and location history. The less access you allot to apps, the better.

Stay Safe on Social Media

By its very nature, social media is not private: it exists to share and connect with others. But you can limit what you share, who you share it, and which social networks your information goes out on.

As a starting point, limit who can see your posts and profile information. I encourage limiting access to people you know. Keep in mind that this is very imperfect. Even if you limit who can see your content, if it’s on social media, you should assume anyone can view it.

Pay special attention to any personally identifiable information you share online. In the wrong hands, this information can be used to steal your identity. Hopefully, you’re savvy enough already not to share top secret information such as your Social Security Number. But identity thieves also rely on semi-public details, such as your address and birthday, to hijack your identity and finances. The less they know the better.

Most importantly, think before you post. Vigilance is key to keeping your information private online, especially in a territory as intrinsically public as social media.

Delete Facebook (Or Proceed With Caution)

If you’re ready to take your online privacy seriously, one of the best things you can do is delete your Facebook account. You might not be ready to go that far, but it’s my personal recommendation.

Time and time again, Facebook has proven itself too irresponsible to entrust with your personal information. You’re probably familiar with the Cambridge Analytica scandal, in which a private company collected the personal information of over 80 million Facebook users over the course of several years, and sold that information to political campaigns and other buyers.

Most of those users never gave any consent for their data to be harvested. A handful of users did – and, through Facebook’s data programs, Cambridge Analytica harvested not just their data, but their Facebook friends’ data as well.

This was no hack: Facebook allowed it to happen. They took no action to stop it, even after being exposed by The Guardian in 2015, the New York Times Sunday Review in 2016, and by The Intercept and other outlets in 2017. Only after media scrutiny rose to a furor in 2018 did Facebook take any action to curtail this looting of personal data. For many years, they just let Cambridge Analytica – and other groups just like it – exploit its users’ personal data without consent.

Facebook has also fallen victim to repeated data breaches, in which hackers have obtained millions of users’ personal data. It happened in 2018, 2019, and 2020, and there is little reason to believe it won’t happen again.

Because Facebook is so irresponsible with user data, you should consider any information you post there public, regardless of your privacy protections. Post minimally, especially when it comes to sensitive information such as your address or birthdate.

Use Privacy-Friendly Apps & Services

Switching devices is a big deal, but you can also make smaller changes that will have a big impact on your online privacy. So many of our “default” services are provided by Google, a company premised on exploiting users’ personal data to make advertising revenue.

The more you can minimize Google’s presence in your digital life, the more private you’ll be. Read on for some alternatives to break yourself free from Google’s data-hungry “ecosystem”.

Privacy-Friendly Web Browsers

Let’s start with your web browser. If you’re like two thirds of web users, you probably use Chrome to view the internet. By default, Google tracks everything you do when signed into Chrome, making it a poor choice to protect your privacy.

For a fully-featured web browser that prioritizes privacy, you can’t go wrong with Firefox. It’s developed by Mozilla, a non-profit company whose mission is to make the internet a better place, and their commitment to privacy and security are cooked into the company’s core values. It’s also a well-developed, fully-featured web browser.

You can also try Brave, a web browser designed with privacy in mind. I haven’t used Brave extensively, but have heard nothing but good things. It’s based on Chromium, the Google-sponsored open-source software project that powers Chrome and other web browsers. That allows Brave to run the same extensions as Google Chrome, but without letting Google watch your every move.

These are far from the only web browsing options. Apple users can sleep soundly knowing that Apple’s commitment to privacy extends to the Safari browser.

If you’re looking for the most private and secure web browser available, you can consider using Tor. Tor encrypts your data and routes it through their servers, so that not even your Internet Service Provider can track your identity.

But Tor isn’t ideal for day-to-day web usage. It runs much slower than other browsers, and for many websites, Tor doesn’t work at all. It often runs into trouble on banking websites, for instance, as banks rely on device data to verify that someone is who they claim to be. That said, if you need to do something especially sensitive, it may make sense to do so over Tor.

Use a Private Search Engine

Google Search is Google’s main product – their entire business is based on search advertising. To keep Google from tracking you online, use DuckDuckGo, a privacy-centric search engine that does not track or sell your personal information.

DuckDuckGo does not offer all the search features Google does, but the core search works very well. If you’ve never used it, give it a try. And if you like it, make it your default to prevent Google from tracking you online.

Stop Using Gmail

Yes, Gmail reads your emails so as to deliver you targeted advertisements. Although Google employes do not read your emails, the algorithm analyzes everything you send or receive.

To prevent your emails from being exploited for advertising purposes, you can use an alternative service such as Hey email. Like any service, Hey technically can read your emails. But Hey carefully restricts access instead of exploiting your emails for advertising purposes.

Turn Off Your Location Data When Not in Use

Your location data is some of the most valuable data you have. It’s personally identifiable by its very nature: if someone tracks your movements from home to work, they can potentially match your identity. It also extends beyond the digital world, and can be used to learn about your behavior not just online, but in the real world as well.

Unfortunately, your location data is not protected from being sold to third parties. That’s why it’s so vital to limit which apps can access your location data.

The best way to prevent anyone from exploiting your location data is to turn off GPS tracking altogether. But there’s an obvious downside to this: without location tracking, navigational apps such as Google Maps lose key functions. Even if you turn location data off, there will likely be times you’ll want to use it to get around.

If you really want to keep your location data away from Google’s prying eyes, you can try another maps app. But the competition is not robust. In 2013, Google bought Waze, their biggest maps competitor.

Apple Maps is the best alternative, but if you’re not willing to switch to iOS, you’re out of luck on that front. You can try OsmAnd, but in my experience, its navigation, interface, and features leave a lot to be desired compared to Google Maps. If you’re an Android user, you might just have to settle for Google Maps.

Google Maps does have some privacy settings. You might notice an incognito mode, for instance. But turning on incognito mode does not stop Google from tracking and saving your location data. It no longer updates the Location History that’s visible to you – but Google is still able to track your movements.

You can find additional controls under “Your data in Maps”. From here, you can turn off your Location History, Web & App Activity, and Ad Personalization. But turning off these settings does not prevent Google from keeping its own history of your location. Only by turning off your phone’s location tracking can you prevent Google Maps from tracking you.

Don’t Buy Smart Devices You Don’t Need

Every device you own offers another avenue for companies or hackers to exploit your personal data. As such, you should be wary of every smart device you bring into your home or person Before you buy a smart device, always ask yourself: do I really need this?

Smart speakers, such as Amazon Echo or Google Nest, are by their very nature “always listening”. They wake up when they hear their wake words, but they are always tuned into what you’re saying. What they record is then studied by their parent companies – sometimes by algorithms, sometimes by actual employees or contractors.

They can even see your video recordings if you own a smart screen such as the Amazon Echo Show. By placing a smart screen in your bedroom, you are effectively letting offices full of strangers around the world see and hear you.

Any smart device will track you on some level. A Roku streaming stick monitors what you watch, and even collects data on your home network. Whenever you buy any smart device, you should do your research on how the company approaches privacy.

Smart technology is becoming more pervasive all the time. Amazon in particular is pushing the so-called “internet of things” to new frontiers of corporate surveillance. With Ring, they’ve expanded into doorbell cameras and security systems.

Now they’re launching Sidewalk, networking all Amazon devices into semi-public networks. If you own an Amazon device, you have been automatically opted into this network – make sure to opt out if you’d like to keep your devices private.

Better yet, throw out your Amazon devices. If you have any concerns whatsoever about corporate surveillance, Amazon is not a company you want anywhere near your home.

Give Up on Fully Protecting Your Privacy

At a certain point, you have to accept the things you can’t change. By now, our privacy has been so compromised that it’s nigh impossible to fully protect your personal data unless you’re ready to disconnect from the internet entirely.

In this compromised world, you need to reckon with what compromises you’re willing to make. Many, for instance, will find Google’s web of services too useful and too all-encompassing to fully escape it.

You might decide you trust Google enough to let them into your life. Just because that isn’t the absolute best privacy decision does not invalidate it as a reasonable choice for many people. And you can still protect your privacy in limited ways via Google’s privacy controls.

It’s a low bar, but Google has at least proved more secure and privacy-aware than Facebook. Unfortunately, if you want to keep up with friends and family over social media, your choices boil down to Facebook and Instragram – which is owned by Facebook. Tread carefully.

Apple is far better from a privacy perspective, but they’re not perfect, either. Google pays apple over $10 billion every year to make Google the default search engine on Apple products – undermining Apple’s commitment to privacy. Still, if you’re concerned about privacy, you’re much better off in Apple’s tech “ecosystem” than in Google’s. At the end of the day, they’re a hardware company, not an advertising company.

Organize for Change

Corporate surveillance is a societal problem. And societal problems demand societal solutions. As an individual, you cannot escape the growing surveillance net. But a collective push for change can still be effective at curtailing big tech.

Change can come through legislation. In 2016, the European Union passed the General Data Protection Regulation (GDPR) to protect the personal data of European citizens. In 2018, California passed the California Consumer Privacy Act (CCPA) to protect California citizens. Laws such as these do far more to protect privacy than any action you can take on its own.

Anti-trust enforcement can also make a huge difference. The anti-trust case against Microsoft in 2001 changed their trajectory as a company. After 2001, they shifted from the maniacal growth-at-all-cost attitude that still pervades Silicon Valley to a more careful, sustainable trajectory.

To create more pressure for these changes, write or call your representatives pushing for new privacy legislation. Better yet, get involved with an organization such as the Electronic Frontier Foundation that advocates for online privacy. Any action you take in concert with a wider organization will be far more effective than action taken on your own. The EFF’s Action Center is a great place to start if you’re ready to help push for change.

With an anti-trust suit filed against Google and the prospect of more actions underway, we’re poised to potentiall make big changes in the next few years. But these tech companies have boatloads of money and some of the most influential lobbies in Washington. Unless we as a people hold our elected leaders accountable for change, it’s unlikely that we will be able to corral the expanding corporate surveillance state.