Online privacy

Photo by Icons8 team on Unsplash

Do you take your online privacy seriously?

The Cambridge dictionary defines privacy as “the right to keep one’s personal matters and relationships secret”. Sadly, we now live in an age of surveillance where it’s getting harder to keep our information private.

Whether it be bad actors looking to steal your information for their own gain, ISPs tracking your online behavior to sell to big data companies, or your own Government spying on you, there’s always someone looking to gather your information wherever you go. Heck, you can’t even trust your phone’s pre-installed apps.

On the other hand:

It is understandable to surrender some of your privacy in exchange for convenience. Google and Facebook, two of the biggest data collectors today, have become household names and have even become part of everyday parlance to some (you can “Google” that if you want).

I have to admit:

Before I started on the path towards online privacy, I used to imagine myself becoming an unkempt middle-aged guy living in my parents’ basement, wearing a tinfoil hat, furiously poring over half-soiled stacks of paper and searching the dark web using a laptop with a taped-over webcam to find that missing piece of evidence that could prove my latest conspiracy theory.

After I began this journey, though, I can solemnly swear that it isn’t like that at all — most of the time. Even Facebook founder Mark Zuckerberg and NSA whistleblower Edward Snowden themselves tape their webcam, so it isn’t silly at all. It really depends on how deep you want to go into the rabbit hole.

So:

If you want to find out what you should and should not do to protect your privacy, let’s dive right in!

Your device

DO:

  • Change any default passwords into strong and unique ones (more on this later). Hackers know what these default passwords are and will try to use them to access your device.
  • Turn on device encryption to add a layer of security over your device’s data.  
  • Disable Google’s cloud-based backup. You wouldn’t want to trust Google with your information once your government comes knocking at their door. You may also want to opt-out of using Google altogether just to be sure (this will be a topic for a future post).
  • Shorten your phone’s auto-sleep time and enable auto-lock to keep nosy people from accessing your device. You can also enable the automatic wipe setting to have your phone delete all data on your device after a number of failed unlocking attempts. Finally, make sure to disable lock screen notifications.

DON’T:

  • Rely on your device’s default settings. While they offer more convenience, they also come with privacy issues.
  • Use your computer’s Admin account to access the Web. Hackers can do more damage if they’ve accessed your device through your Admin account.

Your browser

DO:

  • Change the privacy settings on your browser. If you want to use Chrome, you can use this guide to access and change the privacy settings on your device.
  • Delete web cookies every once in a while. Web cookies collect your data and can be used to track your online activity.
  • Replace your browser with a privacy-oriented browser, like TOR, to make sure your privacy is protected. The Onion Router protects you from tracking and surveillance by wrapping your online data in several layers of encryption and then “bouncing” it multiple times before reaching the proper server.
  • Replace your search engine with a privacy-oriented search engine like Duckduckgo. Like TOR, Duckduckgo does not track your online activities and saves you from personalized search results.

DON’T:

  • Trust your default browser’s settings out of the box. These are usually set to allow them to collect your data. Also, don’t rely on your browser’s Do Not Track settings to keep your location safe.
  • Rely on using Incognito mode. It doesn’t prevent your ISP, school, etc. from spying on your online traffic.
  • Use insecure HTTP sites for online shopping. These sites don’t encrypt the information you’re sending which makes it easier for hackers to steal.
  • Enable active content while using TOR. Active content such as JavaScript, Java, and Flash can circumvent TOR’s privacy features. Active content run with your user account’s privileges and may access and share your data.
  • Rely on TOR or Duckduckgo while accessing Google or Facebook. These sites have trackers that can circumvent TOR and Duckduckgo.
  • Use P2P while using TOR. This browser is made for privacy and won’t protect you from security threats.

Your communication

DO:

  • Use encrypted mode while using an instant messaging app. This makes sure that not even the authorities can access your conversations.
  • Use a private-by-default communication app like Signal. Apps like this protect your messages and calls with end-to-end encryption. This ensures that only you and the person on the other line will know about that secret ingredient you use in your blue ribbon chili.
  • Use an anonymous email like ProtonMail. This email service comes with end-to-end encryption, doesn’t require any personal information to sign up for, and is located in Switzerland — a place with strict privacy laws.  

DON’T:

  • Fall for phishing scams. Not even the most private messaging or email service can protect you from scammers if you’re voluntarily giving them access to your device or information.

Your passwords

DO:

  • Use strong passwords for all your accounts. Here’s an in-depth guide on how to make strong passwords from TheBestVPN. It also comes with a nifty password generator to give you an idea of what a strong password looks like.
  • Test the strength of your strong password using HowSecureIsMyPassword.
  • Use a different password for every account. This prevents hackers from accessing all your accounts if they find out your login information.
  • Use a password manager like 1Password. These apps can generate unique passwords and will also securely store them for you, thereby, reducing the need to rely on your memory or that creased up piece of paper you hide in your wallet.

DON’T:

  • Forget to turn on two-factor authentication. This ensures that bad actors won’t be able to access your accounts even if they’ve somehow gotten your login information.
  • Share your password with anyone. NEVER DO THIS.

Your social networks

DO:

  • Be careful with what you share. You never know who could be watching and stealing your information. Even photos can be stolen and used in identity theft, blackmail or as an indicator that you’ve got something worth stealing.
  • Take care when making a social media account for your children.
  • Be careful who you accept as a friend. Inspect their profile and photos to make sure they’re not actually scammers, hackers, or sexual predators trying to steal your information or photos.

DON’T:

  • Share a picture of your credit or ATM cards.
  • Forget to blur out key details on photos of documents that you want to keep secret.
  • Share work selfies with a computer screen or whiteboard in the background. The information on the photo may be used by observant bad actors.

Your software

DO:

  • Add layers of security. Security and privacy should always go hand-in-hand and will often play off of each other for your benefit.
  • Install an anti-virus + firewall like Symantec Endpoint Protection. It will protect your device from viruses and will warn you when you’re about to navigate to a well-known phishing or malware website.
  • Install a VPN like NordVPN or ExpressVPN. A VPN plays well with TOR and Duckduckgo by encrypting your online data and hiding your true IP address.

DON’T:

  • Download any APK files from untrustworthy sites. You never know what other files the site owner inserted into them. Get them directly from their official sites.
  • Trust completely free VPNs. You’re actually paying for them with your data which they sell to advertisers. This is different from VPNs with a free trial period or limited free plan as these companies hope that you’ll like what you experience and eventually upgrade to a paid subscription.

Let’s take our online privacy seriously

You don’t have to be a whistleblower to want to protect your online privacy. While it’s impossible to use the Internet while being perfectly private, you can always add layers of privacy to make you harder to track. Following the suggestions on this list will set you on the first few steps to protecting your privacy seriously.