3 Easy Things You Can Do Right Now to Regain Your Digital Privacy

I recently read an article on C|Net called Americans Resigned to Giving Up Their Privacy, Study Says, and I wasn’t surprised. Online privacy falls into that list of concerns for most Americans with global warming and child labor: If you ask about it, people will be quick to tell you it’s a legit problem they’d like to see fixed, but then they drive away in their SUV following directions on their iPhone. It’s not that they don’t care, it just seems futile, and the benefits don’t seem to outweigh the costs. People want to be able to function easily in society, and these problems have gotten so out of hand that any little change by one individual would be like taking a drop from the ocean, so why bother? While I can see that logic, digital privacy is different in a few important ways, so I wanted to suggest some easy things that you can do to dam at least a few of those rivers of data leading into the ocean that you’re otherwise resigned to live with. 

Do you have curtains or doors in your home? Then privacy matters to you. It’s not a question of whether you’re doing anything “wrong” – it’s a matter of principle. Nobody wants to be secretly watched by others without permission. The problem is, right now people are watching everything you do online, and you have given them permission. I won’t get into the reasons why online privacy is important here, but if you aren’t convinced, then here’s one particularly good documentary about online privacy and the power of “big data,” called Panopticon. Anyone who uses the internet and can spare an hour should watch this (if you don’t mind reading subtitles)!  It’s a deep topic and I only have time to scratch the surface here.

Let’s start with email. If you’re using Gmail, Hotmail, Yahoo, etc. for free email, then your email is not private. (You may have seen Edward Snowden recently explain this to John Oliver on Last Week Tonight.) An easy way to fix this is to simply use free email that’s encrypted. Historically, this has been more of a pain than it’s typically worth, but luckily for us, a group of scientists working at CERN in Switzerland have just come up with a free service that does just that, and is just as easy to use as other free services, and is totally secure! They couldn’t even access (or give someone access to) your data if they wanted to, thanks to their double-layered security. It’s called ProtonMail. Check out this entertaining 12-minute TED talk in which one of the creators of ProtonMail explains it. Of course, in the real world you may not want to bother making all of your non-ProtonMail-based friends click a hyperlink to read a fully-encrypted email, but hopefully as more and more people sign up, more and more email conversations will be encrypted on both ends.  Until that happens, at least your end will be secure, while your friends don’t know the difference, and that’s half the battle.

Another really easy thing to change is your search engine. Why use Google.com when you can use the relatively new DuckDuckGo.com instead? DuckDuckGo uses Google’s search but does it anonymously as a middleman, so they aren’t presenting you with tweaked results they think you should see. They also don’t collect data about you or sell your search info to advertisers, and they even include additional search info beyond what Google lists.  (They also have less ads, an interface that’s MUCH easier to use for color blind people, and more…)  Give them a try, and stop telling Google and everyone they do business with about everywhere you’re going on the web!

The last major area where you can make easy changes that will essentially be transparent to you, but will make a real, measurable difference in the real digital world is using a few browser “Add-Ons” (what Mozilla’s Firefox (the browser I’d recommend) calls them), or “Extensions” (as they’re known in Google’s Chrome browser). (Don’t use Internet Explorer (IE) or Safari or Opera. Just don’t.) There are a number of decent ones, but I’ll just focus on my top three (sorry if you remember these from a previous post, but they bare repeating), in no particular order:

  • HTTPS Everywhere. There is no good reason not to run this add-on/extension. Basically, it just sits quietly in the background, and whenever you visit a site that can be encrypted (or contains elements that can be encrypted) via the HTTPS protocol, it will tell your browser to use that address instead of the normal unencrypted HTTP version. Since encryption keeps your communications more private, this is a good thing.
  • Ghostery. This is your best weapon in the battle to stay hidden from Big Data. It looks at a site’s code and if it sees anything from a known tracker, it’ll block it so you can surf anonymously. (After installation, go to Preferences, on the General Tab, at the bottom, under Blocking Options, Select All, except for Privacy, and in the Advanced tab, check “Block new elements by default” and check “Replace certain blocked content with a ‘click-to-play’ overlay”, and check all Performance Options at the bottom.  (Don’t forget to click “Save” button at the bottom of each tab before going to a different tab!)) Note – this even blocks Google Analytics, and other popular web analytics software, so web developers will no longer know if people are visiting their site, where visitors are going, etc.  For most people this may be fine, but if you’re a web developer this can be annoying if a lot of people use it (or helpful, if you use it to shield your own workstation from your stats). ;)
    • UPDATE! August, 2015: The Electronic Frontier Foundation (EFF) just released version 1.0 of their Privacy Badger add-on, which basically does what Ghostery does, but without the need for any configuration at all.  (For all browsers except IE.)  Instead of working from a blacklist of sites like Ghostery, Privacy Badger watches what sites are doing and intelligently blocks them on the fly as needed.  Also, Ghostery is now owned by Evidon, which is a part of the advertising industry, so some people question whether they’re really as trustworthy as they claim, but the EFF is about as trustworthy as they come, so that’s another reason to consider switching to Privacy Badger.  I’ve been using it for a little while now and so far it seems to work well (once you give it a day or two to learn which sites are problematic.)
  • Adblock Plus. Blocking ads is another way to keep advertisers from seeing you. Ghostery also acts as a basic ad blocker, but there’s nothing like this purpose-built add-on to get the job done across the board. Of course, blocking ads will deprive many sites of what is often the only income stream they have keeping the site afloat, so think hard before enabling this – but if you’re not one to read or (intentionally) click on ads anyway, then why not reduce the clutter? Accidentally clicking ads wastes the advertisers’ money, wastes your time, and can even open the door to malware or other annoying experiences from not-so-reputable advertisers.

So, now your browser is denying requests from trackers trying to watch you, you’re encrypting your data whenever possible, and you’ve even reduced ad clutter on already busy pages. When you add that to an anonymous search engine with DuckDuckGo, and encrypted email at ProtonMail – all of which is free – you’re in a much better position than 98% of your neighbors.

Do I even have to mention taking a closer look at your security settings in Facebook, and other social media, to make sure strangers can’t see what you’re posting? (Or avoiding social media (especially Facebook) entirely?) No, I didn’t think so…

“BUT WAIT,” you may say, “What about all the years of data they’ve already collected about me?” Well, the reality is data gets stale after a while. It doesn’t do anyone a lot of good to know what web sites you visited 10 years ago. The reason people want to track you is to derive some idea about what you’ll do in the near future. As data ages, its predictive value gets lower and lower, until it’s all but useless. Granted, it’ll never be COMPLETELY useless to a government legal team bent on prosecuting you for some crime against the State, but beyond that, you won’t have as much to worry about with the passing of time, especially as your IP addresses and physical locations change. So yes, your data IS already out there. But with 98% of your neighbors still happily providing all of their data, yours will get lost in the shuffle as it ages and loses relevance. After a few years of following just these few tips you’ll be much more anonymous than you are today.

…and I didn’t even get into removing geolocation tags from photos’ EXIF data, mobile device security, using the slow but completely encrypted Tor network to browse the internet, and more.  It’s a deep and often complicated topic, so maybe I’ll touch on those deeper topics another time.  Happily, with just these few quick and easy things that you can do right now to reduce your data footprint, you’ll finally be making a noticeable dent in the ocean of data that companies and governments have about you, and will begin to take the power back.

Feel free to add your own tips in the comments below. :)

Steve