Find out how you can significantly improve the protection of your personal data in only 60 minutes.
Privacy settings are the key to what you share
The initial release of BitsaboutMe is all about raising the awareness what digital data trail we leave behind. By connecting to your various online accounts you can get a comprehensive overview about the data that is stored about you by the various players. Now it is on you to decide to what extend you are comfortable with what you see.
Unfortunately the large players (Google, Facebook, Apple, …) make you trade-off data privacy against the convenience of e.g. syncing data between devices among other features. The good news is that most data collectors now make it possible for you to manage what data they store and what not.
By far the largest amount of personal data is collected by your smartphone – a very powerful surveillance device that knows almost everything about you. For iOS, the collected data generally stays locally on your device, while an Android phone, depending on your settings, might share plenty of data directly with Google (see below).
In both cases review your privacy settings for the phone and the browser (Safari/Chrome) and decide for yourself to what extend you want to share your emails, web activities, location history, contacts, calendar etc.
Your Google account
If you have a Google account, then it is worth checking myactivity.google.com. Here Google has built an easy to use interface to see what data they have collected about you, to delete that data and also to disable future tracking. If you do not have a Google account your Google activities are still tracked based on your cookies, but you cannot see it. You can still manage what Google tracks about you here.
Your social networks
Also for the various social media accounts (Facebook, Twitter, LinkedIn, etc.), it is worth visiting their privacy settings. The situation here is slightly different as social media posts are by nature already public to some extend. Just be aware that you share not only with your friends and followers but also with the entire ad industry and not only what you post and like but every website you visit that has the respective share button. This corresponds to 90% of all web pages.
Passwords are still the number one security risk for your personal data. It is save to assume that your email address – and hence login – is already common knowledge so all it takes to get access to the majority of your accounts are your passwords.
Take good care of your passwords
- Choose strong passwords
- Use unique passwords
- Avoid phishing sites and phishing emails
- Keep your computer safe from password-capturing malware
Protect your devices
- Protect every device with a password (see above)
- Always install the latest security updates for your operating system
- Encrypt your devices (BitLocker on Windows, FileVault on Mac). Encryption is the default on iOS, but has to be enabled explicitly on Android devices.
To find out if your account has been compromised in a major breach you can check your email address at Have I been Pwned?
Why does it matter?
Too simple passwords
Passwords are cracked by try and error. Simple passwords can be guessed more easily, a four-digit number has only 10’000 combinations (1 second for a computer) while a 8 character password using letters, numbers and special characters has 3’025’989’069’143’040 combinations (depending on the exact rules), which is a number even the fastest computers cannot crack.
Using the same password on multiple accounts
The more online accounts you have the higher the chance that eventually your email and password are leaked. Even if the breach happens on an irrelevant account, e.g. some news site, if you use the same password everywhere, now also your social media and payment account are compromised. Stolen passwords are sold by the millions on the dark net and hackers use them get access to all kind of accounts.
Managing your cookies
A radical move is to delete all cookies every time you close your browser. There will be no more tracking based on cookies but you also lose the benefit of 1st party cookies that websites remember you and your preferences when you visit them.
Hence a more pragmatic approach is to block 3rd party cookies. 3rd party cookies do not provide any value but just keep track of your every move online. The image below is done with a Firefox plugin called Lightbeam and shows the tracking from only a couple of days surfing the web. The circles are the 24 sites visited (1st party) and the triangles the tracking websites (3rd party) associated with those sites.
In order to stop those 3rd party sites from tracking you, you should disable 3rd party cookies on all your devices.
- Firefox: Privacy > History > Use custom settings for history > Accept third-party cookies > Never
- Chrome: Setting > Privacy > Content Settings > Block 3rd party cookies and site data
- Internet Explorer: Tools > Internet Options > Privacy > Advanced > Third-party Cookies
- Microsoft Edge: Settings > View Advanced Settings > Block Only Third Party Cookies
- Safari: 3rd party cookies are blocked by default
The loss in web functionality with 3rd party cookies blocked is minimal and the most annoying ad tracking is stopped.
Opt out from ad tracking on your smartphone
- iOS: Settings > Privacy > Advertising
- Adroid: Settings > Google Settings > Ads
Set your browser to “Do Not Track”
This is a self-governing indicator for the ad industry to not track users who send this signal.
- Firefox: Privacy > Tracking > Manage your Do Not Track settings
- Chrome: Setting > Advanced Setting > “Send a “Do Not Track” request with your browsing traffic
- Internet Explorer: Tools > Internet Options > Safety > Turn on Do Not Track requests
- Microsoft Edge: Menu button > Advanced settings > Send Do Not Track requests
- Safari: Settings > Safari > Privacy and Security > Do Not Track
As cookies are not the only way to identify browsers, there is another approach worth mentioning:
Go to www.youronlinechoices.com a self regulating body of the European Online Ad Industry. You can see which companies use active tracking cookies on your browser and opt out from specific ones or from all of them.
All those measures will not stop tracking to 100% but you should see a significant decrease in targeted advertising after those simple steps likely even better than 80:20.
Blocking cookies will not prevent you from seeing ads. You might even still see targeted ads based on 1st party data. But those ads from ad networks that follow you around all over the web will disappear.
With online display ads becoming more and more invasive the use of adblockers has become very popular both on desktop and mobile browsers. In the last couple of years when more and more users started openly to rebel against display advertising practices, the install base of adblockers has exploded and reached 600 million in 2016.
You can find a variety of free and paid solutions here.
Also note that ads are the flip-side of the free content culture of the internet. Some of your favorite high quality news outlets heavily depend on the online ad dollars supporting their shrinking print businesses. When online display ads are increasingly being pushed back those revenue will have to be replaced by some form of micro payments or subscription model, e.g. to finance quality journalism.
By making active use of online services, we generate every day large amounts of data. The use of those data is the business base of large internet companies whose advertising revenues finance the “free” services that we all use. In many cases, there is a trade-off between privacy and convenience where everyone has to find its own balance.
The sharing of personal data is an individual cost-benefit consideration. When you share more data, online services become more personalized, resulting usually in a more convenient usage. However, this involves the risk of (subconscious) manipulation, e.g. through advertising, or the phenomenon of the information bubble in which you only get to see content that complies with your own world view. That may gives you a good feeling, but in some ways it is also a distortion of reality.
Google offers a wide range of “free” and useful online services. Thus, the internet giant collects a large amount of information about you, such as your search queries, your browser activities, the places you have visited, as well as the videos, which you have been watching on YouTube.
In order to control which data are collected by Google, go to www.myaccount.google.com. Under Personal info & privacy you find the section Activity controls, where you can easily manage and edit the following Google activities:
- Web & App Activity
- Location History
- Device Information
- Voice & Audio Activity
- YouTube Search History
- YouTube Watch History
Each of these activity groups has a blue switch. By toggling this switch you can disable future data storage of the respective Google service.
In order to deleta data, click in the relevant activity group on Manage activity. If you want to delete data sets, go to the option at the top of the screen and click on Delete activity by. There you have the option to delete your Google activities by topic, product and time span as desired.
If you just want to delete your browser data, you can do this directly in Chrome:
- Launch Chrome on your computer
- Click on the three dots in the upper right corner
- Click on History > Clear browsing data
- In the box above, select a time period. To clear everything, select The beginning of time
- Select the items you want to remove
- Click on Clear browsing data
To get an overview of your Facebook activities, you can explore your Activity Log:
- Login into your Facebook account
- Click in the menu bar on the top-right corner on the arrow > Activity Log
The activity log lists all your past actions and content in chronological order. By clicking on the pen on the right side of an entry, you can selectively remove activities and comments from your Facebook history, as well as eliminate “Likes” and delete your location history.
If you use the Facebook app, you can delete the browser data on your smartphone, as well as remove cookies and the cache file of websites that you have visited in connection with the use of the Facebook app.
- Launch the Facebook app
- Tap on the menu key
- Scroll to Help and Settings > App Settings
- Tap on Clear Your Phone’s Browsing Data > OK
- Launch the Facebook app
- Tap on the “More” button at the bottom
- Choose Settings > Account Settings
- Tap Browser > Clear Data
If you want to (or have to) use Facebook, but you want to disclose as few personal information as possible, you can find here a guide on how to limit Facebook data usage.