Howto

Manage what data you share for better online privacy

Privacy settings are the key to what you share

The initial release of BitsaboutMe is all about raising the awareness about personal data and online privacy. By connecting to your various online accounts you can get a comprehensive overview about the data that is stored about you by the various players. Now it is on you to decide to what extend you are comfortable with what you see.

Unfortunately the large players (Google, Facebook, Apple, etc.) make you trade-off data privacy against the convenience of e.g. syncing data between devices among other features. The good news is that most data collectors now make it possible for you to manage what data they store and what not.

Your smartphone

Your smartphone is a very powerful surveillance device that knows almost everything about you. For iOS, the collected data generally stays locally on your device, while an Android phone, depending on your settings, might share plenty of data directly with Google.

In both cases review your privacy settings for the phone and the browser (Safari/Chrome) and decide for yourself to what extend you want to share your emails, web activities, location history, contacts, calendar etc.

Your Google account

If you have a Google account, it is worth checking myactivity.google.com. Myactivity.google.com is an easy to use interface to see what data they have collected about you, to delete that data and also to disable future tracking.

If you do not have a Google account your Google activities are still tracked based on your cookies, but you cannot see it. You can still manage what Google tracks about you here.

Your social networks

Also for the various social media accounts, it is worth visiting their privacy settings. The situation here is slightly different as social media posts are by nature already public to some extend. Just be aware that you share not only with your friends and followers but also with the entire ad industry and not only what you post and like but every website you visit that has the respective share button. This corresponds to 90% of all web pages.

Protect and secure your device data

Passwords are still the number one security risk for your online privacy. It is save to assume that your email address – and hence login – is already common knowledge so all it takes to get access to the majority of your accounts are your passwords.

Take good care of your passwords

Protect your devices

To find out if your account has been compromised in a major breach you can check your email address at Have I been Pwned?

Why does online privacy matter?

Too simple passwords

Passwords are cracked by try and error. Simple passwords can be guessed more easily, a four-digit number has only 10’000 combinations (1 second for a computer) while a 8 character password using letters, numbers and special characters has 3’025’989’069’143’040 combinations (depending on the exact rules), which is a number even the fastest computers cannot crack.

Using the same password on multiple accounts

The more online accounts you have the higher the chance that eventually your email and password are leaked. Even if the breach happens on an irrelevant account, e.g. some news site, if you use the same password everywhere, now also your social media and payment account are compromised. Stolen passwords are sold for millions on the dark net and hackers use them to get access to all kind of accounts.

Limit tracking

Managing your cookies

A radical move is to delete all cookies every time you close your browser. There will be no more tracking based on cookies but you also lose the benefit of 1st party cookies that websites remember you and your preferences when you visit them.

Hence a more pragmatic approach for better online privacy is to block 3rd party cookies. 3rd party cookies do not provide any value but just keep track of your every move online.

Lightbeam graph showing third-party cockies

This image is done with a Firefox plugin called Lightbeam and shows the tracking from only a couple of days surfing the web. The circles are the 24 visited websites (1st party) and the triangles the tracking websites (3rd party) associated with those sites. In order to stop those 3rd party sites from tracking you, you should disable 3rd party cookies on all your devices.

That is how you block 3rd party cookies on your devices:

Opt out from ad tracking on your smartphone

Set your browser to “Do Not Track”

This is a self-governing indicator for the ad industry to not track users who send this signal.

All those measures will not stop tracking to 100% but you should see a significant decrease in targeted advertising after those simple steps.

Reduce ads and spam

With online display ads becoming more and more invasive the use of adblockers has become very popular. In the last couple of years the install base of adblockers has exploded and reached 600 million in 2016.

Graph showing the number of users using an ad blocker for more online privacy

You can find a variety of free and paid solutions here.

Also note that ads are the flip-side of the free content culture of the internet. Some of your favorite high quality news outlets heavily depend on the online ad dollars supporting their shrinking print businesses. When online display ads are increasingly being pushed back those revenue will have to be replaced by some form of micro payments or subscription model.

Use a privacy browser

Increasing online privacy in a simple way

In order to better protect your online privacy, Cliqz is a good alternative to conventional search engines. The free privacy browser Cliqz combines an in-built search function and comprehensive protection against tracking. In this way, the transmission of insecure data can be intercepted and your privacy optimally protected. Cliqz has committed itself to the principles of Privacy by Design and therefore the default configuration avoids the passing on of user data to third parties in the best possible way.

Online Privacy Browser Cliqz

The search function is located directly in the adress bar. By entering your search term, Cliqz instantly provides you a preview of hits. This gives you relevant search results without revealing any personal data. The use of a sophisticated anti-tracking technique also prevents you from being tracked while surfing across multiple websites. Using the icons in the menu bar, you can also define individually for each website whether ads, cookies or trackers should be allowed or blocked.

In addition to phising protection, Cliqz’s re:consent function also enables you to see which personal data is being processd by websites and thus makes it easier for you to adjust your privacy settings.

Privacy Settings on Cliqz

However, the goal of this privacy browser is not to achieve your complete anonymity. This would significantly limit your user experience. Rather, the data trace you leave online should be reduced to a minimum.

Cliqz can also be complemented with extensions such as Ghostery, a software that alerts you to hidden services while surfing, and LastPass, a web-based password manager.

Delete your data

By making use of online services, we generate every day large amounts of data. The use of those data is the business model of large internet companies whose advertising revenues finance the “free” services that we all use. In many cases, there is a trade-off between online privacy and convenience where everyone has to find its own balance.

The sharing of personal data is an individual cost-benefit consideration. When you share more data, online services become more personalized, resulting usually in a more convenient usage. However, this involves the risk of subconscious manipulation or the phenomenon of the information bubble. In this information bubble you only get to see content that complies with your own world view. That may give you a good feeling, but in some ways it is also a distortion of reality.

Google

Google offers a wide range of “free” and useful online services. Thus, the internet giant collects a large amount of information about you, among other things to display the best search results.

On the Google Search page, you can directly check and delete your search activity, access the most important privacy settings in your Google account and learn how Google Search works with the data you generate.

By clicking on Settings at the bottom right corner of the Google page, you can see your entire search history. There you can also delete your search queries over a specific period of time, if you wish so.

Moreover, in Search settings, you can choose in which language your search results should be displayed.

Under Your data in Search, you can also define whether you want to see personalized advertising or just random advertising. It is also the place where you have control over all the Google products you use. Further, the Activity settings let you control whether the following data is stored by Google:

If you just want to delete your browser data, you can do this directly in Chrome:

Facebook

To get an overview of your Facebook activities, you can explore your Activity Log:

The activity log lists all your past actions and content in chronological order. By clicking on the pen on the right side of an entry, you can selectively remove activities and comments from your Facebook history, as well as eliminate “Likes” and delete your location history.

If you use the Facebook app, you can delete the browser data on your smartphone, as well as remove cookies and the cache file of websites that you have visited in connection with the use of the Facebook app.

Android:

iOS:

Moreover, your mobile phone number is a key identifier for Facebook to connect contact information from Instagram, WhatsApp, Messenger, and Facebook. The company also owns some numbers that users did not add themselves.

If this is the case for you, you can remove your mobile phone number from Facebook and still secure your account. To do this, go to Mobile in the Facebook settings and remove your mobile phone number there. So that your account is still protected by two-factor authentication, go under Settings > Security and Login > Use two-factor authentication where you can set an app such as Authy as second factor for the login.