The initial release of BitsaboutMe is all about raising the awareness about personal data and online privacy. By connecting to your various online accounts you can get a comprehensive overview about the data that is stored about you by the various players. Now it is on you to decide to what extend you are comfortable with what you see.
Unfortunately the large players (Google, Facebook, Apple, etc.) make you trade-off data privacy against the convenience of e.g. syncing data between devices among other features. The good news is that most data collectors now make it possible for you to manage what data they store and what not.
Your smartphone is a very powerful surveillance device that knows almost everything about you. For iOS, the collected data generally stays locally on your device, while an Android phone, depending on your settings, might share plenty of data directly with Google.
In both cases review your privacy settings for the phone and the browser and decide for yourself to what extend you want to share your emails, web activities, location history, contacts, calendar etc.
If you have a Google account, it is worth doing the Privacy Checkup. It allows you to manage your personal data, update what you share with friends and customize the type of ads Google shows you.
In Google’s Activity Controls, you can also control exactly what activities you want ot associate with your account to personalize your experience.
Further, under My Activity, you can find information about all your searches, content views and locations you have visited. On this platform, you can delete some or all of your previous activities.
For more information on how to manage and delete your data stored by Google, click here.
The situation on social media is slightly different as posts are by nature already public to some extend. Just be aware that you share not only with your friends and followers but also with the entire ad industry and not only what you post and like but every website you visit that has the respective share button. This corresponds to 90% of all web pages.
Passwords are still the number one security risk for your online privacy. It is save to assume that your email address – and hence login – is already common knowledge so all it takes to get access to the majority of your accounts are your passwords.
To find out if your account has been compromised in a major breach you can check your email address at Have I been Pwned?
Too simple passwords
Passwords are cracked by try and error. Simple passwords can be guessed more easily, a four-digit number has only 10’000 combinations (1 second for a computer) while a 8 character password using letters, numbers and special characters has 3’025’989’069’143’040 combinations (depending on the exact rules), which is a number even the fastest computers cannot crack.
Using the same password on multiple accounts
The more online accounts you have, the higher the chance that eventually your email and password are leaked. Even if the breach happens on an irrelevant account, e.g. some news site, if you use the same password everywhere, now also your social media and payment account are compromised. Stolen passwords are sold for millions on the dark net and hackers use them to get access to all kind of accounts.
A cookie is a text file created by a website and stored in your browser. A distinction is made between 1st party cookies and 3rd party cookies.
1st party cookies are used by website operators to get informative reports about your visit. This includes, for example, server logs and transactional data. 1st party cookies are not accessible across domains.
However, 3rd party cookies are set by third parties (e.g. advertising networks) and collect i.a. data from social media, Google Analytics and browser fingerprints. In this way, a clear picture of your interests can be created across several domains and thus it enables the creation of a comprehensive user profile, which is then used e.g. for remarketing campaigns.
This image is done with a plugin called Firefox Lightbeam and shows the tracking from only a couple of days surfing the web. The circles are the 24 visited websites (1st party) and the triangles the tracking websites (3rd party) associated with those sites. In order to stop those 3rd party sites from tracking you, you should disable 3rd party cookies on all your devices.
That is how you block 3rd party cookies on your devices:
This is a self-governing indicator for the ad industry to not track users who send this signal.
All those measures will not stop tracking to 100% but you should see a significant decrease in targeted advertising after those simple steps.
Panopticlick allows you to check your existing privacy settings and find out how well you are protected against online tracking. The test simulates loading a visible ad and an invisible script, both of which perform tracking, and a website that superficially looks like a tracker but respects “Do Not Track” requests.
Even if your privacy add-ons serve their purpose, you may still be vulnerable due to a unique browser fingerprint. Therefore, the free tool developed by the Electronic Frontier Foundation (EFF) also analyzes your browser fingerprint, which contains information (i.a. screen size, color depth, time zone) that your browser passes on and that makes your device uniquely identifiable. This gives you a an overview of your protection against tracking as well as your browser fingerprint and shows you where there is still room for improvement.
With online display ads becoming more and more invasive, the use of adblockers has become very popular. In the last couple of years the install base of adblockers has exploded.
You can find a variety of free and paid solutions here.
Also note that ads are the flip-side of the free content culture of the internet. Some of your favorite high quality news outlets heavily depend on the online ad dollars supporting their shrinking print businesses. When online display ads are increasingly being pushed back those revenue will have to be replaced by some form of micro payments or subscription model.
The cross-plattform plugin uBlock Origin blocks undesired advertising and reduces the amount of data which is collected about you. It also prevents malware from running in your browser and gives you an easy way to turn off the safe website lock. Depending on your needs, you can leave the extension in simple mode or, for better protection, choose Medium, Hard or Nightmare mode.
To best prevent ad tracking, uBlock Origin can also be easily combined with the free browser extension Privacy Badger. The Privacy Badger keeps an eye out for 3rd party trackers who track you across multiple websites without your permission and blocks their activities.
The collection and use of user data is the business model of large internet companies whose advertising revenues finance the “free” services that we all use. In many cases, there is a trade-off between online privacy and convenience where everyone has to find its own balance.
The sharing of personal data therefore remains an individual cost-benefit consideration. When you share more data, online services become more personalized, resulting usually in a more convenient usage, but you will also disclose more information about yourself.
Google offers a wide range of “free” and useful online services. Thus, the internet giant collects a large amount of information about you, among other things to display the best search results.
Right on the Google search page, you can review and delete your search activity, access the most important privacy settings in your Google account and learn how Google search works with the data you generate.
By clicking on Settings at the bottom right corner of the Google page, you can find under History your search activity. There you can also delete your search queries over a specific period of time, if you wish so.
Moreover, in Search settings, you can choose in which language your search results should be displayed.
Under Your data in Search, you can also define whether you want to see personalized advertising or just random advertising. It is also the place where you have control over all the Google products you use. Further, the Activity settings let you control whether the following data is stored by Google:
If you just want to delete your browser data, you can do this directly in Chrome:
To get an overview of your Facebook activities, you can explore your Activity Log:
The activity log lists all your past actions and content in chronological order. By clicking on the pen on the right side of an entry, you can selectively remove activities and comments from your Facebook history, as well as eliminate “Likes” and delete your location history. If you would like to download a copy of your data from Facebook, you will find more information here.
If you use the Facebook app, you can delete the browser data on your smartphone, as well as remove cookies and the cache file of websites that you have visited in connection with the use of the Facebook app.
Moreover, your mobile phone number is a key identifier for Facebook to connect contact information from Instagram, WhatsApp, Messenger, and Facebook. The company also owns some numbers that users did not add themselves.
If this is the case for you, you can remove your mobile phone number from Facebook and still secure your account. To do this, go to Mobile in the Facebook settings and remove your mobile phone number there. So that your account is still protected by two-factor authentication, go under Settings > Security and Login > Use two-factor authentication where you can set an app such as Authy as second factor for the login.