The Ultimate Guide to Online Privacy – Critical Info for 2019
Since the Edward Snowden leaks revealed the extent to which government bodies are able to monitor and gather data on users all over the world, it is more important than ever to take steps to protect your privacy. But with the number of different threats out there, you may be struggling to figure out where to even start.
Maybe your social media account got hacked. Maybe you are sick of those scarily specific online ads following you wherever you go. Maybe you just decided it’s finally time to face the fact that your online privacy may be at risk.
Whatever your reason, protecting your privacy online can seem like an overwhelming task.
The good news is that it doesn’t have to be complicated. We are going to briefly go over some of the biggest threats to your online privacy and provide you with simple steps you can take to protect yourself from spying eyes.
Table of Contents
What Are the Biggest Threats to Your Online Privacy?
– Government Intelligence
– Browser and Website Data Sharing
– Search Engines
– Non-Secure Websites
– Cloud Storage
– Mobile Devices, File Storage, and Correspondence
What Steps Can You Take to Protect Your Online Privacy?
– Use a VPN
– Use the Tor Network
– Create Secure Passwords
– Use Secure Payment Methods
– Configure Your Browser
– Change Your Search Engine
– Protect Your Mobile Phone
– Secure Your Cloud Storage
– Secure Your Email
– Invest in Anti-Malware and Firewall Software
– Stay Informed on Social Media Privacy Policies and Settings
– Use Free Open Source Software
What Are the Biggest Threats to Your Online Privacy?
1. Government Intelligence
One of the biggest threats to internet privacy is the wide-reaching Fourteen-Eyes Alliance.
The Edward Snowden leaks paint a worrying picture of widespread international intelligence-sharing agreements that allow governments to bypass their own privacy protection laws. We now have a better understanding of how easy it is for many government bodies to gather information on their citizens.
It’s safe to say that any data that passes through one of the countries in the Fourteen-Eyes Alliance is no longer private. This is one reason that many people put effort into encrypting their data.
But considering the fact that government bodies like the NSA have played a role in creating some of the most popular encryption algorithms, does encrypting your data really keep it secure? To answer this question, let’s go over the basics of how encryption works.
How Does Encryption Protect Your Information?
At its most basic level, encryption is a math equation combined with a secret password or key.
The mathematical algorithm that is used to turn plain data into an encrypted message is called a cipher. The algorithm works by using a unique key that is known only by the sender and receiver.
Let’s use a very basic example. Imagine that you send the number 1180 to your friend. You tell him that all you did was multiply two numbers together to get 1180. In other words, he knows that you used the following cipher:
X * Y = Encrypted number
Using only the cipher and the encrypted number, will he be able to figure out the two numbers you used? He could find every combination of numbers that 1180 is divisible by, but he still couldn’t be sure which two numbers were the ones you originally used.
In this scenario, your friend is missing the key that you used with your cipher. But what if you and your friend agreed that in this equation, Y equals 5. So now your friend knows that:
X * 5 = 1180
He now shouldn’t have any trouble figuring out that your original number was 236.
This is an extremely simplified example, but the important piece to understand is that the cipher is only one piece of the encryption puzzle. Modern encryption algorithms are so complex that they are essentially unbreakable without knowledge of the unique key that was used.
Does Encryption Protect Your Data from Government Surveillance?
Yes and no. The short answer is that modern encryption methods will keep your data secure even if a government body gets ahold of it. However, encrypted data can attract unwanted government attention.
One downside of encryption is that it stands out to government intelligence organizations. According to leaked NSA documents, most data collected is deleted after a maximum of five years. However, the NSA reserves the right to collect and keep encrypted data for as long as it takes to decode the information. This applies to both foreign and domestic data.
On the other hand, modern ciphers are so sophisticated that it may not matter whether or not the NSA has your encrypted information. We will go into encryption methods in more detail when we discuss steps you can take to protect your privacy.
2. Browser and Website Data Sharing
Fingerprints, trackers, and cookies, oh my! Web browsers routinely collect and retain certain basic information about your internet connection and online activity. Some of this information is reported to websites to help them load faster and format correctly, but there are also other factors at play.
Your browser may be handing out much more than you think. You can visit sites like Webkay, Panopticlick, or Click to test out what kinds of information your browser makes available to any websites you visit.
Even though a lot of this information doesn’t mean much by itself, the problem is that the combination of this data can give your browser a unique fingerprint that will allow websites to identify you.
Similar to how the unique lines and dips of a human fingerprint can be matched to a single individual, the small pieces of information that servers can gather about your browser and device can be used to identify you as a unique user.
For example, your browser may be the only one on Australian Eastern Daylight Time with the same set of browser plugins, cookie settings, and display resolution. A site can use this knowledge to keep track of your browsing habits even if you’ve taken steps to limit tracking, such as clearing your cookies.
Third party analytics can even track your online activity across different websites.
The scary thing about browser fingerprinting compared to other tracking methods is that when you change your default browser settings to improve privacy, such as by turning off HTML5 web storage or blocking cookies, you may actually make your browser fingerprint more unique and easier to identify.
One positive use for browser fingerprinting is fraud prevention.
Have you ever gotten an alert from your bank after logging in to your account from a new location or device? Your bank’s website noticed that the person logging in didn’t have the usual browser fingerprint and took steps to make sure your account hadn’t been broken into.
On the other hand, advertisers love to take advantage of browser fingerprinting. The more information they are able to gather about your browsing habits, the better they are able to create targeted ads for you.
In addition to giving out information, your web browser also stores information from the websites you visit in the form of HTTP cookies.
Cookies are small files that websites can store on your computer. The purpose of cookies is to create a customized browsing experience and decrease loading times.
For example, a shopping website may store HTTP cookies on your browser to keep track of what items you placed in your shopping cart so that they will load automatically next time you visit the website.
Partners of the website, such as advertisers or analytics companies, are also able to place third-party cookies on your browser. Once stored on your web browser, cookies can do things like monitor your internet behavior or give you targeted ads.
There are also two unique kinds of cookies to be aware of: Flash cookies and HTML5 web storage.
Similar to regular HTTP cookies, Flash cookies are small files stored on your computer. They are stored by websites that use Adobe Flash and contain information about your experience with the Flash elements on the website.
The problem with Flash cookies is that they are not stored in the same location as regular cookies but are instead stored in a separate Adobe file. This means that they are not deleted automatically when you clear your cookies.
Instead, they must be deleted using your Adobe Flash player settings. Sometimes undeleted Flash cookies can even respawn HTTP cookies after you delete them, making it easier for websites and third parties to track you.
HTML5 web storage behaves similarly to traditional cookies. The difference is that the data is stored on your browser rather than your device. You have the option to turn off web storage in your browser settings.
Entity tags (ETags) are a method that web servers use to validate web caches. When you visit a website, your browser saves certain data to your computer so that the browser doesn’t have to reload it again.
For example, your browser may save a copy of large images on a website homepage so that you don’t waste time loading them again next time you visit. This saved data is called a web cache.
ETags are a kind of HTTP header. When they are included in a website, they assign a unique value to each cache element to help the website figure out whether any cached files need to be redownloaded each time you visit the site.
The dark side of ETags is that because they are unique identifiers assigned to cache resources, they can be used to track you. They are also very hard to detect and avoid because they included as part of the website’s HTTP response header.
3. Search Engines
Think of how often you and the people around you use Google every day. It’s no wonder that Google and many other search engines are able to collect a lot of information about us. Some of the basic information that search engines store about you includes:
- Your IP address
- The time and date you visit
- Search terms you use
- A unique identifier that may be stored in cookies called a Cookie ID
This data is then passed along to web pages and advertisers, who can then use the information to personalize your experience and create targeted ads. This explains why you started seeing ads for cat food everywhere you went online right after you visited that pet adoption site.
Even worse, most search engines are required to hand over the information they have collected if it is requested by a court or government agency. Considering the intimate role search engines play in many of our lives, this is an alarming thought.
Think about what this means. How often have you searched something out of curiosity without thinking about it? Are all of these searches things that you would willing to disclose to the world? Do you think your online searches should be used as evidence of your behavior or personality?
It seems silly to think that you could find yourself explaining to a jury that you only searched “How to get rid of a body” because you were watching Breaking Bad, not because you were planning to murder your neighbor.
However, there have been many real cases where people’s search histories were successfully used against them in divorce, custody, and criminal court cases.
4. Non-Secure Websites
Secure websites use the HTTPS encryption protocol to protect any data exchanged between you and the secure server.
HTTPS stands for HTTP Secure and is also known as HTTP over TLS (Transport Layer Security). You may also see it referred to HTTP over SSL (Secure Sockets Layer), which is TLS’s predecessor.
Luckily, the encryption protocol used by HTTPS is very secure, and the majority of websites you visit will be using it. You can easily check whether a website is protected by HTTPS just by looking at the beginning of the URL. Many web browsers will also notify you if you are visiting a non-secure server.
For example, this is what Chrome displays when you are visiting a secure website:
And this is what is displayed when you visit a non-secure website:
Watch out for non-secure HTTP websites. Your internet service provider (ISP) or any third-party spying eyes can view any information you exchange with a non-secure website. This means anything you write or submit to the website can be easily stolen, including sensitive information like your social security number and credit card or other financial information.
Malware is any kind of malicious software that is intended to damage or spy on your device, server, or network in some way. There are many types of malware that can harm your computer. Viruses, worms, ransomware, adware, and spyware are some of the most common kinds.
One of the scariest things that malware can do to threaten your privacy is to create a backdoor that allows third parties to bypass the security features protecting your software.
A backdoor installed by malware could give a cybercriminal access to your computer system, allowing them to steal your personal data, modify your files, or even control your computer remotely.
Malware can be very difficult to detect. A trojan horse, for example, is a type of malware that pretends to be trustworthy in order to trick you into installing it or providing it with sensitive data. You may think that you are opening a trusted program, so when the hidden malware asks for your master password, security question, or financial information, you don’t think twice.
There is also the scenario of software that does have a legitimate purpose and was knowingly downloaded by the user, but that also contains privacy-invading features that the user is not aware of. This kind of software is sometimes known as grayware.
One scary example of this is how a group of popular Mac apps was caught stealing and sharing users’ browsing history without their knowledge or consent.
6. Cloud Storage
Even if your cloud storage service encrypts your data, its privacy isn’t guaranteed. Since they were the ones who encrypted your data, they also hold the keys to unencrypting it.
If you look closely at the terms and conditions, most popular cloud storage service providers explicitly reserve the right to share your files and data with authorities if they receive a court order. Many of them have also been known to cooperate with the NSA.
Remember when we talked about government intelligence-sharing? If the NSA has the ability to access your data, it is no longer truly private.
7. Mobile Devices, File Storage, and Correspondence
Many people put a lot of time and effort into beefing up the security measures on their computers but forget to think about mobile devices. This is a big mistake that can leave a lot of your most sensitive information vulnerable.
Think about it: how many of the following ways do you regularly share information or data about yourself with your phone or tablet?
- Making phone calls
- Making voice calls using Voice over Internet Protocol (VoIP)
- Searching with Google or other search engines
- Loading websites
- Sending and receiving emails
- Posting on social media accounts like Facebook, Twitter, Instagram, and Snapchat
- Storing photos, files, apps, and other data using Apple’s iCloud, Dropbox, Google Cloud Storage, Microsoft’s OneDrive, or Amazon Drive
- Mobile banking or payment methods
Most of us share a lot of sensitive information with our mobile devices on a daily basis. It’s more important than ever to include these devices in our privacy protection efforts.
What Steps Can You Take to Protect Your Online Privacy?
You might be feeling overwhelmed after reading about some of the biggest threats to your online privacy. Take a deep breath.
There are lots of things you can do to protect yourself, and the best part is that many of them are very simple to implement. A few minutes of effort now can save you from a disaster later on.
1. Use a VPN
If you are looking for one simple step you can take to get comprehensive online protection, the single best thing you can do is invest in a high-quality VPN.
Not only are VPNs easy to set up, but they can provide you with some of the most comprehensive protection online from the scariest threats to your online privacy. Our readers highly recommend NordVPN as a top choice for privacy protection.
Some of the steps you can take to protect your privacy are intended to correct damage after the fact. A VPN, on the other hand, will protect your internet connection to stop privacy breaches before they happen. It’s much easier to prevent a security problem than it is to fix one.
A VPN can combine multiple layers and methods of protection to ensure that your connection is secure, anonymous, and private. Here are a few of the major privacy protection features that most VPN services offer.
There are two main pieces to consider when it comes to encryption strength. The first piece is the cipher, otherwise known as the mathematical algorithm used to encrypt the data. The most popular and secure cipher out there at the moment is AES. This is the cipher that the US government uses to encrypt its data.
The second piece to consider is encryption key length. The two most common encryption key lengths you are likely to see with AES encryption are 128-bit and 256-bit encryption. Is 256-bit necessary?
Data is encrypted and decrypted using a unique key. The only way that third parties can read your encrypted data without that unique key is by randomly trying every possible combination until they get lucky and guess the correct key. This is called using brute force.
An 8-bit encryption key has only 256 possible combinations, so brute force is likely to be successful. Now consider how many combinations are possible with a 128-bit key.
Where technology is at the moment, even if you had the most advanced supercomputer in the world at your disposal, it would still take billions of years to crack 128-bit encryption with brute force.
Considering that 256-bit encryption is significantly stronger than 128-bit encryption, many consider it to be overkill. Even taking fast technological advancements into consideration, the encryption lengths offered by VPNs are extremely secure.
OpenVPN is open-source software that offers a secure protocol used by many VPN providers. Open VPN essentially routes your VPN connection through the secure channels that it creates to protect you from data leaks. It provides a very secure layer of protection.
Perfect Forward Secrecy
Perfect Forward Secrecy (PFS) is an extremely valuable method of encryption. With a typical encryption tool, your data is secured using a single encryption key. If that key were to be compromised, your data is no longer secure.
PFS instead encrypts your data using temporary and constantly changing encryption keys. This significantly increases your security, because even if one key were to be compromised, at worst it would only reveal a small piece of information. The rest of your data would remain secure.
Escape 14-Eyes Alliance Spies
Some worry that although VPNs offer some of the best privacy protection out there, they don’t truly allow you to be anonymous – because the VPN provider could potentially be compelled to hand over your information to authorities.
That’s why many of the best VPN providers have a strict no-logs policy and operate entirely outside the jurisdiction of countries in the fourteen-eyes alliance. In this case, not only does the VPN provider not retain any of your data, but it also cannot be obligated to provide data to government agencies.
These are only a few of the benefits and privacy protocols that VPNs have to offer. Many VPN services allow you to easily personalize your protection configuration to address your specific privacy concerns.
You can also easily combine a VPN with any of the other methods in this guide.
2. Use the Tor Network
One of the most popular methods of getting online securely and anonymously is to use the Tor network. Tor stands for The Onion Router, which is a nod to the software’s origins as a US naval research project called The Onion Routing program.
Compared to using a VPN, there are several advantages and disadvantages to using the Tor network.
If you are connected correctly to the Tor network, you are completely anonymous. None of your online activity or data can be traced back to you.
Tor encrypts all of your data, including your IP address, several times before directing your connection through a random series of nodes or relays. The nodes are run by volunteers who themselves have no way of detecting any of your data or the path your connection is headed to because a layer of encryption is removed each time you reach the next node.
This process of creating multiple layers of encryption and then removing one layer at each node is where the name “The Onion Router” comes from.
Although there are multiple ways to connect to the Tor network, the easiest way to get started is to download the Tor browser. It operates just like a regular web browser, minus any personalized features. Your connection will be completely anonymous to the websites you visit.
3. Create Secure Passwords
Creating and maintaining secure passwords is one of the simplest yet most effective things you can do to protect your privacy.
We know you’ve probably been told a million times before that it is a bad idea to reuse passwords for multiple accounts, but it’s worth saying again. According to a 2018 Psychology of Passwords survey, the majority of people reuse the same password for multiple accounts.
We offer a tool to help you generate highly secure passwords.
Here is a quick list of general dos and don’ts for secure password habits:
- Use multifactor authentication, otherwise known as two-factor authentication. It is extremely effective and doesn’t take much work.
- Change your passwords regularly, particularly when there may have been a data breach
- Create long passwords. Length is even more important than complexity in many cases. Passwords become exponentially more difficult to crack with each additional character that is added.
- Use the same password for multiple accounts
- Create passwords using easily available information like your birthday or pet’s name
- Rely on easy-to-guess password recovery security questions
If you are relying on the same password for all your accounts because you are afraid of forgetting new ones, you should consider using a secure password manager. LastPass and Dashline are two reliable examples.
Password managers keep track of all your passwords in an encrypted database and fill them in automatically when you need them. They can be added as browser extensions, and many even have mobile versions to securely keep track of all your app passwords as well.
Many browsers, including Chrome and Firefox, offer a built-in password manager. While these password managers do securely encrypt your passwords, they may be more vulnerable to security risks than third party password managers.
Recent cybersecurity research has suggested that the auto-fill feature used by Chrome and other browser password managers may not be totally secure. For now, it may be best to stick with a secure third-party password manager.
4. Use Secure Payment Methods
We all love online shopping, but you can leave yourself vulnerable to credit card theft and other kinds of identity theft if you aren’t using secure payment methods. While you should only provide payment information to secure websites, that by itself can’t guarantee your protection.
Taking measures to secure your connection before you pay, such as using a VPN, is a good first step. If you want to be extra careful, or if it is important that your payment stay anonymous, the best choice is to use cryptocurrency like Bitcoin.
Bitcoins are easy to purchase and use. There are also ways to purchase Bitcoins anonymously if you don’t want any link to your credit card information, including using a pre-paid credit card or buying locally with cash.
Some banks offer extra levels of security for online shopping. For example, the Bank of America generates temporary credit card numbers for customers to help them keep their real credit card number secure. Citi gives “fake” account numbers to disguise users’ real data, also helping protect their data online. France’s Societe Generale takes cryptosecurity one step further by offering users single-use CVV numbers.
PayPal is also an option that can help you protect your payments online. Although PayPal isn’t anonymous, the company does have strong security measures in place and is committed to finding and strengthening any weaknesses in the site.
They even have a Bug Bounty Program that offers financial rewards to anyone who can discover and report any site vulnerabilities.
5. Configure Your Browser
As we discussed earlier, there are many ways that internet browsers routinely gather and hand out information on their users.
Even if you’re committed to your current web browser, there are steps you can take to limit the data that you allow to be stored and made available to the websites you visit.
Regularly clearing your DNS cache and cookies can limit your risk of being fingerprinted and tracked through your browser. It is easy to find a guide online for your specific browser and device. Many browsers also have options that will allow you to limit the cookies that you accept.
The downside of constantly clearing your cache or turning it off altogether is that it can have a big impact on your loading times and overall browsing experience. There are some great browser extensions out there that can help you limit ETag and other kinds of online tracking without sacrificing the quality of your browsing experience.
Don’t forget about Flash Cookies as well. They make it easy for you to be tracked online. Flash Cookies don’t get removed when you clear your regular cookies. However, there are many reputable programs and browser extensions that you can download to regularly clear out your Flash Cookies.
The final thing that you should make sure to check in your browser settings is web storage.
As we discussed earlier, HTML5 web storage can allow you to be tracked and identified online. Most internet browsers have web storage enabled by default. Many will allow you to simply turn off web storage. You also have the option to download a browser extension to remove unwanted web storage automatically.
Taking time to properly configure your browser can do a lot to protect you from tracking and browser fingerprinting. The website Panopticlick can tell you how well your browser settings and extensions protect you from tracking.
Here is what Panopticlick had to say about my personal Chrome browser before I took any steps to prevent tracking:
But here is how my browser performed after I took the following steps in the Chrome settings:
- Cleared all cookies
- Cleared the web cache
- Select Send a “Do Not Track” request with your browsing traffic
- Blocked all cookies
Definitely an improvement! Just by taking those steps, I was able to successfully protect my browser from tracking ads and invisible trackers.
Notice, however, that none of these steps did much to improve my browser fingerprint. Unfortunately, taking steps to limit online tracking can actually make your browser appear more unique to the websites you visit.
There are browser extensions that can help limit and detect certain kinds of browser fingerprinting, such as the Canvas Defender Chrome extension, but they have limited success. Using the Tor network is one effective way to lower your risk of browser fingerprinting.
6. Change Your Search Engine
Search engines, and Google in particular, collect and store many pieces of information about us, some of which gets passed along to third-parties as well. Luckily, there are some great alternatives to Google that don’t force you to give up so much of your privacy.
One of the most popular search engines that doesn’t collect user data is DuckDuckGo. The other advantage of using this search engine is that it doesn’t use your previous search history to structure your search results.
7. Protect Your Mobile Phone
Despite the frightening amount of information that our mobile phones can provide to hackers, it simply isn’t realistic for most of us to ditch our smartphones. Thankfully, VPN mobile compatibility is now widely available.
Installing a VPN on your phone can give you strong protection by encrypting your phone’s data and providing you with a secure online connection even when you’re on the go. The process is simple on both iPhone and Android devices.
For phone calls, you may want to consider using VoIP (Voice over Internet Protocol) with end-to-end encryption.
In contrast to regular phone calls, which are never secure, VoIP apps let you make calls using a secure internet connection. Be sure the version you use offers strong end-to-end encryption. Many of these apps also offer an encrypted text messaging feature as well.
8. Secure Your Cloud Storage
If you are going to rely on a cloud storage service to store your files, you should choose a provider that will automatically encrypt your files before they are uploaded to the cloud.
However, earlier we discussed the downsides to trusting your cloud storage provider to encrypt your data for you.
In this scenario, the provider is the one who holds the key to unlocking your files and therefore may be able to access your data or even hand it over at the request of government authorities. This doesn’t mean you have to give up on cloud storage altogether though.
One way to ensure your privacy is to manually encrypt your files before uploading them to your cloud storage service. The advantage of this is that you are the only one who holds the key to decode your files. Your cloud storage provider will have no way to access your data.
Be sure not to upload your encryption keys with the files. You are the only one who should have access to them.
How to Easily Encrypt Your Data
Wondering how you can encrypt your data manually? We are going to walk you through the steps of securely encrypting your files. By manually encrypting your files, you can ensure that your cloud storage service can’t access your data.
1. Choose an encryption program
There are many free programs that you can use to manually encrypt your data—even if you know nothing about encryption. When choosing your software, keep in mind that some encryption programs are designed to be compatible with specific cloud storage providers, so you may want to check if yours is supported.
This example will walk you through how to encrypt your data using the program Boxcryptor. You can feel free to choose any software that meets the following criteria:
- Works with your cloud storage provider
- Compatible with your computer and mobile devices
- Uses end-to-end encryption, meaning that files are encrypted before they leave your machine and can’t be decrypted until you access them again
- Doesn’t store your password
That last point is very important. The program you choose should not store the password that you use to encrypt your data. You are the only one who should have access to this password. Look for a statement like this one from Boxcryptor:
When you first open Boxcryptor, it prompts you to create an account. As part of this process, you will be asked to choose a password.
This is extremely important. The password that you choose is your key to encrypting and decrypting your data. It should be unique, private, and secure.
You also need to take steps to make sure you will never forget your password. Because Boxcryptor does not save user passwords, there is no way to recover your password if you forget it. This could lead to you losing access to your own data.
You should either save the password with your password manager or write it down somewhere safe. Do not forget to do this or you could lose access to your data forever!
3. Navigate to the Boxcryptor drive
You will notice that Boxcryptor has installed a special drive on your file system.
When you open the drive, you can see that Boxcryptor has automatically created a folder for any cloud storage locations that it has detected.
Note that if you are using the free version, you can only use Boxcryptor one cloud storage provider.
4. Create an encrypted folder
Open the folder of one of the cloud providers in the Boxcryptor drive. Right-click and create a new folder. You will get the following message:
Click yes to create your encrypted folder. Any file that you add to this folder will be automatically encrypted and uploaded to your cloud storage.
9. Secure Your Email
To be clear, most popular email services are extremely secure. In addition to provide a safe HTTPS connection, many providers go the extra mile to protect your data from leaks because they know how important security is to customers.
Major email services put a lot of effort into creating robust security measures and quickly fixing vulnerabilities.
However, none of these security protocols do anything to protect your emails if a government agency compels your provider to hand over your information. If you’re not comfortable with the idea of government authorities potentially reading your emails, you will need to take extra steps to protect your privacy.
The problem is that most methods of encrypting your emails are far from practical. For example, end-to-end encryption is only possible if the recipient is knowing, willing, and able to participate in the process. After all, you need your recipient to be able to decrypt your message.
Pretty Good Encryption (PGE) is likely the most secure method of sending an encrypted email, but it is also extremely complicated to set up manually.
The practical solution is to use a privacy-oriented email provider that offers a dedicated encrypted webmail service. One option that we recommend is ProtonMail. Not only is it easy to use, but it also offers an extra level of protection by encrypting your email’s metadata in addition to its contents, which PGE alone doesn’t do.
10. Invest in Anti-Malware and Firewall Software
A single virus can do a huge amount of damage to your device and your privacy. While it is easier to protect yourself from malware than it is to fix damage already done, anti-malware software can also scan your computer regularly to find and alert you to suspicious or harmful files.
While anti-malware software protects your devices – don’t forget mobile devices! – firewalls monitor the traffic coming to and from your computer. They check to make sure that no unauthorized data is being downloaded or sent by your computer.
Based on your settings, the firewall will block certain traffic automatically and help you monitor the traffic that is let through.
While a one-way firewall will help protect your computer from malware, a two-way firewall will do more to protect your privacy. Two-way firewalls not only stop unwanted traffic from reaching your computer, but they also prevent programs on your computer from accessing the internet without permission. This can make it impossible for invasive malware to share your private information.
11. Stay Informed on Social Media Privacy Policies and Settings
There have been some big controversies in recent years surrounding the privacy policies of popular social media platforms. Facebook, for example, has received a lot of criticism for readily selling all kinds of personal information about users to advertisers.
Don’t underestimate how much can be learned about you from your social media accounts. Even if each piece of information that you give out may not seem private, when you put all of this data together it can paint a detailed picture of your life. This data could even be used to threaten or harm you.
There have been a number of cases of burglars and scammers taking advantage of the seemingly meaningless information given out by people’s social media accounts.
Many people regularly make posts that reveal their exact location through geotags without even realizing this information is being shared. The more information that is available about you online, the greater your risk for identity fraud and other malicious activities.
If you aren’t ready to give up social media altogether, there are two things you should do. The first is to spend time reading and researching the privacy policies of the companies who control your accounts. You may want to be especially careful with what you share on platforms that share your information regularly with third parties.
The second thing you should do is monitor your privacy settings. Limit the number of people who can view what you post, and don’t give the platform permission to post on your behalf or access your location. Check these settings regularly to make sure that nothing has changed as the platform updates.
12. Use Free Open Source Software
There are constantly new examples popping up of seemingly trustworthy programs that are discovered to be sharing your data without your knowledge or consent.
It is difficult to know what software you can trust, especially in light of evidence that the NSA has compelled many US tech companies to build backdoors in encryption to allow the intelligence agency access if needed.
The advantage of Free Open Source Software (FOSS) over proprietary software is that the code is built collaboratively and readily available to the public. Since it can be peer-reviewed, FOSS is much less likely to have a secret backdoor that compromises its security or include a feature that invades your privacy in some way.
Online privacy is becoming more and more important to all of us. As technology becomes a bigger part of our daily lives, we risk exposing ourselves to the many threats to our privacy and safety.
Although it is sometimes easier to live in ignorance, it is more than worth it to spend a small amount of time, effort, and money now to protect your privacy rather than dealing with a catastrophe after your identity is stolen or your personal information is leaked.
It can seem overwhelming to try to address all of the possible threats to your security, but keep in mind that not everyone needs to be concerned about every single privacy threat.
Instead of trying to do everything, you should take the time to consider which threats are of most concern to you and target them. VPNs make it easy to personalize your protection and address your biggest privacy concerns directly.