Credit: René Ramos/Lifehacker/JC_STOCKER/LIGHTFIELD STUDIOS/stock.metket.com/Adobe Stock
The internet has become a vital tool for human connection, but it comes with its fair share of risks, with the biggest being your privacy and security. With the big tech giants hungry for every ounce of your data they can get and scammers looking to target you every day, you do need to take a few precautions to protect your online privacy and security. There’s no foolproof approach to these two things, and unfortunately, the onus is on you to take care of your data.
Before you start looking for a VPN or ways to delete your online accounts, you should take a moment to understand your privacy and security needs. Once you do, it’ll be a lot easier to take a few proactive steps to safeguard your privacy and security on the internet. Sadly, there’s no “set it and forget it” solution for this, but I’m here to walk you through some useful hacks that can apply to whatever risks you might be facing.
Don’t use real information, unless you have to
When you install an app on your phone, you’ll often be bombarded with pop-ups asking for permission to access your contacts, location, notifications, microphone, camera, and many other things. Some are necessary, while most are not. The formula I use is to deny every permission unless it’s absolutely necessary to the app’s core function. Similarly, when you’re creating a profile anywhere online, you should avoid giving out any personal information unless it’s absolutely necessary.
You don’t have to use your legal name, real date of birth, or an email address with your real name on most apps you sign up for. Some sites also still use antiquated password recovery methods such as security questions that ask for your mother’s maiden name. Even in these fields, you don’t have to reveal the truth. Every bit of information that you put on the internet can potentially be exposed in a breach. It’s best to use information that’s either totally or partially fake to safeguard your privacy.
You can remove yourself from Google search results
Credit: Pranay Parab
If your personal information is easily available on Google, and you want to get it removed, you can send Google a request to remove it. Check Google’s support page for how to remove results to see specific instructions for your case. For most people, the simplest way to remove results about yourself is to go to Google’s Results About You page, sign in, and follow the instructions on screen.
Use email aliases to identify where your data was leaked from
Most modern email services let you create unlimited aliases, which means that you don’t need to reveal your primary email address each time you sign up for a new service. Instead of signing up with [email protected], you can use something like [email protected]. Gmail lets you create unlimited aliases using this method, and you can use that to identify who leaked your data. If you suddenly start getting a barrage of spam to a particular alias, you’ll know which site sold your data.
Your photos reveal a lot about you
When you take a photo, the file for it contains a lot of information about you. By default, all cameras will store EXIF (exchangeable image format) data, which logs when the photo was taken, which camera was used, and photo settings. You should remove exif data from photos before posting them on the internet. If you’re using a smartphone to take photos, it’ll also log the location of each image, which can be used to track you. While social media sites may sometimes remove location and exif data from your pictures, you cannot always rely on these platforms to protect your privacy for you.
You should take a few steps to strip exif data before uploading images. The easiest way to get started is to disable location access for your phone’s camera app. On both iPhone and Android, you can open the Settings app, navigate to privacy settings or permissions, and deny location access to Camera. This will mean that you won’t be able to search for a location in your photos app and identify all photos taken there, and you’ll also lose out on some fun automated slideshows that Apple and Google create. However, it also means that your privacy is protected. You can also use apps to quickly hide faces and anonymize metadata from photos.
While you’re at it, don’t forget that screenshots can also leak sensitive information about you. Some types of malware steal sensitive information from screenshots, so be sure to periodically delete those, too.
Think about what you use AI for
Credit: Pranay Parab
Nearly every single AI tool is mining your data to improve its services. Sometimes, this means it’s using everything you type or upload. At other times, it could be using things you’ve written, photos or videos you’ve posted, or any other media you’ve ever uploaded to the internet, to train its AI models. There’s not much you can do about mass data scraping off the internet, but you can and should be careful with your usage of AI tools. You can sometimes stop AI tools from perpetually using your data, but relying on these companies to honor those settings toggles is like relying on Meta to keep your data private. It’s best to avoid revealing any personal information to any AI service, regardless of how strong a connection you feel with it. Just assume that anything you send to an AI service can, and probably will, be used to train AI models or even be sold to advertising companies.
You can delete information stored with data brokers
Yes, big companies like Facebook or TikTok can track you even if you don’t have an account with them. Data brokers collect vast troves of information about your internet visits, and sell it to advertisers or literally anyone who’s willing to pay. To limit the damage, you can start by following Lifehacker’s guide to blocking companies from tracking you online. Next, you can go ahead and opt out of data collection by data brokers. If that’s not enough, you can also use services that remove your personal information from data broker sites.
What do you think so far?
A VPN isn’t always the right answer
Now, I’m sure some of you are thinking that using a VPN will protect you from most of the tracking on the internet. That may be true in some cases, but using a VPN 24/7 is not the right approach for most people. For starters, it just routes all your traffic via the VPN company’s servers, which means that you need to place your trust in the company’s promises not to log your information, and its ability to keep your data safe and private. It also won’t protect you from the types of data leaks that might happen from, say, publicly posting photos tagged with location data.
Many VPN providers claim to be able to protect you, but there are downsides to consider. Some companies such as Mullvad and Proton VPN have earned a solid reputation for privacy, but using a VPN all the time can create more problems than it solves. Your internet speed slows down a lot, streaming services may not work properly, and lots of sites may not load at all because they block VPN IP addresses. In most cases, you’ll probably be better off if you use adblockers and an encrypted DNS instead.
For most people, ad blockers are a good privacy tool. Even though Google is cracking down on ad blockers, there are ways to get around those restrictions. I highly recommend using uBlock Origin, which also has a mobile version now. Once you’ve settled on a good ad blocker, you should consider also using a good DNS service to filter out trackers, malware, and phishing sites on a network level.
Having a DNS service is like having a privacy filter for all your internet traffic, whether it’s on your phone, laptop, or even your router. I’ve been using NextDNS for a few years, but you can also try AdGuard DNS or ControlD. All of these services have a generous free tier, but you can optionally pay a small annual fee for more features.
Use a good firewall for your computer
Credit: Little Snitch
Almost all apps these days send telemetry data to remote servers. This isn’t too much of a problem if you only use apps from trusted sources, and can help with things like automatic software updates. But malicious apps or even poorly managed ones may be more open with your data than you would like.
You can restrict some of that by using a good firewall app. This lets you monitor incoming and outgoing internet traffic from your device, and restrict devices from sending unwanted data to the internet. Blocking these requests can hamper some useful features, like those automatic app updates, but they can also stop apps from unnecessarily sending data to online servers. There are some great firewall apps for Mac and for Windows, and you should definitely consider using these for better online privacy.
Switch to a good password manager
I’ve probably said this a million times, but I will repeat my advice: use a good password manager. You may think it’s a bit annoying, but this single step is the easiest way to greatly improve your security on the internet. Password managers can take the hassle of remembering passwords away from you, and they’ll also generate unique passwords that are hard to crack. Both Bitwarden and Apple Passwords (which ships with your Mac, iPhone, and iPad) are free to use, and excellent at their job. Go right ahead and start using them today. I guarantee that you won’t regret it.
