The Ultimate Online Privacy Guide
The growing realisation that individual privacy is being invaded, ignored, and otherwise abused, as well as the risk posed by public WiFi networks, is leading many to find out how to improve online privacy.
Online privacy is becoming a critical concern for perfectly law abiding people who, fuelled by revelations of data and privacy breaches, want to protect both their devices and their data.
“Some of the most prominent and successful companies have built their businesses by lulling their customers into complacency about their personal information. They’re gobbling up everything they can learn about you and trying to monetize it.” Apple CEO Tim Cook.
There a number of straightforward ways for average internet users to protect their data and privacy from illicit actors on the internet and from those who collect and resell personal data, including details of user habits, without users every even knowing.
- Use a VPN
- Choose Private Browsing
- Block Cookies, Ads, and Trackers
- Read Terms and Check Permissions
- Use Secure Passwords
- Make Sure a Website is HTTPS Before Entering Sensitive or Financial Information
- Keep Software and Systems Up to Date
- Delete Your Files Securely
- Consider How You Use Social Media and Email
1) Use a VPN
Adding a Virtual Private Network (VPN) can protect individual privacy when using the internet.
Loading a web page or connecting to the internet with an application, like Facebook, results in data being sent and received across a network. Data travels through any number of computers and across the public internet.
A VPN can encrypt the data sent from a computer, or device, in order to access online services. The VPN hides the information and cloaks the IP address that identifies a computer. This protects that data from prying eyes and bad actors on the internet. The VPN will unencrypt, or decrypt, information when it arrives at its destination.
How does a VPN work?
For a VPN user accessing Facebook, for example, their data is encrypted until it reaches Facebook’s data repositories and network, then the data is in the hands of Facebook. The same is true when searching Google, or accessing any other website or online application.
VPNs protect data when it travels between a user’s device and a website or application. After that, personal data and usage records are at the whim of the website owner or application developer. So, it’s also important to take further steps to protect your online privacy.
VPNs don’t stop cookies or trackers that record browsing history, or prevent online service providers by selling on personal data like email addresses, telephone numbers, and so on.
A little further on we’ll talk about how to protect online privacy once data is out of the realm of a VPN and how to stop cookies and trackers.
VPNs are Essential for Public WiFi Network Use
Using any public network, like in an airport, is risky even if the WiFi network has a password. There is a chance that other users of that same network can access the activity and information of others, without them knowing. There are criminals that target these networks exactly for that reason.
Bad actors may also create a WiFi network and can name it, for example, “Heathrow Airport WiFi” to fool you into thinking its the airport WiFi network you should use.
Using a VPN also hides a device’s own IP address and uses one generated by the VPN provider, it gives some anonymity and can mean that the application you are using online cannot see your location or identifying IP address.
Credible VPNs may also log your internet traffic, the sites you visit, and your IP address. It’s worth researching what logging activities are performed by your chosen VPN provider too. The use of VPNs is also prohibited in some countries.
2) Choose Private Browsing
The most commonly used browsers do offer “incognito” or private browsing modes, however they are not completely private. They only make your activity private on your own device and don’t secure your data in any way.
At best private browsing modes only serve to stop the next person using a device from viewing a past users browsing activity as the activity is not recorded in the browsing history. New browsers are emerging that do not collect use and user data. We’ll be telling you about these in a future article.
3) Block Cookies, Ads, and Trackers
Website cookies and trackers can record exactly what you do while browsing a website. This includes how the website is navigated and even what search terms are entered. They also record the exact amount of time spent on each page and can collect personal data like IP addresses, location, and device type.
Facebook, for example, tracks your activity even after you leave the Facebook website then uses the information it learns from how you use the internet, and what you look for, to suggest adverts and content in your news feed.
Data privacy law and growing consumer awareness is resulting in an increased number of notifications, or disclosures, by websites which reveal what is tracked and by whom before you can continue browsing. You will find you are increasingly prompted to review cookie and tracker use and reject or confirm your acceptance.
Not all websites are so up front about this and some can be a little underhand in how they present how cookies and trackers are used. You should always read terms carefully, especially in pop up messages. And, if privacy policies aren’t immediately apparent, seek them out.
There are ways to block cookies and trackers, many of the pop ups that appear when you first visit a website could allow this, but care should be taken to read exactly what has been blocked and if it’s truly comprehensive.
There are also browser extensions and tracker blocking applications. As well as new types of browsers and search engines that can be set to simply block everything, including adverts.
Even adverts contain information tracking algorithms that are perfectly legal. Though bad actors can also use them to infect computers with malware and other viruses.
It’s also imperative to clear cookies from your website browser on a regular basis. Cookies remain on our systems even after we leave a website and can continue to track browsing habits. They help website visitors to quickly log back in, or stay logged in, to a website so clearing cookies will mean an automatic log out from all websites used.
Some websites or services cannot be used without enabling cookies. So, it’s vital to clear cookies from your browser and computer on a regular basis.
A 2018 survey revealed that 93% of Americans were either more worried, or just as worried, about their online privacy as they were in 2017. 51% were concerned about their data being stolen and 26% were worried about companies collecting and sharing their data. A further 14% were concerned about government surveillance.
4) Read Terms and Check Permissions
As well as checking website terms and privacy policies and any permissions for cookies and trackers, you should take care to thoroughly check the terms and permissions of applications. Applications should reveal exactly what data they record and how it is used.
When using mobile applications, review carefully what permissions they have on your device. Does your application really need access to your photos and location? If so, question why if it’s not obvious.
5) Use Secure Passwords
It doesn’t matter how much prompting is given on a website, or in an application, to enter a complicated password many still don’t and it’s an absolutely vital element of online security. You might be afraid to forget a password but know you shouldn’t write it down and so stick to easily remembered and often similar, or even the same, passwords for multiple uses.
Passwords must to be long and with a mix of letters, numbers, and symbols. If you have numerous accounts and have trouble remembering passwords, password management software might be an option. A password manager application will generate long passwords and securely store them. They are not infallible either but often do work well.
It’s also essential to routinely change passwords. If you have used the same password for a site or application for a number of years there is every chance, considering the data breaches that occur, that the password has been compromised.
Two-Factor Authentication (2FA) is another option offered by some platforms. 2FA means a second layer of authentication is needed to log in to an account. Often this entails a code being sent to you by text message to a mobile, or by email.
It’s not just US citizens that are concerned about online privacy, though the US is one of the most concerned nations. Statista polling found that 76% of British internet users, 83% of Indian users, and 84% of South African users constitute some of the most worried. Globally 74% of all internet users have concerns about online privacy.
6) Make Sure a Website is HTTPS Before Entering Sensitive or Financial Information
“Https” at the beginning of a website URL is a sign that the website will encrypt any data that is entered. So all sites where personal, sensitive, or even financial information is added should begin “https.”
If a site URL starts with “http” at the top of your browser any data that is entered on that site will be sent over the internet in a plain text form that can be easily compromised.
7) Keep Software and Systems Up to Date
Software developers are constantly responding to threats and attacks by improving software and fixing vulnerabilities. Applications should always be updated to their latest versions to ensure secure use.
If you are using a device like a mobile or tablet, how old is your device? When was the last time it was updated and is the device maker still issuing security updates. Sometimes, if a device is no longer sold, updates can stop.
Remember that updating a device, software, or application, can reset your privacy and security settings. It’s important to go back and check that you are not suddenly sharing data or access to your systems again.
8) Delete Your Files Securely
Don’t forget when you delete a file it may only go to your Recycle Bin or even “Recently Deleted” on your device. You then have to clear your deleted files.
However, deleted files can be recovered or remain on your system. If you have a document with personal or financial information you might want to consider a virtual “shredding” application which will completely destroy any data.
9) Consider How You Use Social Media and Email
When using social media, and other applications, it’s important to consider how secure and private these platforms are. It’s not just about checking terms and permissions and making sure passwords are secure.
There are growing concerns about how much social media platforms can track and use the information shared even in private messaging. Private messages on many platforms are often not encrypted. They can also be subject to hacks and attacks. Passwords to social media platforms have been leaked, or your individual password could be hacked or stolen. The attacker could then read or use your private messages.
There are, also a growing number, of private or encrypted messaging platforms.
Email, despite how much we use it, is not a very secure way to send and receive information. Free email services are less secure than premium ones. There are also encryption add-ons, or applications, that can be used with existing email services to provide encryption.
We hope you like our online privacy guide, it’s by no means comprehensive but in coming weeks we’ll go into more detail on some of these areas to help you protect your privacy and data while understanding why, today, that’s so important.