The privacy dilemma: 6 ways to improve your privacy online

Ask a teenager these days about why privacy matters, and they will say it doesn't -- there is no privacy anymore.

But would you willingly put your credit cards out on a bulletin board, inviting anyone to buy stuff on your dime?

Those of us with a little history behind us get concerned about putting anything health-related out in public, no matter how insignificant -- in case an insurance company reads that mole as a pre-existing condition and a reason to deny paying for skin cancer treatments.

Strong encryption protects our financial identities (hopefully), our health care records, and sometimes our communications -- but it also protects the communications of criminals, and allows for black markets in all sorts of things. "Mind your own damn business" says a recent VP candidate, and yet law enforcement keeps wanting to put back doors in encrypted communications to catch human traffickers and child pornographers.

"Sunlight is the best disinfectant" to root out corruption in our governments and board rooms. The sentiment of "I have nothing to hide" is all well and good -- for privileged people who have some level of confidence that nothing they do would have repercussions if the world knows -- and yet racism is a thing, and in a post-Dobbs era do you really want the government tracking your pregnancy? And nobody wants to get doxxed, or swatted.

Privacy is important because it helps protect personal information, maintain autonomy, and establish boundaries in relationships. It also allows individuals to have control over who has access to their personal data and helps prevent potential misuse or exploitation. Privacy contributes to a person's sense of security, trust, and overall well-being.

Privacy is inherently political -- and yet it's entirely apolitical in that anybody outside the mainstream values privacy. If you're a political dissident, a terrorist, or a domestic abuse survivor, privacy matters.

If you're on the left of the political spectrum, you worry about corporations having too much data about you, and being able to manipulate you into things not in your best interest. If you're on the right, you worry that the government knows too much about you, tracks your location, charges you with corruption or being hostile to the state (or wait a minute, maybe that's for people on the left now too?)

Your privacy online

Everywhere you go online, you leave a trail:

Your browser tracks every page you visit.
Your ISP (often) sees every domain you request.
The websites you visit sees your activities on that website.
Google Analytics sees ~80% of everywhere you go online.
Amazon and Facebook each track your visits to ~20% - 30% of the web.

... and that's all before you consider search engines, social media, your face, or your browser. There's nothing much you can do about most of those, but there are some things you can do to start taking back your privacy.

Most of the privacy measures I consider here overlap with security -- having good security practices online helps preserve your privacy, while having poor security can quickly lead to the loss of your privacy. Here are some rules we have in our household, making sure our teenage daughter understands as she spreads her wings online.

1 - Lie about your personal info wherever you can

This is rule number one in our household -- never give your birthdate or social security number out to people who don't really need it. Your doctor and bank do need it. Facebook and Microsoft do not.

Your browser leaves its fingerprints all over the web. Back in 2010, a study found that some 84% - 94% of browsers had unique fingerprints -- that for close to 90% of us, when we visit a site, that site can distinguish our visit from everyone else 90% of the time. Since then, browsers have put in measures to improve this, but people have come up with other factors they can check to uniquely identify you, even if you use a private browsing window or entirely different browser.

Want to see if you can be tracked online through browser fingerprinting? Head over to this site and see... for me, the answer is "Yes", my browser appears to be unique among the last 186,000 visits over the past 45 days.

This is all not to mention hacks. All it takes for an identity thief to steal your identity is your name, birthdate, and social security number. If they can correlate that with data about sites you have visited, it gets far easier to do malicious things.

Aside from that, why should these companies have an accurate database of everyone on the planet? That provides huge opportunities for abuse, and not much benefit to you. The least you can do is throw some sand in the works. More Interesting Links.

2 - Question the motives of that online quiz

Online quizzes may be entertaining, but they can easily be used to answer those security questions from your bank, when a fraudster tries to steal from you. At the top of the list of bank frauds is Account Takeover. Poke around the internet you'll find countless victims, people who had their bank accounts drained by people pretending to be them, and one of the most common ways is through "Social Engineering" -- acting as if you are the account holder, answering the security questions in a believable way.

This happens so often it's not even in the news -- particularly in small businesses. I've seen stats that up to 80% of American organizations were victims of at least attempted frauds like these.

If you don't know and trust who's behind that quiz actually collecting that data, probably best to skip it.

3 - Favor smaller private or federated social media if you can - Avoid mass social media

Social Media is such a minefield. There's no question that it has changed the world. Abstaining from social media can make you an outcast in many circles, but it's undeniable that it has brought our world closer together in many ways, for better or worse.

I know quite a few smart, technical people who steer clear of social media. The more you know about the experiments Facebook has conducted on its users, the less you're interested in engaging there. Instagram and other networks are known to have negative mental health effects on teenagers. Twitter/X or whatever it's called now has seen a big demise under new ownership.

For me, the problem isn't social media itself -- it's the venture-backed companies behind the popular ones, that turn its users into commodities to sell to advertisers while doing experiments on them.

The good news? There are alternatives. And I'm not talking about BlueSky, which currently seems to be gaining the most from Twitter's demise.

You may have heard of Mastodon, an open source alternative, but it's not exactly the same. Truth Social, Trump's social media platform, reportedly uses Mastodon -- but that doesn't mean joining Mastodon puts you in that conversation. Mastodon is not a social network -- it's a social media application that lets you post to others on the same server, and interact with people on other Mastodon servers across the web -- across what is called the "Fediverse".

The Fediverse is a bunch of different social media servers that all share content with each other, and Mastodon is one kind of server. It's a lot like email, in that there are thousands of places you can go to get an email address, and you can have your own private domain.

There are a couple differences from email:

Because it's a social app, you can find lots of Mastodon instances that are centered around a particular interest or location, making it easy to find people who share those interests.
Because it's decades after email was created, some Mastodon instances have chosen to not interact with others -- there's an easy way for server admins to choose to block entire servers, and thus cut down on spam, abuse, and harassment. Truth Social, even though it's built on Mastodon, does not federate with other servers so nobody else has to interact with them.

All in all, the big reason to go to the Fediverse is that it's a collection of small players that give you choice over your conversations, and not gigantic players that treat you like a commodity, and have an agenda behind their algorithms as they try to program you.

4 - Use Firefox or Safari instead of Chrome

Chrome is literally a browser made by an advertising company, which makes its money by selling your eyeballs to companies. Google may have started out with the best of intentions, but the reality today is that it's getting paid to market you to businesses.

Time and time again it's getting fined by the European Union for running afoul of the privacy legislation the EU has put in place to protect its citizens. It keeps trying to push new schemes to skirt these issues while preserving their ability to target ads to particular individuals. Google Analytics already tracks you across most of the web -- if you're using Chrome, it can now track all your activity.

Pretty much every other browser is made by companies that don't have a stake in selling your browsing habits to advertisers. Which makes them far more open to putting measures in place to protect your privacy.

I recommend Firefox, first of all because it's still a great browser, but secondly, it's the only major browser left that still makes its own browser engine. Safari, Edge, Vivaldi, and Brave are all good alternatives to Chrome from a privacy perspective, but they still use the "chromium" engine. Chromium is fine, but diversity is good.

5 - Don't load images in email by default

We recently wrote about using analytics to gauge the success of your marketing efforts. That does not mean you deserve to know all the details about who read your email, or your blog post, and when.

Many email programs can be configured to not load remote images embedded in email. This is exactly how companies know whether or not you've read a particular email -- the act of loading a remote image can let the sender know you opened it.

If it's a small business, you may be helping them out by loading images -- you are providing feedback that you appreciated the content enough to want to read it. If it's a large business, they will be fine not knowing about you -- and I'd say, don't encourage them!

6 - Use a password manager

This is where security protects your privacy: passwords. If you have ever used a password online, you've probably had a password included in a data breach. Probably more than once. If you use the same password everywhere, you're inviting attackers to see anywhere you can log in. At this point, the only solution is to use a different password everywhere, so when your password appears in a breach, this doesn't give attackers carte blanche to wreak havoc on the rest of your online life -- they have that one password that was used on that one site.

There is no way to keep track of dozens, or hundreds, or thousands of passwords for the different sites you use, without using a password manager. Get a good one. Use it. And generate a different password for every different site you use.

This is also a convenient place for you to keep track of those lies you used for all those personal questions, in suggestion #1!

To wrap up

Whether you realize it or not, everybody needs some privacy. If you don't think you do, just wait until the next election (if there is one). Social media is a mass privacy invasion machine. There's a saying in tech circles, if it's free, you are the product. That's certainly the case for many venture-backed companies, but open source offers an alternative, run by a bunch of smaller companies that thrive on your support.

The move towards giant databases of people and companies amassed by a tiny few is a huge problem in our economy, and the rise in Artificial Intelligence is exacerbating it. Throwing a few monkey wrenches into the works benefits everyone -- don't feel like you need to be truthful online.

Add new comment

Your name

The content of this field is kept private and will not be shown publicly.

Homepage

Notify me when new comments are posted

All comments

Replies to my comment

Comment

About text formats

Filtered HTML

Web page addresses and email addresses turn into links automatically.
Allowed HTML tags: <a href hreflang> <em> <strong> <blockquote cite> <cite> <code> <ul type> <ol start type> <li> <dl> <dt> <dd> <h1> <h2 id> <h3 id> <h4 id> <h5 id> <p> <br> <img src alt height width>
Lines and paragraphs break automatically.

CAPTCHA

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

About the Author

John Locke

John Locke is the lead developer and founder of Freelock, LLC. In addition to being a proficient web developer, he is an experienced technical writer, network administrator, and all around problem solver. He has worked with computers since 1984, and currently advises small businesses on open source software.

/ 0 Comments

Software we're grateful for #2 - HomeAssistant

/ 0 Comments

Assessment of May 8 Drupal Security update SA-CORE-2019-007

/ 1 Comments

Ask Freelock: "Traditional hosts" vs "cloud providers"

/ 0 Comments

Drupalgeddon2: Should I worry about critical security updates?

/ 3 Comments

Freelock Interviewed on Drupal and WordPress Expertise

/ 0 Comments

How do you keep a high bar of quality on dozens of sites every day?

/ 0 Comments

Yet another messaging platform: Why Riot?

/ 12 Comments

What We've Done

City of Federal WaySite Description

The federalwaywa.gov website is the main site for the City of Federal Way in Washington State. This site is a resource for residents, visitors, businesses, and people interacting…