A Privacy Checkup

From data that we freely give up to private companies like Facebook, Google, Snapchat, Amazon, to data brokers and ad networks that track us around the internet, not to mention government surveillance revealed by Edward Snowden, most of our most personal data is being collected by many different entities. Like any tool, data can be used for both good and bad. And companies that store our data can be hacked to embarrass us, just like politicians and tech people have been recently.

I operate online as if everything I do will be public some day: my search history, my texts, Facebook messages, location data. I think about what data I’m freely giving away to data companies and weigh whether the benefit is big enough to give up privacy. Most people don’t even think about this bargain.

I recognize that anyone who really wants to get my data can probably do it. But I like to make myself a smaller target.

I urge you to take some of these steps to minimize your personal data exposure. Here’s my personal security checkup:

Strong Passwords/Password Manager – Free

Use strong passwords and don’t repeat passwords across services. Some will recommend a password manager and that’s probably the right fit for most non tech people. I personally don’t use one, as I worry about creating one single point of failure for all of my services. If you want to use a password manager, Lastpass, Dashlane1password are generally recommended as top choices.

Use Two Factor Authentication (2FA) – Free

2FA means that once you input your password, there’s a second challenge to your login. Most services send you a code to your phone. Others use apps. Enable 2FA for every service possible. More 2FA information.

Security Questions – Free

Don’t use Googleable security questions. Things like your birth month, mother’s maiden name, first car, favorite sports team, etc are easy to guess or even easier to Google. Public figures like Sarah Palin’s accounts were compromised because people were able to Google her security questions. Use either random answers or mix up your answers.

Switch to Signal and Whatsapp

Deemphasize using Facebook messenger and text messages and move to Whatsapp and Signal. If you use Whatsapp, make sure to opt out of Facebook being able to scan your messages and turn off cloud based chat backups. The last thing you want is your texts and media messages being hackable. I prefer Signal, but use both.

VPN – $69/year

VPN, Virtual Private Network, anonymizes your internet traffic by routing it through a server before it goes directly to the website you’re looking at. The UK requires all internet service providers to store all browsing data for 5 years. Most US ISPs are likely keeping some sort of record as well. VPNs combat combat this. If you do business or browse from coffee shops or other networks you don’t control, a VPN helps protect your data.

They also allow you to access US versions of Netflix, Hulu, ESPN and others if you’re abroad.

Look for a VPN that you can use both on your phone and on your computer that doesn’t keep your browsing data. PC Mag has a full list. Check out Nord, Hotspot Shield and PureVPN. If you want to be really secure, pay in bitcoin with a new email address, but that’s overkill for most people.

Switch most searches to DuckDuckGo

DuckDuckGo doesn’t track your searches. It works really well for about 80% of my searches. I switch back to google for the rest.

Update Facebook Privacy Settings

Make sure your sharing settings is set to only friends. Your likes are likely set to public by default. Either delete them or make them viewable to only friends. Think about deleting your birthday or at least birth year. Think about deleting old photos from Facebook and saving them elsewhere. Think about deleting Facebook completely.

Delete Facebook App

Switch to using mobile Facebook if you must continue using Facebook. Every time you login in, it’s pulling your data and sending it to FB servers.

Use a tracking blocker

Try Ghostery and EFF’s Privacy Badger to block 1100+ trackers and speed up page load times. Do it on mobile and desktop.

Delete unused Authorized Facebook, Twitter, Dropbox and Google third party access

You’ve probably authorized many different outside applications to have access to your data via Facebook, Twitter and Google. Delete any of the ones you don’t use. Google how to.

Secure Email – Free to $300/year

Your email account is probably hosted by Google, Yahoo, Microsoft. These three companies give you free or cheap email in exchange for scanning your data and serving you ads. All of your personal and business emails are stored on these companies’ servers and are constantly being probed for weaknesses.

Think about moving to ProtonMail or TutaMail, full encrypted, secure email accounts with 2FA. If you don’t want to make the switch, think about putting secure business or personal emails in them as a parallel account and keeping your free account elsewhere. Protonmail has a great app and can be used with up to 10 custom domains for $300/year.

Delete old email

Think about deleting old email that you have no use for. If someone does compromise your email account, they will only find new email, not every email you ever sent.

Delete your Tinder/Bumble account

If you use any of these dating services, think about deleting your account to clear out the data about your matches, likes, swipes and chats. If you really need these apps, start a new account from scratch.  Their servers should have less data about you.

Turn Location Services Off – Free

Your phone and computer have location tracking options. Most people don’t ever change these defaults, but look in both your cell phone and your computer and see what apps have location services turned on and what permissions you’ve given them. Apps like Uber track you 24/7, no matter if you have the app open or not.

I turned off location services for my phone and only turn it on when I need it. I haven’t noticed any downside so far. Bonus tip: it adds at least 2-3 hours of extra battery life to my phone.

Delete Old, Unused Apps on Phone and Computer – Free

Old apps that don’t get updated are easier to hack than newer apps. Delete old ones you don’t use anymore.

Turn on Autoupdate for Phone and Computer – Free

Your apps and operating system are constantly getting updated. Turn these on for fastest security whole fixes.

Block Your Computer’s Camera – Free

Use electrician’s tape or something else that you can easily take off when you need the camera. It’s easy to hack your camera and spy on you. It happened to Miss Teen USA and many others. If you need impetus, watch the hard to watch Black Mirror episode Shut Up and Dance (spoilers).

Encrypt your hard drive – Free

If you have a mac, encrypt your hard drive. It’s one click and easy to do. Windows is a bit harder, but you should still do it.

Set a password to login on boot-up and after inactivity on your computer – Free

Super easy to do.

Install Adblock – Free

Some web ads can be infected with malware or direct you to sites that try to get you to download programs that can harm your information.

Think about microphones

It’s trivial to turn on your phone microphone without  your knowledge. Are smart tvs, echos,

Do you have anything else I should add to this list?

Photo credit: