How to Protect Your Privacy Online
Online privacy refers to the level of protection a user has while connected to the internet. This includes protection of personal and financial information, communications and preferences.
Internet users employ tactics such as anti-virus software, strong passwords, disabling tracking and VPNs to increase internet privacy. Despite these measures, risks such as malware, phishing scams and lack of site security still persist.
In worst case scenarios, these privacy risks can lead to identity theft. Learning more about methods to increase privacy online can help protect your data from these threats.
Use Strong Passwords
While it can be time consuming to update all of your online passwords, it’s one of the first defenses against being hacked.
Because health and finance accounts often contain higher tier information, such as account and social security numbers, update these passwords first. This includes your email, bank, medical provider, investment, finance tracking and utility accounts.
- Are the same for multiple accounts
- Are shorter than eight characters
- Contain personal information (i.e. your name, birthday, address and initials)
- Use simple sequences (i.e. 1234 or abc)
- Have not been updated within the last 6 months
- Anyone, including friends and family, may know
Move on to accounts that provide less immediate access to private information. This includes social media accounts, service accounts and entertainment platforms.
For an added layer of protection, use two-factor authentication. Two-factor authentication sends a confirmation code to a phone, which is then used to open the account. While this is strong, using an encrypted third party app, such as Authy or Google Authenticator, to receive that code is the strongest method.
Password managers can help make managing various passwords easier with use of one master password to access a database with all of a user’s passwords. Though password managers are encrypted, there can be security concerns with storing all passwords in one spot.
While these managers aren’t perfect, according to Independent Security Evaluators, “password managers we have examined add value to the security posture of secrets management.”
Encrypted Apps Can Protect Your Messages
In the past, messages in chat apps were opportunities for would-be hackers. Unencrypted messages that contained sensitive information could be intercepted via an unsecure network connection or server breach.
Today free apps such as AiMessage, WhatsApp and Signal all use encryption to protect users’ private messages. Messages can’t be opened unless they’re on the sender or recipient’s messaging account.
The only way encryption fails is if the account you use for encrypted messaging is compromised. But, if you back up encrypted messages to iCloud or Google Drive, they are no longer encrypted.
Limit Personal Information You Share on Social Media
Social media can be great for connecting to family and friends. But it’s important to manage your privacy settings on social apps.
Users often share their name, birthdate, geographical location and interests with social media accounts. Personal information is also shared with food delivery apps, job search sites, streaming services and more.
Is there a danger in sharing information with these sites?
- Data Mining - Data mining is when a platform collects and stores your account information or activity on a site to better deliver ads tailored to you. While some sites may sell your data to third parties, search and social sites like Google and Facebook both state they do not sell user data.
- Phishing Attempts - Phishing attempts often come in the form of a message claiming to be a legitimate organization. This organization may claim to need personal information from you to “receive a prize” or unlock a compromised account.
- Malware Sharing - Malicious software sharing occurs when a social media account is compromised and used to distribute messages to the friends of that account. The messages often contain links that when opened can potentially damage computers or hack other accounts.
- Botnet Attacks - Bots are prevalent across social platforms and may auto generate accounts and follow users based on key phrases. They are used to send spam and potentially steal data from true accounts.
It’s also important to be mindful of how children engage with social media platforms. Helping them understand safe online interactions and what information should be kept private can help them safely connect with friends, family and school activities.
Use Incognito or Private Mode When Browsing
Online web browsers offer different private modes while searching the internet. The most common solutions are Google Chrome’s Incognito Mode, Private for Safari, inPrivate for Microsoft Edge and Private Browsing for Mozilla FireFox.
But there are some misconceptions about what these modes do. Google clarifies some of what its Incognito Mode does and does not do.
- Yes: Incognito means your activity data isn’t saved to your device or any Google account you’re not signed into.
- No: Incognito does not prevent your activity or location from being visible to the websites you visit, your school, employer, or your Internet Service provider.
- Yes: Each time you close all Incognito windows, Chrome discards any site data and cookies associated with that browsing session.
- No: Incognito does not prevent the websites you visit from serving ads based on your activity during an Incognito session.
Browsing in private mode can help keep your search activity more discrete on your desktop, laptop or mobile device from others who may use those devices. It does not guarantee total privacy, however.
Try Other Search Engines
Douglas J. Leith published a study on February 24th, 2020 that addressed privacy concerns among six popular web browsers. Leith is a professor at Trinity College Dublin, Ireland in the School of Computer Science & Statistics.
In the study, browsers were ranked in categories of most private, middle tier and least private. The browsers were assessed based on their communication with back-end servers and what information was stored.
Google, Firefox and Safari, all fall into middle tier privacy. These browsers all use information from the search auto-complete feature to share details of web pages visited with back-end servers.
Firefox specifically provides information about the user that can include IP addresses (rough location) as metadata. Yandex and Microsoft Edge are considered the least private and send information related to the device hardware to the back-end servers. When information like this is stored on these servers it can make the user’s information vulnerable to data breaches.
Brave, a free and open-source web browser, was noted In Leith’s study as being particularly privacy focused. With Brave there is no use of identifiers that can allow tracking of IP addresses, and there is no sharing of the details of the web pages visited with back-end servers.
Deactivate Ad Personalization
While understanding user behavior has allowed platforms to generate more relevant ads to individual consumers, some users find them invasive. For those who wish to avoid them, ad personalization can often be deactivated.
Google and Android – Google Support supplies specific instructions on how to disable ad personalization. To disable Google ad personalization:
- Navigate to https://adssettings.google.com/
- Choose where you want ad personalization to stop
- On all devices you are logged in on
- On current device or browser
- Turn off ad personalization
Apple – With the iOS 14 update, Apple is prioritizing user privacy making privacy settings easier to find and customize. To disable Apple ad personalization:
- Go to your device settings
- Click on privacy
- Click on Apple advertising
- Choose “Turn off Personalized Ads”.
Facebook – Facebook uses behavior information to serve more relevant ads to users. To adjust Facebook ad settings:
- Click in the top right of Facebook.
- Select Settings & Privacy, then click Settings.
- Scroll down and click Ads in the left menu.
- Click Ad Settings, then click Data about your activity from partners.
- Select whether we can use data from our partners to show you ads.
Twitter – Twitter follows a similar data gathering pattern as Facebook, using partner and advertiser data to better serve ads to its users. For users who would like to limit how their online activity is tracked and stored online for ad personalization, they can take the following steps:
- Navigate to “Settings” within Twitter.
- Visit the personalization and data settings and adjust the setting Personalize ads.
For other platforms or devices not listed above, ad personalization settings are typically located under the settings section and can be deactivated if allowed by the platform.
Invest in a Virtual Private Network (VPN)
A virtual proxy network (VPN) obscures your online activity, using encryption to protect your data. VPNs also bounce your network activity through a different server than where you are located to hide your IP address.
VPNs are useful when using unsecured networks such as with public Wi-Fi. Even at home, a VPN can protect your information from your internet service provider, apps and the services you use.
Not all VPNs are the same. Online data is still sent to the company where you buy your VPN service, making it extremely important to conduct thorough research when selecting a service. The Commonwealth Scientific and Industrial Research Organisation (CSIRO) in Australia conducted a study that found that only 28% of free VPN services did not track user data, for example.
Look Out for Phishing Attempts
Whenever you are online, stay vigilant for fraud attempts. Phishing attempts were the most common type of cybercrime in 2020 according to the FBI. In the same analysis, the FBI concluded that compared to 2016 there were 11 times more phishing incidents in 2020.
The most common place to watch for phishing attacks is via email. Of the phishing attacks surveyed, 96% were delivered via email.
These attempts to gain personal information from users online come in various forms and can be very convincing. Typically, a phishing email attack will pose as an organization that you may have an account with, claiming that your account is at risk and you need to reset your password.
Once you type your old password into the portal the attackers have designed, they now have your login credentials for whatever account they are seeking. If you aren’t sure if an email is legitimate, reach out to the organization claiming to need your information and confirm via a different channel of communication.
Use Caution When Using Your Mobile Device
When you connect to the internet on your phone or tablet, all of the same precautions for desktop computers should be taken into consideration. Smartphones are now personal data vaults that can be used as a credit card, GPS and music player. With so much power in such small devices, it’s increasingly important to take care.
Use trusted platforms such as the Apple Store and Google Play for downloading apps to avoid malware from third party sites.
Internet safety for children is also growing in importance as more young people have smartphones and actively use apps and browsers. Parental controls on their devices to block unwanted websites and limit the types of apps they can download and use can be considered. Having open and honest conversations about safe device practices is key to developing healthy relationships with technology.
19 Cited Research Articles
Consumernotice.org adheres to the highest ethical standards for content production and references only credible sources of information, including government reports, interviews with experts, highly regarded nonprofit organizations, peer-reviewed journals, court records and academic organizations. You can learn more about our dedication to relevance, accuracy and transparency by reading our editorial policy.
- Stefan Ionescu. (2021, Aug. 27). What Are Encrypted Messaging Apps? Are They Really Safe? Retrieved from https://www.makeuseof.com/are-encrypted-messaging-apps-safe/
- Ari Howard. (2021, Apr. 18). Does incognito mode on your computer protect your privacy? Retrieved from https://www.allconnect.com/blog/does-incognito-mode-on-your-computer-protect-your-privacy
- Laurel Wamsley. (2020, Oct. 13). Your Technology Is Tracking You. Take These Steps For Better Online Privacy. Retrieved from https://www.npr.org/2020/10/09/922262686/your-technology-is-tracking-you-take-these-steps-for-better-online-privacy
- Douglas J. Leith. (2020, Feb 24). Web Browser Privacy: What Do Browsers Say When They Phone Home? Retrieved from https://www.scss.tcd.ie/Doug.Leith/pubs/browser_privacy.pdf
- Brooke Auxier. (2019, Nov. 15). Americans and Privacy: Concerned, Confused and Feeling Lack of Control Over Their Personal Information. Retrieved from https://www.pewresearch.org/internet/2019/11/15/americans-and-privacy-concerned-confused-and-feeling-lack-of-control-over-their-personal-information/
- Independent Security Evaluators. (2019, Feb. 19). Password Managers: Under the Hood of Secrets Management. Retrieved from https://www.ise.io/casestudies/password-manager-hacking/
- Leslie K. John, Tami Kim, and Kate Barasz. (2018, Feb.). Ads That Don’t Overstep. Retrieved from https://hbr.org/2018/01/ads-that-dont-overstep
- Liz Mineo. (2017, Aug. 24). On internet privacy, be very afraid. Retrieved from https://news.harvard.edu/gazette/story/2017/08/when-it-comes-to-internet-privacy-be-very-afraid-analyst-suggests/
- Muhammad Ikram. (2016, Nov. 16). An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps. Retrieved from https://research.csiro.au/isp/wp-content/uploads/sites/106/2016/08/paper-1.pdf
- ACLU. (n.d.). INTERNET PRIVACY. Retrieved from https://www.aclu.org/issues/privacy-technology/internet-privacy
- Apple. (n.d.). Control personalized ads on the App Store, Apple News, and Stocks. Retrieved from https://support.apple.com/en-us/HT202074
- Commonsense.org. (n.d.). Privacy & Security. Retrieved from https://www.commonsense.org/education/digital-citizenship/privacy-and-security
- Facebook. (n.d.). How can I adjust how ads on Facebook are shown to me based on data about my activity from partners? Retrieved from https://www.facebook.com/help/568137493302217
- FBI. (n.d.). FBI 2020 Internet Crime Report. Retrieved from https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf
- Google Support. (n.d.). How Chrome Incognito keeps your browsing private. Retrieved from https://support.google.com/chrome/answer/9845881?hl=en#zippy=%2Chow-incognito-mode-works%2Chow-incognito-mode-protects-your-privacy
- Townsend Security. (n.d.). THE DEFINITIVE GUIDE TO ENCRYPTION KEY MANAGEMENT FUNDAMENTALS. Retrieved from https://info.townsendsecurity.com/definitive-guide-to-encryption-key-management-fundamentals
- Tulane University. (n.d.). Key Social Media Privacy Issues for 2020 Retrieved from https://sopa.tulane.edu/blog/key-social-media-privacy-issues-2020
- Twitter. (n.d.). Your privacy controls for personalized ads. Retrieved from https://help.twitter.com/en/safety-and-security/privacy-controls-for-tailored-ads
- Winston & Strawn LLP. (n.d.). What is the Definition of Online Privacy? Retrieved from https://www.winston.com/en/legal-glossary/online-privacy.html