7 Simple Steps to Online Privacy

1 Comment / Privacy Fundamentals / By

You don’t have online privacy

Consider the steps to online privacy as you read this article. Think about your current location – are you at home or in a coffee shop? Reflect on the device you’re using, be it an iPhone, Android, laptop, or tablet. Lastly, think about the applications you’re using, including your web browser and any others that might be running in the background.

The Data Collection Chain

Now, consider this. All of these places, devices, and applications want your data by default. I recently wrote an article talking about the ‘Ad-tenet’ a fictionalization of our current world where every company is bought and paid for by advertising revenue. Well, the truth is it doesn’t start with advertising revenue. It starts further up the chain with data collection.

What data do you ask? Well, yours of course. Your data provided of your own free will is the currency of the internet. Not Bitcoin, and not the dollars and cents sent via PayPal. No, my friend. Your data is the primary currency of the internet. Every time you go to a website, click a link, buy an item on Amazon, or even do a simple Google search. Every time you fill out a form online or transfer funds. Your data is being collected in some form.

Sometimes it can be simple data collection invading your online privacy. For instance, you can make a financial transfer and your IP address or current location will be tagged. Other times, it’s not so simple. Google specifically can track you just about anywhere that you go on the internet. Have you ever had the experience of buying an airplane ticket? How does it start? Well, you go to Google and search for tickets to and from your location. Then you buy the ticket and book your trip. Next thing you know Google will have an appointment set in your calendar letting you know when your flight is and who is going! Then when you get back online you’ll get ads for companies in the location you plan to go to! It’s amazing and horrifying that that level of tracking is possible, but is.

Default Setting: No Privacy

By default, you don’t have any online privacy. It’s not just search engines like Google either. You have no built-in protection from public wifi, your own internet service provider(ISP), or any websites that you use online. By default you are at the mercy of others and those ‘others’ aren’t interested in your online privacy, they are interested in your data because that’s how they are going to get paid for all of these wonderful free services that they offer.

I know this sounds bleak, talking about online privacy always does, but don’t lose hope just yet. I’m going to tell you 7 simple steps to online privacy that you can start taking today. By implementing these steps in your daily routine you’ll be setting yourself up for long-term success when it comes to protecting your and your family’s online privacy.

Use a VPN to protect your online privacy

VPNs are a controversial topic. Some people love them and preach about them every chance they get, while others will tell you they are worse than the problems that they are trying to solve. In my opinion, both of these can be true at the same time.

Unraveling the VPN Mystery

You may be wondering what a VPN is. A VPN is a virtual private network. Basically, it’s a server that sits in the cloud. It provides an end-to-end encrypted tunnel. What does this mean? Well, essentially it means that when you connect to the VPN your traffic is hidden from anyone except for you and the VPN provider. Instead of requests and searches being sent directly from your phone or device they are encrypted and routed to the VPN server first and then they are sent out. This provides some level of anonymity in terms of protecting your IP address. Not only are your requests encrypted, but there will be many more requests from other users all going through that server which helps to hide your searches specifically as kind of a background noise among many others.

The Flaw in the Armor

This isn’t a perfect solution of course, and I can hear someone screaming at me now. “The VPN provider can still see your traffic!” This is true and you need to only use a trusted VPN solution specifically one that is not US-based and that doesn’t keep logs. I’ve written a full article on VPNs here if you want additional information.

For now, I want to leave you with this. A VPN is a great online privacy tool especially when using public wifi. It can protect from malicious users who may be peering on the public wifi traffic. Other good use cases are when you want to hide your IP during the search, or when you want to protect your searches from your home ISP. A VPN is a great tool to reach for when you want a bit more privacy.

My recommendation right now for VPNs is Proton VPN. I use it personally as well as ProtonMail. I’ll add my affiliate link so that you can sign up and try it out today, however, to get started you don’t even need the paid version you can just download it and start using the free VPN version right away.

Ditch Google for privacy-protecting DuckDuckGo

Basically, everyone uses Google. They have a dominant market share and have dominated the search landscape for some time. The proliferation of Chrome as a browser has also made this worse. Chrome has a great browser offering and as such, when you download it you get Google Search as a default. Google search isn’t all bad, to be honest. It’s the single most powerful and useful search engine in the world. However, they have used that power to engage in mass data collection which is inherently privacy invasive.

If you want to protect your online privacy you have to start taking steps to prevent feeding the data-hungry beast. That includes switching search engines. I’m not going to lie. This won’t be an easy switch. It hasn’t been for me. Sometimes alternatives like DuckDuckGo and Brave search don’t return the same optimal results I’m used to with Google. However, in many cases, these solutions can work as well or exceed the capabilities of Google search without data tracking.

A simple way to start making this switch is to start going into your browser and change the default search engine to DuckDuckGo. DuckDuckGo is a private search engine that doesn’t track your searches and adds privacy-invasive cookies to your browser. Instead, it protects your privacy and only serves ads relevant to your current search. That means that after you search when you go to another page, you won’t be blasted with ads for a wedding dress because you looked for a wedding location last week. If you want to know more about protecting online privacy with a more secure and private browser you can check out my full article on the topic here.

Use a privacy-focused Web Browser

Many people use the default browser that comes with their device. That may be Chrome, Safari, or Edge depending on the device. However, these browsers are notoriously privacy-invasive. Instead of using the default browser, you need to be proactive and find a browser that protects your privacy by default.

There are two great options in the space. Both Firefox and Brave Browser. Our team recently wrote a comparison of the two which you can check out here. Fundamentally though, both of these browsers have many default protections in place to help prevent data collection. From blocking cookies and trackers to having built-in ad-blockers and defaulting to privacy-focused search engines. You’ll notice an immediate difference in internet browsing quality by switching to each of these amazing options.

Get started by going to brave.com or https://www.mozilla.org/en-US/firefox/new/ and download using the appropriate link for your device. Once you have the browser installed you can set it as your system default, and then you’re off to the races.

Avoid sites without HTTPS

Have you ever gone to a site and seen this warning?

If so, then you are trying an access that isn’t secure. Usually, your browser will notify you and ask you if you want to proceed. Unless you have some specific reason to be there, such as being the developer of the site your best course of action is to leave immediately.

Any data that you send to this site is unencrypted and therefore insecure. Don’t fill out any forms and don’t enter any passwords on sites that don’t have https enabled. If so you’re just asking for the information you pass along to be stolen. This could be passwords, credit cards, or any other personal information. With some of the browsers mentioned above you can also go into settings and set it up so that they will only allow encrypted https connections.

On the other hand, if you see https and the little lock in the top right-hand corner then there is a much higher chance that the site is legit and that information passed to the site cannot be stolen by nefarious onlookers. However, https isn’t an end-all-be-all. Always make sure you are on a trusted site and that the URL matches exactly the domain that you are expecting it to.

If you want to learn more about encryption and https I suggest you read our full article here.

Start using a password manager

Passwords are a big deal. If a hacker has your email and password they can access almost any of your data. You can forget worrying about companies collecting your data and instead, you are going to be in panic mode just trying to make sure your bank accounts are safe. Some people would categorize password managers as a security tool, but the way I see it almost anything you would hide behind a password is something that is private. Perhaps not in the sense that if someone saw it, it would bother you. But in the sense that you really don’t want anyone knowing your password.

This is where password managers come in. Password managers make it so that each individual site has its own unique password. That way the value of each password is much less important. Let’s say some hacker manages to hack into a site and get a list of all of the users and passwords on that site. In this case, your username and password are exposed as part of the breach. If you used a password the username combined with a random password is exactly worthless to the hacker.

There are some caveats as with all things:

  1. You still need a STRONG master password
  2. You still need a UNIQUE master password
  3. You still need a plan to rotate out this master password on occasion
  4. You need to enable 2FA on your password manager

Getting started with a password manager may be the most difficult task on this list, but it’s absolutely worth the effort. Personally, I suggest using Bitwarden. It’s open-source, free, and user-friendly. You can learn more about Password Management here.

Don’t give away your location on social media

Social media is interesting. Many people use it to display every aspect of their daily life without giving it a second thought. It’s used for everything from posting birthday pictures to pictures of family vacations. This is by no means a bad thing on the surface. It’s nice to be able to share life events with friends and family and social media makes this as simple as clicking a button.

A Privacy Perspective: The Flip Side of Social Media

However, even though there are some positives, from a privacy perspective there are also some major concerns. If you look online you’ll find story after story of individuals who posted details of things like travel arrangements online. In most cases, these social media accounts were public, and as such they were posting their details to a broad audience consisting of anyone who was on the social media platform. Among those viewers, there were clearly a few bad apples, because as soon as these people left their houses for vacations, landed, and posted that they were gone their houses were robbed.

More Than Meets the Eye: The Risks of Over-Sharing

This is really just the tip of the iceberg. Social media users often make posts that give out the names and images of their family members and children. They also inadvertently give away other addresses and house layouts by simply walking their home with their camera. Engaging in public social media activities like this can lead to all sorts of issues.

If you are a social media influencer and it’s your job to post instant information to social media, then so be it. But for the rest of users in the social media world, a quick tip for you to improve your online privacy is to wait until after you are home from a trip before you post pictures and details. That way cybercriminals have no way to target you while you are away. In addition, when using social media it’s important to make sure to make your settings as private as possible again unless you are a public influencer. Additionally, if you have children I suggest keeping them off of social media for as long as possible to prevent harassment which is endemic on the platforms.

Switch to a privacy-focused email service

Last but not least, you need to be using a privacy-focused email service. A privacy-focused email service is any service that focuses on protecting your data and your privacy. With services like this, you’ll end up actually paying for the service long-term or for some broader package that includes email because these privacy-focused companies have a different revenue model(actual paying customers) as opposed to a purely “free” model where the cost of usage is data collection, advertisements, or data brokering depending on the service.

There are a few good services out there, but today I’m recommending ProtonMail. You can get started with ProtonMail for free and can use it for free forever. They do offer upgrades for their entire suite which includes ProtonVPN, ProtonDrive, ProtonCalendar, and ProtonMail. I personally use ProtonMail and have enjoyed the privacy-focused nature of it. I don’t have to worry about them reading my emails or selling my data. You can also end-to-end encrypt emails sent from your ProtonMail account to add an extra layer of protection. This is especially useful when sending data like credit card details or ACH info via email.

As I mentioned I do have an affiliate partnership with ProtonMail, but I requested this affiliate membership because I was already using the service and I stand behind their quality and commitment to data privacy and protection.

Final thoughts on steps to online privacy

If you’ve read this far you’re probably becoming serious about your online privacy. These 7 simple steps can help improve your overall privacy and prevent data collection. By switching to more secure, more privacy-focused companies instead of relying on the larger data-collecting corporations you can really decrease your overall digital footprint. Here are the following 7 steps to online privacy one more time:

  1. Start using a VPN
  2. Ditch Google for DuckDuckGo
  3. Use a privacy-focused web browser like Brave
  4. Avoid sites without HTTPS
  5. Start using a password manager
  6. Don’t share personal and current info on social media
  7. Switch to a privacy-focused email service

By taking these simple steps you can begin improving your privacy today. Remember that privacy is a journey, not something to be solved in an instant. By taking small steps over time you can begin to decrease the amount of info you are giving away for free. These steps are just a stepping stone to a larger privacy journey!

This article contains affiliate links

1 thought on “7 Simple Steps to Online Privacy”

  1. Pingback: Best Search Engine For Privacy in 2023: DuckDuckGo vs. Google - Personal Privacy Online

Leave a Comment

Your email address will not be published. Required fields are marked *