Wondering what the first steps should be to reclaim and protect your privacy?
All of the following suggested actions are currently free and are community-tested, dependable, and proven tools. They will all help you to get started on your privacy journey. The steps outlined here are practical, with direct suggestions. You don’t need to learn anything new; simply download them, use them daily, and inform others. Here are Sencode’s ten simple steps to protect your privacy online.
Step One – DuckDuckGo
First and foremost, download and install DuckDuckGo. Searching and browsing are the first two areas where serious data exposure occurs. Your search history reveals your travel plans, medical condition, financial situation, and pretty much anything else on your mind.
Google is well-known for researching this information. They file it, and then release these profiles to data brokers and advertisers who profit from your vulnerability. Switching to DuckDuckGo is the simplest way to begin protecting your search records.
No service mentioned here is perfect to protect your privacy, and DuckDuckGo is no exception. Its business model, however, is based entirely on zero data collection. There is no profiling or spying on who or what you are or do. Most importantly, DuckDuckGo does not track which websites you visit from your search results.
DuckDuckGo offers a mobile browser for iPhone and Android. It’s completely free and open source. Its best feature is that it burns your browser data, ensuring that no information is retrievable from the websites you visit later for tracking purposes.
Change your default search engine in all of your other browsers to DuckDuckGo also, and use Google only when you cannot get relevant results from it. Another notable feature of DuckDuckGo is that it is an onion service, and that leads us onto our next step.
Step Two – Tor Browser
Your browser history is your second most valuable privacy asset. Everyone is spying on your internet service provider’s browser, the websites you visit, and even those you don’t visit. The most effective way to secure your browsing records is to eliminate all of these threats with a single shot. This is where the Tor browser comes in. Except for iOS, it is available on all major platforms, or it comes as an onion browser.
Tor Browser erases your fingerprint, hides your traffic from your ISP, and changes your IP address so that websites you visit can’t trace it back to your true location. Tor browser uses DuckDuckGo as its default search engine and does not save your browser history, so you must rely on bookmarks to remember your favourite websites, and you can have your traffic fully encrypted by visiting onion websites such as DuckDuckGo onion service, effectively taking your traffic off the grid.
It’s critical not to break these important offsite rules when using Tor. Avoid changing Tor browser settings or installing any plugins or add-ons. The only options you have are to change the security settings and to request Tor bridges. Do not use Tor to access any online accounts unless they were created completely anonymously. Also, keep in mind that while Tor is necessary, it is not sufficient for online anonymity alone. Potential adversaries may still target you.
Tor’s main purpose is to allow you to browse the internet without having your every move tracked back to your real-life identity. It easily evades mass surveillance and the blatantly intrusive advertising industry, and helps to protect your privacy.
Step Three – Progressive Web Apps
Although social media has become an integral part of our lives, deleting them all is not the only way to protect your privacy. The issue with social media apps is that they not only track everything you do on their platforms, but they also spy on everything you do on and with your phone. They typically require far too invasive permissions to access your device identifiers, track your location in real time, know what other apps you use on your phone, and read your contacts and file storage.
Even if you delete these apps from your phone, you can still use them in your browser but until recently, this was quite impractical. However, there is a new market innovation that is changing the game. Progressive Web Apps are a type of web application that is constantly evolving and can protect your privacy. A Progressive web app is essentially a website application that is rendered as a mobile app by your browser.
PWAs have kept the majority of the main features of native mobile apps, but their permissions are strictly limited by your browser settings. PWAs have no access to your device identifiers, contacts, or file storage. You have the option of restricting their access to your location, camera, microphone, and notifications.
PWAs are already supported by most browsers, such as Chromium, Safari, and Firefox, and more and more websites are becoming progressive web apps. If you come across one, you should be able to see an option to install the website on your phone via a dedicated icon on your home screen.
Step Four – Privacy Settings
The next step requires a little more nuance than simply tapping to install. To opt out of any data sharing or marketing consent, you must go through the privacy settings of each app and account. You’d be surprised how much information you’re exposing simply by having these settings toggled incorrectly. The majority of this is unnecessary and opting out has an impact on your user experience.
Examine your Google account’s web and app activity settings, Apple’s ad privacy settings, Location Services, Facebook privacy and security settings, and etc. Some of these options, such as personalisation, allow suggestions, and so on, may be hidden in the ambiguous wording. Make a point of doing this for all of your devices, apps, and accounts.
Step Five – Avoiding Phishing Attempts
Phishing attempts are one method by which hackers compromise your online privacy. Scammers use phishing to trick you into providing sensitive financial or personal information. They frequently do this by sending bogus emails purporting to be from banks, credit card companies, or other financial institutions. These emails frequently state that you must click a link and verify your financial information in order to keep your account from being frozen or closed.
Don’t fall for these scams. When you click on a phishing link, you often redirect to a fake webpage that looks like the homepage of a bank or financial institution. But when you enter in your account information, you’ll be sending it to the criminals behind the phishing attempt, not any bank, credit union, or credit card company.
Before clicking on suspicious links, hover your cursor over the link to view the destination URL. If it doesn’t match the financial website you use, don’t click. Also, keep in mind that banks and other financial institutions will never request account or financial information via email. If you receive such an email and are concerned, log in to your financial provider’s online account portal directly. Then you can check to see if there are any issues with your account.
Alternatively, you can call the financial provider directly to inquire about any issues with your account, using the customer-service number from one of your statements or the provider’s website rather than the one included in the suspect email.
Step Six – Use a Password Manager
Using password managers solves almost all of the inherent problems we have with passwords. A good one, such as Dashlane, will recommend, generate, and remember a unique complex password for each account you have. This means that if a password is cracked, only one account is compromised.
Furthermore, many password managers offer multi factor authentication, which requires an additional action from a different device or email to reinforce secure access to your accounts. All you need to do is create one strong passPHRASE (the longer the better) that you must remember in order to access your password manager, and you’ll be good to go. This is an essential step to secure and store your passwords conveniently, and protect your privacy online.
Step Seven – Signal Private Messenger
Your online conversations are your third most valuable privacy asset. Most of these aren’t end-to-end encrypted, and even those that are, are monetising the metadata of your conversations for advertisers. End-to-end encryption secures your communications while also protecting your metadata. There are numerous tools available on the market that can do this for you and protect your privacy
Signal Private Messenger is the simplest solution, and security experts frequently hail Signal as the gold standard of secure messaging. It is also just as simple to use as any other messenger so there is no learning curve to using it. Simply download it for Android or iPhone, add your contacts, and enjoy the freedom of truly private conversations. There is even an easy option in the menu to invite connections on other messaging apps.
The only metadata Signal can currently reveal if law enforcement requests it, is the date and time you registered your account, as well as the last time you logged in. This is practically nothing in the world of technology. Signal does not save any of your contacts, messages, attachments, device information, or anything else. It even automatically removes all metadata from the images you send, and you can use its features to blur faces or draw over images to hide information before you send them.
Signal is end to end encrypted by default and only. This means that, unlike other encrypted messengers, there is no fallback to plain text. Signal does not have access to your encryption keys, and they cannot unlock or read your messages even if ordered to do so. With its ease of use, there is no reason not to use it. Get it and tell your friends to do the same. It’s the simplest thing in the world to do.
Step Eight – Virtual Private Networks (VPN)
A virtual private network (VPN) provides online privacy and anonymity by converting a public internet connection into a private network. VPNs conceal your Internet Protocol (IP) address, rendering your online activities virtually untraceable. When using public Wi-Fi at a library, coffee shop, or other public location, using a VPN is especially important. A VPN makes it more difficult for cybercriminals to infiltrate your online privacy and access your personal information. There are many free VPN solutions available, but if you want the most privacy protection while online, it may be more cost effective to pay for a service from a reputable security provider.
Step Nine – Delete Unused Applications
While you are revising your privacy settings, keep your app setup as simple as possible. You probably have a lot of apps on your phone that are collecting data without you even opening them for weeks. The more apps you have installed, the more vulnerable you are to data leaks and security threats. Delete any apps that are obsolete or redundant from your phone. Make an effort to accomplish more with less. Even if you delete social media apps, many proprietary apps still use Facebook trackers within their apps, allowing Facebook to collect your information. Keep these apps to a bare minimum.
Step Ten – Free and Open Source Alternatives
Finally, this last step will get you started on the never-ending journey of maintaining your digital privacy and freedom. Slowly but steadily, you will need to replace your recurring proprietary apps with free and open-source software. The market for free and open-source software (FOSS) apps is expanding so quickly that there is a privacy-friendly alternative to almost anything these days. Allow Bitwarden to manage your passwords and use Nextcloud to replace Gdrive for cloud storage, and Libre Office includes all of the tools and components required for heavy office work.
Android offers the best marketplace for free and open-source apps and other FOSS apps can be found online. You will be running Linux on your laptop and GrapheneOS on your phone before you know it. Privacy is an ongoing process. The goal is to be able to express yourself freely without fear of public judgement or of authoritative overreach. Privacy, after all, is your basic human right.
For further advice about privacy protection or Sencode Cyber Awareness Training, contact us.