Privacy awareness on the Internet is changing rapidly. Privacy advice has to adjust accordingly. Inside the last three years we had an explosion of news covering privacy and as a result more people are aware of how fast and loose their data is being treated. It may also be that the repeated data breaches and Personally identifiable information(PII) data exploitations that have been uncovered at Facebook and other places have contributed greatly to people’s new perception of this topic.
Unfortunately, at the same time, the hunger for PII has been growing. Many times criminal organizations are successfully gaining access to data. According to some studies there is a new victim of identity theft every 2 seconds in the US, and Experian published a statistic that 31% of data breach victims have their identity stolen. Most of the exposed identity records, 47%, are by organizations from the United States and China.
We at XcooBee work diligently to introduce tools for both businesses and individuals to better manage the processing, sharing, storing PII data and consent. Organizations can build full fledged GDPR, CCPA, or NYPA processes on our platform. Many of our tools, like the XcooBee Cookie Kit, are available as Free and Open Source software. However, we also believe there are a few things that each individual should consider doing to limit the data that is available out there.
So, here, after much deliberation, is our 2020 top things to do that anyone should consider as part of their own privacy tool belt.
1. Manage Your Cookies & Fingerprints
For most of us this means regularly deleting cookies. Your browsers can nowadays remove all cookies that you create during a given session. For example in Google Chromes this is hidden under “Keep local data until I quit my browser” in the cookies section. Familiarize yourself with your favorite browser’s cookie options is also helpful. The more you understand how your browser handles the tracking of your person, the easier you can make informed decisions.
Be aware that if you remove cookies from banks or other financial institutions they make ask you for more information when logging in again.
Many sites have switched from Cookies to fingerprinting. This is a less visible mechanism and harder for users to control. Using privacy browsers, anti-fingerprint browsers, or plugins to throw off fingerprints is an approach to consider.
2. Use Privacy Browsers
It is time to look at the eco-system of browsers again. In the last year privacy focused browsers like Brave and Firefox Focus have gained market share.
This has even prompted the stalwarts at Google to take notice and start modifying their data hungry behavior to adjust to the market and consumer trends. Users have spoken clearly and loudly and you should consider joining this movement to improve your online privacy stance.
Also don’t be shy to spread your browser affection. Use multiple ones. The more you spread your internet use, the harder it becomes for others to profile you via a singular browser and browser fingerprints.
3. Use Privacy Mode of Your Browsers
If you are doing searches for anything, you should consider doing them in Privacy mode of your browsers. Any access to non-standard site should also be done this way. Don’t forget to close the privacy mode window so the browser can delete all the references. This prevents build up of tracker cookies and allows a clean slate every time.
Normally, all open privacy mode windows share data. Thus, you should not login to multiple services like Facebook or Google at the same time, since these services will then start co-relating your behavior whether you use privacy mode or not.
With some browsers this also changes your fingerprint slightly and, thus, makes it more difficult to track you via browser fingerprinting.
4. Some Plugins are Good
We recommend that you look at certain browser plugins to help guard you as you are surfing. For sure, many security companies like Symantec, McAfee will sell you one, but we are not certain that they are not themselves using this data.
We believe the source matters. So a plugin like Privacy Badger from the Electronic Frontier Foundation or FB Purity for use with Facebook.
5. Use a Privacy DNS
Domain Name Servers (DNS) are the Internet’s equivalent of a phone book. Whenever you visit a site, your computer first looks up the correct IP address using DNS. Each ISP normally has a servers that you automatically use. This gives the ISP the option to save all the queries you do against DNS and correlate this to a picture to sell to marketers.
You can opt out of this by overriding this for your whole network on your router or individually on each device. For details on your router use Duck-duck-go to search for documentation. As replacement DNS you might want to consider using Cloudflares 1.1.1.1.
6. Use Privacy Search Engines
It seems the business of search engines is to sell their visitors goods and services. And, in return, collect more data to sell to marketers. It’s a vicious cycle and an overall poor deal for the actual users.
In general, your search results seem to be more influenced by what marketers want you to see vs what you actually want to search for. All big search engines, Google, Yahoo, Bing, do this. Instead we recommend that you use someone like DuckDuckGo; in most browsers you can select them as a search engine in your options and everything continues to work as usual without search tracking.
7. Use Tor Privacy Browsers
The Tor anonymity project has created browsers that have VPN capabilities and automatic isolation of surfing and tracking built in.
The Tor Browser isolates each website you visit so third-party trackers and ads can’t follow you. Any cookies automatically clear when you’re done browsing. So will your browsing history.
Keep in mind this may be slightly slower but a good alternative to managing cookies daily.
8. Clean House
Consider cleaning accounts and your data from sites that will allow you to do so. With the advent of the GDPR & CCPA this is possible with many more sites though the process is different for each of the sites.
Signup for a free XcooBee account and use the XcooBee tools to make Erasure Requests and Subject Access Requests (SAR) simple. You can even manage complaints to supervisory authorities. Track progress and document activity. This is the only consumer privacy tool that lets you do this much centrally and all for Free.
It is good practice to submit Subject Access Request (SAR) to find out what is stored about you first. A fair warning, this may be many gigabytes of data.
Put it on a schedule and repeat. There is no automated way at this moment to schedule this for you, but we at XcooBee have this feature on our radar.
9. Use VPNs
VPNs are not the answer to everything, but they can make it more difficult for the local ISP to track you and tracking you they do. In the US, the rules are quite permissive and it is easy for ISPs to accumulate and sell data about you while you use their network.
Fortunately, there are quite a few solutions available whether on a PC, device or home-router level, you have a few choices. For more details you could visit the VPN review of the That One Privacy Site.
10. Protect your Email
Many sites require that you provide and email and, then, proceed to verify it. You cannot easily make up one and so your email box becomes harder and harder to manage. This creates increased levels of stress.
In addition, your email may be sold, copied, breached and you are, then, on the radar of people targeting you. You can see how email has become the primary gateway of spam, phishing and viruses to your computer. In short, you need to become more vigilant about protecting it.
You can setup special addresses and manage your own email servers, but this quickly becomes unwieldy and requires technical expertise.
We recommend that you use email protection services that will allow you to create temp, special purposes addresses. You can consider using XcooBee Email Guard. It is one of the first special-built tools for this purpose. You can generate a temp email with one click or shut it off with another. You control from whom traffic is allowed and for how long. Should your email guard address be compromised or breached, you shut it off easily.
This gives you the ability to use email more actively without the same stress and anxiety. Give an email to the store clerk or use it to test drive a new service without fear that this is forever.
XcooBee Email guard emails are fully functional email addresses that you can use to receive and send messages while protecting your primary email. They are simple to create, manged centrally, and can be used from your primary email account. No messy logins, nothing else to remember. For XcooBee users, this helps us boost email privacy and reduces internet stress and anxiety we didn’t even know we had.
An ounce of prevention
After doing some online searches and/or looking for an item on Amazon you might have wondered how Facebook was so magically prescient to know that you were looking for a new mattress.
The unfortunate answer is cross site tracking and data sharing between the big internet companies. They can do so because you are logged in to their accounts and many other internet sites use technology pieces from them that allow a correlation to be made.
The simple solution is once your are done to logout, and to logout completely. This is hard. After logout many big sites will still display an avatar with your profile picture on their login window or show you the three previous accounts that used this browser. This seemingly convenient feature is not for convenience; it allows continued tracking and means you have not completely logged out.
If so, consider going back to the first item on our list and delete the cookies.
Similarly, don’t forget to logout from the browser itself. Many browsers have user accounts. Logout from Chrome, Firefox, Safari etc. and try surfing as guest. You might see less magical conjectures and experience better long-term sanity.
Moreover, when asked to provide data to a service, stop a minute to review whether what they are asking for is reasonable. Feel free to be liberal with made up data. After-all, why does your local pizza delivery need to know your birthday or your favorite car make?
And, sometimes, we have to recommend that you walk away from services that wish t have to much information or build their riches on business models based on “free” consumer data.
Be Safe,
Your XcooBee Team