Our private information is not safe online. We saw this in Netflix's 'Social Dilemma': big companies are constantly manipulating their users - molding them into their end product and to achieve this, there is a very heavy price to pay on ethics.
In this world, everything is allowed: collecting personal data and matching it to our every action, creating the perfect profiling and super efficient, tailored ads, and other similar practices.
That's why in 2021, it's crucial to know what actions to take when online to live it with peace of mind, benefiting from this new e-reality.
On this page, you’ll find:
- 5 actionable tips on how to protect your privacy online.
- Some useful tools that will help you stay safe while browsing.
- A free eBook guide to achieving all-around peace of mind.
1. Don't give away your personal life every time you are asked to do so
Remember that time your mom ordered you not to accept candy from strangers?
No, we're not really talking about that physical gift. Still, the chance to show other people how incredibly cool our lives are is tempting - and it drives us to provide truly personal information. Then, we use that same information as password recovery questions for other services or directly as our secret key: gateway to our intimate lives.
Also, who doesn't want to receive the IG story tag with "happy bday wishes" to repost? And who doesn't use the same birthday date as part of their personal password? Here comes XKCD's story of the correct-horse-battery-staple and the sage advice of creating silly nonsense stories that result in unbreakable passwords. Beyond that, two-factor authentication and similar features can also be an en-passant game changer when it comes to your privacy.
Related reading: How to protect data in the cloud: 9 best tips of 2021
Another thing that is almost always overlooked is the privacy of an email: many people make it visible on their Linkedin, but this is not a safe practice at all.
To avoid being included in email lists sold on the web, it can be useful to apply "address munging": basically it's when instead of entering firstname.lastname@example.org you include name[at]gmail[dot]com, this way algorithms have more trouble finding your email address and only real people can contact you.
Well, it actually still happens to be included in email lists that will be sold on the web, but you'll surely avoid a lot of spam.
N.B. This is where human complexity helps you out: a tip might be to replace the a in "at" with the a in another language that looks completely identical to the eye, but that the computer reveals instead as a different character. Or anything out of the box that you can think of.
2. Keep an eye out for that social-engineering attempt!
You can use any tool you want, even a zero-knowledge encrypted service, but if you don't take care of your keys (and social engineering attempts to trick you!), good luck my friend!
Social engineering is based on human error: instead of processing a hacker attack on the server, the perpetrator manipulates the victim to gain access to the server directly through the front door.
And it's not just about stealing your credit card, your data - in whatever form you find it - is tempting: Have I Been Pwned is a tool through which you can check if they've stolen your password and it's currently being sold on the Dark Web.
It takes various forms:
- Baiting: basically happens when the attacker promises something untrue to trick the victim, one form is a malware-infected usb driver. And people's curiosity also drives them to insert the ones they find in the parking lot into their own computer.
- Scareware: remember that time a window popped up saying that your computer is infected with 9,999 viruses and asking you to download that new antivirus (which was actually malware)? Well, that was scareware.
- Phishing: This is the most common one, with the attacker knowing your email and contacting you pretending to be someone from Google and asking for your gmail credentials to check the health of your account. Instead, he steals them from you.
The best prevention here is to know the problem: it's good to know that these dangers exist so we'll be aware the next time they try to trick us. Eyes open and let's find out the next tip on how to protect your privacy online.
3. Do not forget about your mobile phone
We carry our cell phones with us all the time, to the point where it's a part of our extended lives. But we never think about the implications of that.
On one hand we have the apps we use: where turning off our location on Google Maps and keeping Wifi turned off are best practices. On the other hand, we also have a device that is directly connected to a SIM and can easily be swapped out by hackers to fool 2-FA and gain access to all your accounts.
That's why it's crucial to behave properly, using the right apps (i.e. install DNS66 ad-blocker + VPN!) and also keep it updated and truly protected as much as possible by doing updates, using antivirus and avoiding connecting it to public USB ports.
Also, a practice that seems annoying but really useful is to add a password to the screen lock: trivially, if someone gets physical access to your phone they have to guess! (i.e. you add an extra layer of security).
4. Security and privacy go hand-in-hand!
But isn't that the same thing? No, the difference is subtle but it does exist.
When we talk about privacy we are referring to all these things related to external people accessing our data as we mentioned with the Social Dilemma. But it also happens in a more tangible way in the US with the Cloud Act, where governments can ask to read your data from the service provider if required by law (which is why we strongly suggest choosing an EU-based, GDPR-friendly provider - here's a guide).
On the other hand, when we talk about security we are referring to encryption, data breaches and the like.
That's why suggestions like password strength, 2-factor authentication, level of encryption and the like refer to the second of the two worlds just laid out above. But let's think about it: if someone knows my password, they can access and read my data!
That's why I decided to leave a section to complete these tips on how to protect your privacy online with 6 security precautions:
- Create a unique password
- Activate 2-Factor Authentication
- Use zero-knowledge encrypted services
- Apply the 3-2-1 backup rule (the professional photographer Anete did it successfully!)
- Adopt a Password Manager (1password is a good tool, which also recently raised $100M!).
- Avoid storing sensitive information
5. Go beyond seemingly "free" services and embrace the tools that truly protect your privacy
Degooglise yourself! What a great motto, right?
But the reality is that the simplicity of these seemingly 'free' tools has made us increasingly dependent on them, and we can't break away from them. And while Google has promised many times to stop scanning content, the reality is that we're a long way from that.
Related reading: Cloud storage privacy & security: 6 things to consider
However, you've made it this far in your reading - you're aware of it and that's a good first step! To protect your online privacy it's time to act now, here are 5(+1) best practices to degooglise yourself:
- Don't use voice assistance in your home. Get rid of Alexa and the "Hello Google" mantra.
- Google Maps is incredibly immersive, but live location is directly connected to Google's entire portfolio - clearly scanning every move you make by profiling you as a Personas. You can start using OpenStreetMap instead.
- Use privacy-oriented (and encrypted) messaging apps like ‘end-to-end encrypted’ Signal.
- With multi-account containers, you can lock Google and Facebook in jail: by separating your tracked data into a separate account, you avoid giving away your personal information.
- Avoid US-based tools that are lightly encrypted (i.e. they are subject to the Cloud Act, a law which allows governments and legal agencies to enforce data reading if required - look at what happens with Wetransfer!).
- Bonus: use eBlocker as your vibranium shield against Big Tech spying on you 👇👇👇
eBlocker is a plug and play software to surf the internet anonymously and privately. It is free, open-source and you can simply install it on your Raspberry Pi. It protects you from trackers and ads while keeping your IP address anonymous. eBlocker is also our ally in the Privacy Avengers team - check it out! ⇒ eBlocker
Also, be careful with every tool you use. The story of Zoom is shocking: a video calling tool that in the aftermath of the pandemic has had a dramatic increase in use thanks to adoption by institutions like universities and prestigious firms worldwide. They were recently asked to pay $85 million for lying about their end-to-end encryption, instead sending data to Google and Facebook (read Arstechnica's article here).
6. Bonus: avoid data loss at no cost with the 3-2-1 backup rule!
The social dilemma we talked about in the article's introduction is a reality, and the task of this article was (I hope!) to make you aware that there is a way out.
Putting these 5 actionable tips on how to protect your online privacy into practice today will make all the difference in your daily life. If you want to achieve all-around peace of mind when it comes to privacy and security, get this free guide and start applying the 3-2-1 backup rule today!