Recent headlines about shadowy government agencies, high-profile hack attacks, and your face in Google ads drive home a crucial point: Your online privacy is best protected when you keep an iron grip on the information you’re handing out. If your info is on a server somewhere, it’s not truly yours.
So many core aspects of our lives have shifted to the cloud, mostly to our great benefit: Gmail and Outlook.com maintain our email archives. Dropbox and SkyDrive make your files available anywhere, anytime. Windows 8.1 searches include Bing results by default. Google Now dishes out the information you need before you even know you need it.
But every gain in convenience comes with a loss of control, and that loss of control all too often comes bundled with privacy or security woes.
You can take some simple precautions to minimize the amount of personal information that you have online. But before we get started, remember that this data checkup is about what you’re comfortable with. You could follow all the tips in this post, tighten up on just a few of the practices mentioned below, or go even farther down the rabbit hole than the suggestions offered here. Digital privacy is not a zero-sum or a one-size-fits-all proposition. If nothing else, this article can help you make better decisions about the information you share with the services you love.
Giving Google the cold shoulder
When it comes to minimizing your digital footprint, we have to start with Google. Just imagine the dossier the company has on you: search history, sites you visit, Google Play purchases, location data from Android and Chrome and Maps, your Google Drive documents…it looks like a lot when it’s all spelled out like that, doesn’t it?
To its credit, Google takes data security seriously, receiving fairly good marks in the Electronic Frontier Foundation’s annual “Who has your back?” survey. But Google also makes heavy in-house use of your data, a point that touched a nerve with announcements of the company’s plans to use your real name and face in online advertising (not to mention Microsoft’s “Scroogled” campaign).
Divorcing Google isn’t a realistic option for most people, though, given its superior services and sheer ubiquity. Switching to Microsoft’s services still leaves your information in the cloud. So what can you do if you want to reduce the amount of data you’re sharing with either online monolith?
To start, you can keep Google from collecting and sharing your data as much as possible. Using your browser’s private/incognito mode will erase tracking cookies, including Google’s, when you close it. You can also tell Google to stop trailing you in your account’s Web History page (at the expense of Google Now features) and take a minute to tweak your general Google privacy settings.
Another solution is to replace what Google services you can with more private alternatives. Do you use Google Docs but don’t really need its online capabilities? Try the open-source Libre Office suite. If you need only basic image-editing capabilities, skip Picasa and stick to Paint.net. What about Google Drive’s on-the-go docs? We’ll talk more about cloud storage later.
And if you can cut the Google cord completely, there’s always the nuclear option. (Here’s how to shutter your Microsoft account for good measure.)
Google may have a wide reach, but when it comes to mapping your social connections, no company knows more than Facebook. And just like Google, Facebook is practically impossible to shut out of your life. You need it to sign in to your favorite services, play games, chat, and keep in touch with pals.
Tweaking your Facebook profile’s privacy settings can keep other people’s eyes at bay—but Facebook itself has a reputation for questionable user data decisions. How to give Zuck the cold shoulder without divorcing Facebook completely?
Easy: Stop hitting that “Like” button so much and consider removing past thumbs-ups. Don’t add extra information to your profile such as life events, places you’ve lived, and so on. (Here’s a video on deleting life events.)
Finally, decide whether you want to continue sharing your photo library online. Is anybody really looking at them, or are they just fodder for Facebook’s face-detection algorithms?
Facebook also tracks you as you travel from site to site, using the Like buttons embedded on each. Make sure you’re signed out of Facebook to prevent that from happening, or use your browser’s private mode.
You can delete your Facebook account if you’re able (and willing) to cut the socialite cord completely.
Cloud storage
If you slap your files in a cloud-storage locker for anytime, anywhere access, you probably don’t want to give up that convenience. You can, however, seize control of your cloud documents by encrypting them, which helps protect against the data breaches (such as two that happened to Dropbox and Apple) and government information requests faced by many cloud providers.
Note that while many services (such as Dropbox) encrypt your data on their servers, they control the encryption keys in most cases. That means you are not in control of when or for whom that encrypted data is unlocked, but it also makes using the service easier—just enter your login information and go!
A truly “zero-knowledge” cloud provider such as SpiderOak or Wuala, on the other hand, never has access to your encryption key, meaning that only you can unlock your data. (Don’t lose the key!) Alternatively, you could manually encrypt files bound for SkyDrive, Google Drive, Dropbox, SugarSync, or any other cloud service, using a tool like TrueCrypt or the cloud-focused BoxCryptor.
Or, if you want anytime, anywhere access to your files but don’t want to entrust your stuff to anyone else, you could use a Net-connected storage drive like Western Digital’s My Cloud to create your own personal cloud-storage solution.
All the rest
We’ve taken care of your major online accounts, but what about all those random accounts you have connected to your social networks? Go through the settings of your Facebook, Twitter, and Google+ accounts to see the list of apps and services connected to them. Then simply remove access permissions for the ones you no longer use.
Speaking of apps and services, part of good data hygiene is regularly deleting accounts you’ve left by the wayside. Go ahead: Close that MySpace profile and kill your Klout score if you’re not using them.
The tip of the iceberg
Now that you have at least some of your data under control, you could look at numerous other things, as well.
We briefly touched on restricting who can track your browsing while online. For a real eye-opener, try using Abine’s DoNotTrackMe add-on for a week and see how many tracking cookies the add-on blocks. You could also use a stand-alone email program configured using the POP3 protocol to save your email locally and wipe your messages from your provider’s servers. (Here’s the info you need to do just that with Outlook.com, Gmail, and Mozilla’s Thunderbird client.)
For an even more comprehensive look at the topic, check out Macworld’s seven-part series on protecting your online privacy—but note that some of the tips apply only to Apple’s ecosystem.
Going off-grid online is borderline impossible these days, but taking just a short time to tidy up your online footprint can pay big dividends for your security and your privacy. And remember: It’s up to you just how far down the rabbit hole you go. Happy deleting!