Stop online companies from stealing, selling, (and leaking) your personal data.

Photo of a laptop
image of madison

Recently, someone said to me, “Hey, you look like a paranoid nerd. How can I stay safe online?” to which I replied, “It’s easy, Mom” and then went off on a rant about every American’s Fourth Amendment right to be secure in their persons, houses, papers, and effects.

By the time I got around to citing Katz v. United States (1967)—wherein the Supreme Court held that these protections extend to intrusions on the privacy of individuals, too—she’d already Googled the answer on her mobile phone.

But if—by some miracle of SEO—your internet search turned up this page result, here are my best tips for sabotaging the freeloading data suckers that are over-running the Interwebs.

First, here’s why personal privacy is still very important. (In a word, FREEEEEDOOOOM!)

Privacy is so important, the framers of the Constitution mentioned it (while leaving out any reference to God or America being a Christian nation). Yeah, that’s the level of concern privacy held for the founding fathers. In the modern world, there are still good reasons for protecting yours: Some guy named Schneier put it better than I ever could.

Too many wrongly characterize the debate as “security versus privacy.” The real choice is liberty versus control. Tyranny, whether it arises under threat of foreign physical attack or under constant domestic authoritative scrutiny, is still tyranny … Widespread police surveillance is the very definition of a police state. And that’s why we should champion privacy even when we have nothing to hide.

Sadly, since most of us are too lazy to protest the government’s continual intrusions into our daily lives, I’ll offer some easy ways to limit the amount of information governments and companies can glean from your online activities.

Hasn’t the data privacy ship already sailed? Do I still need to be worried?

Yes, you do, and more than ever—thanks to browser cookies, Flash-cookies, IP tracking, fingerprinting, camera phone lens dust, and a myriad of other new digital tracking techniques, your personal data is currently and constantly being collected en masse by scum- and PII-sucking data brokers.

The issue here isn’t even just about data privacy, it’s about compensation, too. Nine faceless companies you’ve never heard of—Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, PeekYou, Rapleaf, and Recorded Future, among others—are making money off spying on you and your behavior.

That’s right, they’re making millions and you’re getting squat. Screw that.

Now, you can opt-out of many databases with this list of data brokers, but just remember that, even if you opt-out of those, other tech companies like Facebook, Amazon, and Google still collect and retain tons of data about you. All. The. Time. Forever. They are relentless data scraping machines.

Data collection, in itself, isn’t evil. (But data brokers are the devil.)

To be honest, I want businesses that I patronize to collect and save the data I provide them with through visiting their store, browsing their website, or calling their support line. I want businesses to know when my birthday is, what my sizes are, where I live, and how I like my burgers cooked. I want them to know and retain my preferences as I have consciously chosen to do business with them. I don’t even mind that Google collects all this detailed information about me. I simply don’t want them (or anyone else) to sell or share that personal data or offer its use to third-parties for advertising purposes.

Collecting so much PII (aka, Personally Identifiable Information)—gleaned from tracking your behaviors everywhere around the internet—would never fly in the real world. If someone followed you around the mall from store to store, taking notes on everything you did, you’d call the cops and get a restraining order.

Yet the sale of my personal data—to companies I don’t know, or worse, despise (like Microsoft, AT&T, Comcast, et al)—should be illegal (and severely punishable).

Until that happens, though, we’re on our own.

Here’s how to protect yourself from data brokers using Firefox and a few add-ons.

firefox logo

Proudly non-profit, Mozilla makes products like Firefox to promote openness, innovation, and opportunity on the Internet.

  1. Download the non-commercial Firefox browser as it has the most privacy-oriented add-ons of any browser
  2. Use the Firefox addon Containers to prevent Facebook, Twitter, Amazon, and Google from following you off their site to others around the web
  3. Add the StartPage and/or DuckDuckGo search engine add-ons to search the web without retaining your searches or IP address
  4. Add uMatrix for the ability to forbid/allow tracking (via JavaScripts) from data brokers, ad servers, Facebook, Google, etc
  5. Set and forget uBlock Origin, a light-weight ad-blocking alternative to the more shady AdBlock Plus
  6. Add the EFF’s HTTPS Everywhere add-on to force secure Internet connections with websites
  7. Privacy Badger automatically learns to block invisible trackers
  8. Privacy Possum hamstrings common tracking methods by reducing and falsifying the data gathered
  9. Canvas Blocker prevents javascripts from identifying your browser based on your fonts, and other unique characteristics. Also, visit about:config in Firefox and make sure privacy.resistFingerprinting is listed as true.
  10. TrackMeNot sends random phrases to search engines so they don’t know which are real searches and which are fake
  11. Two guys who quit Facebook created Privacy Pro (free and $24.99) a smart VPN to secure all your Internet connections, with ad tracker protection (I have this on 24/7 for mobile and Mac)
  12. For the best (though imperfect) security, use TorButton so you can toggle The Onion Router (TOR) on and off in Firefox

Encrypt your internet browsing with a Virtual Private Network.

bear logo

Click this ad to buy so I get affiliate money!

Money-grubbing entities like Comcast, AT&T, CenturyLink, Time-Warner, Frontier, Spectrum, etc—also known as internet service providers (or ISPs)—can and do track every website you visit over their internet connection. They then sell your personal data to anyone or any company to use for any reason, all without asking your consent. Luckily, you can encrypt all your Internet browsing so they can’t see shit with an independently audited Virtual Private Network (VPN) like TunnelBear (sponsored link, yo). They’re from Canada, and recently got bought by McAfee, but I like and pay for their service. Another good one is PIA (Private Internet Access).

Strengthen the weak link in your privacy chain by changing your DNS server.

A lot of people think that using a VPN completely protects you from ISP and other spying, but your DNS history still gives your surfing habits away. To close that last loophole, you just have to change your DNS server to a third-party service. You could use Google’s public DNS service, but I prefer to limit the info I give them, so I use CloudFlare’s 1.1.1.1 service. Cloudflare is ostensibly privacy focused, and at least it isn’t Google.

UPDATE: Mozilla has recently added the above functionality within Firefox! Just visit: Preferences > Network Settings > Enable DNS over HTTPS, and choose “Use default.”

That’s it, you’re safe! (Sort of. Okay, well, for now.)

Once you deploy ALL these simple steps, you can surf the web semi-confidently knowing that most companies won’t be able to spy on you. Only the NSA, the Russians, the Chinese, and serious neckbeard hackers will be able to see what you’re doing online.

Totally worth it, right?