Personal information is the currency on which much of the internet depends. It’s gathered everywhere, often without people’s knowledge, and it effectively pays the bills on many free services and apps we take for granted. Depending on how radical you are, you could see this as a fair trade in exchange for services—or as companies extracting free labor from the internet-using populace.
Understanding this ecosystem is difficult, but removing yourself from it is even harder. For starters, years’ worth of your information is already in the possession of numerous legal data-broker sites.
In the course of writing “How Companies Turn You Into Money,” my other feature story in this issue, I looked at and purchased information from several data brokers. I then took stock of the sheer bulk of information I had knowingly and unknowingly provided to social-media services. It’s staggering.
That’s not even considering the volume of my personal data that is invisible to the outside world—locked up inside the databases of publishers, third-party advertising companies, search sites such as Google, and so on. That data is compiled, sliced, diced, perhaps anonymized, and distributed entirely outside my control.
Then there’s the information that has been stolen. Some of this I know about. My Social Security number (among other things) was stolen during the now-legendary Office of Personnel Management hack, where data stored by a major government office was exfiltrated. It’s a running joke of mine that privacy doesn’t really matter much to me, since the Chinese government can probably check my credit.
But hopelessness is boring. If technology got me into this mess, I can try to use technology to get me back out.
Abine’s DeleteMe service looks within data broker and public records aggregator websites to find personal information for sale. (I used it in “How Companies Turn You Into Money” to get a sense of the scale of data collection.) The service costs $129 per year for one person and $229 per year for a second person. As with LifeLock and similar services, you have to provide Abine with a good amount of personal information in order to get it removed elsewhere. Because data brokers have differing requirements to have information removed, Abine asks that you upload an anonymized image of your state-issued ID.
A handful of these services respond instantly, but most take between a day and a week to process DeleteMe’s requests. Some can take up to six weeks, which DeleteMe chalks up to the requirement of some services that a request for data removal be snail-mailed. Part of what you’re paying for with DeleteMe is to have someone else handle the tedious follow-ups and continued tracking of personal information. My personal information could, eventually, find its way back on to any of these sites.
Security researcher Troy Hunt runs the site HaveIBeenPwned.com, which aggregates the information from mass data breaches into a searchable service. This includes data that was disclosed by the companies but also public dumps of the data from the bad guys. Type in your email, and you can see which of your accounts were exposed. According to the site, my information was involved in breaches from 17 sites and three public information dumps. So my data is already floating around the Dark Web, likely being sold and repackaged over and over again.
Hunt doesn’t offer a tool to address these breaches. Instead, he gives the same advice I or any other security professional would: Change your password to something complex and unique, and turn on two-factor authentication (2FA). What’s 2FA? There are three generally recognized factors for authentication: something you know (such as a password), something you have (such as a hardware token or cell phone), and something you are (such as your fingerprint). Two-factor means the system is using two of these options. In practice, this means performing another action, such as entering a six-digit code from an app after entering a password.
As for the information exposed in the breach, it’s as good as gone. But knowing which sites are at the highest risk is useful. It’s also an opportunity to decide whether these are worthwhile services. While requesting that a site or service delete your account might not always work (some just archive it in case you come back), it’s worth a shot.
Last, most password manager software includes tools to check for breached accounts and warn you against recycling passwords. Some programs even highlight sites where you’ve recycled passwords and automatically change them for you.
While working on “How Companies Turn You Into Money,” I tried to leave as small a data footprint on the web as possible. I don’t believe it’s possible to avoid all data collection and still be either A) alive or B) a contributing member of modern American society, but it is possible to cut back. And it’s absolutely possible to become more aware of the information you spread.
Email Addresses: Email has been around so long that it seems mundane and even expendable, but it’s still enormously valuable. Email addresses are useful identifiers and a direct means of access to consumers on the web. While we at PCMag have been telling people for years to stop recycling passwords and to let a password manager do the heavy lifting, we’ve been quiet on the subject of email addresses. A recycled password is bad, but a recycled email address is significant, too. There just hasn’t been a good tool for managing a bunch of email addresses.
Abine Blur, however, is one such tool. From the same company that created DeleteMe, Blur is a suite of privacy tools that includes a password manager and masked email addresses. Just enter a real email address on the Blur website, and install its browser extension. Any time you’re prompted to enter an email address, Blur pops up and offers a masked alternative. Emails sent to your masked address will be forwarded by Blur to your real address. Best of all, you can generate and destroy new masked addresses on the fly. That’s much better than clicking on unsubscribe and hoping.
I’ve been using masked emails for a few weeks, and I’m impressed. With two clicks, I’ve separated a service from my identity, and I let my password manager (I use LastPass) generate and remember long, weird passwords. That said, I have bumped into a few sites that wouldn’t accept the email addresses Blur created. Perhaps the email domain has been blacklisted. This was the exception, though, and I’ve had little issue with the service.
Phone Numbers: Phone numbers are enormously important identifiers, because a phone number almost always represents an individual person, thanks to cell phones. And unlike with other identifiers, individuals have to receive and maintain a phone number. This means each number is, to a certain extent, verified. So it’s a good idea to limit the extent to which your phone number is spread.
If you can, decline to make it available to apps that request it. Don’t allow apps to scour your contacts list to match you with your friends. Try not to add your phone number to forms unless absolutely necessary.
Unfortunately, we can’t keep our phone numbers truly secret. For one thing, you probably want to get calls and texts. For another, you have to provide a phone number to some companies in order to receive 2FA codes.
You can limit the spread of your phone number simply by creating another one. Google Voice, an excellent and largely seamless service, creates a phone number that will forward to as many devices as you like. You can make and receive calls from the Google Voice app and even send and receive texts. For years, I have given out my Google Voice number instead of my phone number. But I’ve found that some 2FA services won’t accept a Google Voice number.
An Abine Blur account can also be used to create disposable phone numbers. Making a call with your number from Abine costs $0.01 to connect and $0.01 per minute, which is small potatoes compared with the $3.00 of call credits you’re given each month.Both Google Voice and Abine Blur limit you to one dummy phone number. The Burner app, however, lets you create and destroy numbers at your convenience. I haven’t tested this app and cannot speak to its efficacy or security, but it’s a really neat idea.
Payment Methods: Credit cards are enormously convenient, but unlike cash, they leave paper trails. The issuing bank or credit card company has a list of everything you’ve purchased. And like phone numbers, each card is usually tied to a single individual. They also require some effort to get and maintain.
I advise people to avoid using debit cards as much as possible, simply because you have more consumer protections with a credit card. But for privacy and security, I recommend avoiding using your actual credit card number whenever possible. This is easy to do if you have a recent Apple or Android smartphone: Apple Pay, Google Pay, and Samsung Pay all tokenize your credit- and debit-ard information. That is, they create a bogus number that is connected to your actual card number.
You can extend this same protection to other contexts with Abine Blur’s masked credit cards. With Blur, you can quickly generate a prepaid credit card with a bogus name and billing address. The minimum amount is $10, but you can request a refund for any money on your masked cards that you don’t use. You can also create and destroy masked cards at will, meaning that you leave little trace from your purchases on a website or on your credit card statement.
Tracker Blockers: As you move across the web, sites assign trackers and cookies to you. Some of these let the site remember who you are and deliver a custom experience every time you stop by. That’s useful if you always adjust the text size on a news site, for example. But other cookies and trackers are used to track your movements across the web to observe your habits or target ads.
Fortunately, you can block many trackers and cookies using any number of ad and tracker blockers. I prefer Privacy Badger from the EFF, but there are many others. Ghostery, TunnelBear, and Abine Blur are good options, and several ad blockers are available for iOS and Android, too.
Note that using these blockers can sometimes break websites. A blocker might, for example, prevent a site from communicating with the service that stores all its images, or it could prevent you from submitting an online form. Privacy Badger and others include toggles for each of the trackers and cookies on a site, letting you whitelist, blacklist, or temporarily allow an individual service. You can also set most blockers to whitelist an entire site.
Email Clients and Services: Google says it no longer searches through your Gmail inboxes to retarget ads, but it seems that AOL and Yahoo might still be doing it. Moreover, many emails from companies and services contain trackers and other technologies that monitor whether their messages go through and track you when you click a link from the email. Some of this is done with remote content—that is, elements that are stored elsewhere on the web but called upon by the email you receive. When the remote elements load, whoever sent the email knows that it made it through.
ProtonMail (from the creators of ProtonVPN) is an encrypted email service that doesn’t make money off your content. That means it does no ad retargeting, and no bots are spidering through your emails. It also blocks remote content in emails by default, letting you choose whether you want those elements to load in your inbox.
The venerable mail client Thunderbird may not be the slickest way to check your email, but it can block remote content and embedded trackers. Thunderbird features fine-grained controls that let you whitelist email addresses for remote content, temporarily allow remote content, and choose which services can load in your messages.
VPNs: Thanks to a decision from our clown-shoe Congress, ISPs can now sell anonymized versions of your user information. This won’t include your name and will be aggregated with the information from many other users, but still: It’s converting your online activities into money for ISPs.
When you use a VPN, your ISP can’t see what you’re up to online. A VPN also effectively hides your true location and masks your IP address; both of those can be used to identify you online and target ads in your direction. PCMag recommends NordVPN, Private Internet Access, or TunnelBear for your VPN needs.
There are a lot of pros and cons to using a VPN, which I have discussed at great length in my ongoing coverage of the VPN space. In general, the big drawbacks of a VPN are price, impact on performance, and being blocked simply for using a VPN.
Firefox Containers: Though it’s a blast from the past for some, the newest version of Firefox is extremely good. Heck, it got me to use the vulpine browser for the first time in nearly a decade. Along with its speed (and an overall focus on privacy), Firefox also has a new trick up its sleeve: Containers.
Containers let you create separate spaces for different contexts. You can, for example, create Containers for work, shopping, banking, and so on. Whatever sites you visit or log into in each Container (which can contain multiple tabs) stays in that Container. When you’re logged into your office’s Google account in the Work Container, you won’t be when you switch to a different container.
Mozilla, the non-profit company behind Firefox, also offers a specific Facebook Container extension that keeps all your Facebook activities in one place. That makes it much harder for the social-networking giant to track you across the web. You can create your own Containers and assign them to individual sites.
Many of the dominant forces on the internet today are built on business models that monetize user data. But if you’re willing to make a big change, there’s a galaxy of services that don’t seek to turn you into dollar bills.
Over the last few months, I’ve made it a point to explore some of the opensource and privacy-focused services on the web. While some are in their infancy, it’s exciting to see what the web looks like when it’s not after my information.
Use web apps instead of apps: Bill Budington, EFF senior staff technologist, recommends that people try to use web apps instead of downloading apps from the app store. Apps can have lots of complicated tracking technologies inside them, sometimes placed without the express knowledge of the app’s developers. The problem is that some online services tend to push you toward using an app instead. Tumblr and Pinterest, for example, are almost unusable on the mobile web.
DuckDuckGo: Google and Facebook dominate data gathering and content distribution online. If you want a divorce from Google, try DuckDuckGo. This service doesn’t record your search activity and doesn’t seek to monetize your activities. It also has some nifty features that Google doesn’t offer, including a dark mode for its search page and the ability to go directly to an image search result.
To be fair, I have found some things that Google is just better at than DuckDuckGo. For example, Google is almost always able to find a tweet based on just the content that I can remember. DuckDuckGo, not so much. But by making DuckDuckGo my default search engine in Firefox, Google is now just another tool in my internet toolbox.
OpenStreetMaps: Google Maps is, arguably, one of the greatest creations of the internet age. Being able to find your way from one place to virtually any other place on Earth from a search bar is amazing. But Google Maps also trades on your activities. When you use it, you’re providing Google with your location, as well as important information about you, such as your commute, your travel habits, and even where you like to shop and eat.
OpenStreetMaps is a crowd-sourced, freely distributed map service. Think Google Maps but open-source. It can get you from point A to point B pretty well by foot, car, or bike. Unfortunately, it lacks the transit directions and business search that make Google Maps so magically useful. But again, it’s nice to have an alternative in the toolbox.
Join the Federation: While several attempts have been made to create an ethical, ad-free social network, most became punchlines. The unveiling of Mastodon in 2016 was a little different, at least for me, because the service was so polished at launch. It was also a great opportunity to learn about federated social networks: networks made up of different servers that all communicate with one another.
Think of it this way: You can sign up for an email address at any number of websites. Yahoo, Google, Apple, ProtonMail—take your pick! But you can send and receive emails to and from anyone else with an email address, regardless of the service they chose. It’s a federated network. That’s in contrast to the monolithic design of most social networks: It would be preposterous to presume that you could use Twitter to communicate back and forth with someone on Facebook. The two services simply don’t talk to each other.
Each installation of Mastodon (called an “instance”) can communicate with any other instance. People who have signed up at Mastodon.social can send an @-message to me over at infosec.exchange, for example.
The really exciting thing about these new federated services is that radically different social networks can see and talk with each other, provided they use the same open-source ActivityPub protocol. For example, a Mastodon user is developing an Instagram clone called Pixelfed that will someday federate with Mastodon accounts. When you log in to your Pixelfed account, it’s just like Instagram with its own internal posts and followers. But a Mastodon user could follow my Pixelfed account and see my posts in their Mastodon feed. There are ActivityPub-powered replacements for YouTube, Medium, and GrooveShark currently in various stages of development.
In addition to being open source, federated social networks are difficult to monetize. Because they’re a network of networks and not just a single service, like Twitter or Facebook, no one organization can get a view of what happens on the federated network.
Federated social networks are, for the most part, still works in progress. But the concept is exciting and pushes back against the idea that people need to surrender their data in order to have the kind of experiences we’ve come to expect online.
Despite trying to limit my data footprint as much as possible, I found some challenges I just could not overcome. My shipping address, for example, is a very obvious piece of personal data that I have to give out on a fairly regular basis. I could open a post office box—but home mail delivery is something I can’t live without.
While I endeavor to use a VPN wherever possible, I have not gone so far as to install one on a router and hide all my devices behind it. That means that my handful of smart devices and video game consoles at home aren’t being encrypted. My ISP has no doubt noticed how much Netflix streaming I do and how much time I’ve spent generating PlayStation network traffic.
I’ve also tried to hide my online payments as much as I can, but I have not gotten rid of PayPal or Venmo. These services are just too big a part of my life, and ignoring them would mean that I wouldn’t get paid back or be able to easily pay back others.
I resisted Spotify for a long time, but I gave in a few years ago. I don’t regret it, but I know that this company is extremely aware of what I listen to. It’s just too difficult to say no to the enormous catalog it offers, and loath as I am to say it, I’ve actually found Spotify’s music recommendations enormously useful.
I also continue to use my Google Home. This is my greatest privacy shame, because I know I don’t need it. I also know it records whatever I say to it and sends that back to Google for processing. I’ve even listened to these recordings in the Google Home app. And yet I have three of these devices in my house.
And despite my railing against their data-gathering practices, I haven’t deleted my Facebook or Twitter accounts. In the case of Twitter, it’s professional pressure and the unusual sociopolitical moment we Americans find ourselves in. For Facebook, it’s the implicit peer pressure against suddenly vanishing from the world. It’s almost like if I were to remove myself from Facebook, I would be removing myself from the minds of my friends and family. And while I wish advertisers would forget me, that’s too high a price right now. ■