Privacy Under Attack
Even though it’s almost 40 years late, it can feel like we live in the dystopia of 1984, where everything is under surveillance. Governments all around the world monitor their citizens’ online activities under the guise of “national security.” Everything a regular person does online can be watched.
Internet service providers (ISPs) watch you as well. All your internet traffic goes through their servers, with nothing to stop them from monitoring and selling that information.
There are also data brokerage companies, which are potentially the worst offenders here. Data brokers aim to gather your personal, sometimes sensitive data, in order to sell it to marketing companies. In most cases, that data will be used for targeted advertising, but you never know where it will end up.
Our tips will help you make sure they have as little data on you as possible.
Can a VPN Protect Online Privacy?
While a virtual private network does protect your online privacy to an extent, it’s not the sole solution to all privacy issues. That being said, you should still use a VPN whenever you’re online.
A VPN will tunnel your connection through one of its servers, adding end-to-end encryption and keeping it private from your ISP and other prying eyes. VPN providers can also help you fake your location if you’re trying to access a website that’s only available in a certain region.
There are plenty of VPNs to choose from, but some of our favorites are ExpressVPN, NordVPN, Surfshark and Windscribe. We have a complete list of all the best VPNs if you want more detailed suggestions, and we’ll dive into a few more details in this article as well.
Threats to Privacy
What do we mean when we say that your private online activities are being monitored? We’ll dive into some of the most common threats, and discuss how you can protect yourself.
Tracking & Browser Fingerprinting
Browser fingerprinting is a simple yet effective way of gathering information about the browser and device someone is using to access a website. It gives the website information about your web browser type and version, but also about your operating system, active plugins, screen resolution and other settings.
While these data points might seem generic, the chances of them matching with someone else are 1 in 286,777.
AmIUnique is a tool that demonstrates how a browser fingerprint works to grab identifying information using just your browser.
Browser fingerprinting is usually used by websites in the context of cybersecurity, where certain configurations may point to malicious user intent. For example, fingerprinting can detect if someone is using spoofing tools, which raises flags as to what that someone is doing on the website.
There are several ways to prevent websites from identifying you via browser fingerprinting. The easiest one is to use your browser’s private browsing mode, which limits access to cookies and extensions. Other options include a browser extension such as Privacy Badger (we have more suggestions in our list of free privacy tools), as well as disabling Flash and JavaScript and using a VPN.
Public WiFi
The very thing that makes a public WiFi network attractive also makes it susceptible to security breaches. Public WiFi requires no authentication to establish a connection, which means that hackers — and anyone else with malicious intent — can easily gain access to other devices on the same network.
This also means they can intercept any information you send during your web browsing session.
To protect yourself against this kind of attack, always use a VPN when connecting to a public WiFi network. A VPN will add end-to-end encryption to your connection and keep your data private. It will also hide your device’s real IP address, reducing the chances of unauthorized access.
Your Internet Service Provider (ISP)
Most people pay their ISP for the ability to access the internet. Many ISPs have a second way of making money: using their control of your connection to collect and sell private user data. When you consider that all of your traffic goes through your ISP’s servers, you’re basically handing it to them on a silver platter.
Instead, you should tunnel your connection through a VPN server. A VPN will encrypt data and make sure your ISP can’t see anything you do online. In addition, if you have an opportunity to do so, pick an ISP that respects your privacy by reading reviews left by real users before you sign a contract.
Browser Hijacking
Browser hijackers disguise themselves in seemingly harmless links and downloads, but if you get them on your machine, they can install adware, spyware and a variety of other harmful pieces of software.
There are two ways to prevent a browser hijacker from gaining access to your system. The first one is to be careful with the links you click and files you download — if you aren’t sure about something, it’s better to steer clear. Suspicious links may use strange character strings or shortened URLs that disguise their real intentions.
The second one is to install a reputable antivirus software that will locate and remove the hijacker. A real-time antivirus will warn you that a hijacker is on your system, and give you the option to swiftly remove it.
Protecting Your Privacy: Other Methods
If you want to make sure your personal data is covered on all fronts, there isn’t a magic bullet solution that protects you from every possible problem. Instead, we recommend that you combine several tools and practices to make sure your digital privacy isn’t compromised.
1. Use a VPN
Using a VPN is the best thing you can do to protect your data security. There are plenty of VPNs to choose from, such as the best VPNs for public WiFi networks, the best VPNs for banking and the best VPNs for mobile devices. A VPN’s end-to-end encryption ensures that your data remains private, regardless of who is snooping, and hides your real IP address from websites you visit.
There are far too many VPNs to choose from, but some of the most reputable ones include ExpressVPN (read our full review), NordVPN (which we also reviewed) and Surfshark (full review here). All three are excellent options, and you can’t go wrong with any of them if you want to make sure your internet access is secure.
ExpressVPN is our go-to recommendation for a VPN provider.
2. Use a Password Manager
A password manager securely stores your passwords, so you don’t have to remember them. Password managers offer several advantages: You can create much more complex passwords, since you don’t have to remember them anymore, and you can use their password generator to create secure passwords that are near impossible to guess.
Most password managers also offer the ability to store credit cards and other important information, and their data is always encrypted and secure, with most including two-factor authentication for added security.
A password manager lets you use a different password for every account without the need to remember every password, which makes you less vulnerable to a data breach. In addition, the password generators tend to create very strong passwords that are almost impossible to guess, even with brute force.
There are plenty of excellent password managers out there, including options for Mac users and for iOS devices. The most popular ones are Dashlane, which we have reviewed, as well as 1Password (read our 1Password review) and LastPass, which you can find out more about in our LastPass review. The three come at different price points, but are all excellent picks, so you can find one that fits your needs and your budget.
3. Use an Antivirus
An antivirus is essential security software that protects you from malware, spyware, adware, ransomware and keyloggers, all pieces of software that aim to harm your device and data. A real-time antivirus runs in the background constantly, whereas an on-demand scanner requires you to run it every once in a while, so it scans and removes malware.
We have a list of the best antivirus software with several options, where Bitdefender came out as a winner, and you can read our Bitdefender review to find out more.
Malwarebytes is a solid free antivirus, but if you can afford it, a paid software will almost always perform better.
4. Back Up Your Data
Regardless of how much you try to protect your data and devices, it may happen that you miss something and your data gets deleted. A backup will solve that issue by keeping another copy (or two) of your data in a different location — usually in the cloud. A cloud backup solution is an efficient and cost-effective way of making sure you always have your data available.
Ransomware is a huge threat to user data, with attackers using malware to extort you over the internet. If you have copies of all your data, ransomware can’t do much, since you can let the attackers delete your files and download the backed-up versions. You can find out more about how ransomware works in our What Is Ransomware? piece.
If you’re a Windows user, check out our list of best cloud backup solutions for Windows. If that’s not your operating system of choice, our best online backup services list offers alternatives that work on multiple operating systems. Overall, the best choice is IDrive, which combines a huge number of features with a well-designed client. Read our full review here.
5. Use Data Removal Tools
Data removal tools, also known as data privacy management software, help you manage how much of your personal data is available online. Data brokers gather your personal information and sell it to advertisers. However, you can automate the process of removing that personal information from data brokers’ websites with these data removal tools.
We have a roundup of the five best data privacy management tools, but Incogni, which we reviewed, takes the cake. It’s affordable compared to the competition, and makes removing data collected by brokers a breeze. Alternatively, you could look into IDX, as well as DeleteMe, which are both excellent substitutes.
Incogni has a useful dashboard that shows you how many of your data removal requests are complete and how many are still in progress.
6. Use Browser Privacy Extensions
If you use Chrome or Edge as your primary browser, you should know they aren’t particularly privacy focused and don’t do much to keep trackers and ads away from you. There are, however, browser extensions that keep your sensitive data private and out of the reach of data brokers. Such extensions are usually available for almost all browsers.
If you’re a Google Chrome user, our list of the best Chrome privacy extensions is a great starting point — Privacy Badger and Ghostery are two options to consider. Alternatively, check out our list of the best browser security extensions that should work on all Chromium browsers, as well as on Firefox.
7. Use a Private Search Engine
It’s no secret that Google’s search engine isn’t exactly private, and it’s disastrous for data security. The company has a spotty track record of handling user data, which we talk more about in our Google Chrome review. Instead, there are multiple Google alternatives that emphasize privacy.
DuckDuckGo is one that instantly springs to mind, so we reviewed it as a more security- and privacy-oriented alternative to Google. It’s based on a search engine that doesn’t store identifiable user data, making it a more private option.
Startpage has a similar modus operandi, and doesn’t track your IP address or search history, making it another great alternative.
DuckDuckGo is the go-to option if you’d like to avoid Google and its data tracking habits.
8. Be Careful on Social Media
Last but not least, being careful what you post on social media can go a long way toward keeping your data safe. What may seem like a harmless post can expose you to numerous dangers. Attackers may pose as your friends and gain valuable information that, down the line, can be used for social engineering.
To begin with, purge friends and connections you don’t know from your online accounts. Set them all to private, and make sure no one you don’t explicitly approve can see your information. Never post sensitive personal information if there’s even the slightest chance of someone you don’t trust finding it. Of course, data breaches do happen, but why make it easy for hackers?
The best thing you can do on social media and instant messaging apps is to only use them with a small circle of friends and acquaintances you actually know, rather than accept friend requests from anyone.