When I sat down for my last article about trends in technology, I had no idea how impressed I would be with the growing trend associated with the Internet of Behaviour. The more I dived into the topic, the more frightening it became to me what companies may know about us and how they can influence our reality. Tracking location, recognizing faces, performing operations on large data sets, or combining that data with related behavioral events. Of course, all to serve us better and more specific ads. But is it really so? Is it safe to collect such amounts of data about us?
Would you like your friends to know what you are talking about at the moment, where you are, what you are doing, what you are looking for, when or how you are arguing with your relatives, or what extreme emotions you are experiencing at the moment? Or what website are you currently visiting, and what content are you viewing? Why do you share this information with unknown companies and strangers who work there?
Billions of people unknowingly share data about themselves and are unaware of how much information corporations have about them. These corporations, sometimes, sell it on – in extreme cases, even to governments.
However, a conscious part of people shares their data voluntarily, under the idea of “I have nothing to hide”. This approach is a huge mistake.
Privacy is a right granted to every individual. Privacy underlies freedom of speech, association, and assembly. All of these are essential to a free and fully democratic society.
Claiming that you don’t care about privacy rights because you have nothing to hide is no different than saying that you don’t care about free speech because you have nothing to say.
Internet security and anonymity are not only to prevent strangers from accessing the love letters we write, intimate photos, or purchases we make online. It’s also about the kind of society we want to live in and how companies will influence the world around us. With unlimited access to data about society, it is easier to manipulate it. Additionally, the amount of information increasingly finding its way into the public space regarding leaks of our private data or fraudulent practices by large corporations does not fill us with optimism.
Table of contents
- Security and anonymity on the Internet
- Data breaches
- Why privacy matters
- The data we leave behind on the Internet
- How to become anonymous on the Internet
- Use private mode
- Stop using Google, Yahoo and Bing
- Stop using certain tools
- Hide your IP and location
- Change your email provider
- Change your instant messenger to Signal
- Change browser
- Install additional tracking script and ad blockers
- Avoid leaving your browser fingerprints
- Take care of your passwords and use a password manager
- Change the privacy settings in your operating system
- Change your phone’s privacy settings
- Set up two-factor authentication
- Use TAILS to leave no trace behind
Security and anonymity on the Internet
When surfing the Internet, you may feel that you are alone. However, in reality, everything you are doing, browsing, clicking, searching, and watching is visible to others and “recorded”. The websites you visit store detailed information about each user. Internet providers monitor and record logs about all their customers. Even browser plug-ins or operating systems collect and share information about your daily habits.
The simplest and most accurate way to identify a particular person on your network is to track his or her IP address. Every device connected to the network gets this unique address when it logs to the Internet. Another way is the unique fingerprint of your browser. This is a more complex but equally creepy method of tracking people. It is used to compare various data such as resolution, language, browser, time zone, plugins, and hundreds of others, things that the browser is happy to share with every website it meets.
When I looked at the report on the Privacy Rights website, I found that the list of data breaches in the United States reaches almost 20,000 items (as of the date of writing this article). There are sorts of data and lots of information about millions of people on the list. Additionally, Cybersecurity Ventures predictions indicate that companies in 2021 will fall victim to a ransomware attack every 11 seconds.
On Wikipedia, we can find a shortened list of some of the biggest data leaks involving services or companies that most of us use.
Why privacy matters
The more knowledge and information someone has about us, the more power they can have over us. The data we use every day are not only used to make important life decisions but can also be used to influence those decisions and our behavior. Data can also be used to damage our reputation and as a tool to control us. In the wrong hands, data can be used to cause harm intentionally.
Privacy is not our privilege but a binding right. Respect for another human being requires respect for their personal privacy.
Losing control over our private information is, in a sense, losing control over our own lives and our dignity. If we have a legitimate desire to keep something private, no one should take it lightly.
Privacy, among other things, allows us to manage our reputation and how others judge us. It affects our professional and private lives. It helps us protect ourselves from untrue and erroneous judgments. Knowing the details of our lives, especially the residual ones, can lead to hasty, erroneous judgments or analyses.
There are many reasons why disclosure of confidential data can harm us. Perhaps ours will come to light:
- medical records,
- court records,
- financial records,
- bank statements,
- credit card numbers,
- or other data we never wanted to disclose.
They can also be:
- psychological testing,
- interviews with other people,
- private photos,
- websites we visit on the Internet,
- and various other sources that contain many intimate details.
It’s very uncomfortable, especially when, for example, we do various, maybe even morally questionable, things in our youth that we regret over time. Or we send our photos to someone close to us, and then they end up in the hands of the people we work with because someone hacked into our Messenger.
By maintaining the right to confidentiality, we can protect ourselves from lies or have surrogate control over what we want the outside world to know about us.
Violating privacy boundaries can create awkward social situations and harm our relationships with other people. Some of us may have views that differ from others and want to keep them fully for themselves. We don’t want it to affect our family, friends, or perceptions at work.
Additionally, our personal information is extremely important to our entire lives. They are used to getting a loan, buying a home, getting a driver’s license, getting a job, making an investment, or buying a plane ticket, and whether we will be allowed to fly or even searched at the airport.
This data even affects what content we see on the Internet and what search results appear to us on Google, Bing, or Yahoo. What we read or watch has a huge impact on our perception of the world, and the influence on the content being displayed may prevent us from exploring information outside of what is presented to us.
The data we leave behind on the Internet
Many threats are lurking on the Internet. Our data can end up in the hands of unauthorized people, or someone can impersonate us.
It is important to remember that being completely anonymous and safe is extremely difficult and, unfortunately, even (or certainly) impossible.
In addition to large corporations and hackers, some national intelligence agencies, like the NSA, are interested in our private data, conversations, or what we do. They can, for example, intercept and manipulate traffic all over the Internet.
As the data shows, since 2001, the U.S. government, with the help of telecommunications companies, has engaged in massive and illegal surveillance of the national telecommunications and call logs of millions of Americans. I recommend the Snowden video, which tells this true story in simple terms.
Agencies can, with high probability, collect basic information about all Internet users. However, it is almost impossible to store all this data for a fixed period of time, so if agencies have to work on something, it’s certainly based on specific criteria. This kind of surveillance is very visible in China and the United States, and unfortunately, it has already become an everyday reality.
Data collection can be used, for example, to prevent prohibited activities. However, it can also be used to collect, catalog, and monitor a specific group, e.g., according to religious views, political views, social circles, etc.
How to become anonymous on the Internet
Let’s say you’re a journalist and you’re working on an article or doing something that might attract someone’s attention. Or, you’re just a regular car fan, and you accidentally go to a website to find specific information and end up in the wrong place. By doing this, you inadvertently share data that can help track your further online activities or identify you.
Some time ago, I successively tried to block the possibility of tracking what I do (unless I share something consciously on social media), and today, I would like to share how to turn on your anonymity in a simple way.
Use private mode
When you visit a website, you leave behind yourself a footprint. It can by your IP address or/and cookies. Cookies files are stored on your local computer. Depending on how many websites you visit, they can store small or large amounts of data. This enables websites to provide information and content tailored to your needs.
If you are logged into your Gmail or FB account, a site that uses Google Analytics or Facebook’s Pixel can acquire additional data about you. When you enable private mode in a browser, you can “start using the Internet from scratch”. This is the first and easiest thing you can do to make your Internet usage a little more anonymous. All temporary files, saved data, cookies, etc., are deleted when you close this mode. Thus you will be logged out from everywhere when you finish using it. Of course, using the private mode while you are logged in to your Google account, using Chromium, or using the same IP address won’t help us. Mainly because Google knew your IP address before and still knows who dealing with. If we log into our Google account, all our data are still on a platter.
You may have come across many times where Facebook shows you an ad for a new laptop you searched on Google the day before, or YouTube knows what video you have watched on your new phone. Cookies files can be used to create a unique fingerprint from the data collected by your browser.
Browsing and searching for information in private mode help you avoid this. All modern browsers have a private browsing feature, even on mobile. Of course, ISPs may still be able to track all browsing activity, but the data on our local machine will be much more secure.
Stop using Google, Yahoo and Bing
Google, Bing, and Yahoo are the most popular search engines on the Internet. They collect huge amounts of data about their users for service and personalization purposes. Especially when we are logged into our account on these portals, Google and Bing can also collect important data such as device location, device information, IP address, and cookie data. To avoid tracking while searching, I heartily recommend using DuckDuckGo, and if you are interested in privacy issues, their Spread Privacy blog.
Duck Duck Go is an independent search engine that does not store its users’ search results or personal information. It does not give personalized results as Google does, and everyone who searches sees the same results. It also keeps you from being the target of targeted ads.
In the extreme case if you can’t change to another search engine, log into your Google account, click on the “Data and Personalization” option, turn off ad personalization, YouTube history, and storing your location. Digging deeper into your account, you’ll also find a history of searches, pages, what you’re doing, some information about your phone, or brands that are tracking your activity in your Google account (you can block them one by one).
Stop using certain tools
Gmail can read every email we send and receive. Google’s Office apps and competitor Office365 can scan everything we write. DropBox, on the other hand, opens and analyzes what you send. All three of companies I mentioned (among of others like Facebook, Yahoo, YouTube, Skype, AOL), according to documents revealed by Snowden, cooperated with programs for mass monitoring and surveillance of people.
I recommend familiarizing with the term PRISM. At the request of the NSA, Internet companies agreed to provide data contained in electronic letters (e-mails), all data stored on the disks of Internet providers (including photos and video), data transmitted as files, data via Internet telephony (VoIP), video conferencing, chat rooms (also voice and video), data collected by social networking sites, as well as logins. The data revealed by Edward Snowden also shows that, for example, American services tapped the phone conversations of many German politicians. The disclosure of these documents came as a shock and led to a crisis in German-American relations.
Hide your IP and location
Another important and simple thing you can do is to hide your IP address. If someone has access to it, they can easily determine the server’s geographic location that serves that address and get your approximate position.
I remember how we used the IP address database when we were developing the application, which allowed us to locate a street where a user was on.
To hide the IP address, you can, for example, use a Virtual Private Network (VPN). A VPN is a private, encrypted network that “tunnels” your connection to the websites you use and thus “masks” your IP address.
For this purpose, you can (if you don’t already use it), completely free of charge, switch to the
Opera browser (it’s a kind of Chromium, devoid of tracking elements ) (edit: due to the growing controversy over the Chinese takeover) Firefox browser and use its built-in VPN mechanism (but I’d be careful about what information I’m looking).
Getting back to the topic, I personally recommend using a dedicated VPN solution provider (just don’t use the one from Google!). You can find their comparison here. Personally, I use ProtonVPN (there is also a free version, but it doesn’t give you all the possibilities), which besides traffic masking itself, automatically blocks tracking scripts, ads, and servers with malware. Additionally, it protects DNS queries. By redirecting them through an encrypted tunnel and avoiding external providers, it prevents the disclosure of network activity due to query leaks. DNS (Domain Name System) is what makes browsing the Internet so easy. Its job is to translate the page names that you type into your browser into IP addresses. In other words, DNS translates long, complicated webserver names into human language. And, of course, the other way around as well. Thanks to that, you can type trojanczyk.eu and not 18.104.22.168 in your browser. As a curiosity, I will mention the fact that Google also promotes its own DNS servers as fast and reliable, which I cannot disagree with. However, before using them, we should ask ourselves why they do it and do we really want to share with them everything, even that we don’t even search in Google.
Modern VPN service providers give you the option to choose a server anywhere in the world. Thanks to this, you can pretend that you are currently in Poland, Lithuania, Estonia, or Canada. Another plus is the possibility to use services that are not available in our country (due to their geolocation blocking, like Netflix in the past, or now Disney+ and HboMax). Additionally, you can tunnel your connections through several VPN servers simultaneously (this makes analyzing your data and where you are even more difficult).
It is also worth installing this service on the smarthphone we use.
In addition to VPN, you can also use the TOR (The Onion Router – a network of virtual tunnels) network to browse the Internet anonymously. TOR prevents analysis of network traffic and consequently provides users with almost anonymous access to Internet resources. Browsing the Internet with TOR is similar to simultaneously using hundreds of different proxy servers randomized periodically. Using it is completely free and super simple. TOR uses cryptography and multilayering encryption on the messages sent and becouse of that it ensuring the confidentiality of data transmission.
To enjoy the benefits of this network, you can use the TOR web browser or switch to the modern Brave browser (it’s Chromium, without the tracking scripts), which has TOR support included in the package.
Interestingly, the TOR is a network that gives access to the Dark Net (part of the Deep Web) and its resources. It’s a deliberately hidden part of the Internet that can only be viewed using special software (such as the aforementioned browser). But I’ll write about that some other time. And once you’ve connected to this network, you can look at the Wiki hidden from the world (without the TOR network, you won’t see anything).
Change your email provider
I don’t know if you still use email on Gmail or Yahoo, but I strongly recommend switching to a more secure solution if you do. Use an email service that offers encrypted options as a standard feature and prevents access by third parties. These include Tutanota, ProtonMail, MailFence, and SecMail. I personally love using ProtonMail and the additional services they offer. Among others, encrypted calendar, contacts, and secure cloud drive that fully encrypts the data contained therein (a replacement for Google Drive, OneDrive, or DropBox). Additionally, there are no ads or unsolicited emails, and it is mathematically impossible for others to forward or read your emails.
Change your instant messenger to Signal
Using proxies, VPNs and TOR will mask your real IP address from outside, but using instant messengers is a different matter. Messenger, Hangouts, Skype, Teams do not provide us with full security of transmitted messages. Remember that companies can share your conversations with various agencies and governments. That’s why you should switch to Signal messenger, which is a best-in-class app for sending encrypted messages, including voice calls. It looks like any other message app, but it has real encryption machinery hidden inside. Not surprisingly, it is used by politicians, for example, to send top-secret messages to each other.
You can find a detailed comparison of various instant messengers like Signal, WhatsApp, or Telegram, here in the form of a table.
In addition, it is worth noting the following list, which shows how much information about us is collected by communicators other than Signal.
CChrome now handles over 60 percent of all web traffic. That’s too bad because Google uses Chrome as a kind of window through which it peeks at your every online activity. Unless you change your privacy settings with Google, Chrome will also record every site you visit. To make matters worse, Chrome does virtually nothing to block third-party tracking scripts or allow device fingerprinting. An article in the Washington Post stated that Chrome collects about 11,000 “trackers” on average each week. You have to ask yourself if you still want 11,000 pairs of eyes watching what you do and watch online?
The Brave browser is built on top of Chromium (the open-source software The Brave browser is built on top of Chromium (the open-source software behind the Chrome browser), which means Chrome users won’t have any trouble switching over. Unlike Chrome provided to us by Google, Brave does not collect any data about our activity. Our data remains private and resides only on our devices. Brave also blocks tracking scripts, all third-party cookies, and advertising cookies as standard. The built-in HTTPS Everywhere protocol ensures that all connections are securely encrypted. Brave also features browser fingerprint protection.
Install additional tracking script and ad blockers
I also recommend installing an ad blocking plugin such as uBlock Origin to your browser, and after installing it visits the page with extra filters. We can find there additional blocking rules e.g.:
- outdoor advertising,
- affiliate links,
- sMS scams,
- tracking scripts,
- information collectors,
- anti-adblocking scripts,
- unnecessary, disruptive and potentially dangerous elements,
- sponsored articles,
- known mobile ad networks,
- cryptocurrency mining scripts,
- scripts that cause increased CPU usage and slow down your computer,
- and much more.
All of this will definitely improve your security. Other than that, you should definitely use Privacy Badger or the app (not to be confused with the search engine of the same name) provided by Duck Duck Go.
To see what information is collected by some websites and what you should protect yourself from, you can take a look at the Terms of Service; Didn’t Read.
Avoid leaving your browser fingerprints
Browser fingerprinting is a method that relies on activity matching to identify individual users.
This method can be used to track a specific person online. Even using a VPN may Unauthorized persons can use this method to track a specific person online. Even using a VPN may not help much here. It’s a bit like taking a fingerprint from an object we touch. At first, you don’t know who the fingerprint belongs to, but you need to compare it with a fingerprint database to find the owner. This is exactly how it’s done on the Internet: cataloging and bulk collecting browser fingerprints so they can be analyzed to reveal the person’s identity.
To test your browser for security, you can use Cover Your Tracks or AmIUnique.
Take care of your passwords and use a password manager
It is very dangerous to use the same password for all websites you use. We should make ensure that the passwords we leave are unique for each service we log on to and contain about 16-20 characters, including uppercase and lowercase letters and special characters. Thanks to this, a leak of our data from one of them will make it impossible to log in and take over our identity.
Because, on average, each person would have 70-80 passwords to remember, memorizing them all proves to be impossible. Therefore, as a result, many of us reuse the same old passwords or rely on passwords that are easy to remember but thus equally easy to guess.
A password manager will allow you to generate unique passwords for each service, encrypt them, and then have them available under one master password. You can use LastPass, NordPass, RoboForm, or many other solutions. You can find a comparison of them here.
If you don’t use this option yet, you need to start, even with the free KeePass. Just remember to set a secure master password and don’t forget it.
Change the privacy settings in your operating system
The operating system on your computer sees and knows everything literally. For example, when an application wants to read something from your local hard drive, communicate with the world, connect to the Internet, display something, or ask you a question, it uses the operating system. Those actions allow the system to analyze what you are doing, and it must do so for the action you want to perform to be completed. To ensure the basics of your computer’s security, you should always keep your operating system and installed applications updated. You should install antivirus, enable firewall (firewall/firewall – one of the ways to protect your network and systems from intruders), cover the camera you use, and enable disk encryption (Windows, MacOs, Linux ). However, it is also worth taking care of additional settings related to our privacy and what our system can share (with our permission) with the outside world.
In Windows, press the start menu and start typing “privacy settings”.
In the general settings, disable all possible options ie:
- allowing sites to share content relevant to your location
- using an advertising content identifier
- tracking application launches
- suggested content
Also, disable the personalization settings for handwriting, speech, action history, and in the diagnostics tab, do not allow optional diagnostic data and customized environment to be sent.
It’s also a good idea to review all the other privacy settings in Windows to see what applications have access to our location (which is best to turn off altogether), camera, and microphone
Apple shot itself in the knee when it was revealed that Siri shared particular small snippets of conversations with third parties. The justification for this action was alleged to improve Siri’s service and accuracy. As a precaution, on your Mac, in “System Preferences” under Security and Privacy >Privacy>Analytics and Enhancements, uncheck the ability to share data with Apple.
Then go back a little higher and review all privacy settings, disable sharing of crash data with developers, and diagnostic and usage data. Turn off location and also prevent ad scripts from tracking you. Apart from that, there are many different fields like contacts, camera, disk access. Click on each item and see what applications have access to system functions or devices and revoke rights to those you are unsure of or those you don’t want them to have access to.
Change your phone’s privacy settings
In the case of phones, we focus mainly on not losing them, while we pay little attention to what we have installed on them and what services we allow to track us.
Unfortunately, we have to admit that using cell phones gives us absolutely no privacy. Take the first article on the news that “Secret Service bought phone location data from apps” or the one describing that Google’s biggest smart display, the Nest Hub Max, includes a controversial feature that watches what we do. That’s just the icing on the cake. I recommend you look here and also check out the Google Data Collection publication.
The Washington Post published an article indicating that iPhone apps that use tracking scripts collect and share about 1.5 GB of data / 30 days. Apps like ProtonVPN or Jumbo can stop at least in part such tracking. Additionally, what we can do is, change the privacy settings of our operating system.
It is also good too:
- enable screen lock,
- not use off-the-shelf USB chargers, e.g., in special devices or airports,
- keep all apps up to date,
- enter application permissions and track what each application is allowed to do,
- disable location,
- disable Bluetooth – here’s why,
- install VPN (just like on our computers),
- change the default search engine to Duck Duck Go,
- install antivirus,
- use a password manager,
- enable device encryption,
- disable voice assistants and background listening,
- change the messaging app from Messenger and WhatsUp to Signal (this one is the best – see above), Wire or Telegram.
Set up two-factor authentication
In all possible services, you use you should enable two-factor authentication. This way, we have to certify every login with a specially generated code, making it less and practically impossible to log in even if someone knows our password. You can do this on Facebook, Twitter, ProtonMail, Instagram, Google, Microsoft, and many other solutions.
Use TAILS to leave no trace behind
For example, when you’re a journalist, and you contact your source or look for something in secret from the whole world, and you want to cover your tracks, use TAILS. It’s an operating system that runs off of your flash drive and prevents your personal information in your operating system from being accessed to track you down. Windows and macOS are horrible when it comes to storing data that can be used to identify us. Linux is much better in this regard, and it makes it easier to separate the user of the system from the device they are using. But for real privacy, it is worth getting interested in the TAILS system. It is an entirely free and safe operating system. Just run the installer and follow the instructions on the screen. You can read about how Tails works and how it encrypts your connection on the official site.
The world as we know it is changing dramatically. The same is true of modern technology and the Internet we use. The network that was supposed to give us all freedom is slowly becoming a tool for surveillance of its users. Maintaining privacy in it is becoming increasingly difficult even in the privacy of our homes.
Not surprisingly, even Tim Berners-Lee, who is called the creator of the Internet, is unhappy with the technology’s direction. Tim has long warned of centralization and monopolization of the web. According to him, today’s virtual world is created and controlled by technology giants, and their power over public opinion is growing stronger every day. He has even started a start-up (in collaboration with MIT scientists) to create a “new Internet” that will redress the balance of power.
Maintaining privacy and anonymity on the Internet is something we should definitely lean on in the time to come.
https://coveryourtracks.eff.org/ https://justprivacy.org/google-alternatives/ https://teachprivacy.com https://www.theguardian.com/world/interactive/2013/nov/01/snowden-nsa-files-surveillance-revelations-decoded#section/1 https://www.theguardian.com/australia-news/2015/sep/10/green-lawfare-voters-feel-coalition-is-trying-to-silence-environment-groups https://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying https://www.theguardian.com/australia-news/2015/sep/10/green-lawfare-voters-feel-coalition-is-trying-to-silence-environment-groups https://www.theguardian.com/uk-news/2015/feb/17/thousands-sign-privacy-international-petition-discover-gchq-spying https://www.eff.org/nsa-spying https://digitalguardian.com/blog/history-data-breaches https://privacyrights.org/data-breaches https://us.norton.com/internetsecurity-privacy-data-breaches-what-you-need-to-know.html https://www.identityforce.com/blog/2020-data-breaches https://www.thesun.co.uk/tech/10480912/google-chrome-incognito-mode-safe-private/ https://en.wikipedia.org/wiki/List_of_data_breaches https://pl.wikipedia.org/wiki/Tor_%28siećanonimowa%29 https://niebezpiecznik.pl/post/nie-nikt-nie-zlamal-signala/ https://news.ycombinator.com/item?id=22402707 https://www.digitaltrends.com/computing/how-to-be-anonymous-online/ https://www.washingtonpost.com/technology/2019/06/21/google-chrome-has-become-surveillance-software-its-time-switch/ https://protonmail.com/blog/best-browser-for-privacy/ https://tosdr.org https://www.csoonline.com/article/2975193/9-steps-completely-anonymous-online.html https://en.wikipedia.org/wiki/PRISM%28surveillance_program%29 https://gizmodo.com/confirmed-nsa-paid-google-microsoft-others-millions-1188615332 https://www.komputerswiat.pl/artykuly/redakcyjne/program-prism-amerykanskie-sluzby-maja-internet-na-podsluchu/xlqq8b1 https://www.washingtonpost.com/technology/2019/05/28/its-middle-night-do-you-know-who-your-iphone-is-talking/?noredirect=on https://www.vice.com/en/article/jgxk3g/secret-service-phone-location-data-babel-street https://www.theatlantic.com/technology/archive/2019/01/apples-hypocritical-defense-data-privacy/581680/ https://innpoland.pl/146833,nowy-bezpieczny-internet-tworzony-przez-ojca-internetu-tima-barners-lee https://antyweb.pl/whatsapp-bedzie-udostepnial-dane-wszystkich-uzytkownikow-facebookowi/ https://ec.europa.eu/commission/presscorner/detail/en/IP_17_1369