Presentation Update: The Death of Privacy, First Few Steps Towards Anonymity

This is a follow-up to my presentation in class about Social Media and the Death of Privacy. After the presentation, and in the comments, a lot of people asked what specific steps they should take to ensure their data is secure. Through this blog I intend to, hopefully, provide the first few basic steps that anyone can and should take towards ensuring their privacy on the internet. This is a continuing list from after the takeaways from the presentation. Some of these are very basic and hence provide very basic protection but if used in conjunction with others in the list can be very useful to protecting your data.

Edward-Snowden-meme-quote

Now that we know the NSA is watching our every move online, it seems almost pointless to try and avoid it. But try we do, as a new data suggests from recent surveys.

Eighty-six percent of U.S. Internet users have, at some point and at least once, used some method to cover their tracks online. Problem is, even as solid majorities say people should be able to surf the Web anonymously, not many of us are confident that that’s possible. Just 37 percent of U.S. Web users say complete anonymity can ever be achieved.

The good news is that there’s a big gap between people’s expectations and what most have already tried.
Cache-clearing and cookie-disabling is a fairly common behavior. But for whatever reason — inconvenience, maybe, or unfamiliarity with the tools — the share of Americans that have tried protecting their privacy in other ways is pretty low.

So what can be done? Here are a few options that don’t involve cracking open a computer science textbook.

Use Start Page instead of Google. It takes less than 30 seconds to setup ‘Start Page” as your default search engine. To refresh your memory, start page is a search engine that uses Google but it makes your searches anonymous and makes it impossible for anyone to keep track of your search history. Except maybe the NSA ( I wish I could say this is a joke)

https://www.startpage.com/

Encrypt your e-mail. This is by far the scariest-sounding technique, but if you have a set of step-by-step instructions, you’ll be up and running in no time. The basic idea is that for every e-mail account you own, you can create a set of public and private keys that will turn your plain-text e-mails into unreadable gibberish.

mckmama-meme-generator-complains-about-lack-of-privacy-posts-address-and-phone-number-on-the-internet-c82be4

Encrypt your chats. Instead of using texts, Hangouts or Facebook Messenger, try switching to a chat application that supports encryption out-of-the-box. A lot of people on Windows prefer Pidgin (the Mac analogue is called Adium). Illustrated instructions for setting up your first encrypted chat can be found here (Windows) and here (Mac). Other messaging clients such as Whatsapp have now started providing end-to-end encryption for all texts. Whatsapp is available on IOS, Android, Blackberry, Symbian (Nokia) and Windows phone. Its also available on your desktops through Whatsapp Web.

Enable incognito mode on your Web browser. Most browsers come with a private browsing or incognito mode that won’t log your search or browsing history and won’t retain cookies that sites use to track your behavior. While it won’t encrypt the traffic you send over the networks, it’s a good way to hide your activity from others who might use the same computer later.

Use a traffic anonymizing service like Tor. Tor routes your traffic through the Web in ways that makes it very hard for someone else to track. When the service is turned on, your Internet traffic looks to outsiders like it’s coming from one of Tor’s exit relays, which can be located anywhere in the world (read: not where you are). You can download Tor here.

images
Pay for a private VPN. This option is a lot like using Tor in that your Internet traffic is masked, but depending on your provider, it could come with more features. For the privacy-conscious, TorrentFreak quizzed a number of VPN providers on how they operated their business and only listed those that returned satisfactory answers.

main-qimg-bc843fdeff1b7996bef29059ab5e65f4

Use a password manager. This is piggybacking over Jonah’s presentation but this is crucial. Part of the point of encrypting your Internet traffic is to reduce the likelihood of someone gaining the passwords to your online accounts. So why not beef up the security of those accounts in the first place? As Microsoft’s Troy Hunt writes, the strongest password is the one you can’t remember. To help you keep track of them all — and you’ll have a lot, if every password is different — use a password manager like LastPass or 1Password. Browser extensions, integration with Dropbox, mobile versions and strong-password generators are all examples of features that help make these tools less of a burden and more useful.

Hopefully this can help you feel more in control of your online life. Please feel free to reach out to me if you have any additional questions on any of these. I also supply free tin foil hats. :-)

tinfoil-hat

5 comments

  1. This was a very useful blog. The pictures and quotes you used were in alignment with the content of your blog. I will surely use some of the basic steps you presented to manage my privacy online. I never heard of the “Start Page” search engine but I will surely use it in the future. I understand that companies generate business value by “safe guarding” our privacy. Also, I can see the benefits in enabling incognito mode on web browsers or using “Start Page” search engine. Those features/services can guarantee some level of privacy but at the end of the day I am fairly certain that they have some behind the scenes data collection system in place. Of course it will be unwise to share or sell that information because doing so is contrary to them generating business value. However, the potential is still there. Yes, it is plausible to consider that basic protection is possible but to me full privacy is an illusion. Someone is always looking!

  2. Puneet, thank you so much for sharing some extremely helpful tips about steps to take to make sure my data and privacy is secure. I am not going to lie, after hearing both yours and @jonah741‘s presentations back-to-back, I was a little overwhelmed with the thought of “Big Brother” watching my every move. Back in the spring, I learned about Foursquare’s newest technology “Pinpoint” that allowed the company to track locations and shopping habits (etc.) of both users and non-users of Foursquare, which I found intriguing from a Marketing/Analytics standpoint but also terribly creep (I think @mfrederick13 would agree). Thank you for reminding me that Foursquare is not the only data-hunter out there!

    Your post and presentation really put things into perspective for how I am currently (and essentially failing at) keeping my data private and secure. I really appreciate you taking the time to inform our class about appropriate measures we should be implementing and the importance of realizing that someone really is alway tracking us!

  3. Great post. The real question, though, that privacy advocates miss is that they automatically assume privacy is a good thing. I tried to disable cookies (years ago), but found that the internet is actually a much worse user experience as a result. I’m willing to trade a certain level of privacy for increased services.

    1. @geraldckane I totally agree. The advent of technologies such as cookies and tracking was never done to use it to track behavior. If you go back enough you realize that these inventions were done to make the internet experience better. Sometimes its a good trade-off to just let them track you if the benefit is worth it. Especially, not having to remember passwords for every site, not having to fill out forms for every site, getting data without asking for it. Google Now is a perfect example of that. Even being a privacy advocate myself, I happily let Google collect everything on me because the Google Now updates are really worth it. Its all about finding the right balance that each individual is comfortable with.

  4. Nice post Puneet. I think you hit most of the high points, but one thing I heard about a couple of years ago that I found interesting. It was around the time that popular browsers first debuted their “private browsing” features. It turned out that even with private browsing turned on, over 85% of people visiting a particular website could be positively and conclusively identified as a particular computer. I can’t remember the exact vector used to identify people, but it was some combination of the computer specs (that’s available to the website as part of the browser’s user agent information) and identifiable information somewhere else in the browser.

    So if people think private browsing is the answer, think again. It’s a great tool, but if you really care about privacy, a VPN or Tor are absolutely essential as well.

    Personally, I do accept first party cookies in my browser, but I explicitly block tracking cookies and ads via ad blockers and privacy settings in the browser. I don’t find they materially affect my browsing experience in any negative way that I care about, but then I’m not a huge user of social media…

%d bloggers like this: