Russ Harvey Consulting - Computer and Internet Services

Restoring Privacy

Take back your personal privacy

Restoring Balance | Privacy Policies | Guides | Tools
Crossing Borders

All trademarks, company names or logos are the property of their respective owners.

A woman has her hands on a laptop's keyboard with the screen displaying a “Privacy Settings” splash screen.

Information about VPNs has been moved to its own page.

We are at a critical moment for free expression online and for the role of Internet intermediaries in the fabric of democratic societies.

 

In particular, governments around the world have been pushing companies to take down more speech than ever before.

 

What responsibilities do the platforms that directly host our speech have to protect — or take down — certain types of expression when the government comes knocking?
EFF, 2018

Take Back Your Privacy

Privacy is not about hiding wrongs. Privacy is power over your own information.

Stop the Harvest

Every day, a shadowy network of companies is taking, buying, and selling the most intimate details of our lives.

They spy on our physical and mental health, our shopping lists, our friend networks, and where we go each hour.

In doing so, they undermine our ability to control our digital lives and restrict our free will online and off.

Privacy? That's just a word to them.

Stop the harvest! Take the first step to controlling your digital life.

 

Tired of being treated like a product, and having your privacy rights ignored by lawmakers? Sign the petition!

Your Privacy At Risk

Your privacy is at risk like it has never been before, yet most folks think that only guilty criminals need be concerned. They are wrong!

Broadly speaking, privacy is the right to be let alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how your personal information is collected and used.
IAPP

Fight For Privacy

You need to take back your privacy.

Much like we lock doors and close curtains to retain our physical privacy, we can learn how to restore our online privacy.

Start by learning how to protect your privacy then demand accountability.

By making a few simple changes to your devices and accounts, you can maintain security against outside parties' unwanted attempts to access your data as well as protect your privacy from those you don't consent to sharing your information with.
The New York Times
Organisations can no longer assume that any personal information given to them can be exploited in any way they see fit.
Elliot Rose

Choose Privacy

How did you choose the apps on your computer and devices? Was it based upon what the vendor or operating system included as the defaults?

Too many of these apps are busy collecting information about you that has nothing to do with the app's function.

Choose apps based upon privacy and the functions that work for you. Just be sure that you're using a current version and modify the settings to protect your privacy.

Bitwarden, my recommended password manager, asked their community for their top picks for Data Privacy Week:

Bitwarden community's favourite data privacy apps.

 

Avoid Giving Information Away

First, you have to actively work to protect your privacy.

Take steps to avoid giving away unnecessary information.

Are You Sharing Too Much?

Are you careful about what you share about yourself and others in public forums?

Social media is a very important aspect of privacy because so much personal information is collected then processed using comparative and linked data (such as the "Like" button) — even facial recognition software.

Though the internet and social media have been used by the public for decades, the concept of privacy still lacks a modern application to the online world. Digital privacy, therefore, is still very much a legal frontier.
University of Dayton's School of Law

Protect Third-party Information

Protect third-party information in your possession.

Don't reveal private information about individuals (email addresses, phone numbers and birthdays) while emailing or posting on social media.

Workplace policies refuse to provide personal contact information about their employees to callers. Respect the people you know with similar policies.

Educate Yourself

Become informed about issues around privacy.

This involves re-examining how you perceive privacy and how it is portrayed by the companies that profit from exploiting it.

Take the Mozilla privacy survey to see how well you are improving your privacy awareness help with changing your habits.

Privacy Laws in Canada

Canada has a patchwork of privacy laws which vary according to where you live.

In the absence of Canada's federal government updating our national privacy laws, provinces and territories have taken it upon themselves to create new privacy protections for their residents.

 

This is leading to privacy have and have nots — depending on where you live in Canada.
OpenMedia

Where does each province stand in this?

Vancouver Protects Privacy Rights

Kudos to the Vancouver City Council for turning down a proposal to install CCTV cameras to “prevent violent crime” in the city.

There is no evidence that CCTV cameras would reduce crime rates yet such installations threaten the privacy of innocent citizens.

Who to Trust?

OpenMedia and the Mozilla Foundation actively promote privacy.

OpenMedia works to keep the Internet open, affordable, and surveillance-free. We create community-driven campaigns to engage, educate, and empower people to safeguard the Internet.
— OpenMedia
Mozilla is a global non-profit dedicated to putting you in control of your online experience and shaping the future of the web for the public good.
— Mozilla Foundation

Recommendations

The University of Dayton School of Law has an excellent overview of online privacy in their article, How much privacy do you have online? Their recommendations:

  1. Know what to look for in the Terms and Conditions.
  2. Clear out cookies and fully close a browser after every session.
  3. Take advantage of customizable settings.
  4. Use digital tools to better understand consumer rights.

Teach Your Children

Children's privacy has been seriously threatened. Besides making changes, we need to talk to our children in terms that they can understand.

Be Discrete in Providing Personal Information

Everyone is collecting personal data when they ask you to fill out a form — whether online or in person.

While everyone is diligent in collecting this information, they are less careful in protecting that information — particularly if an opportunity to profit comes along.

Be wary of terms like “personalization” and “ease of access.” While they imply a benefit, they are an inequal exchange. Learn to use privacy settings to protect yourself.

Be Selective

You should be very selective in providing information. Ask yourself why the site is collecting information and whether it is safe to provide it.

Is It Necessary?

Is the requested information actually necessary for the transaction or if it is being collected with other goals in mind.

Once you provide anyone with information, it is no longer in your control.

Ask yourself:

Will They Share With Others?

While these companies may claim “We do not sell your data”, there are many other ways to obtain your personal data (e.g., from tracking the links from targeted ads).

Too often companies collect unnecessary information “just in case” it becomes useful later.

You have to assume that your information will be shared if it is profitable or if the government demands access. Your only protection is to refuse to provide it in the first place.

Your information will likely be used to create an advertising profile that can be used to market to you (or sold to other companies). There are seldom consequences for the company that failed to protect your privacy.

How Can You Protect Your Information?

Be cautious about your personal information when you purchase a product or service.

When you place an order, the company may need your shipping address if an item is to be shipped to you or if you use a credit card.

Some options are more private than others which should influence your choices.

Payment Options

When you use a credit card, vendors usually require your mailing address to process online payments — even if the product or service isn't being delivered physically. That's valuable personal information you're providing.

Apple Pay and PayPal don't provide your credit information to vendors but may provide information to your financial institution.

Decline Email Receipts

Decline an emailed receipt in physical stores. They use this for marketing purposes.

Home Depot Sold Your Data

Home Depot was caught sharing email addresses and purchase information with Facebook's parent company Meta without consent. Next time Home Depot asks if you'd like an email receipt, you know why they're asking.

Convenient and environmentally friendly, e-receipts are the way of the future, but they are also raising questions about consumer privacy.

 

Home Depot was found to be sharing details from e-receipts — including encoded email addresses and in-store purchase information — with Meta, which operates the Facebook social media platform, without the knowledge or consent of customers.
Privacy Commissioner of Canada

This speaks to the ineffectiveness of Canadian privacy laws which are mostly written based upon a “wish list” from industry rather than based upon personal privacy.

Online Transactions

You can print off your own receipt when buying online or subscribing for a service but this may not eliminate the need to provide your email address.

Who Needs Your Birth Date?

Many services now demand your birth date during registration.

Legitimate reasons may be used in determining if you meet the legal age of consent or if you are eligible to obtain certain products or benefits that are age-based such as senior discounts, access to liquor or tobacco or to qualify for government services (e.g., pensions).

Only Your Age Needs to be Verified

While some sites may need to know your age for legal reasons, they don't need to know the exact birth date — only the fact that you're old enough.

In most cases you should be able to certify that you meet the stated minimum age (whether it is 13, 18, 65 or something else).

Your actual birth date is much more valuable to their marketing department. It can be combined with other information to “personalize” their ads. It will also make the resale of your profile more profitable.

Big Tech on a Buying Spree

Big tech has been on a buying spree. This affects your privacy.

While they're acquiring technology, they're also adding to their ability to profile site visitors.

Facebook-owned Instagram, now demands your birth date (and they use their massive Facebook database to confirm it). They only need your age, not the exact date unless your advertising profile is the reason.

Monopoly is made by acquisition — Google buying AdMob and DoubleClick, Facebook buying Instagram and WhatsApp, Amazon buying, to name just a few, Audible, Twitch, Zappos and Alexa.
NY Times

The new company may feel free to disregard privacy promises made by the previous owners or they may simply rewrite the privacy policy to remove such promises. If you continue to use the service, you're then bound by the new policy.

Will They Protect Your Information?

Most companies protect their own information more rigorously than yours.

Have you noticed that most security breaches only affect consumer data, but not corporate data? Your data didn't cost them anything to acquire.

Governments don't enforce privacy or fine companies with significant penalties that could change behaviour.

Single Sign-on Flawed

Single sign-on (SSO) uses your Google, Facebook or Apple ID to log into third-party sites.

Single sign-on uses your Google, Facebook or Apple ID to log into third-party sites.

SSO may be convenient, but creates a single point of failure.

Instead, use a unique password for every site.

The simplest way to avoid the problem would be to avoid using third-party sign-in altogether and instead use a unique password for every site. That's certainly more inconvenient but has the benefit that it makes it harder for tech giants to track online activity.
Infopackets

By generating a unique password for every site using a password manager like Bitwarden, each site obtains only your name, email and whatever other information you provide directly to them.

Check the Privacy Policy

You should always read and understand the privacy policy of any site before you choose to give personal information. See more about privacy policies.

Return to top

Restoring Balance

Tech companies spend millions of dollars to learn how to fully engage their viewers. These include techniques like

A “quick check-in” to see what your friends or family are up to or a “five-minute game break” can turn into a three-hour Facebook binge.

We need to restore balance to our lives. Our exposure to these techniques are making us feel increasingly more isolated.

Adblockers Provide Privacy

Adblockers like Ghostery and Privacy Badger have several benefits besides blocking ads. Most importantly, they protect your online privacy.

Today's ads are not fixed on a site. Instead, whatever can be gleaned about your browser and the user are uploaded to dozens of potential advertisers (and many that simply are collecting personal information).

Advertisers are heavier users of adblockers than the average American.

It's very telling that individuals who are not only more knowledgeable about the inner workings of the internet, but actually behind the mechanisms for targeted advertising and tracking, are protecting themselves far more than the average American.

 

As these experts shore up their privacy and data protection against their own products, everyday consumers must take action to avoid remaining susceptible to the ever-expanding, invisible world behind their browser.
Jean-Paul Schmetz, CEO of Ghostery

Recommendations

I urge you to take the initiative to restore your privacy using the following privacy recommendations.

Safer Browsing

Choose a safer browser that provides optimum privacy (Mozilla Firefox is recommended) then change the following setting to protect privacy:

1 Too often sites not honour the Do Not Track using the lame excuse that there are no standards. Google discouraged sites from recognizing DNT.

Safer Practices

Be aware of the privacy costs of your choices:

Password Security

Passwords are the key to your privacy and security of your accounts.

Replace Google

Consider using alternatives to Google to protect your privacy.

Google's settings are designed so users could make changes, but “difficult enough that people won't.” Even Google's own engineers are confused by privacy settings.

Start Using Privacy Tools

Start using effective privacy tools and be sure to use only software that is safe to use. See the Reset the Net Privacy Pack and my recommended software.

Take Back Your Phone

Don't let your apps control your phone use! Try these simple changes to live more intentionally with your devices right now by changing settings to remove distractions.

Quiet Down Windows

You might want to consider how many distractions have been added to Windows 10 and 11. To regain control:

Return to top

Privacy Policies

Privacy policies are statements about how your data will be used by the owner of the site you're visiting.

The privacy policy is a legal document, it spells out how a company collects, stores, uses, and shares your data.
IRL Podcast

Don't provide information to sites lacking a privacy policy.

Privacy Policies Too Complex

While checking the privacy policy for every site you visit is recommended, it has become increasingly impossible because of size and complex language.

A study by researchers at Carnegie Mellon concluded,

…if the average American were to actually read every single privacy policy of every single web service that she used in a year…[t]he average user would have to spend between 181 and 304 hours each year reading privacy policies.

That's approximately 4.5 and 7.6 work-weeks (about a month or two every year) — just reading privacy statements!

Visitor Response: TL;DR

“I have read and agree to the Terms” is the biggest lie on the web. We aim to fix that.
Terms of Service; Didn't Read

Many respond to long, complicated privacy policies with TL;DR (Too long. Didn't read.)

Privacy Policies are Changing

Privacy policies change for a number of reasons including purchase of the company or a new business plan such as the desire to use your data to train AI.

You only need to look at the way Facebook and others so quickly change their privacy policies to enhance their profitability. You're mostly on your own when it comes to protecting your identity.

Consumer Protections Needed

Consumers need a central location to find out what information companies have collected about them, how it is being used and the ability to restore your privacy.

That would be difficult to provide without legislation to create and enforce a standard by which consumers are protected from corporate giants.

Return to top

EFF 2019 report on the track record of companies in protecting your privacy

Privacy Guides

The problem with our private data is that so much of it is irreplaceable and cannot be altered. Unlike a password, once released into the world, there is no calling it back.

Who Has Your Back?

In the face of unbounded surveillance, users of technology need to know which companies are willing to take a stand for the privacy of their users.
EFF

Who Has Your Back? Censorship Edition 2019 documents the track record for companies in releasing private information to the government.

We Need to Do Better

Both companies and individuals need to quit ignoring the damage caused by security breaches and careless postings on social media.

Tech companies could change these things to make your life easier and protect your digital security and privacy. Why haven't they yet?
Fix It Already

Your Browser Choice Matters

One of the reasons I recommend using Firefox as your primary browser is Mozilla's stand on privacy.

Chrome is NOT privacy-friendly and Microsoft is again modifying Edge to regain the monopoly they enjoyed with Internet Explorer.

See my recommendations for safer browsing.

Other Resources

Return to top

Privacy Tools

Start using effective privacy tools and be sure that you're not installing software that is unsafe to use.

Make Your Website Safer

Website owners should begin to use technologies that secure their sites and make them safer to use.

Avoid sleazy invasive techniques that threaten your site's security and place site visitors at risk.

Pledge to add SSL, HSTS & PFS protection this year; it matters! Already rocking SSL & HSTS? Consider approaches to end-to-end crypto.

Develop Safe Apps

Technologies like SSL and proper certification pinning should be mandatory. End-to-end encryption makes messaging much safer and your app a worthwhile download.

Neither dangerous apps nor their developers should be in the app stores.

If you serve ads on your app, you need to ensure that ALL third party code, including ads and analytics, are secure and ensure that ads play nicely within your app.

More About Privacy Tools

These privacy tools have been tested by me and found to be useful.

Return to top

Crossing Borders

Like Canada's privacy laws, the rules governing border searches pre-date cellphones and consumer use of the Internet.

Searches at the border are based upon the laws from an age when everything was on paper. When those laws were written, people would seldom carry unnecessary private documents when planning to cross the border.

However, if you did carry such documents, border agents were entitled to search through those documents or copy them. That is how border agents justify copying everything on your phone or computer.

While the letter of the law may allow such searches, the spirit of those laws are being abused.

Leave Your Phone at Home

The recommendation is to leave your devices at home. If you plan to take your digital devices across the border, check out the following advice:

…[B]efore crossing the border, delete private material or transfer it to the cloud; at the border, turn on airplane mode yourself; and, finally, be prepared, unless you have some really compelling privacy reason, to just turn over your phone.
CTV News

Laws Out of Touch with Reality

These laws are seriously out of touch with the reality that we carry our entire lives on our smartphones.

[B]order agents could end up seeing private emails and text messages, photos, web browser histories and sensitive documents, even if you've done nothing wrong.
CTV News
There is an increasing trend around the world to treat borders as law-free zones where authorities have the right to carry out whatever outrageous form of surveillance they want.

 

But they're not: the whole point of basic rights is that you're entitled to them wherever you are.
Edin Omanovic

The “Border” Extends Further than You Thought

Border searches can be conducted not only at the actual border, but within 100 miles (160 km) of the United States-Canada border as well as at airports or even when boarding a cruise ship.

Canada's border agents can search your phone and laptop at borders and airports, including looking through your private photos, personal messages, and call history.
— OpenMedia

Return to top

Related Resources

On this site:

Found this resource useful?
Buy Me A Coffee

 

Return to top
RussHarvey.bc.ca/resources/restoreprivacy.html
Updated: October 11, 2024