• Home »
• Self-Help Resources »
• Privacy At Risk »
• Restoring Privacy

Restoring Privacy

Take back your personal privacy

Restoring Balance | Privacy Policies | Privacy Guides
Privacy Tools | Crossing Borders

All trademarks, company names or logos are the property of their respective owners.

---

We are at a critical moment for free expression online and for the role of Internet intermediaries in the fabric of democratic societies.

 

In particular, governments around the world have been pushing companies to take down more speech than ever before.

 

What responsibilities do the platforms that directly host our speech have to protect — or take down — certain types of expression when the government comes knocking?
— EFF, 2018

---

Take Back Your Privacy

Privacy is not about hiding wrongs — it is power over your own information.

Your Privacy At Risk

Your privacy is at risk like it has never been before, yet most folks think that only guilty criminals need be concerned. They are wrong!

Broadly speaking, privacy is the right to be let alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how your personal information is collected and used.
— IAPP

Fight For Privacy

You need to take back your privacy.

Much like we lock doors and close curtains to retain our physical privacy, we can learn how to restore our online privacy.

Start by learning how to protect your privacy then demand accountability.

By making a few simple changes to your devices and accounts, you can maintain security against outside parties' unwanted attempts to access your data as well as protect your privacy from those you don't consent to sharing your information with.
— The New York Times

Organisations can no longer assume that any personal information given to them can be exploited in any way they see fit.
— Elliot Rose

• 7 steps to create a secure (and private) profile online.
• How to protect your digital privacy.
• Summary of privacy laws in Canada.

Stop the Data Harvest

Stop the Data Harvest!
Sign the Petition!

 

Every day, a shadowy network of companies is taking, buying, and selling the most intimate details of our lives. They spy on our physical and mental health, our shopping lists, our friend networks, and where we go each hour. In doing so, they undermine our ability to control our digital lives and restrict our free will online and off. Privacy? That's just a word to them.

 

Our governments are failing to stand up to them, convinced that their unlimited right to take, use, and sell our sensitive personal information is just too profitable to restrict.

 

We're saying enough is enough. If you're tired of being treated like a product, and having your privacy rights ignored by lawmakers, take the first step towards controlling your online identity by signing the petition to stop the harvest of our data!

 

So if you're tired of being tracked, counted, categorized, bought, used, and sold, sign the petition and together let's take the first step to stop the harvest of our personal data!

Choose Apps That Protect Your Privacy

How did you choose the apps on your computer and devices? Was it based upon what the vendor or operating system included as the defaults or did you choose what worked best for you?

Too many of these apps are busy collecting information about you, information that has nothing to do with the app's function.

Choose apps based upon privacy and the functions that work for you. Just be sure that you're using a current version and modify the settings to protect your privacy.

Bitwarden, my recommended password manager, asked their community for their top picks for Data Privacy Week:

 

Avoid Giving Information Away

First, you have to actively work to protect your privacy. Take steps to avoid giving away unnecessary information.

Are You Sharing Too Much?

Are you careful about what you share about yourself and others in public forums?

Social media is a very important aspect of privacy because so much personal information is collected then processed using comparative and linked data (such as the "Like" button) — even facial recognition software.

Though the internet and social media have been used by the public for decades, the concept of privacy still lacks a modern application to the online world. Digital privacy, therefore, is still very much a legal frontier.
— University of Dayton's School of Law

Protect Third-party Information

Protect third-party information in your possession. Don't reveal private information about individuals (email addresses, phone numbers and birthdays) while emailing or posting on social media without permission.

Most workplaces refuse to provide personal contact information about their employees to callers. Act similarly.

When someone asks for the email address, phone number or similar information, tell them you'll let the person they want to connect with know by providing the requester's contact information. That way it is up to that person to reveal their own information if they are interested.

Educate Yourself

Become informed about issues around privacy.

This involves re-examining how you perceive privacy and how it is portrayed by the companies that profit from exploiting it.

Take the Mozilla privacy survey to see how well you are improving your privacy awareness help with changing your habits.

Privacy Laws in Canada

Canada has a patchwork of privacy laws which vary according to where you live.

In the absence of Canada's federal government updating our national privacy laws, provinces and territories have taken it upon themselves to create new privacy protections for their residents.

 

This is leading to privacy have and have nots — depending on where you live in Canada.
— OpenMedia

Vancouver City Council turned down a proposal to install CCTV cameras to “prevent violent crime” in the city. There is no evidence that CCTV cameras would reduce crime rates yet such installations threaten the privacy of innocent citizens.

Where does each province stand in this? Take the privacy quiz to find out.

Who to Trust?

OpenMedia and the Mozilla Foundation actively promote privacy. Mozilla's stand is one of the reason I recommend the Firefox browser.

OpenMedia works to keep the Internet open, affordable, and surveillance-free. We create community-driven campaigns to engage, educate, and empower people to safeguard the Internet.
—OpenMedia

Mozilla is a global non-profit dedicated to putting you in control of your online experience and shaping the future of the web for the public good.
— Mozilla Foundation

Recommendations

The University of Dayton School of Law has an excellent overview of online privacy in their article, How much privacy do you have online? Their recommendations:

1. Know what to look for in the Terms and Conditions.
2. Clear out cookies and fully close a browser after every session.
3. Take advantage of customizable settings.
4. Use digital tools to better understand consumer rights.

Teach Your Children

Children's privacy has been seriously threatened. Besides making changes, we need to talk to our children in terms that they can understand.

• How parents and educators can protect children's online privacy.

Be Discrete in Providing Personal Information

Everyone is collecting personal data when they ask you to fill out a form — whether online or in person.

While everyone is diligent in collecting this information, they are less careful in protecting that information — particularly if an opportunity to profit comes along.

Why “Personalization” Is Encouraged

Be wary of terms like “personalization” and “ease of access” when used in device and software settings.

These terms imply a personal benefit, but encourage you to provide information that will be used to better sell to you. This is a very inequal exchange. Instead, use privacy settings to protect yourself.

Is It Necessary?

You should be very selective in providing information. Once you provide anyone with information, it is no longer in your control.

Ask yourself why the site is collecting information and whether it is safe to provide it. Is the requested information actually necessary for the transaction or if it is being collected with other goals in mind.

Ask yourself:

• Does this site need this information to provide what I asked for?
• How will they use that information?
• Will they sell that information or share it with others?
• How will they protect my personal information?

Too often companies collect unnecessary information “just in case” it becomes useful later. There are many other ways to obtain your personal data (e.g., from tracking the links from targeted ads).

Will They Share With Others?

Your information will likely be used to create an advertising profile that can be used to market to you (or sold to other companies). There are seldom consequences for the company that failed to protect your privacy.

While companies may claim “we do not sell your data”, that policy may change in the future if the company is sold or is served with a warrant.

You have to assume that your information will be shared if it is profitable or if the government demands access. Your only protection is to refuse to provide it in the first place.

There is lots of evidence that the government has pressured companies into sharing data, under the assumption that providing it to the company removes the need for a warrant.

How Can You Protect Your Information?

Be cautious about your personal information when you purchase a product or service. When you place an order, the company may need your shipping address if an item is to be shipped to you or if you use a credit card.

Payment Options

Some options are more private than others which should influence your choices.

When you use a credit card, vendors usually require your mailing address to process online payments — even if the product or service isn't being delivered physically. That's valuable personal information you're providing.

Apple Pay and PayPal don't provide your credit information to vendors but may provide information to your financial institution.

• PayPal lists up to 600 third parties they may share information with.

Decline Email Receipts

Decline an emailed receipt in physical stores. They use this for marketing purposes.

Home Depot Sold Your Data

Home Depot was caught sharing email addresses and purchase information with Facebook's parent company Meta without consent. Next time Home Depot asks if you'd like an email receipt, you know why they're asking. They're facing a class-action lawsuit for that privacy breach.

Convenient and environmentally friendly, e-receipts are the way of the future, but they are also raising questions about consumer privacy.

 

Home Depot was found to be sharing details from e-receipts — including encoded email addresses and in-store purchase information — with Meta, which operates the Facebook social media platform, without the knowledge or consent of customers.
— Privacy Commissioner of Canada

This speaks to the ineffectiveness of Canadian privacy laws which are mostly written based upon a “wish list” from industry rather than based upon personal privacy.

Online Transactions

You can print off your own receipt when buying online or subscribing for a service but this may not eliminate the need to provide your email address.

• Most online purchases require you to create an account. Most use your email address to identity you.
• Email may be used to notify you when an item is shipped or to track its progress.
• Product registration and obtaining support for online purchases usually requires an email address.

Who Needs Your Birth Date?

Facebook-owned Instagram, now demands your birth date (and they use their massive Facebook database to verify it). I discovered this when I tried to create an Instagram account using a false birth date to protect my privacy.

Many other services now demand your birth date during registration. Legitimate reasons may include determining eligibility for

• legal age of consent;
• senior discounts;
• access to liquor or tobacco; or
• to qualify for age-qualified services (e.g., pensions).

They don't need to know the exact birth date — only the fact that you're old enough with rare exceptions, notably, age-based government services and government regulated sales (e.g., alcohol and tobacco).

In most cases you should be able to certify that you meet the stated minimum age (whether it is 13, 18, 65 or something else). However, knowing your birth date allows them to track your transition through these milestones.

Companies demand it to improve your advertising profile and to make the resale of your profile data more valuable. It can be combined with other information to “personalize” their ads. It will also make the resale of your profile more profitable.

Big Tech on a Buying Spree

Big tech has been on a buying spree.

Monopoly is made by acquisition — Google buying AdMob and DoubleClick, Facebook buying Instagram and WhatsApp, Amazon buying, to name just a few, Audible, Twitch, Zappos and Alexa.
— NY Times

These mergers and acquisitions threaten your privacy. As well as acquiring technology, they're also adding to their ability to profile site visitors.

The new company may feel free to disregard privacy promises made by the previous owners or they may simply rewrite the privacy policy to remove such promises. If you continue to use the service, you're then bound by the new policy.

Will They Protect Your Information?

Have you noticed that most security breaches only affect consumer data, but not corporate data? Your data didn't cost them anything to acquire. Most companies protect their own information more rigorously than yours.

Governments don't enforce privacy or enforce penalties significant enough to change this behaviour. If the C-suite faced jail for data breaches under their watch they'd increase spending on security accordingly.

Single Sign-on Flawed

Single sign-on (SSO) uses your Google, Facebook or Apple ID to log into third-party sites.

SSO may be convenient, but creates a single point of failure.

Instead, use a unique password for every site.

The simplest way to avoid the problem would be to avoid using third-party sign-in altogether and instead use a unique password for every site. That's certainly more inconvenient but has the benefit that it makes it harder for tech giants to track online activity.
— Infopackets

By generating a unique password for every site using a password manager like Bitwarden, each site obtains only your name, email and whatever other information you provide directly to them.

Check the Privacy Policy

You should always read and understand the privacy policy of any site before you choose to give personal information. See more about privacy policies.

Return to top

Restoring Balance

Tech companies spend millions of dollars to learn how to fully engage their viewers. These include techniques like

• the suggestions on the side of YouTube, Twitter and news feeds;
• the notifications from Facebook and other social media sites; and
• the use of instant-on videos (those that play as soon as the page loads).

A “quick check-in” to see what your friends or family are up to or a “five-minute game break” can turn into a three-hour Facebook binge.

We need to restore balance to our lives. Our exposure to these techniques are making us feel increasingly more isolated.

Adblockers Provide Privacy

Adblockers like Ghostery and Privacy Badger have several benefits besides blocking ads. Most importantly, they protect your online privacy.

Today's ads are not fixed on a site. Instead, whatever can be gleaned about your browser and the user are uploaded to dozens of potential advertisers (and many that simply are collecting personal information).

It's very telling that individuals who are not only more knowledgeable about the inner workings of the internet, but actually behind the mechanisms for targeted advertising and tracking, are protecting themselves far more than the average American.

 

As these experts shore up their privacy and data protection against their own products, everyday consumers must take action to avoid remaining susceptible to the ever-expanding, invisible world behind their browser.
— Jean-Paul Schmetz, CEO of Ghostery

Educate Yourself About Privacy

Begin by educating yourself on privacy issues and solutions. I recommend you check out these privacy champions.

• The Mozilla Foundation advocates for privacy, inclusion and decentralization, and to create safer, more transparent online experiences for everyone.
• OpenMedia works to keep the Internet open, affordable, and surveillance-free.
• The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world.
• Ludlow Institute advances privacy and human freedom through technology.
• Center for Humane Technology envisions a world with technology that respects our attention, improves our well-being, and strengthens communities.
• Use Privacy International: protect democracy, defend people's dignity, and demand accountability from institutions who breach public trust.

Recommendations

I urge you to take the initiative to restore your privacy using the following privacy recommendations.

Safer Browsing

Choose a safer browser that provides optimum privacy (Mozilla Firefox is recommended) then change the following setting to protect privacy:

• Set a default search engine that protects your privacy like StartPage or DuckDuckGo.
• Turn on Do Not Track in your browser then insist that it be honoured¹.
• Remove tracking cookies using CCleaner or your browser's settings.
• Use encrypted (HTTPS) sites wherever possible.
• Enable HTTPS-Only Mode on Firefox and Chrome (automatic in Safari; unavailable in Edge).
• Use privacy extensions like Ghostery or Privacy Badger.
• Use a VPN service or TOR to protect your privacy, especially when using public networks.

¹ Too often sites not honour the Do Not Track using the lame excuse that there are no standards. Google discouraged sites from recognizing DNT.

Safer Practices

Be aware of the privacy costs of your choices:

• Frequently check privacy settings on apps and services you use.
• Use BCC when sending emails to multiple people (group emails).
• Use search engines that protect your privacy.
• Be aware of the risks posed by virtual assistants like Amazon Alexa, Google Home, Cortana and Siri.
• Take care when posting on social media — especially Facebook.
• Delete accounts you're no longer actively using.

Password Security

Passwords are the key to your privacy and security of your accounts.

• Create a unique password for every site (don't use Single Sign-on).
• Use a password manager like Bitwarden to generate secure passwords and store them securely.

Replace Google

Consider using alternatives to Google to protect your privacy.

Google's settings are designed so users could make changes, but “difficult enough that people won't.” Even Google's own engineers are confused by privacy settings.

• Replace Google services with privacy-friendly alternatives.

Start Using Privacy Tools

Start using effective privacy tools and be sure to use only software that is safe to use. See the Reset the Net Privacy Pack and my recommended software.

Take Back Your Phone

Don't let your apps control your phone use! Try these simple changes to live more intentionally with your devices right now by changing settings to remove distractions.

• Get an iPhone, ditch the Android.
• Use Screen Time to control your iPhone activity.
• Edit what appears on your screen. Do you really need real-time weather, news, stocks, etc.? Do you need all those apps?

Quiet Down Windows

You might want to consider how many distractions have been added to Windows 10 and 11. To regain control:

• Control the startup of applications using CCleaner or Windows 10's settings (Start ⇒ Settings ⇒ Apps ⇒ Startup).
• Turn off News & Interests (right-click on Task bar ⇒ News & Interests ⇒ Turn off).
• Turn off Live Tiles (right-click on the icon ⇒ More ⇒ Turn Live Tile off).
• Turn App Notifications off (Start ⇒ Settings ⇒ System ⇒ Notifications & actions).
• Use Focus Assist to remove distractions (Start ⇒ Settings ⇒ System ⇒ Focus assist).
• Remove apps you don't use (right-click on the icon ⇒ Uninstall).

Return to top

Privacy Policies

Privacy policies are statements about how your data will be used by the owner of the site you're visiting.

The privacy policy is a legal document, it spells out how a company collects, stores, uses, and shares your data.
— IRL Podcast

Don't provide information to sites lacking a privacy policy.

Privacy Policies Too Complex

While checking the privacy policy for every site you visit is recommended, it has become increasingly impossible because of size and complex language.

A study by researchers at Carnegie Mellon concluded,

…if the average American were to actually read every single privacy policy of every single web service that she used in a year…[t]he average user would have to spend between 181 and 304 hours each year reading privacy policies.

That's approximately 4.5 and 7.6 work-weeks (about a month or two every year) — just reading privacy statements!

• It would take 17 hours to read the terms & conditions of the 13 most popular apps.

Visitor Response: TL;DR

“I have read and agree to the Terms” is the biggest lie on the web. We aim to fix that.
— Terms of Service; Didn't Read

Many respond to long, complicated privacy policies with TL;DR (Too long. Didn't read.)

Privacy Policies are Changing

Privacy policies change for a number of reasons including purchase of the company or a new business plan such as the desire to use your data to train AI.

You only need to look at the way Facebook and others so quickly change their privacy policies to enhance their profitability. You're mostly on your own when it comes to protecting your identity.

Consumer Protections Needed

Consumers need a central location to find out what information companies have collected about them, how it is being used and the ability to restore your privacy.

That would be difficult to provide without legislation to create and enforce a standard by which consumers are protected from corporate giants.

• Terms of Service; Didn't Read.
• What to look for in a good privacy policy.
• Privacy policy legislation & requirements by country.

Return to top

Privacy Guides

The problem with our private data is that so much of it is irreplaceable and cannot be altered. Unlike a password, once released into the world, there is no calling it back.

Who Has Your Back?

In the face of unbounded surveillance, users of technology need to know which companies are willing to take a stand for the privacy of their users.
— EFF

Who Has Your Back? Censorship Edition 2019 documents the track record for companies in releasing private information to the government.

We Need to Do Better

Both companies and individuals need to quit ignoring the damage caused by security breaches and careless postings on social media.

Tech companies could change these things to make your life easier and protect your digital security and privacy. Why haven't they yet?
— Fix It Already

Your Browser Choice Matters

One of the reasons I recommend using Firefox as your primary browser is Mozilla's stand on privacy.

Chrome is NOT privacy-friendly and Microsoft is again modifying Edge to regain the monopoly they enjoyed with Internet Explorer.

See my recommendations for safer browsing.

Other Resources

• How to stop your smart TV from spying on you.
• Protect your privacy from hackers, spies, and the government.
• The ultimate online privacy guide.
• Online privacy is a blog containing posts about privacy.
• The Motherboard guide to not getting hacked.
• *Privacy not Included is Mozilla's guide to choosing connected devices like Google Home and Amazon Alexa.
• How to keep your private conversations private for real.
• How we take back the Internet (Edward Snow den at TED 2014).
• 7 Ways to Reclaim Your Digital Privacy.
• Online Privacy: How to Minimize Your Digital Footprint.
• How to ditch Google for more privacy and fewer ads.
• EFF's Surveillance Self-Defense.

Return to top

Privacy Tools

Start using effective privacy tools and be sure that you're not installing software that is unsafe to use.

Make Your Website Safer

Website owners should begin to use technologies that secure their sites and make them safer to use.

Avoid sleazy invasive techniques that threaten your site's security and place site visitors at risk.

Pledge to add SSL, HSTS & PFS protection this year; it matters! Already rocking SSL & HSTS? Consider approaches to end-to-end crypto.

Develop Safe Apps

Technologies like SSL and proper certification pinning should be mandatory. End-to-end encryption makes messaging much safer and your app a worthwhile download.

Neither dangerous apps nor their developers should be in the app stores.

• Too many apps collect information they don't need (often surreptitiously) then sell it to anyone that is willing to pay.
• Some developers release their app without securing it properly.

If you serve ads on your app, you need to ensure that ALL third party code, including ads and analytics, are secure and ensure that ads play nicely within your app.

• Test for ads that crash an app or lock it up for extended periods of time.
• Remember that your paid apps are being judged by the performance of your free apps.

More About Privacy Tools

These privacy tools have been tested by me and found to be useful.

• Ghostery helps you browse smarter by giving you control over ads and tracking technologies to speed up page loads, eliminate clutter, and protect your data.
• Privacy Badger blocks spying ads and invisible trackers by enforcing the Do Not Track header (you have to have “Do Not Track” enabled in your browser) and may be a better alternative if you're uncomfortable with Ghostery.
• More ways to win against mass surveillance.
• Gibson Research Corporation projects included many ground-breaking apps:
  • InControl to easily manage Windows 10 and 11 updating and upgrading
  • Fingerprints
  • Perfect Passwords
  • ShieldsUP!
  • Securable (legacy)
• You're not Stringer Bell, but you may still need a burner phone.

Return to top

Crossing Borders

Like Canada's privacy laws, the rules governing border searches pre-date cellphones and consumer use of the Internet.

Searches at the border are based upon the laws from an age when everything was on paper. When those laws were written, people would seldom carry unnecessary private documents when planning to cross the border.

However, if you did carry such documents, border agents were entitled to search through those documents or copy them. That is how border agents justify copying everything on your phone or computer.

While the letter of the law may allow such searches, the spirit of those laws are being abused.

Leave Your Phone at Home

The recommendation is to leave your devices at home. If you plan to take your digital devices across the border, check out the following advice:

…[B]efore crossing the border, delete private material or transfer it to the cloud; at the border, turn on airplane mode yourself; and, finally, be prepared, unless you have some really compelling privacy reason, to just turn over your phone.
— CTV News

Laws Out of Touch with Reality

These laws are seriously out of touch with the reality that we carry our entire lives on our smartphones.

[B]order agents could end up seeing private emails and text messages, photos, web browser histories and sensitive documents, even if you've done nothing wrong.
— CTV News

There is an increasing trend around the world to treat borders as law-free zones where authorities have the right to carry out whatever outrageous form of surveillance they want.

 

But they're not: the whole point of basic rights is that you're entitled to them wherever you are.
— Edin Omanovic

• U.S. border guards can search your phone.
• Border guards have 'wide open' rights to search your smartphone.
• China is forcing tourists to install text-stealing malware at its border.

The “Border” Extends Further than You Thought

Border searches can be conducted not only at the actual border, but within 100 miles (160 km) of the United States-Canada border as well as at airports or even when boarding a cruise ship.

Canada's border agents can search your phone and laptop at borders and airports, including looking through your private photos, personal messages, and call history.
— OpenMedia

• Your phone is not safe at the border — OpenMedia.
• A guide to your rights at the border by BC Civil Liberties Association.

Return to top

Related Resources

On this site:

• Resources index
• Your privacy at risk
• VPNs
• Clean-up your computer & devices
• Identity theft
• Oversharing on social media?
• Mobile security
• Malware & spyware
• Encryption: protecting your data

Found this resource useful?