Yesterday Facebook’s CEO Mark Zuckerberg testified before the US Senate, after admitting that up to 87 million people may have had their data improperly shared with the company Cambridge Analytica.
Cambridge Analytica’s ties to the Trump campaign have made data harvesting headline news, but this story is probably just the tip of the iceberg.
The scandal engulfing Facebook has forced many of us to face up to the reality of how our personal data is collected and shared online, and highlighted new human rights challenges that have arisen in the digital age.
So if you’re concerned about how your personal data is being used, what can you do about it?
Sadly, it’s virtually impossible to avoid data harvesting completely. Many of us depend on social media and even if you have been outraged by Facebook’s failure to safeguard your data you may not want to delete it.
But it is possible to limit how much companies can track you. Here’s our three-step guide to the basics.
1. Understand the risks
Firstly, it’s important to understand who is collecting your data and why.
Google, Facebook and Twitter are the companies that track you most online, and if you use their services they also have detailed individual profiles on you. They use these profiles to deliver targeted ads, and to personalise their services so you want to keep using them.
Although most of the information that you share privately on these platforms can only be accessed by your friends and the companies themselves, weak and confusing default settings can result in some information being made public or shared with third parties. This is where “data brokers” and data analytics companies come in.
Cambridge Analytica is just one of many companies whose whole business is amassing and selling people’s data. These companies collect and combine both the data we make public, such as what we “like” on Facebook, with the huge amounts of data we produce unknowingly, from our voter registration records to our online browsing behaviour. This allows them to create increasingly detailed profiles of people.
Online data tracking and profiling can be perfectly legitimate, but it also bears human rights risks. It can threaten users’ rights to privacy, as well as freedom of expression, since people’s fears of being tracked can lead them to change their behaviour online. It also poses a risk of discrimination, as companies – and governments – could easily abuse data analytics to target people based on their race, religion, gender, or other protected characteristics.
2. Control your privacy settings
Now you know the risks, decide what information you want to share on the main platforms in future. This is the time to check your privacy settings on your social media platforms – reviewing the amount of data that’s been amassed can be eye opening!
Many platforms have the means to limit tracking, they just don’t make this the default. The trick is finding the setting and switching it off, where possible.
A good place to start is the Facebook “Privacy Checkup” (on any Facebook page, click on the ? symbol and go to Privacy Checkup) which will walk you through who can see your posts and profile, as well as showing any third party apps that have access to your data.
Check the list of apps carefully and remove any you don’t recognise. The Cambridge Analytica scandal stemmed from the ability of third party apps on Facebook to access and share users’ data.
Facebook has since been forced to limit the extent to which these apps can access your data, but it’s possible these rules may change to be more permissive again in the future.
There’s now also a specific tool to check if your data was shared with Cambridge Analytica.
Google also provides a “Privacy Checkup” at https://myaccount.google.com/privacycheckup. Here you’ll be given the option to delete information that’s already been collected and stop Google from saving information on things like your search activity, location history and your voice and audio history going forwards.
Twitter doesn’t yet have a Privacy Checkup but you can access the main Privacy and Safety page at: https://twitter.com/settings/safety and also check the list of applications that can access your account at: https://twitter.com/settings/applications
3. Use easy privacy protecting tools
Controlling the amount of data that Facebook, Google and Twitter hold about you is important, but it won’t stop them and other companies tracking you behind the scenes. So the next step is to start switching to online services that have privacy features built in.
DuckDuckGo is a search engine that allows you to search the internet anonymously. You may not think your search history counts as personal data, but companies could use it to understand many things about you, from your medical concerns to your daily commute.
DuckDuckGo does not collect or share any personal information when you use it. When you click on a link through DuckDuckGo, the site you are directed to does not know what words you entered to find it.
Privacy Badger is an app developed by the Electronic Frontier Foundation (EFF) that stops third parties from tracking you when you browse the internet. It can stop Facebook and Google from tracking you when you’re not on their websites, and also blocks many of the advertisers and data brokers that are tracking you in secret online.
You could also consider switching your web browser. Two alternatives worth considering are Brave and Firefox. Brave does a good job of blocking ads and trackers by default whereas for Firefox you have to turn on “Tracking Protection” manually.
If you want to dive into the technical detail on how tracking works and what you can do about it, Tactical Tech’s Me and My Shadow project has loads of detailed advice on how to find out what personal data is being collected and how to control your data.
Finally, these tips only relate to managing online data – you should also follow these 6 basic good practices for protecting your privacy online