- If you want better digital privacy uninstalling WhatsApp should be your first step and not last.
- There are a number of apps, including Chrome, that collect a lot of data.
- It is also about convenience, because convenience comes at the cost of privacy.
Digital privacy is hard work. But now that there is a conversation around it, sparked by the latest WhatsApp policy and terms and conditions that have spooked users, it is a good time to talk about it. By its very nature, the internet is something of an open medium. Over the years, some blinds have been draped over it, doors and windows that can be closed have been created, but still more or less it is an open medium that leaks information. A lot of it is also by design. Tech companies like Google, Facebook, Amazon, even Apple up to an extent, have it in their interest to collect user data. And the more data they can collect, the better it is for them.
Given the nature of the web and connected devices, the only way to be sure of not leaking your private data or identity on the web is to cut the cord. In other words, go incommunicado. Take a hammer, smash all your digital devices, then pick a tin-foil hat, place it on your head and move to deep in hills and woods.
Unfortunately, that is not an option. Unless you are a sanyasi (hermit), and nowadays even sanyasis use smartphones.
So, what do you do? How do you remain connected, keep using various digital services and still maintain some level of privacy and keep your data somewhat safe from the tech companies that want to serve you personalised ads, governments and authorities that want to watch your every move, and political parties that want you tracked because you vote? It is difficult, but not impossible.
Uninstalling WhatsApp, which is clearly in the business of tracking users through metadata, and using something like Signal is a good first step. But it is hardly going to make a difference when it comes to your digital privacy. In fact, WhatsApp is one of the better guys when it comes to collecting user data. Some apps are much much worse than it, apps that you use daily.
Consider this: Almost every app that you use tracks you. Apps want your location data, even apps like a notepad. They want to see how long you are using an app, with who you are talking to, who all are in your contacts, what sort of photos are there in your gallery, at what time you use your phone, where you go, and they do it every time you give them permission. An app will ask for GPS permission because it wants to show you local weather. But once it has permission to GPS, it will misuse it. Sure, it will show you local weather, but will also track your location.
Coming back to the big question then: How do you take control of your digital privacy?
There are a few essential steps you can take.
Be careful of apps
1- You should get rid of any app that you don't need. As in not need badly. And this is for the phone apps as well and the laptop or desktop apps. For example, deleting WhatsApp will not help you much unless you also delete Facebook and delete Instagram. In fact, get rid of all the non-essential apps. If you can live without an app, don't install it. Those Beauty Selfie apps? Don't install them. Those ten payment apps? Maybe install just one. All the video and photo-editing apps? Get rid of the ones you don't use.
Basically, be extremely choosy in the apps that you install on your phone.
2- A lot of times you don't need to use an app. You can use a website. It is always safer and more private to use a website to access a service. This is the reason why companies want you to use an app. They get more data this way. This is why many services like to lure users in installing apps by offering app-only discounts or cashbacks.
3- When you use an app, give it permissions that are absolutely necessary. If a selfie app is asking GPS access, don't give it. If Swiggy or Zomato ask for location info, don't give access to GPS. Just manually add the address. Android and iOS now have the option to give access to apps only when they are in use. Choose this option wherever you can. For example: Why should Google Maps have GPS access all the time. It needs GPS information when it is in use when you have opened it. So give it limited access.
Be careful while web browsing
4- apps are just one part of the story. A lot of data is leaked through web browsing, and you have to be very careful with it. There are a number of steps you can take to keep web browsing relatively private:
Don't use Chrome. Chrome is a data hog. In fact, this Google browser collects more data than any other app. Instead use Firefox. And use Firefox with tweaked settings. Tell Firefox not to remember your browsing history. Tell it to deny access to third-party cookies. Tell it to use HTTPS Over DNS, which will help you avoid prying eyes of your internet service provider.
Get into the habit of logging out of websites. For example, if you log into Facebook and then in the same browser you also do your rest of the web browsing, well Facebook is tracking you. Across the pages. It is done through the code Facebook puts on websites through its network. Google too is doing the same and when you have Gmail open, all the web browsing you do in that web browser is tracked. So, what is the way out? Use a different browser. Maybe you can keep Gmail open in Chrome, but do rest of your web browsing in Firefox or Safari or Edge. It means more work for you and it's convenient to keep switching between browsers, but you avoid the tracking cookies of Facebook or Google in this way.
You have to understand this nice and proper: To avoid getting tracked by Google and Facebook ad networks on the web, you must not do web browsing when you are logged into any Google or Facebook service. And no, just closing the tab on which you had Gmail or Google Search will not do. You must log out. In fact, in some cases you must log out twice.
Don't give web pages access to location data. Disable their access to installed programs (defaults).
If you are using Firefox, use it with NoScript. This will break some functionality on web pages, but it will also disable a lot of click tracking, or digital fingerprinting that websites use to collect user data. When you need the full functionality of a website, you can temporarily allow that webpage in NoScript.
You can avoid websites that track you. For example, you can use DuckDuckGo instead of Google to search stuff. You can store photos locally, instead of uploading them to Flickr or Google Photos.
Hard work? Yes
Digital privacy is hard work. This is because you are fighting a battle against some very smart people, and some very big companies that are interested in your data. And you are not just fighting this battle, but you are also fighting your own nature that tech companies exploit. We seek convenience. It is convenient to stay logged into Gmail so that when you open Chrome next morning you don't have to go the through remember-the-password-and-login routine again. But it is also how you leak your data. It is convenient to browse the web without NoScript, but you also leak more data that way. It is convenient to use an app instead of the Amazon website to shop but you also give more user data in an app.
Trying to maintain some level of privacy means making a few tough and inconvenient choices. It means switching between browsers while browsing, it means logging out often, it means giving apps manual permission every time you use them, it means not installing apps that you don't need, it means not uploading photos that show how you looked 20 years ago.
And then you can do some more
What if you need even more privacy. What do you? There are a few options, it all depends on how much privacy you need.
For seven better privacy, you can use a good VPN. A VPN can mask your actual location and can make digital fingerprinting harder. This is the reason a lot of websites hate VPNs. Even Google Search freaks out when users are on VPN and forces CAPTCHAS on them. It is as if the idea is to make VPNs inconvenient, and Google Search freaking out at VPN users is one good reason to use VPNs.
If you can, move to an iPhone. Now, Apple does track its users but it does so for some of its own specific purposes. It doesn't serve advertisements, and it collects far less information than Google does from Android. Apple is also harder on apps, including apps like Facebook. It wants apps to explicitly explain to users why they need access to something, and iOS allows users to control apps behaviour in a better way.
Although it is not practical, you can use TOR browser for complete anonymity while browsing. Though your browsing experience with TOR will become slow, and some websites will freak out when they can't figure out your IP and location etc. Like we said, privacy comes at the cost of convenience.
What if you need even more privacy? All right, in this case first of all you should get rid of your phone. If you can't do without a phone, then maybe move to a feature phone.
As for connecting to the web is concerned, you can move to something like TAILS, a Linux distro that boots from a USB and is created with the sole purpose of anonymous web browsing. Although if your aim is just to avoid advertisers, TAILS is an overkill.