10 Ways To Protect Your Privacy Before The Next Data Spill

Yesterday I wrote about what we’ve learned from the recent AOL data leak. By now you’re probably aware that the risks to your personal data online can be rather significant. If you value your privacy you’ll want to take precautions to protect yourself online. Here are a few things you can do to minimize the damage the next time a major data spill occurs:

  1. It helps to have a basic understanding of the tracks you leave when moving around the internet. Most web servers will log a user’s IP address and browser identification string by default. Your IP address can be used to determine your geographic location, and service provider. If you have a static IP address (one that doesn’t change on a regular basis) that address could be used to track your online activities over a very long period of time. Even if your IP address changes frequently your activity be tracked across via cookies.
  2. Use a meta-search service that respects your privacy. A number of websites allow you to search Google, Yahoo, and other search engines indirectly. Sites like ixquick act as a search proxy, passing your query onto the search engine on your behalf, then returning the results. Searches submitted through ixquick appear to be coming from the ixquick server. Since you aren’t searching Google or Yahoo directly your IP addresses is shielded and you avoid the possibility of having cookies set on your machine. For what it’s worth ixquick claims they no longer keep log files of user activity.
  3. Surf anonymously. There are a number of ways to surf the internet anonymously. Anonymizer is probably the easiest. A mere $30 buys a year of anonymous web surfing. Anonymizer not only blocks your IP address, it has the ability to block cookies, banner ads, eliminate page titles in your browser history, and encrypt the URL’s of sites you’ve visited. As a bonus, you can also use anonymizer to visit sites that might be blocked by your employer — unless, of course, your employer blocks access to Anonymizer.
  4. Beware of cookies. Cookies got a bad rap in the early days as paranoid users mistakenly confused them with spyware. The reality is that the web is a stateless medium and cookies are required to build anything more complex than a static web page. Despite the value of cookies, they do still pose a very real risk. Marketers and ad networks can be very aggressive with their cookies, in some cases using third party cookies that can be used to track your movement across domains. Even when surfing through a service like Anonymizer, it’s possible for Google and other search engines to track your searches across multiple sessions by setting cookies on your computer (you’ll need to configure Anonymizer to reject cookies). ecommerce sites like Amazon and eBay use cookies as well. However, once you’ve logged into your account to make a purchase you’ve pretty much positively identified yourself. Most commerce sites would be virtually useless without cookies anyway. As I said, cookies do serve a purpose.
  5. Always use an alias on social networking services. I’m constantly amazed at the amount of personal data that people willingly give up on these services. It’s great that we’ve found new ways to facilitate social interaction online, but you really have no clue who you’re interacting with, what will ultimately be done with your personal information, and who might find something that you’ve posted at some point in the future. Do you really want a future employer finding those photos of that wild party that you posted to your Flickr account? Save yourself some grief and invent an alter-ego.
  6. Make stuff up. Whenever possible avoid giving your real contact information. Obviously you need to give your name, address, credit card number when ordering a book from Amazon. The same is not true when you’re registering to read the New York Times online. When asked to provide personal information you should never give away any more information than you have to. When in doubt, make something up.
  7. Use a disposable email address. Sometimes those annoying registration forms require you to provide an email address in order to activate your account. Don’t do it! Instead you can use a service like Mailinator to create a temporary email address just long enough for you to jump through the registration hoop. As nuisance avoidance tools go Mailinator is pretty cool. The service will accept email for any address, as long as it’s @mailinator.com. Basically, when asked to provide an email address you just enter some-made-up-address@mailnator.com, then go to Mailinator and check for incoming messages at that address. You’ll need to check the address fairly quickly because all messages are deleted after a few hours.
  8. Establish an alternate email account. If you need something more permanent, like an email address that you can associate with one of your social networking identities, create an account with one of the many free web-mail services.
  9. Know your browser. At a bare minimum you should know how to clear your browser cache, cookies, and history. In Firefox that would be Tools -> Clear Private Data. While your at it, it might not be a bad idea to set Firefox to reject cookies from third parties. You can do that through Preferences -> Privacy -> Cookies. Check the box labeled ‘for originating site only’.
  10. Always assume someone’s watching. Even with the precautions listed above there’s always a chance that someone might be monitoring your activity from your local network – especially if you’re at work. In fact, if you’re doing anything online in a work environment it’s probably best to assume that your activity is being logged by your employer. Remember, NSFW means “Not Safe For Work”.

Comments are closed.