Data Privacy Strategies

Smartphone

Smartphones:

• Limit ad tracking: 👈 👈 👈

  • iPhone: Settings → Privacy → Tracking → Allow Apps to Track = OFF
  • Android:
    1. Go to Settings → Google → Privacy → Ads
    2. Select Opt out of Ads Personalization and Delete Advertising ID.

• Audit app permissions: 👈 👈 👈

  • Turn off unnecessary location, microphone, camera, Bluetooth access.
  • Use "While Using App" instead of "Always" when location is needed for map programs or others that can have it.

• Set up filtered DNS to reduce ads and tracking: 👈 👈 👈

  • NextDNS provides filtered DNS that you can configure as you need it. Once you tell your iPhone to use it as default DNS server, it will use this wherever you are in the world. NextDNS Setup Guide

• Update your OS and apps regularly (security patches matter).

• Use long, non-personal PINs and passwords: Avoid using obvious patterns (123456, 654321, etc.)

• Enable full device encryption (enabled by default on modern iPhones and Android phones).

  • One can enable encryption for iCloud data by enabling Advanced Data Protection

• Use encrypted messaging (Signal)

• IPhones have a feature called iCloud Privacy Relay is something Apple provides, which functions better than a VPN. When enabled, no one can tie your traffic to your IP (including Apple).

• If you are attending a protest and do not want your smartphone to tie to you that location, do not bring it with you. This is the best thing you can do.

• If you are entering the US border, read about how to safeguard the data on your devices

PCs and Laptops

• Turn on full disk encryption:
  • Windows: BitLocker (Pro versions) or Veracrypt
  • macOS: FileVault
• Secure your web browser:
• Update OS and software consistently.
• Use Adblocking to filter unwanted content
• Limiting data tracking from the big corporations
  • Google's privacy settings
  • Amazon's privacy settings
  • TikTok's privacy settings
  • Facebook's privacy settings

Opt Out where you can

Data brokers are legally required to remove your information if you request it - aka an "opt out" request. Taking the time to do this will at least make your info not so easy to find.

• Opt Out from Data Brokers to remove to your information: "People search sites" operated by data brokers represent an immense privacy risk to the majority of Americans. For many, sensitive personal information such as your address, phone number, email, and age is a simple internet search away. While there is unfortunately no federal regulation in place to protect your data, many of these companies will remove your information from their public databases upon request.
  Paid opt-out services: If you're inclined, pay for a service like DeleteMe, Jumbo, or Privacy Bee to automate this process.
• Register for [DMAChoice](DMA Choice Email Opt-Out Service) to reduce Email marketing.

Lock down your social media

• Set profiles to private
• Minimize what you say or post online:
  • Turn off location sharing.
  • Minimize talking about certain personal milestones.
  • Do not share images, names, or other details about children.
• Remove third-party integrations.
• Turn off ad personalization in account settings
• Avoid single-sign-on (SSO) or Linking Apps - "Log in with Facebook” or "Log in with Google"): These often share data between third-party sites/apps and the identity provider (Facebook/Google/etc). This enables Facebook or Google to track your activity across many services and devices. This makes it trivial to tie your activity to your identity, making it much more difficult to compartmentalize

Cross-platform Strategies

• Email Privacy: Use temporary email addresses or email aliases in order to briefly use some web service that requires you to create an account unnecessarily. Have a "burner email" address for situations that might require long term use but should not be connected to your primary email address.

• Financial Privacy: You don't have to use your real debit/credit card number on the Internet

• VPN Services can obscure your traffic from your ISP or the ISP of whatever WiFi network you're connected to. However, the VPN sees your traffic. So the limitation is that you are shifting trust from the ISP to the VPN. It is generally not necessary to use a VPN unless you have a specific reason you need to obscure your traffic from your ISP.

• Encrypted communications: Use messaging apps that use end-to-end encryption (e.g. Signal).

  • Apple users: Messages and attachments in iMessage are protected with end-to-end encryption as long as you're speaking with other Apple devices (blue messages).

Other tips

• Provide Fake Information when possible: It is unnecessary to use real, personal information especially when signing up for unimportant memberships. Furthermore, it is unnecessary to answer security questions honestly. Questions like "What is the name of city you were born in? What was the name of your first pet?" Make up the answer and save the answer in a password manager so you don't lose it.

• Avoid Linking Apps: Do not log into websites using the Google login. Sign up manually using your email address and a password for that site.

• Avoid Free Apps and Platforms: Assume any free service is so because they are selling data to someone.

• Reduce Spam by registering for marketing preference services to reduce email spam and snail mail spam

• Hardware security keys: Use FIDO2/WebAuthn keys for phishing-resistant authentication on any platform.

Privacy-conscious Search Engines

• DuckDuckGo - uses Bing for its results as far as I know, saving nothing about you in the process
• Startpage
• Brave Search is privacy centered, uses its own search index
• Qwant
• Ecosia

Other

• WebXray is a search engine for rooting out specific privacy violations anywhere on the web. By searching for a specific term or website, you can use WebXray to see which sites are tracking you, and where all that data goes

Self-hosting

Want to stop using Google for everything? Set up a server (possibly with an old PC, Mac Mini, or laptop) and self-host services for storing photos and documents, watching media, etc.

See Self-hosted Services.

Maps

• OpenStreetMaps - open source (edited by users), can be out of date in places because of this

More resources

• Windows Privacy: Windows can leak lots of data, including uploading clipboard data, Internet traffic, and other details about how you use Windows. There are tools that turn these features off.
• Mozilla's Privacy Not Included: Product reviews from a privacy & security standpoint, which products are "privacy not included", rates them as a little creepy, somewhat creepy, very creepy, and super creepy
• Privacy4Cars' Vehicle Privacy Report
• Safeguarding your data privacy when entering the US border. Customs and Border Protection has the authority to search electronic devices, including phones, laptops, tablets, etc. of anyone entering the US, including citizens and non-citizens.
• Five things to avoid saying to ChatGPT (WSJ)
• Basic Computer Security Practices: Now that you've made your Internet access safer, here are some tips for making your operating system safer
• Privacy Guides (privacyguides.org)
• iOS Privacy (privacyguides.org)
• Android Privacy (privacyguides.org)
• No More Google (nomoregoogle.com): Privacy-friendly alternatives to Google that don't track you
• WIRED Guide to Protecting Yourself from Government Surveillance
• Electronic Frontier Foundation (EFF)
• World Privacy Forum
• EFF’s Surveillance Self-Defense
• Attending a protest (EFF)

Articles about Privacy Rights Issues

• Car Subscription Features Raise Your Risk of Government Surveillance, Police Records Show - WIRED
• How your new car tracks you - WIRED