Do you ever get that uncomfortable feeling like you’re being watched or tracked online?
And it’s been getting worse lately, hasn’t it? With all the news about mass surveillance, privacy threats, tracking, government snooping, ISP spying and other online risks…
Wherever you are living in the world, you probably see how the trends are unfolding.
In just the last year we have seen two major developments unfold in the United States, Australia, and Europe:
- Expansion of corporate surveillance – Internet service providers (ISPs) are now the adversary of their customers. ISPs are legally recording the online activities of everyone in Australia, the United Kingdom, and the United States (where data can also be sold to third parties and advertisers).
- Rolling back internet privacy protections – While there are some exceptions to the trend, there is currently a large-scale effort to roll back all regulations that protect online privacy and keep the internet free and open. We are seeing this in the United States, United Kingdom, France, Australia, and a few other European countries.
But there is some good news.
There are powerful tools and solutions available to help you restore your privacy and protect yourself whenever you go online. Anybody can implement the simple solutions in this guide. You don’t have to be a tech genius, just follow the steps below.
Let’s get started.
Here are 18 steps to keep yourself safe online:
1. Block ads, malware, adware, trackers, phishing…
Advertisements and tracking are one of the biggest threats to your online privacy and security. Last year Google took down 1.7 billion ads, which included:
- over 900,000 ads containing malware
- 112 million “trick to click” ads that install dangerous software/viruses onto your device
- 80 million fraudulent ads that “deceived, misled, or shocked” users
Why are there so many dangerous ads? Ads are simply a tool to steal your data, track your activity and behavior across the internet, infect your devices with malware, and sell you more stuff.
The worst part is, you don’t have to click anything to be affected by:
Solution: There are basically three solutions, each with pros and cons:
- downloading various browser add-ons
- using a VPN with an ad-blocker
- using an eBlocker (hardware)
The first option is browser add-ons. Popular Firefox browser add-ons include uBlock Origin, uMatrix, CanvasBlocker, and Privacy Badger. The two main problems with add-ons are that they won’t work for all browsers/devices, and using them makes you more unique and easier to track (browser fingerprinting, which we’ll discuss more below).
A second option is to use a virtual private network with an integrated advertisement/tracking filter. Here are three VPNs that have ad-blocking built into the applications:
The third option is a device called the eBlocker (review). This is a small box that plugs in to your router and offers blanket protection for all your devices, without the need to install any software. It can also integrate with a VPN or the Tor network, giving you added online anonymity and privacy.
(See the Best Ad Blockers guide for more information.)
2. Say goodbye to Google
Do you want to know Google’s dark secret?
Their entire business model is dependent upon you surrendering to corporate surveillance. That’s it. All they do is repackage mass corporate surveillance into convenient, free, trendy applications, which suck up all of your private information. They use your data to dominate the online advertisement industry.
Solution: Say goodbye to Google. In the How to Delete Google guide we cover:
- How to download all your data from Google (email, search history, and everything else).
- How to delete your data.
- How to disable activity logging and ads.
- How to delete all your Google accounts.
3. Use privacy-friendly search engines
Because most search engines are logging everything you search for, it’s a good idea to use more privacy-friendly alternatives. Here are two good options:
- Searx – A very privacy-friendly and versatile search engine.
- DuckDuckGo – This is a great privacy-friendly Google alternative that doesn’t utilize tracking or targeted ads. They also have a zero-sharing policy and other good features.
- StartPage – StartPage is basically Google, but without the tracking. This is a good option if you want Google search results, without using Google
See the private search engines guide for more options.
4. Stop using free/unsecured email
Did you read the fine print when you signed up for your email service?
Well, here’s the deal: every photo, every email, every attachment becomes lawful property of your email provider (with few exceptions). And the worst part? Many unsecured free email services are getting hacked – Gmail, Yahoo, iCloud… As the saying goes, “when something is free, then you are the product.”
The simple solution is to delete your old email account and start using a more secure email provider. Here are a few alternatives:
- ProtonMail – Based in Switzerland – 500 MB storage
- Mailbox.org – Based in Germany – 2 GB storage
- Mailfence – Based in Belgium – 500 MB free; 20 GB Pro
See the secure email guide for more options.
5. Use a good, safe VPN for all your devices
Using a good VPN is the easiest and most effective way to secure your devices and protect your privacy. A good VPN service can provide you with a very high level of anonymity online. VPNs are also a powerful tool for bypassing geographic restrictions and accessing blocked content – from movies to games and websites.
VPNs continue to grow in popularity in response to the continual erosion of online privacy, growing number of security threats, copyright legislation, mass censorship efforts, and gatekeepers carving up the internet with various restrictions on content distribution (see Netflix VPN).
Here are three VPNs that passed all privacy/security tests and are also located in good privacy jurisdictions:
- ExpressVPN – $6.67 (with 49% discount); based in British Virgin Islands (read review)
- Perfect Privacy – €8.95; based in Switzerland (read review)
- VPN.ac – $4.80; based in Romania (read review)
For a full description of the top VPN recommendations, see the Best VPNs list.
6. Secure your router – secure all your electronics
Are you renting or leasing a router from your internet service provider?
Many of these common routers have security flaws that can be exploited. Practically every device in your home that connects to the internet can be hacked, monitored and exploited – even baby monitors aren’t safe.
But here’s what’s even worse: your internet service provider (ISP) can monitor and record every single thing you do online. This is all perfect legal in the US, UK, Australia, and parts of Europe. And in the US, ISPs can also sell your private information (browsing history) to strangers and third parties – your data is valuable.
But there is a simple solution to this problem.
You can install a VPN on your router to easily secure all your devices. This solution is not very difficult if you are using a good VPN with the right kind of router. Here are a few guides to get you started:
- VPN Routers – Ultimate Resource Guide
- VPN on a Router – Step by Step (VyprVPN)
- VPN Router Setup (VPN.ac)
- Ad Blocker on a Router with a VPN (Perfect Privacy)
7. Say no to “home assistants”
Amazon Echo, Google Home, Alexa… all of these “assistant” devices are really just corporate surveillance, thinly disguised as “convenience.”
So while the devices are collecting all your private information, you should consider the risks:
- Your data shared with third parties.
- Your data hacked and publicly displayed on the internet.
- Your data handed over to law enforcement agencies (alleged copyright infringement, perhaps).
- Your data being used to blast you with targeted ads and promotions.
It’s a good idea just to avoid all “smart” home devices.
Vizio was busted for spying on millions of its customers through their smart TVs. Before joining the sheep and plugging into the corporate surveillance matrix, consider the risks.
8. Secure your mobile devices
Unfortunately, mobile devices create a number of serious problems for your privacy.
They can be hacked and turned into monitoring devices, they are intentionally built to track and record your activities, and they are inherently insecure. Many of the big telecom companies have been busted for secretly embedding tracking libraries into the phones they sell.
Aside from these issues, two other problems with mobile devices are:
- Third party apps – Which may contain malware, tracking, spyware and other viruses, while also sucking up your data and quietly sending it off to corporations and other third parties. (Delete those apps!)
- Default settings – Which may track your location, send your data and private information off to third parties, or grant permission access to different apps.
Most “solutions” that are promoted online for mobile devices typically require installing a another app. Free VPN apps are especially problematic and dangerous.
If you want to secure your mobile device, check out these guides below, which also include steps for setting up a VPN to encrypt and anonymize your online activity:
- How to Secure Your Android Device (5 Simple Steps)
- How to Secure Your iPhone & iPad (5 Simple Steps)
One interesting alternative is a privacy-friendly phone built by Silent Circle called the Blackphone.
9. Don’t use Windows 10
Windows 10 has been called a “privacy disaster” by industry professionals everywhere. And for good reason. Here are just a few of the problems that we know about:
- Windows 10 is configured to allow Microsoft can collect any personal data they want from your system. (Passwords, demographics, browsing history, locations, contacts and relationship info, interests, emails, messages, calls, and anything else)
- Your private data can be shared with any third party. (With or without your consent.)
- Your device automatically comes with a unique advertising tracking ID, so you can be identified by trackers and hit with targeted ads and promotions (based on the data they collect from your system).
- Windows 10 includes default data synching with Microsoft. (Browsing history, application settings, network connection settings, and usage history are automatically sent back to Microsoft for analysis and storage.)
- Cortana, the “personal assistant” with Windows, can collect anything and everything. (Keystrokes, searches, calendar data, music, purchases, credit card information, phone conversations, microphone input and more.)
If you start researching online you will find many articles about how to make Windows 10 “more secure” or more “privacy friendly.” But I have an even better alternative: don’t use Windows 10 at all (or any version of Windows for that matter).
A much more secure and privacy-friendly operating system is Linux. This gives you a free and open source operating system, without the privacy concerns of Windows.
10. Beware of browser fingerprinting
Even if using a VPN to hide your IP address, there are now increasingly sophisticated methods to identify and track you online. One such as method is browser fingerprinting. This tracking/identification method can accurately determine how your operating system and browser is unique, using the following inputs:
- Plugins and add-ons
- Screen resolution
- Time zone (and more…)
The scary thing is that this tracking method is extremely accurate. And even worse, the more browser add-ons and extensions you use, the more you stand out from the crowd and the easier you are to identify and track. This is why you a big list of privacy extensions is not the best idea.
You can see test the uniqueness of your browser fingerprint with the following two sites:
Solution: The solution to browser fingerprinting depends on the browser you are using and how much privacy you need. See the browser fingerprinting guide for more details.
11. Use a secure browser
Using a secure browser that protects your privacy is crucial, especially since your browser can leak lots of private information to third parties. Unless properly configured, most browsers contain lots of data that can be exploited by third parties:
- Browsing history – all the websites you visit
- Login credentials – usernames and passwords
- Cookies and trackers – these are placed on your browser by the sites you visit
- Autofill information – names, addresses, phone numbers, etc.
One of my top recommendations is Firefox because it is secure, stable, and highly-customizable to give you more privacy. Be sure to configure Firefox to meet your own privacy needs – see the Firefox privacy guide to get started.
Another great privacy-focused browser that is very well configured is the Brave browser. It blocks ads and tracking be default.
Lastly, be sure to consider the issue of WebRTC leaks, which may expose your IP address, even if you are using a good VPN service.
12. Delete those apps!
Mobile apps, in general, are very bad for privacy – there’s no way around this fact. Many highly-rated security/privacy apps have been found to contain malware, tracking libraries, and other serious problems. Apple and Google are regularly removing malware-infested apps from their stores.
- Free VPN services (see VPN Warning List for many examples)
- Social media (Facebook, Twitter, Instagram, etc.)
- Games (Angry Birds, Words with Friends, Despicable Me)
- Weather (GO Weather Forecast & Widgets)
- Transportation (Uber, Lyft, and other location-tracking apps)
- Messenger/Photos/Chat (Snapchat, WhatsApp, QQ)
- Drawing/photo editing
With bad apps, you might not find out they’ve stolen your data or messed up your device until it’s too late.
13. Compartmentalize your online life
Consider compartmentalizing your online life to better protect your overall privacy. Here’s how:
- Have one online persona with your real name, and perhaps a LinkedIn profile that is very clean and career-oriented.
- Have another online persona that uses a pseudonym or nickname, which can be based around your social life.
- Use a third persona for anything that you really want to keep private (activism, etc.).
You can use completely different identities for different forums, hobbies, etc. But for this to work well, you need to strictly keep everything separate: no sharing friends, accounts, pictures, interests, or anything else. These are like different people that don’t know each other. And if you can use separate hardware, that’s all the better.
Employers often discourage social media activity, which can be tied back to the company. Stalkers and random strangers can also track people down through their online history. Keeping strictly separate online personas helps to mitigate these problems.
14. Secure (or delete) your social media
Do you trust your social media?
One survey found that 96% of people don’t trust their social networks to protect their privacy. After years of privacy abuses, creepy surveillance tactics, facial recognition, tracking and monitoring, people are starting to see the big picture. Social media provides very little user value, but it’s an excellent resource for stealing your data, tracking your activities, and spying on your private life (corporate and government surveillance).
The best option is to delete your social media accounts, especially some of the worst privacy offenders like Facebook. But if you still want to keep some of your accounts, consider the following options to improve your privacy:
- De-index your accounts from appearing in search engines: Facebook and LinkedIn.
- Delete as much as possible (photos, locations, controversial posts, private information, etc.)
- Tighten up the privacy settings (limit what’s available to the world)
Important: Never forget that you can’t undo anything – it all goes into facial recognition databases.
And if you still think using Facebook isn’t a bad idea, read this Facebook privacy article, which explains some shocking truths.
15. Use secure messaging
Did you know governments and corporations have been reading your text messages and listening to your calls for years?
Anything unsecured is fair game. So consider some alternatives to WhatsApp and other unsecured services.
You can utilize secure messaging apps for both text messages and calling (VOIP). Two good options are Signal and Threema. Signal may be a better option because it is open source.
16. Stay updated
It’s always good to keep your software updated. With very few exceptions, you should keep your software updated to protect yourself against vulnerabilities that could affect your privacy.
Outdated applications or programs are a major weak spot that hackers often target.
17. Use good antivirus software
Using antivirus software is a good option to help keep your devices secure and your privacy safe.
One tradeoff to keep in mind, however, is that many antivirus products collect massive amounts of data in real time, which could be concerning from a privacy standpoint. These privacy vs security tradeoffs are discussed in detail here.
Also, be sure to use a reputable antivirus provider that has a good track record and respects user privacy. One great option that gives you the highest levels of security without sacrificing your privacy is Emsisoft.
18. Log out!
One of the easiest ways for tech companies to track you online is when you stay logged in to different accounts. Whether it’s your email, YouTube, Facebook, or anything else, you need to start logging out to protect your privacy.
For most people, the biggest challenge is email. So here’s a simple solution: use a secure, trusted email application. You can sync all your webmail accounts up to an email application that opens on your desktop, rather than your web browser.
Thunderbird is a free open-source email application from Mozilla. Another option that seems to work well is PostBox. Included is an “anti-tracking” feature which blocks images or any other embedded tracking in email messages. You’d be surprised how many company logos or email “signatures” have embedded tracking.
Along with logging out, be sure to clear your browser history after each session. Browsing history can also easily be tracked and collected from ads, cookies, analytics, and other methods.
Your quick and easy privacy checklist
Congratulations, you made it to the end of this privacy guide!
But maybe you’re feeling a little overwhelmed with all the information. You want to protect your privacy, but all this seems like too much. Don’t worry, just take small steps and only focus on one solution at a time to avoid getting overwhelmed.
Here are 5 things you can do right now, which will vastly improve your privacy and security online. (And all this will only take a few hours to complete.)
- Start using a good VPN service, which is especially important when using public WiFi to protect you against hackers, not to mention surveillance and other threats.
- Delete all unnecessary apps on your mobile devices.
- Start using a secure email provider (you can get a free Mailfence account with 500 Mb of storage – instant setup).
- Secure or delete your social media accounts (see step 14 above)
- Log out of everything (and try to stay logged out).
Restore your privacy – the complete checklist
All right, you’re ready to go further.
Time to restore your privacy with the complete checklist:
- Block ads, malware, adware, trackers, phishing (You have three options here: various browser add-ons/extensions, a good VPN with an ad/malware-blocker (Perfect Privacy), or the eBlocker device.)
- Say goodbye to Google (Delete it all, pull the plug, and never look back.)
- Use privacy-friendly search engines (You can get the same results, but without the monitoring and tracking – see Searx, StartPage or DuckDuckGo.)
- Stop using free/unsecured email (Say goodbye to Gmail and hello to Mailfence.)
- Use a good, safe VPN for all your devices (Check out ExpressVPN – it’s user-friendly, fast, and reliable with a 30 day money-back guarantee and live chat support.)
- Secure your router – secure all your electronics (See the VPN router guide for a detailed overview.)
- Say no to “home assistants” (They’re not worth the loss of privacy.)
- Secure your mobile devices (See these guides: Android and iOS.)
- Don’t use Windows 10 (Either go with Windows 7 or 8, Mac OS, or better yet Linux. But avoid Windows 10 if you can.)
- Beware of browser fingerprinting (There are different solutions for this with various browser.)
- Use a secure browser (Check out Firefox or Brave browser in the secure browser guide.)
- Delete those apps (Apps are a privacy and security disaster. Delete as many as possible from your mobile devices.)
- Compartmentalize your online life (It may seem strange, but this will greatly enhance your privacy if you can keep everything separate.)
- Secure (or delete) your social media (Just pull the plug – you’ll be glad you did!)
- Use secure messaging (Two great options for secure messaging are Signal and Threema.)
- Stay updated (Keep your software updated.)
- Use antivirus software (Be sure to use one that respects your privacy, such as Emsisoft.)
- Log out! (Log out of everything and try to stay logged out as much as possible. Delete your browsing history after every session.)
If we take an honest look around the world right now, online privacy and mass surveillance is clearly getting worse. Online freedom is also continuing to erode in the form of censorship, content blocks, and restrictions in various forms.
But you don’t have to surrender to these troubling trends – and you also don’t have to wait for someone to eventually fix these problems. Just implement the solutions in this simple online privacy guide.