This is a follow on from my article on why protecting our privacy is so important. That was the why. This is the how.
Related: my May 2020 article on phone and instant message privacy.
Key Points
To protect yourself while surfing online you should:
- Make Firefox your default browser. Brave is also good. Don't use Google Chrome.
- Set DuckDuckGo as your default search engine. Don't use Google.
- Minimise the number of extensions/add-ons in your browser. Preferably have none.
And for those using their device to connect to banks or do confidential business while connected to public (for example, a coffee shop or airport) wifi, or who need very strong privacy, you need to:
- Use a VPN (Virtual Private Network app) - I recommend ProtonVPN.
As with most things in life you can get 80% of the benefit with only 20% of the effort. The first two bullets above are so easy that everyone should do them.
If you don't have time for the whole article just look for the icons that look like this in the below article for notes on installing them.
To be clear, I don't get commission from any of the parties I recommend. This is all genuine advice given from a lot of experience.
Read On For Why These Are The Most Effective Actions You Can Take
Use A 'Privacy-Based' Browser
Most mainstream browsers allow third parties such as Google, Facebook and many other advertisers to track you when you're on the majority of websites. That's why you might search for 'laptops' one day on eBay, and the following day you see adverts for laptops while you're on a different news or social media site.
They do this by using scripts (code that runs while you're on a web page) and cookies (bits of data stored on your browser even when you move away from the web page or close your browser down). These scripts and cookies are known as 'third party trackers' because they are not controlled by the website you are actually viewing.
You may ask why independent sites would install these on their sites. The reason is because they get something valuable back in return (either money from advertisers or useful analytics and metrics about who uses their sites). As an example, most bloggers are happy to put a piece of code (which they don't control!) from Google on every page of their site because then Google Analytics allows them to see which are their most popular articles. In fact, Google Analytics is used by the majority of websites, even those of larger companies. Google sucks up all the information, and the site owner gets some of it back in the form of analysis as payment.
You'll be really shocked when you realise just how many of these trackers there are on almost every website. My second recommended browser, Brave, has a feature that indicates for the website you are on, how many trackers there are.
From a few popular websites I quickly looked up as examples:
Privacy based browsers stop third party trackers. They also block advertising content from being shown, so your browsing experience is much improved, with much less distraction and faster load times.
Make Firefox Your Default Browser
Why Firefox?
- Firefox is the product of the Mozilla Foundation, which is a not-for-profit organisation - they build products for your benefit, not theirs. The other mainstream browsers are built by companies that are incentivised by profiteering from your usage in some way. Mozilla has been doing good things (here's their manifesto), fighting back against the players who use anti-competitive practices, like Microsoft and Google, almost since the beginning of the internet.
- Firefox is Open Source - that means their code is transparent with no hidden naughties going on behind the scenes.
- Regardless of the points above, it's an awesome browser. It has a long history of matching or beating Chrome, Edge, Opera, Safari and Internet Explorer with regards to speed and features, which include everything even the most demanding user will need: running on all devices (phone, Mac, Windows, Linux), syncing between devices, password management, huge libraries of plugins and fantastic developer tools inbuilt.
Installing and Configuring Firefox
- If you don't already have Firefox installed, download Firefox.
- When you start Firefox up, it should ask you whether you want to select it as your default search engine: say yes. If it doesn't ask (perhaps because it's already installed and you currently use another browser), you can set it as your default by going to the menu icon and selecting Preferences > General and under Startup tick 'Always check if Firefox is you default browser'.
The privacy settings are already pretty good, but if you want more privacy: under the menu icon go to Preferences > Privacy & Security and under Content Blocking check 'Strict'. Don't worry about the warning words. I have used this setting for many months, and haven't found it breaks any of the sites I use.
An alternative I can also recommend is Brave.
Brave comes with defaults set more stringently for privacy than Firefox, and it's particularly good for mobile phones - because it stops all the adverts being downloaded, which makes for very fast website load times and lower data plan usage. The reason I don't put this as my first choice is that Brave is not Open Source so you can't be sure what they're doing with your usage data, and it is not as fully featured as Firefox. I also worry with a relative upstart like Brave, that it may not be around for the long term. And anyway, Firefox can match Brave's privacy standards by changing a few settings, so why wouldn't you use it?
Over the years, I've used Firefox, moved to other browsers as they become the fad of the moment or work slightly faster, but then Firefox overtakes them again, and I keep coming back.
Bottom line is this: if you use Firefox you should never have to use another browser.
Minimise the number of extensions/add-ons you install in your browser
Sometimes extensions can be useful - perhaps a password manager or web page clipper.
But when you add an extension or add-on to your browser, they get permissions to do most things the browser does. This means they get to see the websites you visit, and the things you type, including passwords. So if you must install an extension, make sure it is from an organisation that you have trust in.
As an example, if you search for Add-Ons in Firefox, many are available. But I recommend trying to install only those 'by Mozilla' unless you have a real need for another that outweighs trust considerations.
Use a Privacy Focused Search Engine
By 'search engine' I mean the organisation behind the scenes that does the search when you type words into the address bar of your browser. Normally the default is Google or Bing, but many people don't realise they have a choice.
Most search engines:
- Track what you search for, even when you are in 'private browsing mode' on your browser. Do they not know what 'private' means?!? Unfortunately, yes they do, so they're even more interested in what you're searching for!
- Store your search history in their databases for uses you don't know about. This is mainly used to sell your personal profile to advertisers, but could also be used for more sinister purposes - for instance health insurance firms can find out which people searched for 'family history of strokes' and they might use that information to put up premiums.
- Link the information from your searches to other data they have on you (from analysing your emails, social media, files, contacts and location) to build up a highly detailed and personal profile of who you are, what you do and how you think. Google is the obvious culprit here. To find out why this is dangerous see my privacy article.
There is another reason most search engines suck.
They put you into your own filter bubble, which means they return search results they think you'll like.
This means that you're not getting the best information for the search you asked for. And worse you're being fed information that supports your current views - information that conflicts with those views is with-held from you. Most search engines prioritize keeping you on their sites (to advertise to you) above giving you the most informative results. This is one of the reasons our society is becoming more polarised, with less and less understanding of other peoples' views.
Set DuckDuckGo as your search engine
Ignore the 'DuckDuckGo' silly name, because it's a very good search engine, and it's private. Unlike other search engines, DuckDuckGo does not track what you search for, store your history or link it to other profile information.
I have been using it for years, and I have found the search results every bit as good as Google's.
Configuring DuckDuckGo
Most browsers now include 'DuckDuckGo' as a search engine option, so setting DuckDuckGo as your search engine takes less than 30 seconds:
- Go to your browser Settings, and under the Search or Search Engine options select 'DuckDuckGo'.
- For example, in Firefox, from the menu icon select Preferences > Search then in the Default Search Engine box select 'DuckDuckGo'.
One side note for those concerned when they see adverts in the DuckDuckGo search results... like any search engine, DuckDuckGo has to pay for itself and it does this by showing adverts. But the difference is that it does so based on the words you have just searched on at that moment.
Note that this is not the same as collecting information about you. It does not store what you search for, or store personal profile information on you. You can also turn the adverts off in the settings if you don't want to see them - although I would suggest that it is only fair to support DuckDuckGo for the service they are providing otherwise 'for free'.
Note: if you go to the DuckDuckGo site, a popup may come up suggesting you install the DuckDuckGo add-on or use their browser, but you can ignore this. The plug-in is not required to use their search engine.
For Those Needing Stronger Privacy
Changing your browser and search engine do not guarantee privacy and security, but they go a long way. If you want to tighten up privacy more, things start to get a little more technical and/or expensive, so practically they're not required unless you are doing something you really need privacy for (things that come to mind are: investigative journalism, watching porn, trading bitcoin).
There is a major data leak that is still present - any website you go to can see the IP address of your computer or device. The IP address is the unique address that identifies your 'line into the internet' and although it doesn't give personal information away directly, it can be used by more sophisticated organisations, like governments or spy agencies, to track back to your physical address, or personal internet account.
Also, your internet service provider can see all the website addresses you visit. And worse, they can see any data, including passwords, you send to those sites that is on unprotected links (those starting with http in the address) - thankfully most major websites these days use protected https: links - you can verify a protected link in Firefox because it shows a green padlock in the address bar. When you're in a public place you are more at risk because your 'service provider' becomes the owner of the wifi router you're connected to. There are many examples of passwords being stolen by watching information going through the coffee shop internet.
The way to prevent these IP and link related issues is to
Use a VPN (Virtual Private Network) App
A VPN is an app that you can install on your computer, tablet or phone that hides your IP address and the traffic that goes through it. Think of your normal internet connection as a plastic tube that is short so that people can see where it's connected to, and is see-through so everyone can see what's inside it. A VPN uses the same tube but puts the end in a muddle of other tubes so that you can't see where it connects to, and before sending it through the tube, it puts all the contents into a blacked out container so no-one can see it.
When people look for a VPN app and associated provider, they forget one key thing. The VPN hides the information from everyone but themselves (sigh... there's always someone you have to trust). So don't just choose the cheapest VPN - if you have something to hide, make sure you can trust the VPN provider.
I recommend ProtonVPN as the most secure - while also being easy to use.
ProtonVPN is covered by Swiss privacy laws (amongst the best in the world), and the organisation that runs it is the same as ProtonMail - a group of scientists and engineers deeply committed to furthering privacy rights around the world. It is the world's only community supported secure VPN service. They do have a free pricing option - it's not as fast as the paid options, but fine if you just need privacy on certain occasions.
Like other VPNs, you will need to install the VPN app on every device you want to protect, and this connects you to the servers that provide the hidden VPN service.