Protecting Your Privacy Beyond Facebook

Save ArticleSave Article

Failed to save article

Please try again

This article is more than 4 years old.


egally, you are largely responsible for your own online privacy in the United States. Last year, for instance, a federal judge in San Jose dismissed a lawsuit accusing Facebook of tracking users' web browsing.

U.S. District Judge Edward Davila dismissed the case because he said the plaintiffs failed to show they had a reasonable expectation of privacy and couldn't prove that they suffered from any harm or loss. The plaintiffs could have taken steps to keep their browsing histories private, he said.

Although the most recent Facebook scandal has been described as a "breach" or "hack," it's important to note that University of Cambridge professor Aleksandr Kogan was not gaining unauthorized access when he gathered user data and sold it to Cambridge Analytica. At the time it was totally legal and within Facebook's terms of service for Kogan to gather such data.

Deleting Facebook or walling off some of its trackers could certainly protect you from their data collection. But the truth is almost every click and scroll we make is tracked. And it's not just on your computer. A study from last year concluded that 70 percent of smartphone apps send personal data to third-party tracking companies.

So here are a few ways to protect your data (and your friends') online.

Step 1: Know when you're agreeing to give your data away

The first place you usually give away the rights to your data is in the terms of service of a site or app.  The services and apps you sign up for often ask permission before accessing your personal information. Sometimes, this makes a lot of sense. For instance, you can't talk to Siri unless you give her access to your microphone, and Google Maps doesn't work nearly as well without access to your GPS.


But often, you are also agreeing for those sites and apps to pass on your data to brokers, marketers, etc. And it's not just Facebook. The terms of service for Google, Amazon and Twitter all contain clauses allowing them to collect your data and pass it on to third parties.

Your phone also provides a huge amount of data. A recent study estimated that 70 percent of smartphone apps pass on your information to third parties.

Of course, you could just opt out of services that suggest your data could be shared with a third party. But it's hard when many of us need to use certain apps to do our jobs or even do something basic like access the internet.

Step 2: Manage who has your data

What is possible, and important, is to know how apps are using your data.

On Facebook, for instance, you can go to Settings > Apps > Logged in. You can delete apps that you don't use, and then Facebook will no longer provide them with information about your activities on the site. But if you want the app developers to delete the data they've already gathered, you'll need to ask each of them individually to do so. If you use your Facebook account on a lot of other websites and want to disconnect, you can do that by going to Settings > Apps > Apps, Website and Plugins, then click Edit and disable it. Some apps use your Facebook login as a way of proving who you are, so be aware that fully disabling this kind of connection, called API sharing, can stop you from using certain dating apps, for instance. Also, you can check out what data Facebook has on you here.

WhatsApp users can just turn their data sharing off. Go into your Account and uncheck the "Share my account info" button. There's currently no way to turn off data sharing on Instagram.

You can see what third-party apps are using your Google data here. If you're logged into Google, go to My Account > Personal info & privacy > Manage your Google activity to see what data are saved to your account, your location history, voice activity and more. If you've used Google to log in to other websites you can manage that here. And you can see what data Google has already collected on you here.

If you're using an iPhone you can go to Settings > Privacy to see what services apps are accessing. If you're using an Android phone, you can manage most preferences using Google's activity manager.

Step 3: Tracking (and blocking) the trackers

But apps are far from the only things tracking you and collecting your data online.

Let's consider that lawsuit again, where plaintiffs sued Facebook for tracking which websites they went to on their browsers. Many websites, including KQED's, track your browsing history by placing cookies on your computer, which store little bits of information about how you use the website. They often store information like your browser type, preferences, location, etc. Often, cookies are an essential part of what makes a website easily usable.

But cookies can also be used to track all of your actions on a certain website, which allows companies to build a profile of you. Those companies can sell that data to advertising agencies. Have you ever looked at a pair of shoes and then had ads for those shoes follow you all over the internet? That's because of cookies and data brokers.

However, there are a lot of ways to track cookies or other tracking scripts. That's one reason the judge ruled in favor of Facebook, saying that the plaintiffs could have taken steps to block their browsing history.

Two popular tools that you can add to your browser to view or disable trackers are PrivacyBadger and UBlock Origin.

PrivacyBadger uses a series of color-coded sliders to let you manage what types of trackers a site can use. It was built by the Electronic Frontier Foundation, a digital civil liberties organization. It works on Chrome, Firefox and Opera.

uBlock Origin comes with a set of script-blocking lists. It works on Chrome, Firefox, Safari and Opera.

AdBlock Plus and NoScript are also popular.

You can also opt out of cookies. People in the U.S. can use this service by the Digital Advertising Alliance. Most browsers also let you disable third-party cookies in the Settings menu.

Academics have also built two apps that you can use on your phone to examine and manage what data are being sent out into the world. ReCon works on iOS and Android. Lumen Privacy Monitor only works on Android.

Some of this could change

In the end the only way to ensure total online privacy is to swear off the internet. But that could change through strict regulation of how companies harvest and handle user data. The European Union is moving in this direction.

In May, the EU's General Data Protection Regulation will go into effect, changing how companies can collect, store and process user data. Because the law applies to any organization that collects or manages the information of European Union citizens, companies like Facebook, Apple, Amazon and Google all need to comply. Some companies are already rolling out new privacy management tools in response to the law, like Apple.

Mark Zuckerberg also faced a lot of questions about possible regulations during his testimony before the congressional committees. Last fall, Sens. Amy Klobuchar, D-Minnesota, Mark Warner, D-Virginia, and John McCain, R-Arizona, introduced the Honest Ads Act, which would regulate online political advertising.

Meanwhile, the Federal Trade Commission is also looking into the Cambridge Analytica scandal and whether Facebook violated a 2011 agreement to give consumers a “clear and prominent notice” before sharing user data. If the FTC finds that Facebook violated that agreement, the company could be fined $40,000 per day per user.

And in November, California voters can weigh in on the California Consumer Privacy Act, a measure that would require companies to disclose what data they collect and how they share or sell it.