online privacy & how to protect it


UPDATED CONTENT: This article was originally posted in September 2019, on my previous website Some information and broken links were updated.

Internet privacy has been a large and loaded topic the last couple years. Everyone knows they like their privacy protected, but what does that mean?

This one is a little different for me, but I feel that this could be of great benefit to everyone. Internet privacy has been a large and loaded topic the last couple years. Everyone knows they like their privacy protected, but what does that mean?

There are several things to consider when thinking of how to protect yourself, and these can be broken down to things in your control and things that are not in your control (to an extent). I’m going to go over a few topics of how you can best protect yourself and share some of the things I do personally to protect my privacy, as well as what I have done on my website to protect yours.

The best thing you can do, which I will cover further below, is to get a VPN on your connected devices. This protects you from online attackers and prying eyes. I have personally used Private Internet Access (PIA) for three years, and have had a great experience. You can click here or the banner at the bottom of this page to sign up. Full disclosure, it is an affiliate link and you will be supporting me if you sign up that way. I do appreciate your support if you choose to, but won’t hold it against you if you don’t.

It is scary to think that there are things regarding your online privacy that are not in your control, but right now we’re going to cover what IS in your control.

There are three main areas of concern to think about here:

  • General browsing
  • Your source of internet
  • Social Media

When dealing with your General Browsing there are several things to keep in mind.

The browser you are using makes a big difference. According to W3Counter, Chrome makes up the majority of browsers with over 66% of all internet traffic running through it. Chrome is a browser by Google, and Google uses the data you enter into it’s services like Google Search to improve their offerings. The drawback of this is that they have a lot of data associated directly with you, which is not necessarily bad, but is also not preferable. Using incognito mode can minimize some of this, but using privacy focused alternatives can help. A couple browsers more focused on privacy are Mozilla Firefox and Opera, and DuckDuckGo is a privacy-centric search engine. There is a trade off of convenience, though, and Google having that data about you is only a bad thing if you don’t want them to. That is a decision you have to make. In general, I have not been overly concerned due to the convenience, but I do use Firefox as my primary browser and don’t have Google store my passwords. I use a third party Password locker called Bitwarden which is open-source, and has mobile and desktop applications. I like the fact that the service is open-source, and though your data is synched with their cloud it is encrypted locally before it is sent over there. There is no way to access your data without first decrypting it.

Most, if not all, websites grab some of your personal/technical data when you visit their site. This is mostly done through cookies. Due to some recent legislation here in California and around the world, this is becoming more transparent. This is a win for users, but can make things a bit confusing. You may notice those annoying pop ups or banners telling you about the site’s cookie policy and how to accept or opt out. It is a good idea to get familiar with these and to opt out of things you are not comfortable with. A good breakdown of cookies can be found here. The main thing to keep in mind is that cookies are small files your browser keeps to make interacting with sites more streamlined, and they are sometimes required for a site to work.

The last major way to protect your general browsing is by using a VPN, which protects you by routing your traffic through a third party server, which is then encrypted and sent to you.

When dealing with Your Source of Internet there is a lot to consider.

If you are connecting through a public or open network, you want to be VERY careful about what you access. Public open networks are typically not secured, and you do not know who is on them. This is a common place for attackers to steal your information. I do not recommend accessing any sensitive data over these connections, unless you are using a VPN, and even then I am still wary.

On a private network, like your home or work internet (you still want to be careful with work internet though), you are a lot safer, but there are still some things you’ll want to do to enhance your protection. First, you should change your router security settings. This is mainly the admin login and your password to connect to that network. If you leave them with the default settings, attackers can get access to your network a lot easier because that information can be found online or guessed with a little research. Refer to your manufacturer's guide, or do a quick search online. The second thing is to make sure your router or computer is setup with a VPN. I personally recommend Mullvad, as I have used them for over 2 years and have never had a problem. When choosing a VPN service one of the main things to consider is if they keep logs of your traffic. Mullvad does not. What this means is that your traffic is kept private because that traffic data was not logged. For a more detailed explanation of VPN’s, how they work, and why this is important you can visit Mullvad’s site.

There are some drawbacks to using a VPN when dealing with performance. Because your traffic is routing through another server before it gets to you, there is a delay and the speed is typically less than your direct speed through your internet service provider. The only instance I have found this to be an issue is when gaming or using a streaming service. Some services may also block access for you if you use a VPN service. The main reason this happens is if there is region restricted content (i.e. Hulu, Netflix) because some people try to use a VPN to bypass these restrictions. I have encountered this with Hulu when I was traveling for work, but that’s about it. I just turn off the VPN while I watch the content I want and then turn it back on after.

The last major area is with Social Media.

You will be pretty hard pressed to find someone who is not on social media at all. These services have a privacy policy and give you options to choose how your information is shared. It is important to read through these and understand how content you are uploading or posting is being handled. I would start by focusing on your profile page and your posts. Make sure you adjust what information is shared and who can view it. I typically am OK sharing most of my personal details with friends and friends of friends but not publicly. I limit that information to more general details (name, general geographic area, occupation). You can usually do the same with posts. If it is something personal I usually keep it to friends. If it is something I want everyone to see (like sharing an article from my website), then I make it public.

All of this can be tedious, but it is worth it in the long run. We live in a world where our data is sold to the highest bidder. By getting familiar with a few things and taking the time to make sure you’re protected, your information can stay as safe as possible.

When you get on the internet there is a lot that is outside of your control.

There are two main areas of concern to think about here:

  • Internet connection (past your local network)
  • Websites/Applications

When you connect to the internet, the local network you’re connected to may be in your control (if you manage it), but after that you’re at the mercy of your internet service provider (ISP), the internet backbone (sometimes owned by an ISP), and the government. By default, these network infrastructures and regulatory and governing bodies can monitor your traffic. This means they can see almost anything you do online. If the website uses the secure ‘HTTPS’ protocol, which encrypts your traffic between you and the site, it prevents the content from being seen, but they can still see who you connected to and when.

For most people, this is not considered an inherently bad thing. If you are not doing anything wrong online, then what is the harm? The point becomes the fundamental right to privacy people feel they should have. In the U.S., we have not had to worry about being persecuted by the government for our ideologies. This is debatable and nuanced, I know, but overall we have the freedom to believe what we want here. This is not true in other parts of the world, however, where what you believe can get you killed. You hear about it and see it on the news constantly. In theory this could happen here in the future – we don’t know. This is all just my opinion and conjecture, but all of this is to say that even though a website may be using https, the government, your ISP, and other entities can see what websites you have visited and when.

You could always just not use the internet or stay away from sites that may have certain leanings, but you don’t have to. A VPN takes care of this. I linked it above, but the basics of a VPN are that you connect to the VPN company’s server and they make a connection to the website you want to visit. All that you ISP, the government, and those other entities see is that you are connected to the VPN service. From there, the VPN connects with a different IP address which cannot be directly traced back to you.

VPN services with privacy in mind will not keep logs of your traffic so even if a request is made to see where you visited, they don’t have that information to give. You can refer to this Mullvad article detailing their no-logging policy.

A VPN service is why I noted “to an extent” as to why this is not in your control. You have ways around your traffic being monitored, but they aren’t foolproof. You don’t own the internet and are still at the mercy of those who control those networks, but you can still protect yourself.

Websites and applications themselves collect data as you interact with their site (usually through cookies), not just information you manually enter in.

This technically falls under the “general browsing” and “social media” sections above, but I wanted to be a little more broad and talk about how websites collect data and what you can do. Any website or service that has you log in collects data in some capacity. Most websites, whether you have to login or not, use cookies to track preferences and activity. With how many websites and services we use today it feels impossible to check every single site’s terms & conditions, privacy policies, and cookie policies. There is a lot in there that really is not a problem for most, but at least being aware of what they are tracking and how they track it will help you make informed decisions.

I have been adding more features to my site on the back-end recently, and it got me thinking that I need to have thorough policies in place. I use a service for my privacy and cookie policies, and they provide an overview of what my site does as well as thorough explanations for each. Looking for these overviews or the main standout points is the most important.

The goal of this article is not to scare you or make you afraid of the internet. My true goal is to help you be informed as to what websites and services on the internet are doing and how you can make informed decisions and protect yourself. There are those that mean you harm online, but by and large the internet is a safe place. As long as you take the necessary precautions, you really don’t have much to worry about.

Now that we are done with the official stuff, I want to share what I personally do to protect myself.

At home I updated my router’s security info from the defaults and made my passwords very secure (20+ characters). To keep track of these and all my other passwords I use Enpass. The desktop app lets me copy and paste those passwords where I need them. On the more advanced side I have changed the default IP Address range on my router as well. This makes a local attach more difficult.

Whether I am at home or away, I use my PIA VPN pretty much all the time. This encrypts all my traffic and routes it through PIA’s servers before coming to me. It gives me great peace of mind knowing my information is secure and my activity is kept private.

I also use my PIA VPN on my cell phone. The mobile app is available on Android and iOS and make securing your mobile traffic really easy.

For social media I went through all my various profiles and updated my privacy info. On Facebook, Twitter, and LinkedIn, anything I don’t want to share publicly I set to private or friends only. When posting an article, though, I will open up that post to be public so anyone can share it, but the rest of my information is kept private. It’s all about being in control of your information and who it is shared with.

The other major part for social media is to check your account, privacy, and advertiser settings. Because most social networks are free, most of them make money off advertising. I personally don’t like ad tracking and my information being used in this way, so I disable these. Updating these settings would be a whole post on it’s own, but there are a lot of resources out there.

Lastly I use very secure passwords on websites. I need to go through and update a lot of them, but Enpass allows me to generate very secure passwords (sometimes in excess of 40 characters). I have also been deleting all my passwords from Google’s password manager and any browser-based ones. I prefer not to have my actual passwords synced with a service, but to have a local application store them in a secured file. Enpass does this.

I also try and at least glance over every website privacy and cookie policies now. I don’t read them word for word, but I do look for the standout points of what they are tracking, how they track it, and what they do with the information. I am open and transparent with what my website tracks, and this information can be found with the links in the footer of my website labelled “Privacy Policy” and “Cookie Policy”. I use a website called Iubenda to produce them and keep them up to date.

Overall these are the things I have learned in the last couple years to protect privacy and secure my internet activity. Some people don’t do these things and never have a problem, but it is a gamble you are making when doing that. People who mean you harm have much easier access to tools today than even a few years ago. It is not worth risking your privacy or security to not take these simple precautions.

If you liked this article or know someone who can benefit from the information, I encourage you to share it with those you know. Lastly, I have linked below all the resources from this article in one place for easy access.

I appreciate you coming along this journey with me and your continued support.


Services I Use