These days, it’s nearly impossible for the average consumer to expect anonymity online or off — at least not without a bit of legwork first.
Data brokers —companies that specialize in gathering information about consumers and selling it to third parties — have turned the collection and sale of publicly available personal information into a multibillion-dollar industry.
At any given moment, hundreds of these companies are analyzing everything from our ZIP code, income and ethnicity to our taste in music, our driving record and how often we search for funny cat videos. They then take that information, sort us into groups and make a fortune selling it to marketers, employers, charities, government agencies, and other businesses. As to what they do with this information, the details can be hazy. Some data are sold to marketers, but other information can be used to screen prospective employees, run background checks, detect identity theft, or come up with a dubious alternative to traditional credit scores.
There’s little we know about data tracking and the companies that do it. Neither regulators nor lawmakers have managed to wrap their heads around data brokers quite yet.
What we do know, based on reports by the Government Accountability Office, Federal Trade Commission, and the World Privacy Forum, a consumer advocacy group, is that it’s nearly impossible for consumers to control the information that’s been collected about them. The FTC will publish the results of its investigation of nine major data brokers later this year.
“A lot of this [tracking] is happening in a benign way, but to me the security problem is what makes the privacy problem so much worse,” Avi Ruben, a professor of computer science at John Hopkins University’s Information Security Institute, told Yahoo Finance. “If every company collecting this data was capable of securing it 100%, then we could take some comfort. But they can’t.”
We talked with a few experts to find out steps consumers can take on their own to keep their information and browsing habits as private as possible.
Start with your search engine
You may think of your search queries as a private conversation between you and the boundless realm of the Internet, but the opposite is often true. Search engines can and often do keep a log of everything users search for. When you click on links that turn up in search results, the corresponding website will often get a blurb of data telling them which search term led you to their site, along with a log of your computer location and IP address.
The consequences of this sort of data tracking can vary from the benign (more ads based on your search history) to the incriminating.
To prevent search engine tracking, make a habit of deleting your search history and cookies (the little bits of code that attach themselves to your computer when you browse online).
One problem with this strategy is that deleting your cookies can undo all of the sweet shortcuts you’ve created for yourself (such as remembered passwords and specific website preferences).
Enable the “Do Not Track” feature
In response to revelations about NSA spying and the federal government’s ongoing collection of consumer data, a group of Internet heavyweights, including Google and Apple, recently rolled out a feature called the “Do Not Track.” DNT lets consumers opt out of third-party web tracking. To date, only 19% of users say they use this feature, according to a Forrester Research report, but it’s one of the simplest ways to keep third-party trackers at bay.
To initiate “Do Not Track” on your browser, go into your browser preferences and look for the tab labeled “Privacy.” Check the box to enable the DNT feature. You can get the same protection on your mobile phone by enabling DNT via your browser privacy settings. Most popular browsers offer a DNT option, including Google’s Chrome, Mozilla Firefox, Explorer and Safari.
Here’s a peek at how many sites are tracking you on CNN.com, using DisconnectMe’s plug-in.
Find and block data trackers yourself
If you really want a window into the seedy world of data brokers, all you need to do is download a browser plugin likeGhostery or DisconnectMe. Both tools give you a bird’s eye view of the potentially hundreds of data tracking sites that may be “watching you” online at any given moment.
“On every page you visit, there’s a lot of tracking going on that you would not expect or have any way of detecting if you’re a typical web user,” said Casey Oppenheim, co-founder of DisconnectMe.
Like the screenshot to the left, you can see a list or diagram (depending on your preference) of sites that are tracking you for analytics, advertisements, or social media requests and decide which sites to block and which to allow. These plug-ins won’t stop ads from popping up on your screen, but they will keep sites from tracking your online behavior in order to tailor ads to you specifically.
Make sure your connections are encrypted
How can you tell if the sites you’re using are encrypting the information you send and search for? They’ll be marked by web URLs that begin with “https.” Google, Bing, and Yahoo each recently began encrypting user searches online by default.
If you’re a fan of online shopping, it can be almost impossible to avoid inputting sensitive financial information online, as many retailers don’t offer secure connections. That’s why in most cases it’s smart not to use a public WiFi connection for shopping or banking.
Use your own Virtual Private Network
If you want to encrypt your web activity wherever you go, a virtual private network (VPN) is the best route. VPNs are frequently used by companies as a means of allowing their employees to access the company Internet network when they’re logging in remotely.
Thanks to hundreds of free and paid options online, it’s pretty easy to get your own VPN. Not only is the information sent over a VPN encrypted, but, depending on which kind you use, it’s protected from hackers and potential malware with added layers of security. And because VPNs allow you to log in via a private connection no matter where you are, they’ve become a favorite work-around tool for travelers who want to stream content from home (since you’re logging into a U.S.-based network, you’re basically treated like an American wherever you go online).
Lifehacker has an exhaustive list of reliable VPNs here. Make sure to choose one that also has mobile functionality as well.
Opt-out of tracking via data brokers themselves
One of the biggest bones regulators have to pick with data brokers is that they make it nearly impossible for consumers to figure out how to opt out of their tracking mechanisms. That likely won’t change for a while, but the World Privacy Forum keeps a running list of the opt-out pages that currently exist at major data broker websites.You can find it here.
Adjust your privacy settings on your mobile devices
If you carry a smartphone, chances are at least some of your apps are tracking you in some way. Many apps that run ads can use your activity to tailor ads to you. In a lot of cases, these apps need access to this information in order to function the way they’re meant to. But know that you can adjust them at any time by tapping into your phone’s privacy settings and adjusting them one by one. The latest iPhone and Android updates also offer a new feature that stops apps from using ad tracking, but you’ll need to turn it on yourself.
The bottom line:
Short of chucking your cellphone and computer out the window, it’s practically impossible to expect total anonymity online. Until all web activity requires users to opt in to tracking — rather than require us to go out of our way to opt out — use these tips to find the right balance for yourself. Just don’t drive yourself crazy with paranoia.
“I think you can either live in the dark ages or you can use the Internet and understand what the risks are,” Ruben said. “I just assume that what I’m doing isn’t really that private and I don’t put things on the Internet that I wouldn’t put in a post card.”