We’re all dependent on technology for work, school or play. Unfortunately a lot of our favorite sites and apps are collecting data about us in the background – often without us knowing.
Companies often sell our data to other companies in ways that have nothing to do with delivering the service we’re expecting to get. The more companies holding your data, the more it puts your personal security at risk. You’re more likely to have your information exposed in a breach or a hack and have your information end up with scammers or identity thieves.
Here are some steps you can take to better protect yourself and your information online:
1. Don’t accept web cookies.
Web cookies are a type of tracking technology that embed in your browser and follow you across websites over time, gathering data about your browsing history, web searches and online purchases. They can last for weeks or even months after you’ve hit “accept”, sending your data to companies you’ve probably never even heard of.
Most web cookies are not necessary for a website to work. To protect your information, you want to make sure you’re rejecting as many of them as you can.
What should I click on cookie pop-ups?
- See if there’s options besides “Accept”. If there’s a “reject all cookies” option, that’s best. Some may have buttons like “accept only necessary cookies”. That’s your second best option.
- Otherwise, you may need to look for an option such as “Manage my preferences” or “See cookies” – usually in small grey text at the bottom of the pop-up. In those menus, turn off as many types of cookies as you can – especially advertising and analytics cookies.
- Pay close attention to what you click. Many pop-ups are designed to deceive you into consenting to data collection by using confusing colors and default settings.
Not all cookie pop-ups will have options – many in the U.S. will simply inform you there are cookies and if you don’t like it, tough. Do your best to avoid websites that don’t you give you options.
22 ways to protect yourself from fraud, identity theft and headaches
2. Download Permission Slip and tell data brokers to delete your data.
Consumer Reports recently came out with a great new tool to help you take control of your information. With one click, you can request hundreds of data brokers and other companies delete your data.
Your data is big business. Hundreds of companies you’ve never even heard of are very likely collecting and selling your data to one another. These companies, called data brokers, are terrible for your personal security. They don’t always have the best security protocols to protect your information. Plus the more companies that hold your info, the more likely it is it will eventually be exposed in a breach or a hack. This makes it more likely your data will fall into the wrong hands, like with scammers or identity thieves.
The Permission Slip app is easy to use and free to download. We highly recommend it.
3. Turn on the default privacy settings on your smartphone.
It’s not just web browsers that can harvest a lot of your data – apps on your smartphone can, too. All smartphone brands have some version of these tools available in their settings.
You can take advantage of Apple’s new privacy settings in the Privacy & Security menu in your Settings. Check out our special guide that can walk you through all the options step by step.
4. Download (free!) web privacy tools.
There are some good free tools from trustworthy groups that help stop websites from tracking you.
- Change your web browser to an option that harvests less data. Apple’s Safari and Google’s Chrome tend to gather a lot of data. Instead, try Mozilla’s Firefox. Other options include DuckDuckGo or Brave.
- Download Privacy Badger from the non-profit group Electronic Frontier Foundation. This tool automatically blocks 3rd party trackers on the sites you visit and uses algorithms to continually learn what to block. Once you download the browser extension, you don’t need to set anything – it handles everything itself.
- Download the Global Privacy Control. This tool automatically broadcasts to websites that you don’t want them to gather your data unnecessarily. Starting later this year, companies in Colorado will legally have to listen to GPC signals. That means some companies may decide to start abiding by GPC signals in other places – making it worth your while to download it.
5. Skip the loyalty app.
Punch cards at your local coffee shop don’t pose a threat to your personal security. But when businesses use apps for loyalty programs or online ordering, these tools can gather data about you. This is not uncommon. In 2022, for example, Canadian regulators found the fast food chain Tim Hortons used its app to gather user’s location data 24/7, even when the app was closed.
These days, companies often use loyalty apps to incentivize you to give up lots of information they don’t really need, like your email address, phone number and birthdate. Companies log every purchase you make in your account, and may sell this information to other companies along with anything else they’ve collected in the background from your phone.
At the end of the day, those discounts may very well not be worth the extra risks you incur when companies can collect and keep your information indefinitely.
Tell the FTC: Stop tech companies from selling kids’ data
Right now, there are no rules stopping tech companies from monetizing the data of kids and teens.
Don’t Sell My Data
Director, Don't Sell My Data Campaign, U.S. PIRG Education Fund; Policy Analyst, Frontier Group
R.J. focuses on data privacy issues and the commercialization of personal data in the digital age. Her work ranges from consumer harms like scams and data breaches, to manipulative targeted advertising, to keeping kids safe online. In her work at Frontier Group, she has authored research reports on government transparency, predatory auto lending and consumer debt. Her work has appeared in WIRED magazine, CBS Mornings and USA Today, among other outlets. When she’s not protecting the public interest, she is an avid reader, fiction writer and birder.