In the course of writing her book, Dragnet Nation, ProPublica reporter Julia Angwin tried various strategies to protect her privacy. In this blog post, she distills the lessons from her privacy experiments into useful tips for readers.
One of the easiest and simplest things you can do to protect your privacy is to be a smarter Web browser.
This is surprisingly difficult because most popular Web browsing software is set up to allow users to be tracked by default. The reason is simple economics — you don’t pay for Web browsing software, so the companies that make it have to find other ways to make money.
The most egregious example of this conflict came in 2008 when Microsoft’s advertising executives helped quash a plan by the engineers to build better privacy protections into the Internet Explorer 8 Web browser. Microsoft has since added additional protections — but they are not turned on by default. The situation is no better at Google, whose Chrome Web browser has “buried and discouraged” the “Do Not Track” button, and is pioneering the use of new tracking technology that cannot be blocked. And it’s worth noting that the other big Web browser maker, Mozilla Corp., receives 85 percent of its revenues (PDF) from its agreement to make Google the default search engine on Firefox.
Even worse, many of the tools that Web browsers offer to protect privacy are not effective. Tracking companies have refused to honor the “Do Not Track” button. And Google Chrome’s “Incognito” mode and Internet Explorer’s “InPrivate Browsing” mode won’t protect you from being tracked. Those settings simply prevent other people who use your Web browser after you to see where you’ve been online.
And so, in order to prevent the most common types of tracking, I ended up loading up my Web browser — Mozilla’s Firefox — with a bunch of extra software. It sounds like a lot of work, but most of this software can be installed in a few minutes. Here’s what I used:
- I installed “HTTPS Everywhere,” created by the Electronic Frontier Foundation and the Tor Project. This tool forces your Web browser to use encrypted Internet connections to any website that will allow it. This prevents hackers — and the United States National Security Agency — from eavesdropping on your Internet connections.
- I also installed Disconnect, a program created by former Google engineer Brian Kennish, which blocks advertisers and social networks, such as Facebook and Twitter, from tracking which websites you visit.
- And finally I set my default search engine to be DuckDuckGo, a search engine that doesn’t store any of the information that is automatically transmitted by your computer — the IP address and other digital footprints — so DuckDuckGo has no way to link your search queries to you. That means DuckDuckGo won’t auto-complete your search queries based on your previous searches or based on your physical location, as Google does. So you’ll have to be a little smarter about your searches, and remember to bookmark the pages that you visit often, to save time.
After browsing with my ungainly setup for nearly a year, I found a Web browser that had all the features I wanted built in — called WhiteHat Aviator. It has built-in HTTPS Everywhere, it doesn’t retain or sell your online activity, and it uses Disconnect to block trackers from advertisers and social media companies. Its default search engine is DuckDuckGo.
It’s built by a computer security firm called WhiteHat Security, but it hasn’t been audited by any computer security experts yet, as far as I can tell. So use it at your own risk (and currently you can only use it on the Mac OSX operating system). But I’ve been using it for a few months, and after some bugginess in the beginning, I’ve started to enjoy the unusual feeling of having privacy as a default setting.