A Hitchhiker's Guide to Greater Data Autonomy

2021 June, 26

For those who are concerned about online trackers and data collection, and would like a short and to the point list of steps they can easily take today to strengthen their digital privacy, this is the note for you.

If you are asking yourself 'what's the point?' and are skeptical that the effort of changing how you interact with digital tools is worth the effort, or even skeptical that the paradigm of data collection online is at all harmful, then check out my note Stasis Of Thought.

Device Settings

Opt out of any data sharing agreements: Many applications and devices will automatically opt you into data sharing schemes. You can opt out of these with a one time change, although the settings to do so can sometimes be buried several layers within the menus or settings. Here are some pointers on finding those settings on some common devices and platforms.

Choosing Software

Some software are built with a focus on your privacy, and on giving you control over your digital experience. Other software is little more than a pretty wrapper for collecting your data. Do some research on 'Alternatives to X' or 'More private versions of X'. Here are some of the changes I've made to the software I use (none of which have caused me to lose serious functionality).

  • Microsoft Office Word → LibreOffice Writer
  • Microsoft Office Excel → LibreOffice Calc
  • Microsoft Office PowerPoint → LibreOffice Impress
  • Google → DuckDuckGo
  • Chrome → Firefox, or Brave
  • Gmail → Tutanota
  • Android → iPhone (not ideal, but marginally less intrusive; a dumb phone or no phone would probably be better)

Application Settings

Once you've chosen the software you want to use, it will probably be best to customize the settings.

  • Brave: Hamburger Icon (three lines in top right, just below 'X') → Settings
  • Firefox: Hamburger Icon (three lines in top right, just below 'X') → Settings
  • Chrome: Kebob Icon (three verticle dots in top right, just below 'X') → Settings
  • Edge: Meatball Icon (three horizontal dots in top right, just below 'X') → Settings
  • Safari: Open Safari → Click Safari in top nav bar → Preferences
  • Windows: Windows Icon in bottom right → type 'Settings' → Privacy
  • Macintosh: Apple Icon in top left → System Preferences → Security & Privacy → Privacy
  • iPhone: Settings app → scroll down to Privacy → tap each tool to see what has access to it
  • Other software: whether for another browser, a phone app, or a desktop/browser app, a quick search on "Settings menu" will have you on your way!

Having navigated to the settings, you'll see a variety of sections like "Search" and "Security & Privacy". Most of these will be fairly straightforward, for example I'd recommend switching your default search engine to DuckDuckGo (it does not install the web beacons and zombie cookies like Google will).

You can auto-delete cookies whenever you close (terminate) your browser, which will mean any sessions you were logged into will be removed and you'll need to login again, but any trackers will also be erased.

You will also find settings for location sharing, and camera/microphone permissions, seeing which sites you've granted access. Here you can change the default permissions and revoke specific site's access who you no longer need.

In general, I'd recomend browsing through these settings and looking up anything that's confusing in more detail. This is your device after all, and doing this is a good way to get a feel for how it's configured.


...Or whatever social media those corporations have you kids hooked up on these days.

What to do? Put 'em in the scuppers with a hose pipe on 'im

Or if you must continue using them, at least protect yourself. Like with the other software listed, navigate to the settings, and then:

  • Reduce who your posts are default shared with (public, friends of friends, just friends)
  • Restrict who can see your profile information
  • Limit how you are notified. This reduces the manipulative and harmful hits of FOMO.
  • Reduce what advertisers can see (or even disable targeted ads altogether - this sometimes requires digging several layers into settings, but is possible on GMail, Facebook, and most platforms)
  • Some sites you can bulk delete old posts (who needs to see what you did six years ago?)
  • Some sites are down right vile and require you to delete every post one at a time (yes, you, Facebook)
  • Untag yourself from others' photos
  • Never use Facebook or Google OAuth to log in to other sites, as this links your information so they can track you on websites they don't even own
  • Again, best advice is to simply stop using these cesspools as much as possible

In general, you're reducing your usage of these sites where you can, and limiting what information is collected/shared everywhere else. Because once it's out in the wild, you lose control over it - forever.

Furthermore, those social sites are all about controlling your time. The data they collect on you helps them do so, and so does the very design of the applications. The notification draw you in, the likes give an addictive dopamine buzz, and the crowded add-filled screens generate revenue while also drawing you deeper down an internet spiral. (Sidenote, this is another reason I like Firefox as a browser. In the right of the URL bar is a page icon; clicking it on a page with an article toggles Reader View, which strips away the side bars and ads and just shows you the article content - a much simpler and focused reading experience)

Building Good Habits

Delete old posts to stop data from accumulation. It can be time consuming, but it is a very direct way to reduce the insights gleaned from you over time and has long lasting impact.

Sanitize your URLs: content in a link after a '?' is called a query parameter, and often includes trackers. example.com/?utm_source=Marketing_Newsletter is a link to example.com, but it also tracks that you arrived by clicking on a link in a marketing newsletter. You can remote the ?utm_source=Marketing_Newsletter and arrive at the exact same site, minus the tracker (and save characters when typing it out for others). Addmittedly some of these query parameters are necessary for websites to function, for example in youtube.com/watch?v=dQw4w9WgXcQ the query parameter 'v' stands for 'video' with the value as a unique ID to reference which video is shown.

Clean privacy traces - ie, deleting all the trackers that get stored on your hard drive. This can be done with most malware or disk cleaning software, like CCLeaner or SystemCare

Quit/Exit (don’t just close/minimize) applications when not in use. This reduces data usage, bandwidth, CPU usage, and power, although it will take slightly longer to start restart the application.

You can get in the habit of using fake names on internet forms (don't reuse the same ones, that can be tracked too!)

Similarly, you can use pseudonymous emails. For example user.name+mybank@gmail.com will still deliver mail to user.name@gmail.com. Anything after the '+' is considered an alias. If you only ever use user.name+mybank@gmail.com when communicating with your bank, and never anywhere else, then if you receive an email to user.name@gmail.com claiming to be your bank, you know it's a phishing attack (and your email may have been pwned).

There’s a great guide on clearing a browser's cookies (as well as cache and history) from the University of Information Technology Services. In case the link gets broken I’ve also saved a backup (archived on 2021-06-23)

Closing Thoughts

Gaining privacy with digital tools follows similar rules to security with digital tools. As Robert Morris stated, the three golden rules to ensure computer security are:

  1. 1) do not own a computer;
  2. 2) do not power it on;
  3. 3) and do not use it;

Complete privacy, like complete security, is impossible. That’s not to say we should never use these tools. It is to say that we should be deliberate with our use of these tools and aware of the trade offs we are making. I pray this note will help you do so.

Additional Resources

As a final point, I hope it is clear that the above steps are a set of very basic precautions. Doing these things will not prevent a government or even a marginally persistent private investigator from revealing your identity. What these steps will do is limit the amount of metadata collected from you in general and lead to far fewer targeted adverts.

If you're looking for a much more comprehensive guide, I would suggest this excellent article by Jameson Lopp about near-total privacy; and this story from Nithin Coca about breaking free from Google. This site is a great and straightforward place to find more private alternatives to common software. I'd like to draw attention to the many great short guides on privacy by DuckDuckGo. And lastly, if you're shopping around and want to compare the privacy credentials of companies, here are some good summaries of different services when it comes to Terms of Service and sharing data. Naturally, there's a lot more out there to learn about how our data can be used, and how we can keep control over it, however I hope this has been a manageable introduction. Best of luck.