EFF’s Top Ways to Protect Your Online Privacy Electronic Frontier Foundation

You may be “laying off” personal particulars, including e mail addressesand other contact guidance, with out even understanding it unless youproperly configure your Web browser. In your browser’s “Setup”,”Options” or “Preferences” menus, you can also are looking to use a pseudonym instead of your real name, andnot enter an e mail tackle, nor deliver other for my part identifiableinformation that you just don’t wish to share. When traveling a site youtrust that you would be able to choose to give them your info, in forms on their site;there’s no need for your browser to probably make this informationavailable to all comers. Also be on the lookout for system wide”Internet defaults” courses on your computing device some examples includeWindow’s Internet Control Panel, and MacOS’s Configuration Manager,and the third party Mac utility named Internet Config. While they are usefulfor loads of things, like retaining diverse Web browers and otherInternet tools constant in how the treat downloaded files and such,they need to doubtless also be anonymized identical to your browser itself,in the event that they include any fields for personal assistance.

Households withchildren can have an additional “protection problem” have you setclear rules to your kids, in order that they know not to show personalinformation unless you OK it on a site by site basis?”Cookies” are tidbits of guidance that Web sites store on yourcomputer, temporarily or kind of permanently. In many casescookies are useful and inocuous. They may be passwords and user IDs,so that you don’t have to keep retyping them each time you load anew page at the location that issued the cookie. Other cookies even though, can be used for “datamining” purposes, to trace your motions via a Web site, the timeyou spend there, what links you click and other particulars that thecompany wants to record, usually for marketing purposes. Most cookiescan only be read by the party that created them.

However, some companiesthat manage online banner commercials are, in essence, cookie sharing rings. Theycan track which pages you load, which ads you click on, etc. , and share this informationwith all in their client Web sites who may number in the lots of, even hundreds. Someexamples of those cookie sharing rings are DoubleClick, AdCastand LinkExchange. For an indication of how they work, see:rowsers are startingto allow user control over cookies.

Netscape, as an instance, allows youto see a notice when a site tries to write a cookie file to your hard drive, and provides you some assistance about it, allowing you to decidewhether or not to accept it. Be on the lookout for cookies thefunction of which is not obvious, which go to other sites than the one you are trying to load, or whichare not brief. It also means that you can instantly block allcookies that are being sent to 3rd events or to dam all cookies,solely, but this can make some sites inoperable. InternetExplorer has a cookie management interface in addition toNetscape like facets, enabling you to selectively enable or disablecookies on a site by site basis, even to permit cookies for a sitegenerally, but delete a specific cookie you are suspicious about. WithInternet Explorer you can also switch on cookies for a site temporarilythen disable them when you not need them e.

g. , at an onlinebookstore that calls for cookies to manner an order, but whom youdon’t want to track what books you are browsing at, what links you arefollowing, etc. , anything else of the time. Turning on cookie warningswill cause alert boxes to pop up, but after some practice you may learnto hit “Decline” so fast that you simply hardly notice them to any extent further. Theidea is to only enable cookies on sites that require them AND whom youtrust.

There are also numerous “cookie eater” functions,some which run on a time table or in the history, that delete cookie files for you. As with turning offcookies entirely, you can have bother having access to sites that require certain cookies thoughin most cases the worst that may happen is that you’ll must re enter a login ID and passwordyou theory were saved. “Eating” the cookies periodically still enables sites to trace whatyou’re doing for a quick time i. e. , the time between successive deletion of your cookie file,but thwarts makes an attempt to determine and record your activities over the years.

The best solution doesn’t exist yet: Full cookie management expertise builtinto the browsers themselves. Only greater user force on Microsoft, Netscapeand other browser makers could make this happen. Users should finally be ableto reject cookies on a complete domain basis, reject all third party cookies by default, reject all cookies that are not essentialfor the transaction handy, acquire notice of exactly what a cookie is intended for,and be in a position to set default behaviors and permissions rather than must engage with cookies on a page by pagebasis. This isn’t feasible yet. You may want to touch the agency that makes your browser software anddemand these essential points in the next edition.

When mailing to unknown events; posting to newsgroups, mailinglists, chat rooms and other public spaces on the Net; or publishing aWeb page that mentions your e mail tackle, it is healthier to do this froma “side” account, some pseudonymous or simply alternate address, andto use your main or preferred tackle only on small, participants onlylists and with known, relied on individuals. Addresses that are postedeven as a part of message headers in public spaces can be easilydiscovered by spammers online junk mailers and added to their list oftargets. If your public “throw away” address gets spammed enough to becomeannoying, which you could simply kill it off, and begin a new one. Yourfriends, boss, etc. , will still know your “real” address.

You can usea free ads supported e mail service provider like Yahoo Mailor Hotmail for such “side” money owed. It is better to use a “real”Internet provider company on your main account, and to examine theirprivacy guidelines and terms of provider, as some “freemail” services may havepoor privacy track archives. You may find it works best to use ane mail package that permits mulitiple user IDs and addresses a. k. a.

“personalities”, “aliases” so that you do not have to modify among multipleprograms to manange and use more than one e mail tackle though you mayhave to use a Web browser in preference to an e mail program to read yourmail in your “throw away” bills many freemail providers do notallow POP or IMAP connections. If you are “required”to present an e mail address to use a site but is not really required tocheck your mail for some kind of access code they send you, you canuse “” instance. com is a non existent site,set up by the Internet standards for use for example that willnever by accident coincide with anyone’s real e mail address, whichis always a danger if you just make up one off the top of your head. in rapid onlineacquaintanceships and friendships. But it is essential to recognize thatyou don’t really know who these people are or what they are like inreal life. A thousand miles away, you do not have friends of friendsor other references about this person.

Be also wary of face to facemeetings. If you and your new e friend need to meet in person, do itin a public place. Bringing a friend along can also be a good idea. One needn’t be paranoid, but one should not be an easy mark, either. Some private counsel you may want to withhold until you knowsomeone far better would incorporate your full name, place of employment,phone number, and street tackle among more obvious things likecredit card numbers, etc.

Needless to say, such information shouldnot be put on non-public home pages. If you’ve got a work home page, itmay well have work contact advice on it, but you don’t need to revealthis page to everyone you meet in a chat room. For this and otherreasons, a lot of people hold two private home pages, a work relatedone, and an “off duty” edition. In the commercial sector, too, beware”fast met chums”. A common “Spam”, or unsolicited bulk e mail, is anything you are probablyalready familiar with and bored with. If you get a spammedadvertisment, certainly don’t take the sender up on anything offerthey are making, but in addition don’t bother replying with “REMOVE” in thesubject line, or whatever probably bogus unsubscribe instructionsyou’ve been given.

This simply confirms that your address is beingread by a real person, and you may find yourself on dozens morespammers’ lists in no time. If you open the message, watch youroutgoing mail queue to ensure that a “return receipt” message wasnot generated to be sent back to the spammer instantly. It isbest to queue your mail and send manually, as opposed to sendimmediately, so that you can see what’s about to go out before it’sactually sent. You also needs to turn off your mailer’s automatichonoring of return receipt requests, if any. If you’ve a goodInternet carrier provider, you maybe able to forward copies of spam e mail to the system administratorswho can route a criticism to the ISP of the spammer or if you recognize alot about mail headers and DNS tools, you can most likely touch theseISPs your self to bitch about the spammer.

If you’re gettingspammed a lot, there are a variety of filters and anti spamservices available, adding: Never submit a bank card number or other highly sensitivepersonal assistance with out first ensuring your connection issecure encrypted. In Netscape, seek for an closed lock Windows or unbroken key Mac icon at thebottom of the browser window. In Internet Explorer, search for a closedlock icon at the bottom Windows or near the top Mac of the browser window. In any browser, look atthe URL Web address line a secure connection will begin “https://”intead of “http://”. If you’re at page that asks for such informationbut shows “http://” try adding the “s” your self and hitting enter toreload the page for Netscape or IE; in another browser, use something method is requiredby your browser to reload the page at the new URL. If you get anerror message that the page or site doesn’t exist, this probablymeans that the agency is so clueless and careless with yourinformation and your money that they do not even have Web safeguard.

Take your enterprise elsewhere. Another sort of spyware contains “webbugs”, which typicallymanifest themselves as invisible or nearly invisible image filestied to cookies and javascripts that track your Web usage. See additional info on webbugs. See also this webbug FAQ, Etest/web bug faq. htm for more particulars. Dealing with webbugs when they are embedded in an differently reliable pageis thorny, as there isn’t any surefire way to distinguish among webbugs andrun of the mill image files.

But see the Privacy Foundation’sBugnosis webbug detector Windows MSIE only. When webbugs are loaded into popup pages, the answer is to shut the popupsusually a small page with an ad, though a number of them are “micropages”that you should barely see. A few can even use javascript tricks to keepyou from closing them. If this occurs, close all other browser home windows,then be sure you be capable of close the bug window. Another tip for defeatingwebbugs is to reject any cookies from Doubleclick, AdCast, LinkExchange and other”ad exchange networks” cookie sharing rings, and every other cookies thatare not from the location you’re currently traveling most third party cookiesare very nearly webbugs. Lastly on this topic, bear in mind that HTML capablee mail programs and Usenet newsreaders make webbugs work in your e mailand newsgroups.

If your mailer or newsreader has an option to turn offcookie help, be sure to certainly do so. There is hardly any imaginablelegitimate use for a cookie in an email or a newsgroup posting. unlike a modem and get in touch with line connection, make certain to show your computer offwhen you are not using it. Most home PCs have pitifully poor securitycompared to the Unix workstations that power most commercial Websites. System crackers look for inclined, unattended DSL connectedhome computers, and can invade them with amazing ease, rifilingthrough files looking for bank card numbers or other sensitive data,and even “taking up” the workstation and quietly using it for their ownpurposes, such as lauching assaults on other computers elsewhere attacks that you can in the beginning be blamed for. Firewall hardware and application isanother option that can offer protection to you from these types of attacks availableat any pc store; freeware and shareware implementations may beavailable at sites like hen you’re thinking about whether or not to do enterprise with a Website, there are other elements than a secure connection you need to believe which are equallyimportant to Web defense.

Does the positioning provide offline contactinformation, including a postal address?Does the site have aprominently posted privacy policy?If so, what does it say?Justbecause they call it a “privacy policy” doesn’t suggest it’ll protectyou read it for your self. Many are little more than disclaimerssaying that you simply haven’t any privacy!So read them closely. If thepolicy sounds OK to you, do you’ve got a reason to trust it?Have youever heard of this agency?What is their acceptance?And are theybacking up their privacy observation with a seal program comparable to TRUSTe orBBBonline ?While imperfect, suchprograms hold Web sites to as a minimum some minimal baseline standards, and should revoke, with much fanfare, theapproval seal licenses of bad acting companies that do notkeep their word. If you see a seal, is it real?Check with theseal issuing site to be sure the seal isn’t a fake. And examineterms intently, especially when you are subscribing to a provider ratherthan buying a product. Look out for auto rebilling scams and hiddenfees.

Don’t give out in my opinion identifiable tips too easily. Just asyou might think twice about giving some clerk at the mall your homeaddress and make contact with number, bear in mind that simply as a result of a site asksfor or calls for personal guidance from you does not mean you’ve togive it. You do need to give accurate billing guidance if you arebuying something, after all, but if you are registering with a freesite it really is a little too nosy for you, there is not any law in most places againstproviding them with pseudonymous assistance. However, it wouldprobably be polite to use glaringly fake addresses, comparable to “123 NoSuch Street, Nowhere, DC 01010”. If they’re generating mailings basedon this counsel possibly according to the terms of theirprivacy policy they can probably weed such addresses out and notwaste the postage on them.

Definitely do NOT use someone else’s realaddress!Last but by no means least, there are other privacy threatsbesides abusive retailers, nosy bosses, spammers and scammers. Someof the threats contain commercial espionage, executive surveillance,identity theft, disgruntled former associates, and system crackers. Relatively easy to use e mail and file encryption program isavailable at no cost, comparable to Pretty Good Privacy PGP, available at: , which runs onalmost all computer systems and even integrates seamlessly with most majore mail program. Good encryption uses very robust secret codes, thatare difficult if not most unlikely to crack, to protect your data. Youcan also use really good amenities some free, some paythat transcend infomediary facilities, including working all connectionsthrough a securely encrypted “tunnel”, anonymous dialup, even anonymousWeb publishing. Another form of product is SSH tunnelling port forwarding packages, such as FSecure SSH ,and SecureCRT .