Your Privacy at Risk
Your privacy is at risk like it has never been before, yet most folks think they have no need for concern. They are wrong!
2016 Worst Year for Personal Privacy
In fact, 2016 is being proclaimed as the worst year for your privacy, ever.
We've seen a series of laws and rules that greatly increase the power of the government and police to gather information on their own citizens and use it without the traditional requirement for warrants or probable cause.
No Privacy for Non-Americans
Trump's 'no privacy for non-Americans' order is not encouraging but don't be fooled into thinking that other governments are benevolent.
Private data for citizens of Lithuania, Estonia, Malta and the Netherlands receive greater legal protection from the U.S. than Canadians' data does. Canada hasn't been designated as a “covered country” even though we share a huge common border and they are our largest trading partner.
To make matters worse, a great deal of Canadian Internet traffic flows in and out of the U.S.
Add your name to the letter to these ministers to demand that they take action to fight for our privacy at Fight for our Privacy.
Check Your Privacy Practices
Check your progress in improving your privacy awareness and changing habits by taking the Mozilla privacy survey. There is more information about privacy on this page and on related pages on this site.
- How to prepare your privacy practices for the year ahead.
- Online security 101: Tips for protecting your privacy from hackers and spies.
Repeal Bill C-51
Trudeau promised to amend the controversial and Draconian anti-terrorist Bill C-51. The law is vague and undefined, making it possible to collect and trade information between agencies without either proper oversight or just cause. It essentially turns Canada into a police state.
Restore Our Privacy
15,000 people submitted feedback to the government's National Security Consultation through OpenMedia's online tools.
So far, all the government has proposed to do is release a 'summary' of the results. This simply isn't good enough. We need to hold them accountable.
Need more reasons to stop Bill C-51? Read the section below.
It Threatens Canadian Business and Online Safety
Even without the increasingly permissive data disclosure practices enabled by C-51, federal government agencies have seen over 3000 breaches of the highly sensitive private information of an estimated 750,000 innocent Canadians in recent years.
In particular we find the following elements from the national security consultation extremely concerning:
— Bill C-51 damages Canada's economy. It must be scrapped.
- It appears to favour the undermining or breaking of the encryption that many of our businesses and workers rely on.
- It floats and positively frames mandatory interception powers to access our sensitive business and customer data.
- It suggests that mandatory access to subscriber data such as an IP address without a warrant is akin to looking up a number in a phone book. This is an appalling and incorrect analogy for a piece of data that can unlock the highly intimate details of the lives of law-abiding Canadians.
- It raises the idea of forced customer data retention and suggests practices such as purging user data as problematic when such practices actually strengthen data security and customer privacy.
The Need Has Been Overstated
Imagine how you would feel if the government installed cameras in your home that recorded everything you did, then gave police the power to review the footage without a warrant, whenever they want.If that sounds to you like a gross violation of your privacy, you should probably be aware that the federal Liberals are contemplating pretty much exactly that for the digital world. — Huffington Post
The Act does not require individualized suspicion as a basis for information sharing amongst government agencies. There is no impediment in the Act to having entire databases shared with CSIS or the RCMP. The standard for ‘sharing’ is very, very low. — BC Civil Liberties Association
- RCMP is overstating Canada's 'surveillance lag'.
- The RCMP is using the media to 'create moral panic' about encryption.
- More is not necessarily better. See NSA is so overwhelmed with data, it's no longer effective, says whistleblower.
A lot of what classifies as terrorism in the political context — individuals that the news calls terrorist — are really common criminals. But they do not constitute the kind of super criminal threat that is represented by our terrorism legislation. — Edward Snowden
The CSIS a de facto Secret Police
We're at a tipping point where we need to decide whether to continue evolving into a surveillance society, or whether to rein in the government's spying apparatus before more lives are ruined by information disclosures. — OpenMedia
While a democracy can incorporate the need for an intelligence agency to operate with considerable secrecy, there is no place in a democracy for a secret police. Full stop. — BC Civil Liberties Association
- Ottawa has little regard for protecting privacy rights when it comes to national security.
- Canada's growing privacy deficit has alarming consequences for our everyday lives.
- Everything you always wanted to know about Bill C-51.
- Is C-51 necessary? Prove it.
Privacy a Basic Human Need
There is a reason we have locks on our doors and curtains in our windows.
Privacy is a basic human need.
If you believe that you have "nothing to hide" from the prying eyes of the NSA, you shouldn't mind letting a stranger rifle through your bank statements, emails, and photos — right? — ZDNet.com
Fear of Surveillance is Real
The fear of surveillance is realistic and stifles personal expression.
We act differently when we're being followed by a police car.
In the same manner, we don't feel as free to express our creativity when our conversations or Internet activities are being monitored.
The debate between privacy and security has been framed incorrectly as a zero-sum game in which we are forced to choose between one value and the other. Why can't we have both? — Daniel J. Solove: Nothing to Hide
Privacy is Not About Hiding Wrongs
Protecting your privacy DOESN'T mean you have something to hide.
The most common retort against privacy advocates — by those in favor of ID checks, cameras, databases, data mining and other wholesale surveillance measures — is this line:If you aren't doing anything wrong, what do you have to hide?
… [This] accept[s] the premise that privacy is about hiding a wrong. It's not. Privacy is an inherent human right, and a requirement for maintaining the human condition with dignity and respect.
Liberty requires security without intrusion, security plus privacy. Widespread police surveillance is the very definition of a police state. And that's why we should champion privacy even when we have nothing to hide. — Bruce Schneier: The Eternal Value of Privacy
Blaming the Victim
This spying while blaming the victim has a strong echo of McCarthyism.
Even if we think we have nothing to hide, all of us, whether world leaders or ordinary citizens, have good reason to be concerned. — TomDispatch
[A] federal court in the Eastern District of Virginia held that individuals have no reasonable expectation of privacy in a personal computer located inside their home. — Electronic Frontier Foundation
More about why privacy matters:
- A Saturday Morning Breakfast Cereal comic examines privacy abuse.
- Glenn Greenwald: Why privacy matters — TEDGlobal October 2014.
- 10 big data analytics privacy problems. The mass collection of personal data needs to have regulation to protect our privacy.
- Appeals court affirms NSA surveillance can be used to investigate domestic criminal suspects.
Everyone is Collecting Information
Everyone is collecting vast amounts of information about you — governments, businesses and the sites you visit on the Internet.
Collecting Domestic Phone Records Unconstitutional
While the stated purpose of NSA (and Canadian) collection of personal phone records is to prevent future terrorist attacks, this abuse of privacy has made us no safer.
The NSA surveillance program collects hundreds of millions of phone records daily. One federal judge criticized the program asbeyond Orwellianandlikely unconstitutional.— Fight 215
We have not yet seen any evidence showing that the NSA's dragnet collection of Americans' phone records has produced any uniquely valuable intelligence. — Senator Ron Wyden
Big Corporations Hijacked the Internet
The Internet was made for everyone but is being hijacked by big corporations that are turning people into products without their knowledge or consent. — The Hidden Business of the Internet
And it is probably going to get worse. Trade deals like TPP, TISA and TTIP have all been open to input from industry but closed to input from both non-profit groups that look out for the public interest as well as many of our elected government representatives.
Big Data: Tracking Your Every Move
Big Data is the current mantra of organizations. How to obtain it, store it, process it.
From the dawn of civilization until 2003, humankind generated five exabytes of data. Now we produce five exabytes every two days…and the pace is accelerating. — Eric Schmidt
If you're using privacy software like Ghostery on your web browser, you've probably noticed that most sites now use at least beacons, analytics services, page widgets and other third-party page elements that are secretly tracking your every move. Even the videos and comments section on sites are marketing tools.
This Site Respects Privacy
This site doesn't follow these practices. There aren't pop-ups or other annoying notice boxes. While this may not be the best policy for improving site conversion, I consider privacy more important than knowing exactly what you're clicking on.
- Links pointing to pages outside this site open in a new tab but these aren't pop-ups. See the Site Navigation page for details.
Legislation will likely be required to manage this “no holds barred” collection of personal data just as certain questions are no longer acceptable on an employment application and access is provided to challenge your credit reporting data.
- Big Data: The eye-opening facts everyone should know.
- The awesome ways Big Data is used today to change our world.
- How is Big Data used in practice? 10 use cases everyone must read.
Your Devices Are Watching You
The problem of privacy is only going to get worse as the Internet of Things evolves. Already there are more connected devices than people in the world. There is an imminent explosion of devices that will track every aspect of our lives.
There are bound to be abuses by law enforcement of any tracking system.
Virtually every “smart” device is gathering information on you (perhaps including your private conversations).
"If the government said you have to have a tracking device, for certain you would rebel," notes Schneier. "But the government doesn't have to say that because you do it willingly and they just get a copy of the data." — Bruce Schneier
This isn't an isolated incident. Visio surrendered to a lawsuit charging them with collection viewing data on 11 million consumer TVs.
Smart Meters Reveal Much About You
Analogue meters simply recorded the total amount of electricity used between readings.
Smart meters do more than simply remove the need for meter readers to visit your home or business a few times a year. They record the timing, duration and quantity of electricity you use.
Privacy information begins at the 24:24 mark but I strongly recommend watching the entire presentation.
Windows 10 is Spyware
Windows 10 is spying on you, especially if you're using the default privacy settings during installation, log in using your Microsoft Account and use Cortana.
With Windows 10, Microsoft has failed to be completely transparent with users about just what is going on in the background. Sure, the information is out there, but it is hidden away, difficult to interpret, and — let's face it — not something that the vast majority of people are going to spend the time to hunt down and digest. — BetaNews
The Microsoft Services Agreement revised at the same time as Windows 10 is a 12,000-word document where you essentially agree to give up your privacy.
Even the contents of your emails and documents stored in private, offline folders can be subject to scrutiny and “disclosure” (to unspecified parties), according to the wording of Microsoft's privacy policies. — Bernard Marr
This information is already collected by mobile devices.
By making Windows 10 mobile-first, cloud-first on desktops and laptops, they have effectively extended this lack of privacy into more dangerous territory.
Microsoft Already Removing Support for Windows 7 and 8.1
In less than 3 years Windows 10 will become the only Microsoft option.
Prior versions of Windows, including Windows 7 and Windows 8.1, have limited support when running on new processors and chipsets from manufacturers like Intel, AMD, NVidia, and Qualcomm. — Microsoft
Microsoft's tricks and schemes to get Windows 7 and 8 users to move to Windows 10 were nothing less than what you'd expect from malware:
In May 2016, in an action designed in a way we think was highly deceptive, Microsoft actually changed the expected behavior of a dialog window, a user interface element that's been around and acted the same way since the birth of the modern desktop. Specifically, when prompted with a Windows 10 update, if the user chose to decline it by hitting the ‘X’ in the upper right hand corner, Microsoft interpreted that as consent to download Windows 10. — Electronic Frontier Foundation
Microsoft Cannot be Trusted
Windows 10 is spyware and Microsoft cannot be trusted.
Microsoft has begun to respond to these issues. On January 10, 2017 a new web-based privacy dashboard was released where you could manage your browse data, clear your search history on Bing, review and clear your location data and edit Cortana knows about you.
Updates Reset Privacy Settings
However, Microsoft has made automatic updates mandatory in Windows 10 and seems to reset privacy options to their more-revealing defaults during major updates rather than respecting the user's wishes.
Apple Treating Privacy Differently
It doesn't have to be like that. Here's a new Apple policy related to the information they collect to help you navigate using their maps application:
Maps is also engineered to separate the data about your trips into segments, to keep Apple or anyone else from putting together a complete picture of your travels. Helping you get from Point A to Point B matters a great deal to us, but knowing the history of all your Point A's and Point B's doesn't.— Apple quoted in The Washington Post
DRM is supposed to stop illegal use of software and media while not interfering with legal use.
…trying to make digital files uncopyable is like trying to make water not wet. — Bruce Schneier
DRM creates a damaged good; it prevents you from doing what would be possible without it.
Were we to refuse, it is hardly likely that these corporations would discontinue their use of the Intenet. Their businesses revolve around the Web.
DRM places unreasonable restrictions that sacrifice your privacy to ensure corporate profit.
These companies don't want a free web. They think they make money by limiting your freedom.
Imagine the reaction if we demanded that the corporate CEOs provide public access to their payroll information and bank statements in return for access to our devices so we could ensure they weren't abusing the funds we provide to them.
DRM Affects Privacy
If consumers even know there's a DRM, what it is, and how it works, we've already failed.— Peter Lee, Disney Executive in 2005.
One example of how DRM can affect your privacy is Amazon's tracking of where you are in a Kindle ebook. They tell you how long it would take to finish it at your current reading speed but also control how you use Kindle content.
DRM Abuses of DMCA
Too often the Digital Millenium Act has been used to stiffle legitimate uses. TPP and other trade agreements are designed to enforce U.S. restrictions worldwide.
It's certainly easier to implement bad security and make it illegal for anyone to notice than it is to implement good security. — Bruce Schneier
Researchers are prevented from discovering security flaws in software. John Deere used it to prevent farmers from repairing their own equipment. Volkswagen used it to hide faked emmission control data.
After Apple changed their DRM policies when Apple Music was released some users report losing copies of their own music when unsubscribing from the service.
The U.S. government made a secret deal to place yellow dots onto every page printed from many (perhaps most) colour laser printers, ostensibly to track counterfeiters.
We've found that the dots from at least one line of printers encode the date and time your document was printed, as well as the serial number of the printer. — Electronic Frontier Foundation
“We're Only Collecting Metadata”
Many organizations indicate that they are “only collecting metadata.”
Research has shown that using only call metadata, the government can determine what your religion is, if you purchased a gun or got an abortion, and other incredibly private details of your life. Former director of the NSA and CIA, Michael Hayden, recently admitted:We kill people based on metadata.And former NSA General Counsel Stu Baker said:metadata absolutely tells you everything about somebody's life. If you have enough metadata, you don't really need content.— Electronic Frontier Foundation
Try asking any of these organizations for their metadata and you'll have a visit from their lawyers. Apparently they view their privacy as more important than yours.
Why Metadata Matters
Research has shown that using only call metadata, the government can determine what your religion is, if you purchased a gun or got an abortion, and other incredibly private details of your life. Former director of the NSA and CIA, Michael Hayden, recently admitted:We kill people based on metadata.And former NSA General Counsel Stu Baker said:metadata absolutely tells you everything about somebody's life. If you have enough metadata, you don't really need content.— EFF
How revealing metadata can be is demonstrated in these three (rather obvious) examples presented by Kurt Opsahl at CCC on December 30, 2013:
- They know you rang a phone sex service at 2:24 a.m. and spoke for 18 minutes. But they don't know what you talked about.
- They know you called the suicide prevention hotline from the Golden Gate Bridge. But the topic of the call remains a secret.
- They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour. But they don't know what was discussed.
Why metadata matters further expands this concept and helps you to better understand what metadata is and how it affects us.
Anonymous No More
A more intensive look at telephone metadata reveals much more. Your privacy could be compromised by linking the timing of anonymous data to data that directly identifies you via credit card, hotel stays and more.
All this can be used to build a profile of you that may make judgement calls which are then processed as “facts” by other parties. Metadata is surveillance.
Even something like Alfred Kinsey's sex research data from the 1930s and 1940s isn't safe. Kinsey took great pains to preserve the anonymity of his subjects, but in 2013, researcher Raquel Hill was able to identify 97% of them. — Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World by Bruce Schneier
There was much less information collected in those days than we routinely and blindly provide today.
Hacks and Security Breaches
While organizations are happy to collect your private data, they aren't spending nearly as much protecting it as they do their own private information.
That is largely because these companies seldom report the loss until much later (often years later) and are not financially responsible because of their vague terms of service and poor privacy policies.
- If you use Yahoo Mail (or services like Tumblr, Flickr, Fantasy Football), you need to know that 500 million Yahoo! accounts were breached. Here's what to do.
- The biggest hacks, leaks and data breaches of 2016.
- These companies lost your data in 2015's biggest hacks, breaches.
- One of the biggest hacks happened last year, but nobody noticed.
Privacy Much More Difficult
How would you feel about every document, photo and file on your computer being printed and posted in a public place? There is even more at stake.
Facial recognition is nearly perfect and is now being deployed in businesses and government services around the world. There has been an explosion of the number of cameras in public areas — often accessible via the Internet.
However, much like with other technology, the legal framework to protect your privacy has fallen far behind which places us at risk.
A report by Georgetown Law Center for Privacy and Technology estimates that about half of US adults — more than 117 million people — have their images logged in a facial recognition network of some kind — a trend civil liberties group the Electronic Frontier Foundation describes as "a real and immediate threat" to privacy. — BBC
Governments Collecting More
[K]now that every border that you cross, every purchase you make, every call you dial, every cellphone tower you pass, friend you keep, site you visit, and subject line you type, is in the hands of a system whose reach is unlimited but whose safeguards are not. — CITIZENFOUR documentary
The Everything We Know About NSA Spying video is an excellent overview on the NSA spying and shows just how extensive the reach of this program is and how easy it is to become a target.
- The Register's guide to protecting your data when visiting the US. You're (mostly) screwed without preparation.
- Fighting for privacy, two years after Snowden.
- Mikko Hypponen: How the NSA betrayed the world's trust.
- What can government security agencies tell from your phone's metadata?
In the "new propaganda era" we are entering, where the frontier between information, communication and propaganda becomes blurry, the world needs independent journalists, who engage in the pursuit of the truth, who respect standards of ethics, and whose mission is to give citizens of this world tools to understand what surrounds them. That is to say, in a word, free journalists. — Defence Handbook For Journalists and Bloggers
Balancing Privacy and Government Security
Law enforcement agencies are clamoring for even easier access to meta-data. We are fast approaching the very definition of a police state where everything about you is openly known by the police.
I don't want to live in a world where everything I say, everything I do, everyone I talk to, every expression of creativity and love or friendship is recorded. — Edward Snowden
Everyone can agree that the police and national security agencies need adequate tools to protect us, and that these tools need to be adapted to the digital world.
But state powers have already been significantly expanded, particularly with Bills C-51 and C-13. At the same time, we have seen too many cases of inappropriate and sometimes illegal conduct by state officials that have impacted on the rights of ordinary citizens not suspected of criminal or terrorist activities. In my view, those serious incidents were caused by deficient legal standards that failed to set appropriate limits on government actions.These key lessons from history remind us that clear safeguards are needed to protect rights and prevent abuse, that national security agencies must be subject to effective review, and that any new state powers must be justified on the basis of evidence. Government should only propose and Parliament should only approve new state powers if they are demonstrated to be necessary and proportionate — not merely convenient. — Privacy Commissioner Therrien
Avoid Giving Information Away
Everyone that asks you to fill out a form — whether a paper form or on-line — is collecting personal data.
Once you provide that information, it is no longer in your control. While everyone is diligent in collecting your information, they are less likely to be as careful in protecting that information — particularly if an opportunity to profit comes along.
Privacy Policies are Changing
You only need to look at the way Facebook, Hotmail and others so quickly changed their privacy policies to enhance their profitability. You're on your own when it comes to protecting your identity.
If the service is free, then you are the product. — The Day We Lost Everything
Who Has Your Back?
Who has your back? 2015 track record for social media, communications and other companies in releasing private information to the government.
Learn how to avoid giving information away (including protecting other people's email addresses) and how to remove malware (software on your computer that reveals information about your surfing habits — including toolbars).
Governments Collecting More Personal Information
Governments are collecting more about you and your Internet activities.
Never in history has a surveillance state and a representative form of government existed side by side. A free society and a surveillance society cannot be reconciled. Biometrics is the linchpin to a surveillance society. — Constitutional Alliance
Never give a government a power you would not want a despot to have. — John Gilmore
Canadian Government Double Standard
The Canadian government will not allow its data to be stored on servers outside Canada. Canadians should be similarly concerned about the loss of privacy and protection.
- Most, if not all, social media data is being stored outside Canada and no longer has the protections afforded by Canadian law.
- Most webmail is stored on servers in the U.S. or other countries.
- Your emails are scanned to profile you to serve ads, alter search results, and other purposes based upon the emails you send and receive if you're using Gmail, Yahoo! mail and similar services.
However, the government is much less concerned about your privacy. They continue to share data about their own citizens with the US and other Five Eyes partners — even unconfirmed data that has cost innocent individuals their freedom.
Overseas Privacy Threatened
Microsoft successfully fought a December 2013 federal search warrant demanding that the company release emails stored in Ireland.. This demand that data stored on overseas servers be made available should concern everyone. The US is not the only country doing this.
The revelations of NSA searches on U.S. servers has cost American tech companies, forcing them to build servers overseas rather than hosting them all in the United States. This case clearly had implications for these companies being abandoned if foreign customers felt their privacy was threatened even with servers hosted in their own country.
You can find out more about governments collection of personal information at:
- Privacy Rights Clearinghouse.
- Electronic Frontier Foundation defending your rights in the digital world.
- Privacy International is committed to fighting for the right to privacy across the world.
- Surveillance Self-Defense is a guide to protecting yourself from electronic surveillance.
Other reports about privacy and surveillance:
- The year that governments struck back: Seven things you need to know about privacy in 2014.
- The chilling effect of domestic spying.
- It's time for our governments to stop eavesdropping and start listening .
- Canadian privacy stories.
- Lavabit owner found no justice when indicted for refusing to provide customer passwords.
- 8 million reasons for real surveillance oversight.
- Criminal DNA collection laws “for identification” could easily be misused.
- Surveillance State: NSA Spying and more.
- Security expert Bruce Schneier on passwords, privacy and trust .
- Your interest in privacy will ensure you're targeted by the NSA.
- Ten international organizations trying to hack into your computer.
- Google faces more government demands for user info.
Less than 50 percent of the government requests for user data were complied with in Canada, Chile, France, Hong Kong, Mexico, the Netherlands, Russia, Turkey and South Korea.
- Online privacy: using the Internet safely.
- Integration of Drones into Domestic Airspace: Selected Legal Issues (PDF–363 KB) discusses the legal issues surrounding small drones and personal privacy.
- Old Technopanic in New iBottles is a look at encryption to protect privacy following the release of Apple's default encryption.
- For sale: Systems that can secretly track where cellphone users go around the globe.
Data and Goliath: The Hidden Battles to Capture Your Data and Control Your World by Bruce Schneier is an imperative read for everyone. Read the introduction.
The powers that surveil us do more than simply store this information. Corporations use surveillance to manipulate not only the news articles and advertisements we each see, but also the prices we're offered. Governments use surveillance to discriminate, censor, chill free speech, and put people in danger worldwide. And both sides share this information with each other or, even worse, lose it to cybercriminals in huge data breaches.
Much of this is voluntary: we cooperate with corporate surveillance because it promises us convenience, and we submit to government surveillance because it promises us protection. The result is a mass surveillance society of our own making.
But have we given up more than we've gained?
In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government surveillance programs and shake up surveillance-based business models, while also providing tips for you to protect your privacy every day.You'll never look at your phone, your computer, your credit cards, or even your car in the same way again.
Frontline's United States of Secrets is a powerful look at the dangerous spying by the NSA on their own citizens and the revelations following the release of the Snowden documents.
Frontline investigates the secret history of the unprecedented surveillance program that began in the wake of the 9/11 attacks and continues today.
The two-part series is available on Netflix:
Episode 1 shows how the dangerous plan to greatly increase the power of surveillance on the American (and international) public was secretly authorized with the stated goal of finding unknown terrorists within our midst.
Several members of the NSA and other government bodies opposed the plan on the basis that it overstepped the requirements and undercut civil liberties enshrined in the U.S. Constitution without any real oversight.
Episode 2 looks at the increasing commercial surveillance by companies like Google and later Microsoft, Facebook and others to generate massive advertising income. This information was later co-opted by the NSA and, in the process, further eroding every citizen's privacy. There is no evidence that any of this surveillance has made us any safer (think of the Boston Marathon attacks — the sort of event this program was supposed to prevent).
Cookies Report on Your Web Habits
People have become more aware of the amount of information that is collected about them while they are on the Internet using such devices as cookies. You can deal with cookies using some of the many utilities available on the Net or by using the tools provided by modern browsers (Firefox recommended).
Help is Pending…or is it?
Current browsers have the capability of telling a site that you don't want to be tracked. But that assumes that a site will bother to respond. There are few, if any, such mechanisms in place.
Panopticlick is an online test that analyzes how well your browser and extensions protect you against online tracking techniques, even if you are using privacy-protective software.
Another option is to use the services of a site such as the Network Advertising Initiative which offers to place an opt-out cookie on your computer for certain ad servers such as DoubleClick.
Many sites use flash cookies (Local Shared Objects or LSOs) that are not deleted when you remove traditional cookies. Adobe provides information on how to manage or disable LSOs, but ignorance makes most users vulnerable to exploitation by sites that use them.
Flash is listed as one of three programs that make Windows vulnerable to malware (as well as Linux and Mac if Flash is installed). As technology moves away from Flash, the risk of LSOs should diminish.
Have a look at my listing of Firefox extensions. Some allow you to manage or remove LSOs but status can change quickly so I won't duplicate the listing here.
Your Choice of Browser Matters
The browser you use to surf the Web will make a different in not only what tools are available to you or how convenient the browser is, but also in terms of how much information you share in the process and what those gathering that information do with it.
Ixquick's StartPage privacy page has information about how simply using a search engine can leave behind a history that can last for years.
The problem is made even more dangerous as companies like Google become more powerful, purchase companies in areas they traditionally didn't have access, then combine data about their users between these companies. Running their free Gmail and Chrome browser will provide even more information about yourself, helping to create a more accurate profile to serve ads to. Google never forgets!
Firefox: A More Secure Browser
Firefox is my recommendation. Not only is it more secure, but it more closely follows web standards, making your experience a better one.
Firefox is made under the principle that security and privacy are fundamental and must not be treated as optional. Firefox is the only major browser not targeted by the NSA scandal and we're fighting to reform government surveillance for you. — Mozilla
Clear Private Data
You should clear your privacy data (cookies, saved form information, cache and authenticated sessions) before and after on-line banking (or similar sites where there is the risk of revealing personal information of greater value).
These settings are on the Privacy tab in the Firefox Options settings. Firefox Options is located different ways:
- Firefox 29 or newer: the Firefox menu is on the top right (3 horizontal lines).
- Firefox 4–28: the orange Firefox button on the left contains the Options menu..
- The Firefox Menu Bar (turned off by default starting with Firefox 4) has Options in the Tools menu.
Once the Options dialogue box appears, click on the Privacy tab and check Clear history when Firefox closes. You can choose which items get removed by clicking the Settings button on the right (see dialogue box above).
Internet Explorer: Simply Too Vulnerable
Internet Explorer (IE) is a major security vulnerability within Windows and therefore should not be used as your primary browser when surfing the Internet.
When the CVE-2014-1776 vulnerability affected IE versions 6–11 the US-CERT team (U.S. Homeland Security) recommended moving to an alternate browser. This is good advice even after the vulnerability is patched.
Microsoft made IE a key component of the Windows installer — a significant security vulnerability when surfing the Web. You can help reduce the risk by enabling the following settings:
- Current versions of IE can check sites for forgeries (sites looking to exploit your trust of the real site) if you authorize it during installation.
- Check "Prevent programs from suggesting changes to my default search provider" in IE's extensions.
Security risks are not unique to Internet Explorer but its reach is deep into the Windows operating system, making it more vulnerable to security issues than any other browser.
You may need to use IE for some legitimate tools:
- Microsoft's Fix it solutions need to run in Internet Explorer.
- Symantec's AutoFix Tool must run in Internet Explorer in order to be able to make the necessary changes to Windows files.
Windows XP used IE to run Windows Update, a program that makes significant changes to your system and requires access to key Windows components. Microsoft Update is now built into Windows Vista and 7 making IE more secure.
Microsoft's Windows Update plug-in for Firefox as an alternative to using Internet Explorer is not recommended because this makes Firefox more vulnerable. It is better to use Internet Explorer only where necessary (and safe).
Move to Firefox and launch Internet Explorer ONLY where it is absolutely necessary. If a normal page won't load properly except in IE, you're probably better off going elsewhere for your information.
Google Chrome: Quicker, Convenient, Zero Privacy
Google Chrome (initially based upon the open source Mozilla code) has become very popular because it is much smaller and potentially faster than other browsers (at least as long as you don't use extensions).
Collecting, Collecting, Collecting…
Chrome does this, in part, by keeping the user's data on their servers rather than on the user's computer. People have access to their data from any number of computers, phones and tablets.
This is convenient but eliminates your ability to fully control your own information. Google uses this information to serve more appealing ads based upon what you've viewed with Chrome.
Free Email Costs You Your Privacy
So many people have moved to using “free” cloud-based webmail programs that the market has virtually collapsed for independent stand-alone email programs.
The biggest issue is privacy.
Services like Gmail, Yahoo! Mail and Outlook.com (formerly Hotmail) sift through your emails to build a profile on you to sell advertising.
However, the Yahoo! data breach should tell you that your privacy is NOT a priority. Not only did they lose enough information to commit identity theft using the stolen data — “names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and even security questions and answers” — but they took several years to bother telling anyone.
Gmail has made it more difficult to simply download your Gmail to a standalone email client (an email program that stores your messages on your computer rather than on Google's servers).
Google wants you to leave a browser window open with Gmail running. By knowing the sites you're visiting they can present “more relevant” ads (i.e. ads that you're more likely to click on based upon your surfing history). Of course, if you're running Chrome, they already know this.
StartMail ($59.95 per year) provides an alternative
Updated: March 24, 2017