Restoring Privacy

Take back your personal privacy

Educate Yourself | Restoring Balance | Privacy Policies
Privacy Guides | Privacy Tools | Crossing Borders

All trademarks, company names or logos are the property of their respective owners.

A woman has her hands on a laptop's keyboard with the screen displaying a “Privacy Settings” splash screen.

We are at a critical moment for free expression online and for the role of Internet intermediaries in the fabric of democratic societies.

In particular, governments around the world have been pushing companies to take down more speech than ever before.

What responsibilities do the platforms that directly host our speech have to protect — or take down — certain types of expression when the government comes knocking?
— EFF, 2018

Take Back Your Privacy

Privacy is not about hiding wrongs — it is power over your own information.

Your Privacy At Risk

Your privacy is at risk like it has never been before, yet most folks think that only guilty criminals need be concerned. They are wrong!

Broadly speaking, privacy is the right to be let alone, or freedom from interference or intrusion. Information privacy is the right to have some control over how your personal information is collected and used.
— IAPP

Fight For Privacy

You need to take back your privacy.

Much like we lock doors and close curtains to retain our physical privacy, we can learn how to restore our online privacy. Start by learning how to protect your privacy — then demand accountability.

By making a few simple changes to your devices and accounts, you can maintain security against outside parties' unwanted attempts to access your data as well as protect your privacy from those you don't consent to sharing your information with.
— The New York Times

Organisations can no longer assume that any personal information given to them can be exploited in any way they see fit.
— Elliot Rose

Stop the Data Harvest

Stop the Data Harvest!
Sign the Petition!

Every day, a shadowy network of companies is taking, buying, and selling the most intimate details of our lives. They spy on our physical and mental health, our shopping lists, our friend networks, and where we go each hour. In doing so, they undermine our ability to control our digital lives and restrict our free will online and off. Privacy? That's just a word to them.

Our governments are failing to stand up to them, convinced that their unlimited right to take, use, and sell our sensitive personal information is just too profitable to restrict.

We're saying enough is enough. If you're tired of being treated like a product, and having your privacy rights ignored by lawmakers, take the first step towards controlling your online identity by signing the petition to stop the harvest of our data!

So if you're tired of being tracked, counted, categorized, bought, used, and sold, sign the petition and together let's take the first step to stop the harvest of our personal data!
— OpenMedia

Privacy Laws in Canada

Canadian privacy laws are largely ineffective, mostly based upon a “wish list” from industry rather than the protection of personal privacy. Privacy lawsuits that saw success in the United States have often been tossed in Canada because our weak privacy laws were written prior to the Internet. Attempts to update this legislation has failed a number of times, the latest being Bill C-27 which died when Trudeau prologued Parliament.

Canada has a patchwork of privacy laws which vary according to where you live, largely because of the failure of the federal government to provide protection.

In the absence of Canada's federal government updating our national privacy laws, provinces and territories have taken it upon themselves to create new privacy protections for their residents.

This is leading to privacy have and have nots — depending on where you live in Canada.
— OpenMedia

Take the OpenMedia privacy protections quiz.

CCTV Cameras Abuse Privacy

On TV only the bad guys are affected by tracking cameras. In reality, that information can easily be abused if you're involved in a peaceful protest the government disapproves of. While the police may be able access that information to charge you, your defense does not have that same capability.

Thankfully, Vancouver City Council turned down a proposal to install CCTV cameras to “prevent violent crime” in the city. There is no evidence that CCTV cameras would reduce crime rates yet such installations threaten the privacy of innocent citizens because tracking systems make no difference between criminal and innocent traffic.

The Liberal Government's Two-tiered Justice

Canada's Emergencies Act has only been used once, against the 2022 Freedom Convoy. Not only were horses used to disrupt the protest, but bank accounts were frozen for anyone that contributed even a few dollars. Courts have found the use of the Emergency Act unjustified.

Compare that to government's hands-off policy with the pro-Palestinian protests across Canada. While there is legislation to curb the clearly antisemitic hate speech, police protect the protestors rather than our citizens against intimidation. These Islamics calling for the eradication of Israel is an issue that has nothing to do with Canada other than to call into question our historical support for the only democracy in the Middle East.

Indeed, you could not have asked for a starker contrast in protests than the Freedom Convoy and the Pro-Hamas Left — or a sharper contrast in how they have been treated by Canada's government. The truckers were met with draconian measures imposed by Trudeau — while he's used kid gloves on the pro-Palestinian protests.
— Newsweek

Summary of privacy laws in Canada.

Return to top

Educate Yourself About Privacy

Become informed about issues around privacy. This involves re-examining how you perceive privacy and how it is portrayed by the companies that profit from exploiting it.

Begin by educating yourself on privacy issues and solutions. I recommend you check out these privacy champions:

The Mozilla Foundation advocates for privacy, inclusion and decentralization, and to create safer, more transparent online experiences for everyone.
OpenMedia works to keep the Internet open, affordable, and surveillance-free.
The Electronic Frontier Foundation is the leading nonprofit organization defending civil liberties in the digital world.
Ludlow Institute advances privacy and human freedom through technology.
Center for Humane Technology envisions a world with technology that respects our attention, improves our well-being, and strengthens communities.
Use Privacy International: protect democracy, defend people's dignity, and demand accountability from institutions who breach public trust.

The better you understand how your privacy is affected and how to protect yourself, the safer you'll be.

Take the Mozilla privacy survey to see how well you are improving your privacy awareness and habits.
Privacy & surveillance: Know your rights! is a free online course offered by the Canadian Constitution Foundation.

Teach Your Children

Children's privacy has been seriously threatened. Besides making changes, we need to talk to our children in terms that they can understand.

How parents and educators can protect children's online privacy.

Choose Apps That Protect Your Privacy

How did you choose the apps on your computer and devices? Was it based upon what the vendor or operating system included as the defaults or did you choose what worked best for you? Did you consider how they affect your personal privacy?

Too many of these apps are busy collecting information about you, information that far too often has nothing to do with the app's function.

Choose apps with the functions that work for you but that respect your privacy. Be sure that you're using a current version then modify the settings to protect your privacy.

Some Suggestions

The programs I recommend are based upon my own experience, research and interactions with client needs. Other pages on this site contain information specific to web browsers, email software, security software and much more.

Bitwarden, my recommended password manager, asked their community for their top picks for Data Privacy Week:

Avoid Giving Information Away

First, you have to actively work to protect your privacy. Take steps to avoid giving away unnecessary information.

Are You Sharing Too Much?

Are you careful about what you share about yourself and others in public forums?

Be cautious about your personal information when you purchase a product or service. When you place an order, the company may need your shipping address if an item is to be shipped to you or to verify your credit card.

Social media is a very important aspect of privacy because so much personal information is collected then processed using comparative and linked data (such as the "Like" button) — even facial recognition software.

Though the internet and social media have been used by the public for decades, the concept of privacy still lacks a modern application to the online world. Digital privacy, therefore, is still very much a legal frontier.
— University of Dayton's School of Law

Protect Third-party Information

Protect all third-party information in your possession. Don't reveal private information about individuals (email addresses, phone numbers and birthdays) while emailing or posting on social media without permission.

Most workplaces refuse to provide personal contact information about their employees to callers. You should also refuse to provide personal information directly.

When someone asks for the email address, phone number or similar information, tell them you'll let the person they want to connect with know by providing the requester's contact information. That way it is up to that person to reveal their own information if they are interested.

How Can You Protect Your Information?

Some payment options are more private than others.

When you use a credit card, vendors usually require your mailing address to process online payments — even if the product or service isn't being delivered physically. That's valuable personal information you're providing.

Apple Pay and PayPal don't provide your credit information to vendors but may provide information to your financial institution.

PayPal lists up to 600 third parties they may share information with.

Decline Email Receipts

Decline an emailed receipt in physical stores. They use this for marketing purposes.

Convenient and environmentally friendly, e-receipts are the way of the future, but they are also raising questions about consumer privacy.

Home Depot was found to be sharing details from e-receipts — including encoded email addresses and in-store purchase information — with Meta, which operates the Facebook social media platform, without the knowledge or consent of customers.
— Privacy Commissioner of Canada

The next time Home Depot asks if you'd like an email receipt, you know why they're asking. They're facing a class-action lawsuit for that privacy breach.

Online Transactions

You can print off your own receipt when buying online or subscribing for a service but this may not eliminate the need to provide your email address.

Most online purchases require you to create an account. Most use your email address to identity you.
Email may be used to notify you when an item is shipped or to track its progress.
Product registration and obtaining support for online purchases usually requires an email address.

Who Needs Your Birth Date?

Facebook-owned Instagram, now demands your birth date (and they use their massive Facebook database to verify it). I discovered this when I tried to create an Instagram account using a false birth date to protect my privacy.

Many other services now demand your birth date during registration. Legitimate reasons may include determining eligibility for

legal age of consent;
senior discounts;
access to liquor or tobacco; or
to qualify for age-qualified services (e.g., pensions).

They don't need to know the exact birth date — only the fact that you're old enough with rare exceptions, notably, age-based government services and government regulated sales (e.g., alcohol and tobacco).

In most cases you should be able to certify that you meet the stated minimum age (whether it is 13, 18, 65 or something else). However, knowing your birth date allows them to track your transition through these milestones.

Companies demand it to improve your advertising profile and to make the resale of your profile data more valuable. It can be combined with other information to “personalize” their ads. It will also make the resale of your profile more profitable.

Big Tech on a Buying Spree

Big tech has been on a buying spree.

Monopoly is made by acquisition — Google buying AdMob and DoubleClick, Facebook buying Instagram and WhatsApp, Amazon buying, to name just a few, Audible, Twitch, Zappos and Alexa.
— NY Times

These mergers and acquisitions threaten your privacy. As well as acquiring technology, they're also adding to their ability to profile site visitors.

The new company may feel free to disregard privacy promises made by the previous owners or they may simply rewrite the privacy policy to remove such promises. If you continue to use the service, you're then bound by the new policy.

Will They Protect Your Information?

Have you noticed that most security breaches only affect consumer data, but not corporate data? Your data didn't cost them anything to acquire. Most companies protect their own information more rigorously than yours.

Governments don't enforce privacy or enforce penalties significant enough to change this behaviour. If the C-suite faced jail for data breaches under their watch they'd increase spending on security accordingly.

Single Sign-on Flawed

Single sign-on (SSO) uses your Google, Facebook or Apple ID to log into third-party sites.

Single sign-on uses your Google, Facebook or Apple ID to log into third-party sites.

SSO may be convenient, but creates a single point of failure.

Instead, use a unique password for every site.

The simplest way to avoid the problem would be to avoid using third-party sign-in altogether and instead use a unique password for every site. That's certainly more inconvenient but has the benefit that it makes it harder for tech giants to track online activity.
— Infopackets

By generating a unique password for every site using a password manager like Bitwarden, each site obtains only your name, email and whatever other information you provide directly to them.

Check the Privacy Policy

You should always read and understand the privacy policy of any site before you choose to give personal information. See more about privacy policies.

Return to top

Restoring Balance

Tech companies spend millions of dollars to learn how to fully engage their viewers. These include techniques like

the suggestions on the side of YouTube, Twitter and news feeds;
the notifications from Facebook and other social media sites; and
the use of instant-on videos (those that play as soon as the page loads).

A “quick check-in” to see what your friends or family are up to or a “five-minute game break” can turn into a three-hour Facebook binge.

We need to restore balance to our lives. Our exposure to these techniques are making us feel increasingly more isolated.

Adblockers Provide Privacy

Adblockers like Ghostery and Privacy Badger have several benefits besides blocking ads. Most importantly, they protect your online privacy.

Today's ads are not fixed on a site. Instead, whatever can be gleaned about your browser and the user are uploaded to dozens of potential advertisers (and many that simply are collecting personal information).

Advertisers are heavier users of adblockers than the average American.

It's very telling that individuals who are not only more knowledgeable about the inner workings of the internet, but actually behind the mechanisms for targeted advertising and tracking, are protecting themselves far more than the average American.

As these experts shore up their privacy and data protection against their own products, everyday consumers must take action to avoid remaining susceptible to the ever-expanding, invisible world behind their browser.
— Jean-Paul Schmetz, CEO of Ghostery

Recommendations

I urge you to take the initiative to restore your privacy using the following privacy recommendations.

Safer Browsing

Choose a safer browser that provides optimum privacy (Mozilla Firefox is recommended) then change the following setting to protect privacy:

Set a default search engine that protects your privacy like StartPage or DuckDuckGo.
Turn on Do Not Track in your browser then insist that it be honoured¹.
Remove tracking cookies using CCleaner or your browser's settings.
Use encrypted (HTTPS) sites wherever possible.
Enable HTTPS-Only Mode on Firefox and Chrome (automatic in Safari; unavailable in Edge).
Use privacy extensions like Ghostery or Privacy Badger.
Use a VPN service or TOR to protect your privacy, especially when using public networks.

¹ Too often sites not honour the Do Not Track using the lame excuse that there are no standards. Google discouraged sites from recognizing DNT.

Safer Practices

Be aware of the privacy costs of your choices:

Frequently check privacy settings on apps and services you use.
Use BCC when sending emails to multiple people that don't know each other's email addresses (group emails).
Use search engines that protect your privacy.
Be aware of the risks posed by virtual assistants like Amazon Alexa, Google Home, Cortana and Siri.
Take care when posting on social media — especially Facebook.
Delete accounts you're no longer actively using.

Password Security

Passwords are the key to your privacy and security of your accounts.

Create a unique password for every site (don't use Single Sign-on).
Use a password manager like Bitwarden to generate secure passwords and store them securely.

Replace Google

Consider using alternatives to Google to protect your privacy.

Google's settings are designed so users could make changes, but “difficult enough that people won't.” Even Google's own engineers are confused by privacy settings.

Replace Google services with privacy-friendly alternatives.

Start Using Privacy Tools

Start using effective privacy tools and be sure to use only software that is safe to use. See the Reset the Net Privacy Pack and my recommended software.

Take Back Your Phone

Smart phones are the least private devices we own. The phone is constantly pinging our location to your carrier (it has to know how to reach you) but also often the operating system and many of the apps.

One significant example is the fact that Tim Hortons got away with tracking users everywhere even though it was supposed to simply provide access to specials when at a Tim Hortons. Canada's privacy laws are so lax that Tim Hortons's penalty was to provide a free treat for violating your privacy.

Don't let your apps control your phone use! Try these simple changes to live more intentionally with your devices right now by changing settings to remove distractions.

Get an iPhone, ditch the Android.
Use Screen Time to control your iPhone activity.
Edit what appears on your screen. Do you really need real-time weather, news, stocks, etc.?
Remove unnecessary apps from your phone.
Select apps based upon their privacy and watch for unnecessary data collection.

Quiet Down Windows

You might want to consider how many distractions have been added to Windows 10 and 11. To regain control:

Control the startup of applications in Windows settings (Start ⇒ Settings ⇒ Apps ⇒ Startup). Alternatively, CCleaner (Tools ⇒ Startup).
Turn App Notifications off (Start ⇒ Settings ⇒ System ⇒ Notifications & actions).
Use Focus Assist to remove distractions (Start ⇒ Settings ⇒ System ⇒ Focus assist).
Remove apps you don't use (right-click on the icon ⇒ Uninstall).

The following settings are found in Windows 10 only:

Turn off News & Interests (right-click on Task bar ⇒ News & Interests ⇒ Turn off).
Turn off Live Tiles (right-click on the icon ⇒ More ⇒ Turn Live Tile off).

Return to top

Privacy Policies

Privacy policies are statements about how your data will be used by the owner of the site you're visiting.

The privacy policy is a legal document, it spells out how a company collects, stores, uses, and shares your data.
— IRL Podcast

Don't provide information to sites lacking a privacy policy.

The University of Dayton School of Law has an excellent overview of online privacy in their article, How much privacy do you have online? Their recommendations:

Know what to look for in the Terms and Conditions.

Clear out cookies and fully close a browser after every session.

Take advantage of customizable settings.

Use digital tools to better understand consumer rights.

Privacy Policies Too Complex

While checking the privacy policy for every site you visit is recommended, it has become increasingly impossible because of size and complex language.

A study by researchers at Carnegie Mellon concluded,

…if the average American were to actually read every single privacy policy of every single web service that she used in a year…[t]he average user would have to spend between 181 and 304 hours each year reading privacy policies.

That's approximately 4.5 and 7.6 work-weeks (about a month or two every year) — just reading privacy statements!

It would take 17 hours to read the terms & conditions of the 13 most popular apps.

Visitor Response: TL;DR

“I have read and agree to the Terms” is the biggest lie on the web. We aim to fix that.
— Terms of Service; Didn't Read

Many respond to long, complicated privacy policies with TL;DR (Too long. Didn't read.)

Privacy Policies are Changing

Privacy policies change for a number of reasons including purchase of the company or a new business plan such as the desire to use your data to train AI.

You only need to look at the way Facebook and others so quickly change their privacy policies to enhance their profitability. You're mostly on your own when it comes to protecting your identity.

Consumer Protections Needed

Consumers need a central location to find out what information companies have collected about them, how it is being used and the ability to restore your privacy.

That would be difficult to provide without legislation to create and enforce a standard by which consumers are protected from corporate giants.

Return to top

EFF 2019 report on the track record of companies in protecting your privacy

Privacy Guides

The problem with our private data is that so much of it is irreplaceable and cannot be altered. Unlike a password, once released into the world, there is no calling it back.

Who Has Your Back?

OpenMedia and the Mozilla Foundation actively promote privacy. Mozilla's stand is one of the reason I recommend the Firefox browser.

OpenMedia works to keep the Internet open, affordable, and surveillance-free. We create community-driven campaigns to engage, educate, and empower people to safeguard the Internet.
—OpenMedia

Mozilla is a global non-profit dedicated to putting you in control of your online experience and shaping the future of the web for the public good.
— Mozilla Foundation

In the face of unbounded surveillance, users of technology need to know which companies are willing to take a stand for the privacy of their users.
— EFF

Who Has Your Back? Censorship Edition 2019 documents the track record for companies in releasing private information to the government.

We Need to Do Better

Both companies and individuals need to quit ignoring the damage caused by security breaches and careless postings on social media.

Tech companies could change these things to make your life easier and protect your digital security and privacy. Why haven't they yet?
— Fix It Already

Your Browser Choice Matters

One of the reasons I recommend using Firefox as your primary browser is Mozilla's stand on privacy.

Chrome is NOT privacy-friendly and Microsoft is again modifying Edge to regain the monopoly they enjoyed with Internet Explorer. See my recommendations for a safer browser.

Other Resources

How to stop your smart TV from spying on you.
Protect your privacy from hackers, spies, and the government.
The ultimate online privacy guide.
Online privacy is a blog containing posts about privacy.
*Privacy not Included is Mozilla's guide to choosing connected devices like Google Home and Amazon Alexa.
How to keep your private conversations private for real.
How we take back the Internet (Edward Snowden at TED 2014).
7 Ways to Reclaim Your Digital Privacy.
Online Privacy: How to Minimize Your Digital Footprint.
How to ditch Google for more privacy and fewer ads.
EFF's Surveillance Self-Defense.
The Motherboard guide to not getting hacked. Dated but useful.

Return to top

Privacy Tools

Start using effective privacy tools and be sure that you're not installing software that is unsafe to use.

Make Your Website Safer

Website owners should begin to use technologies that secure their sites and make them safer to use.

Avoid sleazy invasive techniques that threaten your site's security and place site visitors at risk.

Pledge to add SSL, HSTS & PFS protection this year; it matters! Already rocking SSL & HSTS? Consider approaches to end-to-end crypto.

Develop Safe Apps

Technologies like SSL and proper certification pinning should be mandatory. End-to-end encryption makes messaging much safer and your app a worthwhile download.

Neither dangerous apps nor their developers should be in the app stores.

Too many apps collect information they don't need (often surreptitiously) then sell it to anyone that is willing to pay.
Some developers release their app without securing it properly.

If you serve ads on your app, you need to ensure that ALL third party code, including ads and analytics, are secure and ensure that ads play nicely within your app.

Test for ads that crash an app or lock it up for extended periods of time.
Remember that your paid apps are being judged by the performance of your free apps.

More About Privacy Tools

These privacy tools have been tested by me and found to be useful.

Ghostery helps you browse smarter by giving you control over ads and tracking technologies to speed up page loads, eliminate clutter, and protect your data.
Privacy Badger blocks spying ads and invisible trackers by enforcing the Do Not Track header (you have to have “Do Not Track” enabled in your browser) and may be a better alternative if you're uncomfortable with Ghostery.
More ways to win against mass surveillance.
Gibson Research Corporation projects included many ground-breaking apps:
- InControl to easily manage Windows 10 and 11 updating and upgrading
- Fingerprints
- Perfect Passwords
- ShieldsUP!
- Securable (legacy)
You're not Stringer Bell, but you may still need a burner phone.

Return to top

Crossing Borders

Like Canada's privacy laws, the rules governing border searches pre-date cellphones and consumer use of the Internet.

Searches at the border are based upon the laws from an age when everything was on paper. When those laws were written, people would seldom carry unnecessary private documents when planning to cross the border.

However, if you did carry such documents, border agents were entitled to search through those documents or copy them. That is how border agents justify copying everything on your phone or computer.

While the letter of the law may allow such searches, the spirit of those laws are being abused.

Leave Your Phone at Home

The recommendation is to leave your devices at home. If you plan to take your digital devices across the border, check out the following advice:

…[B]efore crossing the border, delete private material or transfer it to the cloud; at the border, turn on airplane mode yourself; and, finally, be prepared, unless you have some really compelling privacy reason, to just turn over your phone.
— CTV News

Alternatively, use an older phone without all the data, social media apps and similar personal information.

BCAA Recommendations

Given the potential for issues for Canadians and Americans crossing the U.S. border, here's some recommendations emailed by Mozilla:

Privacy Alert: Digital device searches at U.S. borders are escalating rapidly, requiring stronger measures from all of us.

Customs and Border Protection officials have reportedly searched the digital devices of even U.S. citizens. They are demanding access to our phones, laptops, and social media accounts — often with little legal protection in place.

Phone searches give unfettered access to personal messages, photos, and sensitive data. Take these steps now before you travel:

Steps to protect your digital privacy before crossing the U.S. border:

Pre-travel prep:

Do a digital spring clean. Review your apps, messages, files, and photos. Be especially ruthless with sensitive content — if you don't need it, don't keep it.

Back up and wipe sensitive data. Store it securely in encrypted cloud storage, then remove it from your device until you're through.

Secure your device:

Keep your operating system up to date. Regular updates make your phone harder to crack with forensic tools. Those persistent update notifications can matter more than you think.

Set a strong alphanumeric passcode. Make it longer than six digits and complex (you can set it back afterwards). Yes, it's a hassle. It's also much harder to bypass.

Disable biometric unlock. Turn off all biometrics like fingerprint access and facial recognition (branded Touch ID and Face ID on iPhones) before crossing borders. Unlike passcodes, biometrics can sometimes be used to unlock your device without your consent.

Minimize exposure during travel:

Use secure messaging apps. Apps like Signal offer end-to-end encryption. Regular texting doesn't.

Use browsers instead of dedicated apps. Access email or social media through browsers and log out completely after use. This creates less persistent data on your device.

Power off your devices before crossing. If your device is taken, handing it over powered off can provide additional encryption protection.

Know your rights:

U.S. citizens cannot be denied entry for refusing to unlock devices, though you may face detention or device seizure.

Non-citizens face different risks and may want to consult with an immigration attorney.

For the most up-to-date guidance on understanding your rights and protecting your privacy at U.S. borders, always consult reliable resources like this ACLU guide or seek legal advice before traveling.

— Mozilla

Laws Out of Touch with Reality

These laws are seriously out of touch with the reality that we carry our entire lives on our smartphones.

[B]order agents could end up seeing private emails and text messages, photos, web browser histories and sensitive documents, even if you've done nothing wrong.
— CTV News

There is an increasing trend around the world to treat borders as law-free zones where authorities have the right to carry out whatever outrageous form of surveillance they want.

But they're not: the whole point of basic rights is that you're entitled to them wherever you are.
— Edin Omanovic

The “Border” Extends Further than You Thought

Border searches can be conducted not only at the actual border, but within 100 miles (160 km) of the United States-Canada border as well as at airports or even when boarding a cruise ship.

Canada's border agents can search your phone and laptop at borders and airports, including looking through your private photos, personal messages, and call history.
— OpenMedia

Your phone is not safe at the border — OpenMedia.
A guide to your rights at the border by BC Civil Liberties Association.

Return to top

Related Resources

On this site:

Found this resource useful?

Return to top
RussHarvey.bc.ca/resources/restoreprivacy.html
Updated: May 24, 2025