More than ever before, it’s critical to keep your personal information safe on the Internet. It seems like every day there is another news story about a new database breach or identity theft scam. But in a world where we’re all connected almost constantly, how do you even know where to begin to protect your data and online identity?

It’s important to consider both security and privacy. Ideally, you would like to have a great deal of both. Many people don’t understand the difference between security and privacy. And indeed, there is some overlap between them. Generally speaking, security has to do with protecting your data and online identity, and privacy has to do with how much control you have over who sees your data and online identity.

As an example, let’s look at Eliana, a freshman at Mountain Brush Community College. Eliana has a Chromebook that she uses both for her schoolwork as well as her personal Internet use. She also has a Google-branded smartphone, and on both of these devices she uses the apps that came with them, like Gmail, Google Docs, and Google Maps. Google keeps Eliana’s information very secure. However, she doesn’t have much privacy, at least when it comes to Google—they keep an astounding amount of information about Eliana. She has to decide whether she trusts Google to know so much about her or not.

Unfortunately, both security and privacy often come at the cost of some amount of convenience. It’s up to you to decide where the right balance is for you, but in order to make that decision, you need to understand the tradeoffs.

Security

Interestingly, in today’s world, security is often easier to achieve than privacy. For one thing, we’re all used to some of the steps we have to take to keep our information secure, and it’s actually in the best interests of the big tech companies like Google, Apple, Microsoft, Amazon, and Facebook to help us keep our information secure. The same is not true for privacy, as we’ll discuss later.

Passwords and Password Managers

The first step to achieving better online security is the one that we’re all familiar with—maintaining good, separate passwords for all of our online accounts. While it’s much easier to use a few simple, easy-to-type passwords for most of your accounts (and many people still do!), this is a great example of sacrificing security for convenience. The risk is that if someone obtains your email address and password for one account (for example, through a data breach at a company you do business with), they have your login credentials for many of your accounts and can start doing real damage.

Fortunately, password managers are a great tool for maintaining quite a bit of convenience in this scenario while achieving high levels of security. A password manager is an app that runs on all of your devices (computer, phone, tablet, etc.) and stores your passwords for all your online accounts. You only have to remember a single password: the one that unlocks your password manager. This app makes it easy to create super-secure unique passwords for your online accounts because you never have to remember them! Some popular password managers are 1Password, LastPass, and Bitwarden.

Two-Factor Authentication (2FA)

Two-factor authentication (2FA) is an extra layer of security on top of your existing password. To gain access to a site, you must enter your password and then provide a second piece of information—often a code that is texted to your phone number. This increases the likelihood that you are who you say you are, and helps to prevent unauthorized access to your account. Unfortunately, this comes at the cost of convenience—it can be annoying to have to enter two pieces of information every time you log on to a site! A good compromise is to use 2FA on your most important accounts, where the most damage could be done if someone gains access to them—for example, bank accounts, your school account, and your email account.

That last one, your email account, is more important than you might think at first. If someone gains access to your email account, they can immediately change your password to lock you out, and then begin to go through all your online accounts, resetting your passwords to gain access to all those accounts. So protecting your email account should benext to protecting your bank accounts in terms of priority.

Security Updates

As hackers find exploits in software and operating systems that run on our phones and computers, security updates on our devices try to block these exploits. However, it’s up to you to make sure that you keep the software on your phone and computer up to date so that you get the latest security patches. The easiest way to do this is to set your devices to download and install security updates automatically.

Antivirus/Anti-malware

Another effective way to block unauthorized access of your personal data is to run antivirus/anti-malware software on your computer. Bitdefender, Malwarebytes, and McAfee Total Protection are some common software programs you can check out.

Ad Blockers

An ad blocker is an extension you run in your web browser that not only keeps you from being inundated with ads, but can help prevent your computer from becoming infected by malware. Some browsers now block ads without you having to install anything (e.g., Brave). For other browsers, common ad blocker extensions are AdBlock Plus and uBlock Origin.

Backup

Finally, you should take steps to protect your data from yourself! We don’t mean, of course, that you are likely to steal your own data. Rather, data loss is a common occurrence that, while not nefarious in nature, can still be very problematic. We tend to rely on cloud backups for more and more of our data these days, but it’s worth giving some thought to what happens to your data if your account is closed, or the company goes away, or even if you just exceed your storage limits and don’t realize it before your data starts being deleted. For pictures and documents that we store in the cloud and on our computers and phones, it’s good to have a backup stored somewhere safe—for example, on an external hard drive.

Privacy

Remember Eliana from our discussion above? She was the freshman who uses a Chromebook and a Google-branded smartphone, and on both of these devices she uses the apps that came with them, like Gmail, Google Docs, and Google Maps. While Google keeps Eliana’s information very secure, we noted that she doesn’t have much privacy, at least when it comes to Google. Google knows her name, email address, home address, birthday, gender, and phone number. They know what she looks like, what she sounds like, who her friends are, how much she talks to them, and what she talks about with them. They know what her interests are, what she searches for online, what she buys online, where she goes, what stores and restaurants she likes to visit, how much time she spends there, and how fast she drives. If Eliana wears a Fitbit to track her steps, Google also knows her weight, height, age, fitness goals, and how many calories she burns in a day.

To look through some of the data Google has stored about you specifically, you can visit https://takeout.google.com. Check all of the boxes that you’re interested in, and then click the button to export your data. It can take hours or days for Google to assemble the download for you, but they will email you when it’s ready, and you can poke through all your personal information that Google has stored. To limit the amount of data that Google collects on you, and to delete saved data, you can visit https://myaccount.google.com/activitycontrols.

The following image is from Google Takeout, and shows all the different categories of data that Google collects about you:

Google Takeout menu

What if Eliana was in the Apple ecosystem as opposed to Google’s—would she be better off in terms of privacy? The answer depends in part on whether or not she’s using all of the same Google apps—Gmail, Google Maps, Google Search, etc.—on her Apple devices that she was on her Google devices. If she is using Google apps, then her situation is very similar. If she has opted to avoid all Google apps, then her level of privacy has improved as Apple is not sharing her data with advertisers. Remember that a key part of Google’s business model is creating a profile of you—all your interests, online purchases, web searches, etc., and using that data to deliver targeted ads to you. Apple’s business model is different. Apple charges you higher prices for their products and services rather than delivering ads to you. Because of this difference in business models, a study in 2021 found that Google collects around twenty times more handset data than Apple^[1].

However, it’s worth noting that Apple is still tracking Eliana in many of the same ways that Google does and storing her information on their servers for their own uses. So in the end, she would still need to decide to what extent she is willing to trust a large tech company with all of her personal information.

What can you do to improve your privacy? After all, almost all of us use computers and smartphones on a daily basis, and some amount of data capturing and tracking is all but unavoidable in order to use the services that we need in everyday life. However, there are some steps you can take to begin to improve your privacy without losing too much in terms of convenience.

Text Messaging

Signal and Telegram are two good privacy-focused messaging services you can use instead of the apps that come with your smartphone, and both of them are free. On an Android phone, you can even set Signal to be your default text messaging app, and it will let you communicate with your non-Signal-using friends in addition to other Signal users (unfortunately, this isn’t possible on Apple devices due to limitations in the iOS).

Web Searching

Google is the undisputed king of web searching. However, privacy-focused alternatives are starting to appear. One of the best is DuckDuckGo. Unlike Google, it doesn’t collect or share any kind of identifiable personal information. DuckDuckGo can be used in a web browser on your computer, and is also available as an app for your smartphone.

Internet Browsing

While Google Chrome has the highest market share of all browsers, other privacy-focused alternatives exist that are arguably just as good. Two popular ones are Brave and Firefox. Brave is actually built on the underlying, open-source code that Chrome is built from, which means that the browser plug-ins you use with Chrome will also work with Brave. Firefox is not built on the same technology, but has a wide range of plug-ins available as well.

Email

Aside from privacy concerns, Gmail is a great email service—it’s easy to use, it works on almost any device, and it’s free. But again, it’s only free because Google’s business model is to sell ads rather than charging their customers. If you’re interested in improving your privacy, there are a number of email providers that you can choose from that offer private email, but the tradeoff is that they cost a few dollars per month. Popular ones include ProtonMail, FastMail, and Tutanota.