Cambridge Analytica is a name now forever tied to the massive Facebook data breach. It affected American accounts mostly, presumably because this company played a key role in manipulating American Facebook users during the last presidential elections. In the United States, people are usually less concerned about their privacy because it isn’t considered to be a basic constitutional right in the way it is here in Europe. There, it’s part of contract law, it does not exist standalone.
But also in Europe people are getting more aware of their privacy and are starting to realise that ‘free’ on the internet usually means you are paying with personal data. In a few months GDPR will be enforceable. This means that Facebook will be more transparent and give people more control over their data.
What if you are getting aware of all of this only now and you don’t want to wait for GDPR to be in effect in May, what can you do to protect your data better? You don’t have to delete your Facebook account, you only need some tweaks.
Use the browser version only
Facebook wants you to use their apps on your mobile device, because it enables them to collect more data about you, via your phone’s location history. It reads location data from your photos, which is part of the meta data sent. One option is to turn location services off for Facebook. When I realised how much extra data I was giving Facebook, I removed the app from my cell phone. Doing that, it will still know your location from photos you upload. This site shows how to turn of ‘EXIF’ data.
In the mean time I’m using the mobile browser if I really want to check what my friends are doing. If you feel fine sharing your location data, keep the app. Otherwise stick to the mobile browser. It’s not as handy, but you were spending too much time on your phone anyway.
Don’t log into third party sites with Facebook
It’s so easy: a lot of sites and services allow you to login with your Facebook account. Or use a social share button to share an article instead of copying/pasting the URL. Those buttons exist because they collect information about you. The site can sell this information to Facebook and other parties, which then gets analysed to serve you more targeted ads. As a side note, this is the reason why I disabled these buttons on this site.
Instead of caving in to convenience, you’re better off creating a standalone account for every site you want to log into with a unique password. Use a password manager to manage your login data. You can install a browser plugin handling your passwords for you. Also, disable ‘platform’ on Facebook. You’re now harder to track and if one account gets hacked, you’re not as vulnerable to more hacks.
In your web browser’s settings, you can disable third-party cookies to make it harder for Facebook and other services to track you after leaving their sites. I also have an ad blocker installed for this reason. Note that turning this option on may interfere with embedded content, that acts as if you’re visiting remote sites. YouTube videos may no longer work.
Stop doing those quizzes
Whenever you do a quiz, say to find out which Hollywood star you look like or which country you should have been born in, you are handing over both your own data and your friends’ to the app’s developer. This is why most of these quizzes exist in the first place. They are nothing but a data harvesting tool.
Keep it simple, keep it small
There’s a saying that whatever you post online will stay online. Forever. You may delete it, but there’s archive.org and a host of other places storing cached versions of that data. People can make screen shots. I keep this in mind when posting on social media. I keep things general, I do not post anything that discloses my exact location at that moment and stay clear of controversial discussions.
I even limit the amount of ‘friends’ on Facebook to people I really know in real life and whom I actually interact with. Fewer friends means smaller chance of all your data being pulled by a quiz or an app THEY log into. It’s nothing personal: just a way to keep Facebook manageable and to protect my privacy.
Deactivating vs. Deleting Facebook
Facebook gives you the opportunity to leave and take your data with you. If you want to take a break, you can deactivate your account. If you want to leave, you have to visit a support page that’s deliberately buried deep in the Facebook ecosystem to delete your account. You may want to empty your profile before leaving to make sure everything is truly gone.
To do so, click on the triangle next to the question mark in the upper right hand side of your profile screen and select ‘Activity log’ from the menu. This lists everything you’ve ever done on Facebook. Several browser plugins exist to wipe this section and thus delete your data. There’s an updated article on Slate.com that walks you through the steps of purging your activity log.
Know that Facebook owns WhatsApp and Instagram among other services, recently the Spanish privacy watchdog started litigation against WhatsApp because they are sharing data with Facebook. You may want to delete these services as well.
Image credit: Pixabay / Creative Commons / CC0