Since I wrote about escaping from Google’s walled garden on my Android phone, I have made some effort to further implement this on my desktops as well. Geoffrey A Fowler is a columnist in the Washington Post and he has written a number of articles about these privacy concerns about Google’s vast data mining efforts that they are making across a range of platforms. These columns have been carried on Stuff’s website and the most recent one, just last week, took a hard look at the Chrome browser.
From my perspective, it’s simple: I ditched the Chrome browser after I switched to Linux. It wasn’t something I thought about immediately; Chrome is produced for the most common Linux platforms (Debian-based distros in particular) and I actually did use it for a time, but eventually I switched to Firefox, mostly at that time because of Mozilla’s reputation for openness and privacy. The Mozilla platform has inspired a much larger community effort in the development of extensions, which offer much more customisation of the browser, and I’ve long been a fan of Firefox and Thunderbird in particular, although the latter is now developed by an independent community. Generally I have chosen to use Firefox Developer Edition and on each computer that I run it on, it is installed into my user profile (as is Thunderbird), which saves another step when reinstalling Linux. It took a while before I felt that Firefox was good enough for me to replace Chrome completely but after a couple of false starts, I have stayed with Firefox and haven’t looked back. It’s only on the R-Pi that I have Chromium because they don’t build Firefox for their platform. I hadn’t actually thought much about privacy until quite recently, or that the Chrome browser itself could be spying on me, but it makes sense that this is probably what Google is using Chrome for.
Since then, more recently having become aware of Google’s practices and having switched my phone off standard Android (especially since it’s a Google phone), I have switched to a different search engine in my browser (not Google). DuckDuckGo is an example that I have tested which is nearly as good as Google. I don’t know if their reputation is any good. There are others, so I am not sure which is the best choice at the moment, but the issue is that most of them are commercial operations that have to have some interest in what you are putting through their sites and possibly still collecting data in some shape or form. It’s interesting that some people claim Apple iOS is a better more private phone / handheld platform. Whilst Apple does take privacy more seriously than Google, they are still a business and there is still plenty of data mining happening on Apple devices. The key issue is that people should be able to completely opt out of having their data mined on any platform, and whilst Apple does give people more options, it’s still hard for anyone to really have a free choice and full knowledge to be able to stop this happening on iOS.
The next step after a better browser is to start limiting web site tracking that a lot of sites do. For example Facebook and Google and a lot of other companies have web site trackers that tell them when you access certain sites. Firefox now comes with tracking protection built in, and I recently have set it to the strongest settings, and have noticed almost no impact on what I can do in Firefox. Secondly you may want to look at an ad blocker; I chose to use Adblock Plus. The issue is not that ads are annoying or intrusive, but that they are another way to gather tracking data about the sites you are visiting. There are a small number of sites I’ve experienced that block you from accessing content because you are using an ad blocker; with a scripting extension that I haven’t yet tested, it is possible to block sites from detecting the ad blocker, but the number of sites that work this way is actually quite small (IIRC the Washington Post is one of the few).
Another useful idea is deleting cookies from a site when you close the site. Some news sites use cookies to limit the number of free articles you can view before they start blocking you. The technically astute can always configure the browser (perhaps with an extension) to delete the cookies when you close the site, and stop this particular level of tracking.
Firefox also has Facebook Containers and Multi Account Containers, which are extensions that you can use to manage the ability of different tabs in a browser session to access data from other tabs. Essentially these extensions group together either all Facebook tabs, or other tabs that you choose, into containers that don’t have access to the data in other containers. Mostly I have found it useful to be able to log into multiple different Google sessions in the same browser. However for most of the time it is more useful to use separate Firefox user profiles and have a desktop menu shortcut that starts Firefox with each particular user profile in order to access the multiple accounts each in its own browser window. The main point of Facebook containers is to limit Facebook’s ability to access the data outside the container (i.e. all the other websites you use) which is another privacy management technique.
It’s also very important that you don’t use your Facebook or Google (or WordPress or any other site) credentials to log in to another site, because that gives that site access to your Facebook or Google profile and some of the data in it. Likewise, some apps that you install in Facebook can create this problem. In both types of situations, sites or apps can gather data from Facebook/Google and can even post spam on your Facebook or Google profile.
To finish off here’s a few articles from the Stuff site addressing some of these issues.
- https://www.stuff.co.nz/technology/digital-living/103165837/the-spotlights-on-facebook-but-google-is-also-in-the-privacy-hot-seat
- https://www.stuff.co.nz/technology/113653726/new-technology-for-text-after-a-decade – a big concern if Google wants to take over from texting because they can collect every message. In no way should you be handing over your private communications to a data miner like Google.
- https://www.stuff.co.nz/business/103021108/facebook-not-the-only-company-using-kiwis-data – this one highlights some of the above, as well as things like loyalty schemes. The supermarkets using their OneCard or ClubCard etc are a big concern because these cards will enable them to record every single purchase you make and it can be linked online via the email address in your profile. Since these cards only give quite small and specific discounts on purchases there is not much to lose from shunning them.
- https://www.stuff.co.nz/technology/apps/102929604/how-to-stop-haemorrhaging-data-on-facebook – it’s a bit scary how much we use Facebook and potentially how much data they can collect on us. Since I changed my phone to remove social media apps, I’ve also had a policy of limiting the number of personal posts I make on my social media timelines. Most of the time I only use social media for interests like the various areas covered by the blogs I post and the church ministries I engage with. This does mean some data is being collected about me but it is limited to only specific areas and not all of my personal life.
- https://www.stuff.co.nz/technology/102524553/firefox-maker-mozilla-to-stop-facebook-advertising-because-of-data-scandal
- https://www.stuff.co.nz/business/world/107355983/google-quietly-started-logging-people-into-chrome-without-their-consent – this is a pretty serious privacy intrusion, and one of the things Google can make happen with Chrome. On a Chromebook, you are always logged into the browser without being given the extra step that you used to get on the desktop edition. Another reason to avoid Google as much as possible – they are just not trustworthy.
- https://blog.cryptographyengineering.com/2018/09/23/why-im-leaving-chrome/ – this one is actually from the source, it’s a data mining technology expert saying why he is ditching Chrome. Pretty much adds to the article I quoted at the top of this post.
- https://www.stuff.co.nz/business/world/113082499/while-youre-asleep-data-companies-probe-your-iphone – highlights the data collection happening on iOS by apps, and that Apple doesn’t do all they could to stop it.
- https://www.stuff.co.nz/technology/digital-living/99505534/apple-is-sharing-your-face-with-apps-thats-a-new-privacy-worry – highlights that Apple is sharing FaceID data on your device with apps and the concerns this creates.
- https://www.stuff.co.nz/technology/digital-living/102619580/android-should-share-the-blame-with-facebook-for-tracking-calls-and-texts – highlights concerns about the amount of access Facebook has had to call and text data on the Android platform. Apparently, this has been blocked by an update to the Android API, but it basically highlights that a key problem on phone platforms is that apps have the ability to siphon a whole lot of data behind the user’s back.
- https://qz.com/1131515/google-collects-android-users-locations-even-when-location-services-are-disabled/ – highlights how you can’t even trust Google to respect user’s choice of settings to try and stop data from being collected on them.
- https://www.infoworld.com/article/2993308/app-privacy-ios-vs-android.html – highlights how even in later versions of Android, users can still be limited in their ability to set permissions. One of the key issues I did find was trying to block apps like “Google” (the app that amongst other things forces you to use the voice recognition feature) and “Google Play Services” from having access to the phone’s microphone – even if I had no desire to use these features, Google would try any way they could to stop me from turning those permissions off. The latest war on the one phone I have that still runs regular Android is getting Google to let me disable the Google app and uninstall the update that it forced onto my phone without asking permission – the much larger latest version of the app that turns on the Assistant and makes it very difficult to disable this feature. I would keep uninstalling the app and Google will keep reinstalling the newest version, making it impossible to trust Google is not going to keep forcing new data hoovering techniques onto my phone.
- https://www.zdnet.com/article/the-state-of-mobile-device-security-android-vs-ios/ – highlights some key differences between the two main mobile platforms, including Apple’s much stronger use of encryption by default on their platform.
- https://www.stuff.co.nz/technology/digital-living/98173405/why-you-should-use-incognito-mode-when-browsing-online – highlights browser data tracking issues and suggests using incognito mode. Personally, I think that turning on the tracker protection measures in Firefox that I have mentioned up above is good enough to use the regular browsing mode. I haven’t looked at deleting cookies – this is another idea that might be worth considering, but not for all sites.