This days it is everywhere: PRISM here, PRISM there, scandal, big brother, J. Edgar Hoover "strikes back", blablabla
But the truth is nobody said internet is 100% safe. It never was, it never will, unless you are the guy setting up the cables, the ISP, the routers, the web server for the pages you visit, the SMTP server of the emails you receive...
We have taken for granted many things, and we've forgot we live in a world where the least important thing is the customer (even if it's free, which usually means we're being monetized in other ways).
Since the social networks boom, we are so quick to post personal details, rants, photos, thoughts, where we've been, when, with whom, how, doing what... We tag people, places, use keywords and hashtags, propagate it into multiple social services... We build ourselves a perfectly traceable trail of data, available in multiple places, so easy to crawl if you have power and specially tools.
Services like Klout serve as a small-scale example, tracking your online presence with just a few services (Facebook, LinkedIn, Twitter...).
I've been always a bit paranoid regarding my online persona. I wasn't a huge fan of social networks (until I worked at one I was only active at Twitter which not even fully counts as one), testing services and APIs but never using things like Foursquare or posting every action at Facebook. Now that I no longer work there I've come back to a "blackout" status, just actively using Twitter again and trying to do a lot of information control on what appears on the web.
Just in case they are of use, here are some of the actions I take to keep bits of privacy. Keep in mind that deleting data from a service or website does not means data is physically deleted, in most cases will only be marked as so, but also it should eventually be deleted... "should".
Anyway, my crazy-paranoid guy actions list:
- Yearly inbox cleanse: I have a virtual machine with Outlook installed which downloads all my mail weekly, so each january I delete all emails on my inbox from last year. If I need to check old mails I boot the VM and search inside it's tens of thousands of emails. Been doing it since 2006 and works like a charm.
- Soft "do not track": Adobe Flash, Firefox, Chrome and Internet Explorer all allow to set "Do not track" cookies and settings.
- Hard "do not track": My hosts file has a growing collection of domain names to avoid comscore, google analytics and other tracking systems. That file is your ultimate firewall, use it!
- Expiring tweets: After reading a post with the original idea I decided to copy it. The concept is simple: Delete all Twitter posts/tweets older than X months (3 in my case). Twitter has a lot of meaning in the present, but tends to be irrelevant as time goes, and can hold a lot of personal data... so better to keep it clean.
- Clean social network profiles: My Facebook, Google+ and Tuenti accounts are almost empty of some data (except friends list and some photo tags). No private messages kept, empty or almost empty walls, as few as possible personal details entered...
Social networks are the biggest privacy "leak" because we tend to feel it is natural to write on them personal stuff, but they are commercial entities who feed and earn because of your data, your social graph, your tastes, your friends...
I try to limit them a lot, nothing beats chatting with a beer and else emails are safer and faster.
- Fake profiles: Want to try Foursquare? Need to see how service XXX works? Wish to enter a promo code for a free lunch but don't want to give away your personal email for future spam? Have one or two fake profiles for those cases, or use services like GuerrillaMail to create temporally emails.
- Invest time in removing online trails, subscriptions, lists... Almost everybody forgets about accounts here and there and just leaves them as "unused", or creates a filter for spammy emails of websites you once bought something and keep sending you newsletters. That doesn't solve the problem, invest time into unsubscribing or deleting your account there. It can be hard, take effort, days and stupid steps (Microsoft Account + XBox Live, I'm looking at you) but it is the proper way to go.
- "Think before you click": A motto I cannot repeat enough times. In the end nobody forces you to write everything, so think if it is proper or not for being public. It is always harder to remove than not adding it in first place.
I am in no way approving PRISM nor saying it is what we deserve. Of course it is outrageous and should be stopped, but also it is our daily duty to protect our own privacy.