In this article:
In this article:
Your personal information is easily available online to anyone who knows where to look — unless you take these steps to secure your online identity.
Your personal information is easily available online to anyone who knows where to look — unless you take these steps to secure your online identity.
In this article:
In this article:
Every app, website, and company that you have an account with is tracking you. Advertisers, data brokers and government agencies use online tracking tools to gather information about who you are, what you’re interested in, and which activities you pursue online.
This level of data collection puts your online privacy at risk in many ways.
For instance, if fraudsters get hold of your personally identifiable information (PII) — like your name, phone number, and Social Security number (SSN) — they could hack your accounts, scam you, or even steal your identity.
In April 2024, the U.S. Congress proposed the American Privacy Rights Act (APRA) to limit the types of consumer data that companies can collect, retain, and use [*]. However, it’s not law, yet — and the internet remains a risky place for your personal information.
{{show-toc}}
Your online activity provides companies — and potential hackers — with a wealth of sensitive information. Whether it’s contact details and personal updates on social media sites or browsing data collected via cookies, pixels, and device fingerprinting, it’s harder than ever to maintain online privacy.
Here are some common ways that your personal information gets collected online:
While there are data privacy laws in place, companies don’t always follow them. In 2023, many popular tech companies, including Meta and WhatsApp, were fined billions of dollars for violating GDPR data privacy laws [*].
The best way to protect your privacy online is to share less of your personal information. For example, only provide the minimal details required on your social media profiles. Skip any “optional” information, like a middle name or phone number, that will only add to your digital footprint.
It’s safe to assume that any information you share online can fall into the wrong hands.
Before you sign up for a service, post an update, or give a web page your contact details, ask yourself whether you’re okay with that information being leaked.
Pro tip: Use a secondary “throwaway” email address when signing up for online services. Protect your primary email address from spam and scams by using an email alias for retail accounts, subscriptions, and newsletters. Aura offers an easy way to do this with email aliases that forward messages to your primary inbox without compromising your email address.
📌 Related: How To Check Your Digital Footprint →
If you have weak passwords or reuse credentials across accounts, it can put many of your most sensitive online accounts at risk. Strong passwords are your first line of defense against hacking and internet privacy concerns.
When you choose passwords for your accounts, make sure they are:
Make sure you’re using two-factor authentication (2FA) whenever possible. This is a security measure that requires a secondary authentication method to access your accounts — such as a one-time use code sent to an authenticator app. 2FA can protect your accounts even if your passwords are leaked.
Insider tip: If you get an email about a recent hack or data breach, your personal data may be compromised. Check to see if your passwords are at risk by using Aura’s free Dark Web Scanner.
Set the privacy settings on social media to ensure that only friends and family are able to view your profile. This prevents unwanted people from researching you, and hackers from using your public profile to target you with phishing scams.
The key settings to consider are location tracking, photos, and content — think about who can see this information. The more you hide, the harder you make it for scammers and identity thieves to exploit you.
📌 Related: How To Properly Set Up Your iPhone's Privacy Settings →
Outdated or unused apps, web browsers, and browser extensions can continue to collect data about you — and are more susceptible to hacking and data breaches.
In May 2024, stolen customer data from AT&T was found on the Dark Web. Apparently, this data was originally exposed in a 2019 hack and includes SSNs and account information for approximately 65.4 million former customers [*].
Take time to audit the apps and accounts on your devices — delete everything you don’t use, and keep up with software updates on any apps you choose to keep. If you use Chrome, you can see all extensions by typing chrome://extensions/ in your search bar.
Pro tip: In general, it’s better to browse on websites, not apps. Major browsers like Chrome, Safari, and Firefox won’t allow websites to collect as much information about you as an app might. Still, if you’re accessing your bank or other secure accounts, an app may be better.
📌 Related: How To Delete Your Digital Footprint →
Search engines like Google and Bing collect a huge amount of your personal data — unless you change your settings.
Here’s what to do:
Unfortunately, there’s no way to eliminate all online trackers on Google — but you can switch to an online privacy-focused search engine like DuckDuckGo or Brave.
These browsers block third-party ad trackers, cookies, and fingerprinting. Also, by disabling invasive ads and trackers, many privacy-focused browsers improve loading times on desktop and mobile.
📌 Related: How To Get Your Personal Information Off of Google Search →
A VPN encrypts your IP address and internet traffic — which stops your internet service provider (ISP), government agencies, and snooping eyes from tracking your activity or seeing what you do online. This is especially important when using public Wi-Fi networks, which can be more easily compromised or hacked.
Why not just use private browsing? Private browsing or incognito mode prevents your browsing history from showing up in your browser, but it won’t block your ISP from seeing what you do online. Only a VPN can keep your online activity truly private.
📌 Related: Is a VPN Worth It? What To Know Before You Use One →
Device security is an overlooked aspect of online privacy. An outdated device or software can include known vulnerabilities that scammers can use to access your most private data.
As cybersecurity expert Andrew Cardwell explains [*]:
“Vulnerabilities are like jungle paths — the longer they exist, the more predators find them.”
One of the best things you can do to stay safe online is set your operating system and app store to automatically install updates.
Here’s how to enable auto updates on:
For added protection, consider installing antivirus software to protect against malicious programs like spyware, which collects data (such as credit card information) in the background.
In July 2024, Google did a U-turn on its promise to phase out tracking cookies used for ad personalization. Reuters revealed that advertisers pressured Google to keep cookies in the Chrome browser, putting the onus on users to block trackers [*].
Personalized advertising enables advertisers to target and reach users based on interests, demographics, and online behaviors. You can disable this feature in order to protect your private information from being shared or leaked without your consent.
To start, decline pop-ups and cookie notices on websites whenever possible. If you use an iPhone or other Apple mobile device, iOS versions 14.5+ let you disable cross-app tracking [*].
You can also disable ad personalization across apps, including:
Encryption makes your documents and data unreadable to anyone who doesn’t have the decryption key. All modern Apple and Android mobile devices use encryption by default, but you can also set up encryption on Windows and Mac devices.
Text messages and Facebook Messenger have “back doors” that allow third parties to read what you send. While there are privacy concerns about other messaging apps [*], it’s still best to stick to apps with end-to-end encryption, like Telegram, Signal, and WhatsApp.
📌 Related: How To Tell If An Email Is From a Scammer [With Examples] →
It’s crucial to restrict access to your smartphone, as it’s the entry point to numerous sensitive apps and pieces of data — including your emails, banking details, social media accounts, and photos.
Here’s what to do:
Pro tip for iOS users: In September 2024, Apple released new safety features, including a separate password app and a way to lock or hide specific apps [*].
While third-party app connections are convenient when you log in or check out of e-commerce stores (such as via Login with Google or Facebook), this level of data sharing can put you at risk. If one company is breached, any connected accounts could be exploited.
For better online privacy and security, limit the number of third-party app connections to the bare essentials.
Ideally, you should avoid linking any high-value accounts in this way — including your banking, IRS, and medical accounts.
📌 Related: What Is Cyber Hygiene? 10 Easy Habits That Will Protect You Online →
Data brokers and people search sites like Whitepages, Spokeo, and Radaris scrape public records for consumer data — including personal details, contact information, and browsing habits. These companies sell the information to advertisers, telemarketers, and even scammers.
California’s DELETE Act allows people to order hundreds of state registered data brokers to delete their personal data with a single request [*]. Unfortunately, many data brokers will re-add your information later.
You can save time with Aura — privacy protection plans include a service which automatically scans data broker databases and sends removal requests on your behalf.
Online privacy refers to your ability to control your personal information and its usage. This control extends to information you share on social media sites and the conditions you agree to in a company's terms of service.
Online security is how a company focuses on protecting your data from unauthorized access or theft. For example, companies should have reliable measures in place to prevent hacking, identity theft, and data breaches.
This distinction is what makes online privacy so complicated.
Even if you do everything you can to protect your personal information online, companies can get hacked, collect more data than necessary, or use what they know about you for questionable — and even fraudulent — purposes.
There are currently 13 states with comprehensive state privacy laws, but the United States still lacks a federal privacy law [*]. Despite recent advances in the law, many companies and government agencies continue to exploit legal loopholes that enable them to collect and share data about Americans.
You can’t put all your trust in everyone else to protect your data — it’s time to take ownership of your personal information.
📌 Related: Is Norton Privacy Monitor Assistant Worth It? →
As long as you use the internet, you face a constant battle to keep your data out of the hands of companies, government bodies, advertisers, and cybercriminals.
Now that you know how to protect your online privacy, you can take the essential steps needed to gain control of your information. You can limit what you share, strengthen your account security, and use the internet with a privacy-first mindset.
However, it’s much easier — and safer — to have a dedicated digital security platform do the work for you.
Editorial note: Our articles provide educational information for you to increase awareness about digital safety. Aura’s services may not provide the exact features we write about, nor may cover or protect against every type of crime, fraud, or threat discussed in our articles. Please review our Terms during enrollment or setup for more information. Remember that no one can prevent all identity theft or cybercrime.