Reproductive Healthcare Service Provider, Seeker, or Advocate?

  • Reproductive Healthcare Service Provider, Seeker, or Advocate?

    Tips, tools and techniques to keep you and your community safe while fighting for the right to reproductive healthcare.

    If you or someone you know is concerned about unwanted data collection while navigating online resources, providing or seeking services, or organizing with others, here is a list of guides to stay safe while doing so.


  • Your Security Plan

    Trying to protect all your data from everyone all the time is impractical and exhausting. But, have no fear! Security is a process, and through thoughtful planning, you can put together a plan that’s right for you. Security isn’t just about the tools you use or the software you download. It begins with understanding the unique threats you face and how you can counter those threats.

    In computer security, a threat is a potential event that could undermine your efforts to defend your data. You can counter the threats you face by determining what you need to protect and from whom you need to protect it. This is the process of security planning, often referred to as “threat modeling.”

    This guide will teach you how to make a security plan for your digital information and how to determine what solutions are best for you.

    What does a security plan look like? Let’s say you want to keep your house and possessions safe. Here are a few questions you might ask:

    What do I have inside my home that is worth protecting?

    • Assets could include: jewelry, electronics, financial documents, passports, or photos

    Who do I want to protect it from?

    • Adversaries could include: burglars, roommates, or guests

    How likely is it that I will need to protect it?

    • Does my neighborhood have a history of burglaries? How trustworthy are my roommates/guests? What are the capabilities of my adversaries? What are the risks I should consider?

    How bad are the consequences if I fail?

    • Do I have anything in my house that I cannot replace? Do I have the time or money to replace these things? Do I have insurance that covers goods stolen from my home?

    How much trouble am I willing to go through to prevent these consequences?

    • Am I willing to buy a safe for sensitive documents? Can I afford to buy a high-quality lock? Do I have time to open a security box at my local bank and keep my valuables there?

    Once you have asked yourself these questions, you are in a position to assess what measures to take. If your possessions are valuable, but the probability of a break-in is low, then you may not want to invest too much money in a lock. But, if the probability of a break-in is high, you’ll want to get the best lock on the market, and consider adding a security system.

    Making a security plan will help you to understand the threats that are unique to you and to evaluate your assets, your adversaries, and your adversaries’ capabilities, along with the likelihood of risks you face.

    How do I make my own security plan? Where do I start?

    Security planning helps you to identify what could happen to the things you value and determine from whom you need to protect them. When building a security plan answer these five questions:

    1. What do I want to protect?
    2. Who do I want to protect it from?
    3. How bad are the consequences if I fail?
    4. How likely is it that I will need to protect it?
    5. How much trouble am I willing to go through to try to prevent potential consequences?

    Let’s take a closer look at each of these questions.

    What do I want to protect?

    An “asset” is something you value and want to protect. In the context of digital security, an asset is usually some kind of information. For example, your emails, contact lists, instant messages, location, and files are all possible assets. Your devices may also be assets.

    Make a list of your assets: data that you keep, where it’s kept, who has access to it, and what stops others from accessing it.

    Who do I want to protect it from?

    To answer this question, it’s important to identify who might want to target you or your information. A person or entity that poses a threat to your assets is an “adversary.” Examples of potential adversaries are your boss, your former partner, your business competition, your government, or a hacker on a public network.

    Make a list of your adversaries, or those who might want to get ahold of your assets. Your list may include individuals, a government agency, or corporations.

    Depending on who your adversaries are, under some circumstances this list might be something you want to destroy after you’re done security planning.

    How bad are the consequences if I fail?

    There are many ways that an adversary could gain access to your data. For example, an adversary can read your private communications as they pass through the network, or they can delete or corrupt your data.

    The motives of adversaries differ widely, as do their tactics. A government trying to prevent the spread of a video showing police violence may be content to simply delete or reduce the availability of that video. In contrast, a political opponent may wish to gain access to secret content and publish that content without you knowing.

    Security planning involves understanding how bad the consequences could be if an adversary successfully gains access to one of your assets. To determine this, you should consider the capability of your adversary. For example, your mobile phone provider has access to all your phone records. A hacker on an open Wi-Fi network can access your unencrypted communications. Your government might have stronger capabilities.

    Write down what your adversary might want to do with your private data.

    How likely is it that I will need to protect it?

    Risk is the likelihood that a particular threat against a particular asset will actually occur. It goes hand-in-hand with capability. While your mobile phone provider has the capability to access all of your data, the risk of them posting your private data online to harm your reputation is low.

    It is important to distinguish between what might happen and the probability it may happen. For instance, there is a threat that your building might collapse, but the risk of this happening is far greater in San Francisco (where earthquakes are common) than in Stockholm (where they are not).

    Assessing risks is both a personal and a subjective process. Many people find certain threats unacceptable no matter the likelihood they will occur because the mere presence of the threat at any likelihood is not worth the cost. In other cases, people disregard high risks because they don’t view the threat as a problem.

    Write down which threats you are going to take seriously, and which may be too rare or too harmless (or too difficult to combat) to worry about.

    How much trouble am I willing to go through to try to prevent potential consequences?

    There is no perfect option for security. Not everyone has the same priorities, concerns, or access to resources. Your risk assessment will allow you to plan the right strategy for you, balancing convenience, cost, and privacy.

    For example, an attorney representing a client in a national security case may be willing to go to greater lengths to protect communications about that case, such as using encrypted email, than a family member who regularly emails funny cat videos.

    Write down what options you have available to you to help mitigate your unique threats. Note if you have any financial constraints, technical constraints, or social constraints.

    Security planning as a regular practice

    Keep in mind your security plan can change as your situation changes. Thus, revisiting your security plan frequently is good practice.

    Create your own security plan based on your own unique situation. Then mark your calendar for a date in the future. This will prompt you to review your plan and check back in to determine whether it’s still relevant to your situation.

    Last reviewed: 
  • Communicating with Others

    Telecommunication networks and the Internet have made communicating with people easier than ever, but have also made surveillance more prevalent. Without taking extra steps to protect your privacy, every phone call, text message, email, instant message, video and audio chat, and social media message could be vulnerable to eavesdroppers.

    Often the most privacy-protective way to communicate with others is in person, without computers or phones being involved at all. Because this isn’t always possible, the next best thing is to use end-to-end encryption.

    How Does End-to-End Encryption Work?

    End-to-end encryption ensures that information is turned into a secret message by its original sender (the first “end”), and decoded only by its final recipient (the second “end”). This means that no one can “listen in” and eavesdrop on your activity, including wifi cafe snoops, your Internet service provider, and even the website or app you are using itself. Somewhat counter-intuitively, just because you access messages in an app on your phone or information from a website on your computer does not mean that the app company or website platform itself can see them. This is a core characteristic of good encryption: even the people who design and deploy it cannot themselves break it.

    All the tools that have guides on the SSD site use end-to-end encryption. You can use end-to-end encryption for any kind of communication — including voice and video calls, messaging and chat, and email.

    (Not to be confused with end-to-end encryption is transport-layer encryption. While end-to-end encryption protects messages, for example, all the way from you to your recipient, transport-layer encryption only protects them as they travel from your device to the app’s servers and from the app’s servers to your recipient’s device. In the middle, your messaging service provider—or the website you are browsing, or the app you are using—can see unencrypted copies of your messages.)

    Under the hood, end-to-end encryption works like this: When two people want to communicate via end-to-end encryption (for example, Akiko and Boris) they must each generate pieces of data, called keys. These keys can be used to turn data that anyone can read into data that can be only read by someone who has a matching key. Before Akiko sends a message to Boris, she encrypts it to Boris's key so that only Boris can decrypt it. Then she sends this encrypted message across the Internet. If anyone is eavesdropping on Akiko and Boris—even if they have access to the service that Akiko is using to send this message (such as her email account)—they will only see the encrypted data and will be unable to read the message. When Boris receives it, he must use his key to decrypt it into a readable message.

    Some services, like Google Hangouts, advertise “encryption,” but use keys that are created and controlled by Google, not the sender and final receiver of the message. This is not end-to-end encryption. To be truly secure, only the “ends” of the conversation should have the keys that let them encrypt and decrypt. If the service you use controls the keys, that is transport layer-encryption instead.

    End-to-end encryption means that users must keep their keys secret. It can also mean doing work to make sure the keys used to encrypt and decrypt belong to the right people. Using end-to-end encryption can involve some effort—from simply choosing to download an app that offers it to proactively verifying keys—but it's the best way for users to verify the security of their communications without having to trust the platform that they're both using.

    Learn more about encryption in What Should I know About Encryption?, Key Concepts in Encryption, and Different Types of Encryption. We also explain one particular kind of end-to-end encryption—called “public key encryption”—in more detail in A Deep Dive on End-to-End Encryption.

    Phone Calls and Text Messages versus Encrypted Internet Messages

    When you make a call from a landline or a mobile phone, your call is not end-to-end encrypted. When you send a text message (also known as SMS) on a phone, the text is not encrypted at all. Both allow governments or anyone else with power over the phone company to read your messages or record your calls. If your risk assessment includes government interception, you may prefer to use encrypted alternatives that operate over the Internet. As a bonus, many of these encrypted alternatives also offer video.

    Some examples of services or software that offer end-to-end encrypted texting and voice and video calls include:

    Some examples of services that do not offer end-to-end encryption by default include:

    • Google Hangouts
    • Kakao Talk
    • Line
    • Snapchat
    • WeChat
    • QQ
    • Yahoo Messenger

    And some services, like Facebook Messenger and Telegram, only offer end-to-end encryption if you deliberately turn it on. Others, like iMessage, only offer end-to-end encryption when both users are using a particular device (in the case of iMessage, both users need to be using an iPhone).

    How Much Can You Trust Your Messaging Service?

    End-to-end encryption can defend you against surveillance by governments, hackers, and the messaging service itself. But all of those groups might be able to make secret changes in the software you use so that even if it claims to use end-to-end encryption, it is really sending your data unencrypted or with weakened encryption.

    Many groups, including EFF, spend time watching well-known providers (like WhatsApp, which is owned by Facebook, or Signal) to make sure they really are providing the end-to-end encryption they promise. But if you are concerned about these risks, you can use tools that use publicly known and reviewed encryption techniques and are designed to be independent of the transport systems they use. OTR and PGP are two examples. These systems rely on user expertise to operate, are often less user-friendly, and are older protocols that don’t use all of the modern best encryption techniques.

    Off-the-Record (OTR) is an end-to-end encryption protocol for real-time text conversations that can be used on top of a variety of instant messaging services. Some tools that incorporate OTR include:

    PGP (or Pretty Good Privacy) is the standard for end-to-end encryption of email. For detailed instructions on how to install and use PGP encryption for your email, see:

    PGP for email is best-suited for technically experienced users communicating with other technically experienced users who are well aware of PGP’s complexities and limitations.

    What End-To-End Encryption Does Not Do

    End-to-end encryption only protects the content of your communication, not the fact that you are communicating in the first place. It does not protect your metadata, which includes, for example, the subject line of an email, who you are communicating with, and when. If you are making a call from a cell phone, information about your location is also metadata.

    Metadata can provide extremely revealing information about you even when the content of your communication remains secret.

    Metadata about your phone calls can give away some very intimate and sensitive information. For example:

    • They know you rang a phone sex service at 2:24 am and spoke for 18 minutes, but they don't know what you talked about.
    • They know you called the suicide prevention hotline from the Golden Gate Bridge, but the topic of the call remains a secret.
    • They know you spoke with an HIV testing service, then your doctor, then your health insurance company in the same hour, but they don't know what was discussed.
    • They know you received a call from the local NRA office while it was having a campaign against gun legislation, and then called your senators and congressional representatives immediately after, but the content of those calls remains safe from government intrusion.
    • They know you called a gynecologist, spoke for a half hour, and then called the local Planned Parenthood's number later that day, but nobody knows what you spoke about.

    Other Important Features

    End-to-end encryption is only one of many features that may be important to you in secure communication. As described above, end-to-end encryption is great for preventing companies and governments from accessing your messages. But for many people, companies and governments are not the biggest threat, and therefore end-to-end encryption might not be the biggest priority.

    For example, if someone is worried about a spouse, parent, or employer with physical access to their device, the ability to send ephemeral, “disappearing” messages might be their deciding factor in choosing a messenger. Someone else might be worried about giving their phone number out, and so the ability to use a non-phone-number “alias” might be important.

    More generally, security and privacy features are not the only variables that matter in choosing a secure communications method. An app with great security features is worthless if none of your friends and contacts use it, and the most popular and widely used apps can vary significantly by country and community. Poor quality of service or having to pay for an app can also make a messenger unsuitable for some people.

    The more clearly you understand what you want and need out of a secure communication method, the easier it will be to navigate the wealth of extensive, conflicting, and sometimes outdated information available.

    Last reviewed: 
  • Keeping Your Data Safe

    If you have a smartphone, laptop, or tablet, you’re carrying a massive amount of data with you at all times. Your social contacts, private communications, personal documents and personal photos (many of which have confidential information of dozens, even thousands of people) are just some examples of things you may store on your digital devices. Because we store and carry so much data, it can be hard to keep it safe—especially because it can be taken from you relatively easily.

    Your data can be seized at the border, taken from you in the street, or burgled from your house and copied in seconds. Unfortunately, locking your device with passwords, PINs, or gestures may not protect your data if the device itself is seized. It’s relatively easy to bypass such locks because your data is stored in an easily-readable form within the device. An adversary would just need to access the storage directly in order to copy or examine your data without your password.

    With that said, you can make it harder for those who physically steal your data to unlock its secrets. Here are a few ways you can help keep your data safe.

    Encrypt Your Data

    If you use encryption, your adversary needs both your device and your password to unscramble the encrypted data. Therefore, it's safest to encrypt all of your data, not just a few folders. Most smartphones and computers offer complete, full-disk encryption as an option.

    For smartphones and tablets:

    • Android offers full-disk encryption when you first set up your device on newer devices, or anytime afterwards under its “Security” settings for all devices.
    • Apple devices such as the iPhone and iPad describe it as “Data Protection” and turn it on if you set a passcode.

    For computers:

    • Apple provides a built-in, full-disk encryption feature on macOS called FileVault.  
    • Linux distributions usually offer full-disk encryption when you first set up your system.
    • Windows Vista or later includes a full-disk encryption feature called BitLocker.

    BitLocker's code is closed and proprietary, which means it is hard for external reviewers to know exactly how secure it is. Using BitLocker requires you trust Microsoft provides a secure storage system without hidden vulnerabilities. On the other hand, if you're already using Windows, you are already trusting Microsoft to the same extent. If you are worried about surveillance from the kind of adversaries who might know of or benefit from a backdoor in either Windows or BitLocker, consider an alternative open-source operating system such as GNU/Linux or BSD, especially a version that has been hardened against security attacks, such as Tails or Qubes OS. Alternatively, consider installing an alternative disk encryption software, Veracrypt, to encrypt your hard drive.

    Remember: Whatever your device calls it, encryption is only as good as your password. If an adversary has your device, they have all the time in the world to figure out your passwords. An effective way of creating a strong and memorable password is to use dice and a word list to randomly choose words. Together, these words form your “passphrase.” A “passphrase” is a type of password that is longer for added security. For disk encryption we recommend selecting a minimum of six words. Check out our guide to Creating Strong Passwords for more information.

    It may be unrealistic for you to learn and enter a long passphrase on your smartphone or mobile device. So, while encryption can be useful to prevent casual access, you should preserve truly confidential data by keeping it hidden from physical access by adversaries, or cordoned away on a much more secure device.

    Create a Secure Device

    Maintaining a secure environment can be hard. At best, you have to change passwords, habits, and perhaps the software you use on your main computer or device. At worst, you have to constantly think about whether you're leaking confidential information or using unsafe practices. Even when you know the problems, you may not be able to employ solutions because sometimes people with whom you need to communicate use unsafe digital security practices. For instance, work colleagues might want you to open email attachments from them, even though you know your adversaries could impersonate them and send you malware.

    So what’s the solution? Consider cordoning off valuable data and communications onto a more secure device. You can use the secure device to keep the primary copy of your confidential data. Only use this device occasionally and, when you do, consciously take much more care over your actions. If you need to open attachments, or use insecure software, do it on another machine.

    An extra, secure computer may not be as expensive an option as you think. A computer that is seldom used, and only runs a few programs, does not need to be particularly fast or new. You can buy an older netbook for a fraction of the price of a modern laptop or phone. Older machines also have the advantage that secure software like Tails may be more likely to work with them than newer models. Some general advice is almost always true: When you buy a device or an operating system, keep it up-to-date with software updates. Updates will often fix security problems in older code that attacks can exploit. Note that some older operating systems may no longer be supported, even for security updates.

    When Setting up a Secure Computer, What Steps Can You Take to Make it Secure?

    1. Keep your device well-hidden and don’t discuss its location—somewhere where you are able to tell if it has been tampered with, such as a locked cabinet.
    2. Encrypt your computer’s hard drive with a strong passphrase so that if it is stolen, the data will remain unreadable without the passphrase.
    3. Install a privacy- and security-focused operating system like Tails. You might not be able (or want) to use an open-source operating system in your everyday work, but if you just need to store, edit, and write confidential emails or instant messages from this secure device, Tails will work well and defaults to high security settings.
    4. Keep your device offline. Unsurprisingly, the best way to protect yourself from Internet attacks or online surveillance is to never connect to the Internet. You could make sure your secure device never connects to a local network or Wifi and only copy files onto the machine using physical media, like DVDs or USB drives. In network security, this is known as having an “air gap” between the computer and the rest of the world. While extreme, this can be an option if you want to protect data that you rarely access, but never want to lose (such as an encryption key, a list of passwords, or a backup copy of someone else's private data that has been entrusted to you). In most of these cases, you might want to consider just having a hidden storage device, rather than a full computer. An encrypted USB key kept safely hidden, for example, is probably as useful (or as useless) as a complete computer unplugged from the Internet.
    5. Don’t log in to your usual accounts. If you do use your secure device to connect to the Internet, create separate web or email accounts that you use for communications from this device, and use Tor (see guides for Linux, macOS, Windows) to keep your IP address hidden from those services. If someone is choosing to specifically target your identity with malware, or is only intercepting your communications, separate accounts and Tor can help break the link between your identity, and this particular machine.

    While having one secure device that contains important, confidential information may help protect it from adversaries, it also creates an obvious target. There’s also a risk of losing the only copy of your data if the machine is destroyed. If your adversary would benefit from you losing all your data, don't keep it in just one place, no matter how secure. Encrypt a copy and keep it somewhere else.

    A variation on the idea of a secure machine is to have an insecure machine: a device that you only use when going into a dangerous place or attempting a risky operation. Many journalists and activists, for instance, take a basic netbook with them when they travel. This computer does not have any of their documents or usual contact or email information on it so there’s minimal loss if it is confiscated or scanned. You can apply the same strategy to mobile phones. If you usually use a smartphone, consider buying a cheap throwaway or burner phone when travelling for specific communications.

    Last reviewed: 
  • Mobile Phones: Location Tracking

    Location Tracking

    The deepest privacy threat from mobile phones—yet one that is often completely invisible—is the way that they announce your whereabouts all day (and all night) long through the signals they broadcast. There are at least four ways that an individual phone's location can be tracked by others.

    • Mobile Signal Tracking from Towers
    • Mobile Signal Tracking from Cell Site Simulators
    • Wi-Fi and Bluetooth Tracking
    • Location Information Leaks from Apps and Web Browsing

    Mobile Signal Tracking — Towers

    In all modern mobile networks, the operator can calculate where a particular subscriber's phone is located whenever the phone is powered on and registered with the network. The ability to do this results from the way the mobile network is built, and is commonly called triangulation.

    Three cell phone towers have different ranges, represented by overlapping circles. A phone is shown in the area where all towers’ signal ranges meet.

    One way the operator can do this is to observe the signal strength that different towers observe from a particular subscriber's mobile phone, and then calculate where that phone must be located in order to account for these observations. This is done with Angle of Arrival measurements or AoA. The accuracy with which the operator can figure out a subscriber's location varies depending on many factors, including the technology the operator uses and how many cell towers they have in an area. Usually, with at least 3 cell towers the operator can get down to ¾ of a mile or 1km. For modern cell phones and networks trilateration is also used. In particular, it is used where the “locationInfo-r10” feature is supported. This feature returns a report that contains the phone’s exact GPS coordinates.

    There is no way to hide from this kind of tracking as long as your mobile phone is powered on, with a registered SIM card, and transmitting signals to an operator's network. Although normally only the mobile operator itself can perform this kind of tracking, a government could force the operator to turn over location data about a user (in real-time or as a matter of historical record). In 2010, a German privacy advocate named Malte Spitz used privacy laws to get his mobile operator to turn over the records that it had about his records; he chose to publish them as an educational resource so that other people could understand how mobile operators can monitor users this way. (You can visit here to see what the operator knew about him.) The possibility of government access to this sort of data is not theoretical: it is already being widely used by law enforcement agencies in countries like the United States.

    Another related kind of government request is called a tower dump; in this case, a government asks a mobile operator for a list of all of the mobile devices that were present in a certain area at a certain time. This could be used to investigate a crime, or to find out who was present at a particular protest.

    • Reportedly, the Ukrainian government used a tower dump for this purpose in 2014, to make a list of all of the people whose mobile phones were present at an anti-government protest.
    • In Carpenter v. United States, the Supreme Court ruled that obtaining historical cell site location information (CSLI) containing the physical locations of cellphones without a search warrant violates the Fourth Amendment.

    Carriers also exchange data with one another about the location from which a device is currently connecting. This data is frequently somewhat less precise than tracking data that aggregates multiple towers' observations, but it can still be used as the basis for services that track an individual device—including commercial services that query these records to find where an individual phone is currently connecting to the mobile network, and make the results available to governmental or private customers. (The Washington Post reported on how readily available this tracking information has become.) Unlike the previous tracking methods, this tracking does not involve forcing carriers to turn over user data; instead, this technique uses location data that has been made available on a commercial basis.

    Mobile Signal Tracking — Cell Site Simulator

    A government or another technically sophisticated organization can also collect location data directly, such as with a cell site simulator (a portable fake cell phone tower that pretends to be a real one, in order to “catch” particular users' mobile phones and detect their physical presence and/or spy on their communications, also sometimes called an IMSI Catcher or Stingray). IMSI refers to the International Mobile Subscriber Identity number that identifies a particular subscriber's SIM card, though an IMSI catcher may target a device using other properties of the device as well.

    An animation: a phone connects to a cell phone tower’s weak network connection: the tower requests the ID of the phone, and the phone responds with its International Mobile Subscriber Identity (IMSI) number. A cell-site simulator — presented here as a device within a mobile vehicle — appears, providing a stronger network connection. The phone connects to the cell-site simulator’s signal. The cell-site simulator requests the ID of the phone, and the phone responds with its IMSI number.

    The IMSI catcher needs to be taken to a particular location in order to find or monitor devices at that location. It should be noted that IMSI traffic interception by law enforcement would meet the parameters for a warrant. However, a “rogue” CSS, (not set up by law enforcement) would be operating outside of those legal parameters.

    Currently there is no reliable defense against all IMSI catchers. (Some apps claim to detect their presence, but this detection is imperfect.) On devices that permit it, it could be helpful to disable 2G support (so that the device can connect only to 3G and 4G networks) and to disable roaming if you don't expect to be traveling outside of your home carrier's service area. Additionally, it could be helpful to use encrypted messaging such as Signal, WhatsApp, or iMessage to ensure the content of your communications can’t be intercepted. These measures may protect against certain kinds of IMSI catchers.

    Wi-Fi and Bluetooth Tracking

    Modern smartphones have other radio transmitters in addition to the mobile network interface. They usually also have Wi-Fi and Bluetooth support. These signals are transmitted with less power than a mobile signal and can normally be received only within a short range (such as within the same room or the same building), although someone using a sophisticated antenna could detect these signals from unexpectedly long distances; in a 2007 demonstration, an expert in Venezuela received a Wi-Fi signal at a distance of 382 km or 237 mi, under rural conditions with little radio interference. However, this scenario of such a wide range is unlikely. Both of these kinds of wireless signals include a unique serial number for the device, called a MAC address, which can be seen by anybody who can receive the signal.

    A phone connects to bluetooth identifiers and wi-fi routers, sharing its MAC address as an identifiable number.

    Whenever Wi-Fi is turned on, a typical smartphone will transmit occasional “probe requests” that include the MAC address and will let others nearby recognize that this particular device is present. Bluetooth devices do something similar. These identifiers have traditionally been valuable tools for passive trackers in retail stores and coffee shops to gather data about how devices, and people, move around the world. However, on the latest updates on iOS and Android, the MAC address included in probe requests is randomized by default programmatically, which makes this kind of tracking much more difficult. Since MAC randomization is software based, it is fallible and the default MAC address has the potential to be leaked. Moreover, some Android devices may not implement MAC randomization properly (PDF download).

    Although modern phones usually randomize the addresses they share in probe requests, many phones still share a stable MAC address with networks that they actually join, such as sharing a connection with wireless headphones. This means that network operators can recognize particular devices over time, and tell whether you are the same person who joined the network in the past (even if you don't type your name or e-mail address anywhere or sign in to any services).

    A number of operating systems are moving towards having randomized MAC addresses on WiFi. This is a complex issue, as many systems have a legitimate need for a stable MAC address. For example, if you sign into a hotel network, it keeps track of your authorization via your MAC address; when you get a new MAC address, that network sees your device as a new device. iOS 14 has settings per-network, “Private MAC addresses.”

    Location Information Leaks From Apps and Web Browsing

    Modern smartphones provide ways for the phone to determine its own location, often using GPS and sometimes using other services provided by location companies (which usually ask the company to guess the phone's location based on a list of cell phone towers and/or Wi-Fi networks that the phone can see from where it is). This is packaged into a feature both Apple and Google call “Location Services”. Apps can ask the phone for this location information and use it to provide services that are based on location, such as maps that display your location on the map. The more recent permissions model has been updated for applications to ask to use location. However, some applications can be more aggressive than others asking to either use GPS or the combination of Location Services.

    A “location services”-like settings menu on an illustrated phone.

    Some of these apps will then transmit your location over the network to a service provider, which, in turn, provides a way for the application and third parties they may share with to track you. (The app developers might not have been motivated by the desire to track users, but they might still end up with the ability to do that, and they might end up revealing location information about their users to governments or a data breach.) Some smartphones will give you some kind of control over whether apps can find out your physical location; a good privacy practice is to try to restrict which apps can see this information, and at a minimum to make sure that your location is only shared with apps that you trust and that have a good reason to know where you are.

    In each case, location tracking is not only about finding where someone is right now, like in an exciting movie chase scene where agents are pursuing someone through the streets. It can also be about answering questions about people's historical activities and also about their beliefs, participation in events, and personal relationships. For example, location tracking could be used to find out whether certain people are in a romantic relationship, to find out who attended a particular meeting or who was at a particular protest, or to try to identify a journalist's confidential source.

    The Washington Post reported in December 2013 on NSA location-tracking tools that collect massive amounts of information “on the whereabouts of cellphones around the world,” mainly by tapping phone companies' infrastructure to observe which towers particular phones connect to, and when those phones connect to those towers. A tool called CO-TRAVELER uses this data to find relationships between different people's movements (to figure out which people's devices seem to be traveling together, as well as whether one person appears to be following another).

    Behavioral Data Collection and Mobile Advertising Identifiers

    In addition to the location data collected by some apps and websites, many apps share information about more basic interactions, such as app installs, opens, usage, and other activity. This information is often shared with dozens of third-party companies throughout the advertising ecosystem enabled by real-time bidding (RTB). Despite the mundane nature of the individual data points, in aggregate this behavioral data can still be very revealing.

    Advertising technology companies convince app developers to install pieces of code in software development kit (SDK) documentation in order to serve ads in their apps. These pieces of code collect data about how each user interacts with the app, then share that data with the third-party tracking company. The tracker may then re-share that information with dozens of other advertisers, advertising service providers, and data brokers in a milliseconds-long RTB auction.

    Underneath a full-screen mobile ad: code for Software Development Kits (SDKs). The phone sends a packet of user data, like number of installs, opens, gender, activity and location, to a remote server.

    This data becomes meaningful thanks to the mobile advertising identifier, or MAID, a unique random number that identifies a single device. Each packet of information shared during an RTB auction is usually associated with a MAID. Advertisers and data brokers can pool together data collected from many different apps using the MAID, and therefore build a profile of how each user identified by a MAID behaves. MAIDs do not themselves encode information about a user’s real identity. However, it’s often trivial for data brokers or advertisers to associate a MAID with a real identity, for example by collecting a name or email address from within an app.

    Mobile ad IDs are built into both Android and iOS, as well as a number of other devices like game consoles, tablets, and TV set top boxes. On Android, every app, and every third-party installed in those apps, has access to the MAID by default. Furthermore, there is no way to turn off the MAID on an Android device at all: the best a user can do is to “reset” the identifier, replacing it with a new random number. In the latest version of iOS, apps finally need to ask permission before collecting and using the phone’s mobile ad ID. However, it’s still unclear whether users realize just how many third parties may be involved when they agree to let a seemingly-innocuous app access their information.

    Behavioral data collected from mobile apps is used primarily by advertising companies and data brokers, usually to do behavioral targeting for commercial or political ads. But governments have been known to piggyback on the surveillance done by private companies.

    Further reading on browser tracking: What Is Fingerprinting?

    Last reviewed: 
  • Attending a Protest

    For quick reference, we've created a handy guide designed to be printed, folded, and carried in your pocket (PDF download).

    Now, more than ever, citizens must be able to hold those in power accountable and inspire others through the act of protest.

    Protecting your electronic devices and digital assets before, during, and after a protest is vital to keeping yourself and your information safe, as well as getting your message out. Theft, damage, confiscation, or forced deletion of media can disrupt your ability to publish your experiences. At the same time, those engaging in protest may be subject to search or arrest, or have their movements and associations mapped. They could become targets of surveillance and repression.

    There are risks associated with attending a protest, and taking steps to mitigate them can go a long way in ensuring you—and the data you value—are kept safe. This guide outlines steps you can take before, during, and after a protest that will help maximize your effectiveness and keep yourself and your data more secure.

    Remember that these tips are general suggestions for better data security and do not constitute legal advice or counseling. If you have specific legal concerns, seek the advice of a licensed attorney.

    Before the Protest

    Enable full-disk encryption on your device

    Full-disk encryption ensures that the files across your entire device are encrypted. This is a form of encryption that protects data at rest—not to be confused with “in-transit encryption,” which protects data that is transferred over the Internet. Full-disk encryption can help protect everything from your local database of text messages to the passwords stored in your browser. If your device is confiscated by police, or if it is lost or stolen, full-disk encryption can help protect the data stored on your device. Protest situations are often unpredictable, so losing your phone is a distinct possibility.

    Android and iOS have long required full-disk encryption capabilities to be built into devices. These should be protected by a strong password: 8-12 random characters that are easy to remember and type in when you unlock your device. If devices are not protected by a strong password, the encryption may be easier to break using a brute-force attack. The iPhone 5s and later have specialized hardware to protect against this type of attack, but a complex, strong password is still the best practice.

    It is important to note that encrypting your device will likely not encrypt external storage media such as SD or flash memory cards. You have to encrypt these separately, and may not be able to encrypt them at all. You might want to investigate where files are stored on your device using a file browsing app, or remove external storage media from your device altogether.

    In addition, many digital cameras lack the ability to encrypt. It is safe to assume that photos and videos taken with digital cameras will be stored unencrypted, unless explicitly stated otherwise.

    Remove fingerprint unlock and FaceID

    Today, both iOS and Android allow users to unlock (and decrypt) their devices with their fingerprint, and the iPhone X’s FaceID allows users to do the same with facial recognition. While these settings may seem appealing as convenient ways to enjoy the benefits of full-disk encryption, enabling them means an officer could physically force you to unlock your device with your fingerprint or face. In protest situations in particular—or in any other situation in which you may be more likely to encounter a government demand to search your phone (such as at a border crossing)—we suggest you turn this functionality off.

    In the U.S., using a biometric—like your face scan or fingerprint—to unlock your phone may compromise protections for the contents of your phone afforded to you under the Fifth Amendment privilege against compelled incrimination. A police officer may try to intimidate you into “consenting” to unlock your phone, whether you use a biometric or a memorized passcode. But if you exercise your right to refuse and biometric unlocking functionality is turned on, an officer may physically force you to biometrically unlock your device. Under current U.S. law—which is still in flux—using a memorized passcode generally provides a stronger legal footing to push back in court against compelled device unlocking/decryption. While EFF continues to fight against attempts by law enforcement to compel people to decrypt their devices, there is currently less protection against compelled face and fingerprint unlocking than there is against compelled password disclosure.

    • In iOS, you can disable this by going into Settings -> Touch ID & Passcode (or Settings -> Face ID & Passcode, depending on your iPhone version) and removing each of the fingerprints, or tapping Reset Face ID in this menu.
    • In Android, disabling this feature may depend on your device manufacturer. For Pixel devices, go into Settings -> Security -> Pixel Imprint and delete the fingerprints from this menu.

    Install Signal

    Signal is an app available on both iOS and Android that offers strong encryption to protect both text messages and voice calls. This type of protection is called end-to-end encryption, which secures your communications in transit.

    In addition to encrypting one-to-one communication, Signal enables encrypted group chats. The app also recently added the functionality of having messages disappear anywhere from 10 seconds to a week after they are first read. In contrast to some other services like SnapChat, these ephemeral messages will never be stored on any server, and are removed from your device after disappearing.

    In 2016, a grand jury in the Eastern District of Virginia issued a subpoena to Open Whisper Systems, the developers of Signal. Because of the architecture of Signal, which limits the user metadata stored on the company’s servers, the only data they were able to provide was "the date and time a user registered with Signal and the last date of a user's connectivity to the Signal service."

    In the context of a protest, you might send relevant photos and videos to friends who are remote using Signal, so that if your phone is confiscated you have a way to retrieve the media later.

    Back up your data

    Take precautions to limit the potential costs of losing access to your device, whether it’s lost, stolen or confiscated by law enforcement. Back up your data regularly and store that backup in a safe place to save yourself from a headache later on.

    Buy a prepaid, disposable phone

    In the United States, federal regulation does not require you to show your ID to purchase a prepaid SIM card (but your state might). Most countries require you to provide a form of ID to purchase a prepaid SIM card, thus linking the card to your identity and removing the possibility of anonymity.

    If you're concerned about protecting the data stored on your device, don't bring it to the protest. Instead, purchase a prepaid mobile phone. These devices can be purchased along with a SIM card at most large retail stores. Let your friends know your temporary number, and use this to coordinate activities. Remember that the location of mobile devices can be determined by the cell towers they connect to. So, if you don't want your identity and location known, turn off your prepaid device before going home or anywhere that might reveal your identity. Using GPS should be safe, since GPS is a receiver and does not transmit any information. However, keep in mind that your device may store your coordinates. For this reason, we suggest you turn off location services before you travel to the protest, and leave it off until you return. Turning off location services may make it difficult to navigate if you are not familiar with the route to and from the protest. You may want to download a local copy of the area map you will be traveling in.

    When you're done with the phone, it can be safely recycled or discarded from a location that is not linked to you. Keep in mind that if you carry both your regular device and a prepaid one with you, the location of these devices can be correlated and compromise your anonymity.

    Dressing for anonymity and safety

    Many law enforcement agencies have access to sophisticated surveillance technology that can be used to identify people attending a protest. To protect yourself, it’s important to dress in ways that preserve your anonymity and protect your physical safety.

    Wear nondescript clothing

    Wearing the same clothing as everyone in your group can help hide your identity during the protest and keep you from being identified and tracked afterwards. This not only helps preserve your anonymity, but also protects your fellow protestors from being identified and surveilled as well. Dressing in dark, monochrome colors will help you blend into a crowd. Be aware that you may not be as visible to cars in the dark, and should take extra precaution when crossing streets or walking near moving vehicles.

    If you are able, bring a change of clothes for after the protest is over. You may be exposed to irritants such as pepper spray or tear gas during the protest, and it’s wise to change into clothing that won’t cause discomfort or harm on your return journey.

    Cover identifying features

    If you have visible tattoos or bright unconventional hair colors, cover them up. Tattoos can be used to identify you later, and may be added to databases for tattoo recognition. Dark monochrome hats, scarves, gloves, long sleeves, and full-length clothing will help cover these identifying features so you blend more easily into a crowd.

    Wear protective equipment

    Wear a mask! It will help protect you from airborne illnesses, face recognition technologies, and being identified in photos of the protest after it ends. Goggles are also useful for keeping your eyes safe from projectiles or irritants, and tinted ones may be useful for circumventing face recognition systems (but this strategy is not foolproof). Gloves will help protect your hands from irritants and contact with infectious diseases. If you are able to use medical gloves, use nitrile instead of latex gloves, as some people have latex allergies. Note that gloves will interfere with some phone functions. We also recommend wearing sturdy shoes that are comfortable to move around in for extended periods of time.

    During the Protest

    Take photos and videos without unlocking your device

    Catching that perfect image is something you want to be ready for, and powerful images can help support your cause. If you've chosen a strong password, entering it into the device takes precious time, and you risk the moment passing before you're able to take the picture. Luckily, iOS and Android allow you to take photos and videos without unlocking your device.

    • With Android Pixel devices, double-press the power button.
    • At the iOS lock screen, you can firmly press on the camera icon. Older iOS devices require you to swipe.

    Be mindful of other protestors in your photos and videos

    If you are taking photos or videos of people at the protest, be mindful of what you post. If you post photos online where protestors or bystanders’ faces are identifiable, law enforcement or vigilantes might track them down and arrest or harass them. Consider obscuring the faces of anyone who has their eyes or mouth visible. You can edit photos in the default Android or iOS photo editing apps. Be sure to black out or blur other identifying features as well such as tattoos or unique clothing (blurring can sometimes be reversed so blacking out is better if you have the option). On Android, consider using the ObscuraCam app by The Guardian Project to edit photos, which will automatically blur faces. There is also a useful tool called Image Scrubber that can be used on any mobile device, including iOS or your PC.

    Scrub metadata on photos

    Once you are ready to post your photos, it’s a good idea to scrub the metadata contained in the image files if you don't want to leak personally identifying information. Metadata on photos can include information such as the model of camera the photo was taken on, the exact time and location where the photo was taken, and even your name.

    • Option 1: Remove any original photo metadata by transferring the photo onto a desktop computer, taking a screenshot of the image, and posting the screenshot instead of the original photo.
    • Option 2: You can also take a screenshot of the photo on your mobile device to remove the metadata, but the image quality may not be as high. You can then post that screenshot instead of the original photo.
    • Option 3: Send yourself a copy of the photo via the Signal app (which strips metadata when sending images), then download the sent image for posting.

    Things to be aware of while traveling to and from the protest

    Driving considerations

    Automated License Plate Reader Systems (ALPRs) automatically record the license plates of cars driving through an area, along with the exact time, date, and location they were encountered. This technology is often used by law enforcement in the United States and many other countries, or employed by private companies such as Vigilant and MVTrac who then share license plate data with law enforcement and other entities. Amassed in huge databases, this data is retained for lengthy periods of time. These companies have lobbied and litigated vigorously against statutes that would ban the private collection of license plate data or otherwise regulate ALPRs. Essentially, your location can be tracked over time based on the driving history of any car registered to you, with very few legal limits in place as to how this data can be collected, accessed, shared, and retained.

    Read more in our Street Level Surveillance guide on ALPRs.

    Public transit considerations

    Be careful when traveling to and from the protest location. If you’re using payment methods or transit cards that are linked to you, law enforcement may be able to determine you attended the protest and track your movements. Consider using alternative means of public transportation if you would prefer that your movements and associations remain private.

    If you are able, consider biking or walking to and from the protest to minimize exposure to these types of surveillance risks.

    Enable airplane mode

    Airplane mode ensures that your device will not be transmitting for the duration of your time at the protest, and prevents your location from being tracked. Unfortunately, this also means that you won't be able to message or call your friends, so plan accordingly. Before going to the protest, agree on a spot where you and your friends can meet if you get separated. As mentioned earlier in this guide, you may also want to turn off location services before you travel to the protest, and leave it off until you return.

    Some apps allow you to navigate without having network access. Since GPS is a receive-only system, you can selectively turn GPS on after enabling airplane mode. Be sure to download a map of the area of the protest beforehand.

    If you are arrested in the United States

    If you are detained and questioned by police, you have a right to remain silent, and to speak with an attorney before and during any questioning. It is best to say “I want my attorney and I choose to remain silent” and then refuse to answer questions until you have a chance to talk to a lawyer.

    If you answer questions, be sure to tell the truth. It is a crime to lie to a police officer and you may find yourself in more trouble for lying to law enforcement than for whatever it was they wanted to talk to you about in the first place.

    If the police ask to see your phone, you can tell them that you do not consent to a search of your device. They might respond by seizing your phone and trying to search it later, but at least it will be clear that you did not give them permission to do so.

    If the police ask for the password to unlock your electronic device (or ask you to unlock it directly), you can refuse. You may suffer adverse consequences at the hands of law enforcement—from having your phone seized to being booked into custody—for refusing to provide your password or biometric key. Every arrest situation is different, however, and you will need to consider your own threat model.

    After the Protest

    What to do if your device is confiscated

    If your device has been confiscated, you may have legal recourse to get it back. In the U.S., your attorney can file a motion for the return of your property if it is not being held as evidence in a pending case. If the police believe that evidence of a crime was found on your electronic device, including in your photos or videos, then the police can keep it as evidence. They may also attempt to end your ownership of your electronic device, but you can challenge such asset forfeiture in court.

    You can also revoke access for some services that are logged in on your device. For instance, on Twitter if you go to Settings and privacy -> Apps and devices, you can revoke access for devices that have permission to connect to your Twitter account. For other services, simply changing your password or passphrase will prompt the app to log out. But beware that revoking law enforcement access may expose you to the risk of being charged with obstruction of justice or the destruction of evidence. You should always speak to your attorney first before deciding how to proceed. Online services may provide logs of recent log-ins for your account. If you are worried your device is being used to access accounts without your consent, it might be useful for you to see if such logs are available and monitor them. If law enforcement confiscates your device, they may use a “forensic” tool such as “Cellebrite” to try to extract data from your device, such as images, contacts, messages, and location history. This is more likely to be successful if your phone is older or unencrypted. For this reason, it’s important to carry the bare minimum of data with you, and use the strongest level of encryption, when going into a risky situation like a protest.

    Last reviewed: 
  • How to: Circumvent Online Censorship

    This is a short overview to circumventing online censorship, but is by no means comprehensive.

    Governments, companies, schools, and Internet providers sometimes use software to prevent their users from accessing certain websites and services. This is called Internet filtering or blocking, and it is a form of censorship. Filtering comes in different forms. Censors can block individual web pages, or even entire websites. Sometimes, content is blocked based on the keywords it contains.

    There are different ways of beating Internet censorship. Some protect you from surveillance, but many do not. When someone who controls your net connection filters or blocks a site, you can almost always use a circumvention tool to get to the information you need. Note: Circumvention tools that promise privacy or security are not always private or secure. And tools that use terms like “anonymizer” do not always keeps your identity completely secret.

    The circumvention tool that is best for you depends on your threat model. If you’re not sure what your threat model is, start here.

    In this article, we'll talk about four ways to circumvent censorship:

    • Visiting a web proxy to access a blocked website.
    • Visiting an encrypted web proxy to access a blocked website.
    • Using a Virtual Private Network (VPN) to access blocked websites or services.
    • Using the Tor Browser to access a blocked website or protect your identity.

    Basic techniques

    Circumvention tools usually work by diverting your web traffic so it avoids the machines that do the blocking or filtering. A service that redirects your Internet connection past these blocks is sometimes called a proxy.

    HTTPS is the secure version of the HTTP protocol you use to access websites. Sometimes a censor will only block the insecure (HTTP) version of a site. That means you can access the blocked site simply by entering the version of the web address that starts with HTTPS.

    This is useful if the censorship you are fighting blocks individual web pages based on their contents. HTTPS stops censors from reading your web traffic, so they cannot tell what keywords are being sent, or which individual web page you are visiting.

    Censors can still see the domain names of all websites you visit. So, for example, if you visit “” censors can see that you are on “” but not that you are on the “https-everywhere” page.

    If you suspect this type of simple blocking, try entering https:// before the domain in place of http:

    Try installing EFF’s HTTPS Everywhere extension to automatically turn on HTTPS where possible.

    Another way that you may be able to circumvent basic censorship techniques is by trying an alternate domain name or URL. For example, instead of visiting, you might try the mobile version of the site at Censors that block websites or web pages work from a blacklist of banned websites, so anything that is not on that blacklist will get through. They might not know of all different versions of a particular website's name—especially if the administrators of the site know it is blocked and register more than one domain.

    Web-based proxies

    A web-based proxy (such as is a website that lets its users access other blocked or censored websites. It is therefore a good way to circumvent censorship. In order to use a web-based proxy, visit the proxy and enter the web address that you want to see; the proxy will then display the web page you asked for.

    However, web-based proxies don’t provide any security and will be a poor choice if your threat model includes someone monitoring your internet connection. They will not help you to use blocked services such as your instant messaging apps. The web-based proxy will have a complete record of everything you do online, which can be a privacy risk for some users depending on their threat model.

    Encrypted proxies

    Numerous proxy tools utilize encryption to provide an additional layer of security on top of the ability to bypass filtering. The connection is encrypted so others cannot see what you are visiting. While encrypted proxies are generally more secure than plain web-based proxies, the tool provider may have information about you. They might have your name and email address in their records, for instance. That means that these tools do not provide full anonymity.

    The simplest form of an encrypted web proxy is one that starts with “https”— this will use the encryption usually provided by secure websites. However, be cautious—the owners of these proxies can see the data you send to and from other secure websites. Ultrasurf and Psiphon are examples of these tools.

    Virtual Private Networks

    A Virtual Private Network (VPN) encrypts and sends all Internet data from your computer through another computer. This computer could belong to a commercial or nonprofit VPN service, your company, or a trusted contact. Once a VPN service is correctly configured, you can use it to access webpages, e-mail, instant messaging, VoIP, and any other Internet service. A VPN protects your traffic from being spied on locally, but your VPN provider can still keep logs of the websites you access, or even let a third party snoop directly on your web browsing. Depending on your threat model, the possibility of a government listening in on your VPN connection or getting hold of VPN logs may be a significant risk. For some users, this could outweigh the short-term benefits of using a VPN.

    For information about specific VPN services, click here.

    We at EFF cannot vouch for this rating of VPNs. Some VPNs with exemplary privacy policies could be run by devious people. Do not use a VPN that you do not trust.


    Tor is open-source software designed to give you anonymity on the web. Tor Browser is a web browser built on top of the Tor anonymity network. Because of how Tor routes your web browsing traffic, it also allows you to circumvent censorship. (See our How to: Use Tor guides for Linux, macOS and Windows).

    When you first start the Tor Browser, you can choose an option specifying that you are on a network that is censored:

    Tor will not only bypass almost all national censorship, but, if properly configured, can also protect your identity from an adversary listening in on your country’s networks. It can, however, be slow and difficult to use.

    To learn how to use Tor on a desktop machine, click here for Linux, here for macOS, or here for Windows, but please be sure to tap “Configure” instead of “Connect” in the window displayed above.


    Last reviewed: 
  • Protecting Yourself on Social Networks

    Social networks are among the most popular websites on the Internet. Facebook has over a billion users, and Instagram and Twitter have hundreds of millions of users each. Social networks were generally built on the idea of sharing posts, photographs, and personal information. Now they have also become forums for organizing and speech. Any of these activities can rely on privacy and pseudonymity.

    Thus, the following questions are important to consider when using social networks: How can I interact with these sites while protecting myself? My basic privacy? My identity? My contacts and associations? What information do I want keep private and who do I want to keep it private from?

    Depending on your circumstances, you may need to protect yourself against the social network itself, against other users of the site, or both.

    Tips to Keep in Mind When Creating an Account

    • Do you want to use your real name? Some social media sites have so-called “real name policies,” but these have become more lax over time. If you do not want to use your real name when registering for a social media site, do not.
    • When you register, don't provide more information than is necessary. If you are concerned with hiding your identity, use a separate email address and avoid giving your phone number. Both of these pieces of information can identify you individually and can link different accounts together.
    • Be careful when choosing a profile photo or image. In addition to metadata that might include the time and place the photo was taken, the image itself can provide some information. Before you choose a picture, ask: Was it taken outside your home or workplace? Are any addresses or street signs visible?
    • Be aware that your IP address may be logged at registration.
    • Choose a strong password and, if possible, enable two-factor authentication.
    • Beware of password recovery questions such as “What city were you born in?” or “What is the name of your pet?”  because their answers can be mined from your social media details. You may want to choose password recovery answers that are false. One good way to remember the answers to password recovery questions, should you choose to use false answers for added security, is to note your chosen answers in a password manager.

    Check the Social Media Site's Privacy Policy

    Information stored by third parties is subject to their own policies and may be used for commercial purposes or shared with other companies, like marketing firms. While reading privacy policies is a near-impossible task, you may want to read the sections that describe how your data is used, when it is shared with other parties, and how the service responds to law enforcement requests.

    Social networking sites are usually for-profit businesses and often collect sensitive information beyond what you explicitly provide—where you are, what interests and advertisements you react to, what other sites you've visited (e.g. through “Like” buttons). Consider blocking third-party cookies and using tracker-blocking browser extensions to make sure extraneous information isn't being passively transmitted to third parties.

    Change Your Privacy Settings

    Specifically, change the default settings. For example, do you want to share your posts with the public, or only with a specific group of people? Should people be able to find you using your email address or phone number? Do you want your location shared automatically?

    Even though every social media platform has its own unique settings, you can find some patterns.

    • Privacy settings tend to answer the question: “Who can see what?” Here you’ll probably find settings concerning audience defaults (“public,” “friends of friends,” “friends only,” etc.), location, photos, contact information, tagging, and if/how people can find your profile in searches.
    • Security (sometimes called “safety”) settings will probably have more to do with blocking/muting other accounts, and if/how you want to be notified if there is an unauthorized attempt to authorize your account. Sometimes, you’ll find login settings—like two-factor authentication and a backup email/phone number—in this section. Other times, these login settings will be in an account settings or login settings section, along with options to change your password.

    Take advantage of security and privacy “check-ups.” Facebook, Google, and other major websites offer “security check-up” features. These tutorial-style guides walk you through common privacy and security settings in plain language and are an excellent feature for users.

    Finally, remember that privacy settings are subject to change. Sometimes, these privacy settings get stronger and more granular; sometimes not. Pay attention to these changes closely to see if any information that was once private will be shared, or if any additional settings will allow you to take more control of your privacy.

    Keep Separate Profiles Separate

    For a lot of us, it’s critical to keep different account’s identities separate. This can apply to dating websites, professional profiles, anonymous accounts, and accounts in various communities.

    Phone numbers and photos are two types of information to keep an eye on. Photos, in particular, can sneakily link accounts you intend to keep separate. This is a surprisingly common issue with dating sites and professional profiles. If you want to maintain your anonymity or keep a certain account’s identity separate from others, use a photo or image that you don’t use anywhere else online. To check, you can use Google’s reverse image search function. Other potentially linking variables to watch out for include your name (even nicknames) and your email. If you discover that one of these pieces of information is in a place you didn’t expect, don’t get scared or panic. Instead, think in baby steps: instead of trying to wipe all information about you off the entire Internet, just focus on specific pieces of information, where they are, and what you can do about them.

    Familiarize Yourself With Facebook Groups Settings

    Facebook groups are increasingly places for social action, advocacy, and other potentially sensitive activities, but group settings can be confusing. Learn more about group privacy settings and work with group members to keep your Facebook groups private and secure.

    Privacy Is A Team Sport

    Don’t just change your own social media settings and behavior. Take the additional step of talking with your friends about the potentially sensitive data you reveal about each other online. Even if you don’t have a social media account, or even if you untag yourself from posts, friends can still unintentionally identify you, report your location, and make their connections to you public. Protecting privacy means not only taking care of ourselves, but also taking care of each other.

    Last reviewed: 
JavaScript license information