For the most part, companies use your information to personalize (and sell) their services to you. But many also sell it to other companies, called data brokers, that compile detailed profiles with thousands of personal attributes, including your education, purchases, income, and personality. All of this influences the ads, content, and offers you get online and offline. In addition, it increases risk: wherever your data lives, it can be stolen. Because it’s valuable, hackers are after it. Data breaches at big companies are common.
Fortunately, there are ways for you to take some control over your data. Devices, online services, and browsers all have privacy settings that give you a degree of control over what’s shared and when.In that spirit, we’ve compiled the following information to highlight what companies collect, as well as what you can limit, so you can take a few minutes to do your own privacy checkup.
Social Media Platforms
What’s Collected: A lot. Social media companies know not just everything you share but also your contacts, what ads or posts you click on, and even where you browse to when you leave the site. This information is often combined with additional data purchased from other companies to create hyperdetailed profiles.
Pay Attention To:
- Who can see your posts. Settings typically include everyone, a large but more limited network (friends of friends), or just people you are directly connected to. It’s often best to keep posts limited to a small network of known friends.
- How the platform shares data with other companies. Most sites have a setting around “Apps” that will let you limit sharing of, say, your contacts or posts.
- What you post. Details you share on your feed—pet’s name, alma mater—can be used by hackers to guess passwords or answer verification questions. Personal facts make it easier for fraudsters to trick you with fake emails or calls. And there are other security risks: Post that you’re on vacation and thieves may know your house is empty.
Web Browsers
What's Collected: Where you surf to and what you do there. Websites have two main ways of tracking you: by your IP address (your device’s unique identifier on the internet) and “cookies,” little files that let the company trace where you browse after you leave, even if you switch from your computer to your phone. Many sites also embed trackers that feed data to other companies.
A company can also see what you do on its site: what you read, what you click, how long you look at something.
Pay Attention To:
- Cookies: You can set your browser to erase cookies every few months, so you’re not storing those you don’t use anymore.
- Location data: The browser can often figure out your location; make sure your settings require sites to ask if they want to access it.
- Browsing activity and search history: Set your browser to automatically delete your history every few months.
- Other trackers: You can download plug-ins that will block ads and limit a lot of the tracking technologies used on sites. These can not only guard privacy but often speed up sites—though using them can also affect functionality on some sites.
Smartphones and Apps
What's Collected: Your phone’s operating system has access to a lot of information: location, app habits, tickets you’ve stored, even health and fitness data. Unless you say otherwise, the apps you use can often access that data, as well as anything collected in the apps—such as your workouts, the places you travel in rideshares, or what’s captured on your security camera.
Pay Attention To:
- Phone-level settings: Look in your phone’s settings for “Privacy” to find controls for what the phone’s system can collect and share.
- Location tracking: Limit this to apps that need it (maps, fitness trackers)—and then only when you’re using the apps. Permissions are often in a “Location” setting.
- Permission levels: Apps usually have to ask to access data like health information, contacts, or your camera and microphone. Again, limit this to essential apps if you don’t want companies collecting and selling your data.
Shopping and E-Commerce
What's Collected: Product searches, buying data, wish lists. Shopping is so rich in behavior that if you use one site a lot, the company will likely be able to infer life events, like having a child or moving, and send you targeted ads. In physical stores, rewards cards let companies track purchases, as well as things like the time of day or locations you shop at most.
Pay Attention To:
- Payment info: Don’t store your credit card anywhere you don’t have to. Not only does this limit your risk in a breach, but it’s also a great way to control impulsive online shopping.
- Personal information: Unless it’s a site you order from a lot, don’t store your address and phone number in an account. Again, the fewer places your info lives, the less likely it is to be stolen.
- Loyalty programs: Join only the ones where you can really use the discount or rewards, so you’re not giving up your data for nothing.
Yes, It’s Worth Reading the Fine Print
We’re all accustomed to simply clicking through long legal disclaimers. But Donata Kalnenaite, a Chicago attorney who writes privacy policies for businesses through her company, Termageddon, says it is worth giving them a read†. You may not opt out of using the service, but at least you’ll know what you’re agreeing to. In some cases, it may also help you look for settings you want to adjust. She recommends skimming for three things:
- What information they collect. Name, email, phone number, do they take my IP address, do they take my location?
- What they do with that information, how they use it. Do they use it for direct marketing? Do they use it for profiling? Do they use it just to process my order? Are they going to bombard me with email newsletters ?
- Who they share it with. Most privacy policies will disclose at least the categories of third parties with whom they share information. Do they share it with an email marketing service, or do they share it with advertisers?