What does your phone know about you? What about your email or your browser? What can strangers—or scammers—find out about you with a quick search?
This is called your digital footprint, and for the security- or data-conscious consumer, this is old news. What might not be old news are the many ways to be aware of, change, and erase parts of your personal and professional data footprint.
Some parts of your digital footprint are visible to everyone. Think about what appears when you run your name through a search engine. Some information is public and accessible to someone willing to dig. This might involve cross-referencing screen names, email addresses, and photos. Other aspects of your footprint are locked within a service such as a search engine, social media account, or browser. The risk in this part of your footprint lies in how an app or service uses your data and if that data is susceptible to breach.
There is a lot you can take control of on your own with a few clicks, if you know what to look for. The information below isn’t meant as an all-encompassing guide. For questions connected to your specific technological setup, you’ll need to contact your IT support provider.
Phones and Tablets
Our phones have become our constant companions, connecting us to so many of the ways we interact with the world. Most Americans use Apple iOS or Android devices, and there are a lot of ways to tweak digital footprints on these devices, but for those dedicated to security, there are other options.
What are the differences between Apple and Android? And can third party OSs compete? Learn about the pros and cons of each type of device.
A good general rule across all operating systems is to disable Bluetooth and Wi-Fi connectivity unless you are actively using them. Bluetooth can be used to query your device’s location and even sneak malware right under your nose. Never connect to unsecured Wi-Fi networks, and definitely don’t access sensitive information over those connections. Avoid using Wi-Fi provided by companies or organizations you aren’t familiar with, even though it can be tempting to check your email over lunch.
Take a close look at the permissions you’re giving to each app on your phone. Apple’s most recent updates are making this easier by directly stating the permissions for each app and allowing for granular control. Does your favorite mobile game need access to your camera or photos? Probably not! And if the app doesn’t function without that access, it is time to find an alternative app.
Android phones also make it clear what permissions you’re granting to a given app when it’s installed. You can also check per-app, and then delete or modify those permissions if necessary.
The latest headline in mobile security issues involves zero-click hacks of iPhones. There’s nothing security-conscious users can do at the moment, aside from noting any bizarre behaviors and continuing to exercise caution regarding sensitive information that is stored on or accessed by a mobile device. But this venue of attack seems to be on the rise. Installing OS updates as they roll out may be an effective deterrent to these attacks.
Divide and conquer. Designate separate emails accounts for separate purposes and don’t cross the streams. Don’t mix work and personal accounts, despite how tempting it may be! These two accounts are often approached with different security considerations and different contact lists. Beyond data gathering by email clients, email itself can increase risk to all of your cyber connections due to the abundance of phishing emails.
Your personal email can often be a heavier load on your digital footprint than your professional account. It is only human to occasionally let the security vigilance expected at work lapse during off hours.
Google has made clear they plan to roll out new privacy measures soon. These options will not only allow users to turn off features like smart reply but also to opt out of allowing their usage data to feed the algorithm used to make these features stronger.
While we wait for these changes to roll out, take a look at the privacy controls that already exist. If your Gmail account is tied to a Chrome browser login, those privacy controls can seriously impact the ads you see, the history that is logged, and what information is tied to your account for Google’s services. It may be wise to log out of your Google account before using services like the search engine or Google Maps.
Any account you log into can allow parties to track your browsing history. Check the settings of your email, social media, and even browser extensions before remaining logged in while browsing the web.
If you’ve been receiving “Your Daily Briefing” from Cortana and feel uncomfortable about your emails being read by AI, rest assured security is still in mind. According to Microsoft, Cortana meets the same rigorous security standards of Outlook itself. Information for these emails is stored only in that specific user’s mailbox. Cortana data is never reviewed by humans unless specifically requested by the person who owns that data. If the service isn’t helpful or continues to make you feel unnerved, it’s easy to unsubscribe from the emails, and even turn off Cortana’s search assistance in other aspects of your Microsoft account.
Regardless of what email service you use for personal or enterprise use, make sure that passwords meet best practices. Check Have I Been Pwned to see if previous (or current) accounts and passwords have been disclosed in any data breaches. Use different passwords for different email accounts, and don’t use those same passwords on other accounts or services.
Facebook is an incredible example of the sheer amount of data we hand over in exchange for free services. It is somewhat unique in the massive scope and importance Facebook places on finding new ways to gather and profit from your data.
The most basic setting you should consider is whether your profile is public or “friends only.” Who can post on your wall, tag you, search for you, or add you as a friend? Once you lock down your account, or at least continue with the knowledge of these settings, it is time to set aside an hour or so to really dive into Facebook’s settings and marvel at the apps and sites you’ve (often unknowingly) given access to, the profile of information Facebook has gathered on you based on your activity, and the browser data Facebook collects while you’re logged in.
Explore your Settings & Privacy, and drill down into each aspect, including Ads shown off Facebook and the tracking of your Off Facebook history. Consider designating a Legacy Contact—someone who will gain control of your account if something happens to you.
There are a lot of options to explore, and your decisions about these options will differ from everyone else’s, but do take the time to review them.
What information is required just to sign up? Has the platform had data breaches in the past? If paid, what organization is receiving your money? If free, what data and tracking are you giving away in exchange for using the service? Can you adjust who can see the content you post? In the Terms of Service, does the platform reveal that they claim ownership of everything posted there?
It is a good idea to know how much history and website data your browser holds at any given time. Using Private Browsing, Incognito, or similar private windows can help to control the flow of information, and each browser offers some degree of control over what data and how much of it is saved.
The Privacy & Security section has an option to prevent cross-site tracking, which will prevent those annoying re-marketing ads from sites you visit but don’t buy from. Help yourself identify shady websites by turning on Fraudulent Website Warning.
Your Chrome browser is most likely tied to your Google account. One benefit is that all of the tracking, ad settings, and user profile data is in one place. However, Google, Gmail, and Chrome default to a significant number of trackers, build detailed user profiles, and allow for tailored ads. With settings reviewed and extensions restricted, Chrome can be a powerful and safe browser for those watching their digital footprint, but out of the box it probably knows more about you than you’d like.
Edge & Firefox
These browsers come with default settings that block many trackers and ads, making them recommended by many security professionals.
Many of the less popular (in terms of sheer number of users) browsers do offer a stricter, more security-conscious approach to browsing the web. Always take the time to review the privacy and security settings for whichever browser you use, whether on your computer or mobile device, and whether for casual or professional use.
Advertising & Other Tips
Adding an ad-blocking extension is the only way to truly eliminate advertising in your digital life, but you should know that it can reduce functionality for some sites. Many sites cover costs with advertising, and may be not be accessible while an adblocker is in use. Be careful to use known and trusted developers when choosing these extensions. Malware can come disguised as legitimate plugins and extensions. Even if the program isn’t malware, you are still allowing any extension you add to view your data. You may be giving up some privacy in exchange for the service, so weigh the benefits before adding an adblocker.
Safari, Firefox, and Brave browsers all alert users when websites are using trackers. Some trackers are used to boost web performance. Others are intended for serving ads and could even be seen as invasive depending on how you feel about privacy.
Search for Yourself
While you are taking control of the information that browsers, email clients, and trackers gather about you, it’s important that you don’t forget about the information you share willingly, now or in the past. In a variety of search engines, take a moment to search for your name, any previous names or aliases, and even details like your phone number or address. Seeing the amount of detailed information available publicly online—much of which that you didn’t choose to share—can be frustrating.
If searches result in expired accounts, regain access and modify or delete the account. If a search reveals information that you want deleted—perhaps a youthful blunder or something you wrote that you no longer believe—you can query the hosting site and ask for removal. This can have mixed results, or often none at all, so when you spot something you can’t get rid of, focus on providing real and accurate information where you can. Update your LinkedIn profile, or create a simple website that identifies who you are and what you stand for. Don’t address or bring up other less flattering search results unless asked directly about them.
In the worst-case scenario, something pervasive is muddling your entire digital footprint. In this case, using a reputation or deletion service is understandable, but still may not be able to provide perfect results.
The Bottom Line
Shoshana Zuboff, author of The Age of Surveillance Capitalism identifies people, and our behavior, as the fodder tech feeds on.
“Businesses want to know whether to sell us a mortgage, insurance, what to charge us, do we drive safely? They want to know the maximum they can extract from us in an exchange. They want to know how we will behave in order to know how to best intervene in our behaviour,” she says, in an interview with The Guardian.
Users of technology, social media, and Internet of Things devices need to understand that, while our digital footprint can be adjusted, our data is, according to Zuboff, the primary currency.
Does this mean that you need to throw away your phone, your Fitbit, your computer in order to maintain your privacy? That is going to depend on the way you feel about the exchange of data for service.
The push and pull of privacy vs. convenience and connection is not going away any time soon.
Overall, the process of managing your digital footprint can be time consuming, and even costly, especially if you are starting the process for the first time. For the majority of users, the quicker process of toggling settings and hitting unsubscribe may be enough to satisfy the privacy itch until the next update or news story. But for the truly security conscious, it may be worthwhile to contact your IT support provider for additional tips specific to your situation.
If you’re looking for additional guides about your digital footprint, check out