Becoming a Digital Ghost

Opting out of global surveillance programs

Criteo, cXense, Quantcast, Taboola, comScore, Umbel, Chartbeat, KISSmetrics — what do all of these companies have in common? They line their pockets with your personal information, tracking your behavior online and selling it to the highest bidder.

KISSmetrics can only be described as creepy. In big blue text their features page reads: “TRACK REAL PEOPLE TODAY”:

KISSmetrics — TRACK REAL PEOPLE TODAY!

Potential clients are informed that they track unsuspecting users across multiple devices, surreptitiously collating data from their every action.

And the worst offender? The Crown of Creepy? That undoubtedly goes to Google, who records everything users do on its services including web searches and the content of e-mails, all in an effort to serve users ads it thinks they are more likely to click on.

Google employs some of the most brilliant scientists in the business and their core revenue comes from advertising. Think about that for a second — some of humanities greatest minds are spending their working life improving algorithms designed to show you ads. It seems like a colossal waste of talent, until you realize one fundamental truth: on the Internet, people’s personal information is the equivalent of cold, hard cash — and lots of it.

How can you opt out of this mess? It’s easier than you might think:

• Use Google Chrome as your Internet browser of choice.
• Install the Adblock Plus, Ghostery and HTTPS Everywhere extensions.
• In Chrome, open a new tab and navigate to chrome://settings/ .
• Click on “Manage Search Engines” and select DuckDuckGo. Every bit as good as Google, minus the tracking.
• Click “Show Advanced Settings”.
• Under “Privacy”, uncheck everything and check “Send a ‘Do Not Track’ request with your browsing traffic”, like so:

Chrome Privacy Settings

• Click on “Content Settings”. If you already had Chrome installed, click on “All cookies and site data” followed by “Remove All”.
• Check “Block third-party cookies and site data“ and select “Block sites from setting any data”, like so:

Chrome Content Settings

• Click on “Manage Exceptions”, and add any exceptions for web sites you need to login to or that explicitly require cookie functionality. A simple way to figure out which exceptions are required is to select “Allow local data to be set (recommended)”, then visit or login to the website and click on “All cookies and site data” to see which site names require an exception.
• Still inside Content Settings, scroll down to “Plug-ins” and select “Click to play”:

Chrome Plug-in Settings

Congratulations on having made your browser immune from 99% of tracking on the Internet. For further anonymity, avoid using services such as Google and Facebook or at least avoid browsing the web while logged into them. For further security:

• Disable, remove or simply don’t install the Java plug-in. Java has such a poor security record that a website called java-0day.com exists to track how many days have passed since the last critical unpatched vulnerability was discovered. At the time of writing it is 119 days which shockingly represents an all-time high score.
• Choose an e-mail provider which encrypts your e-mails on disk and is located in a country outside of the Five Eyes (UK, USA, Canada, Australia & New Zealand) and the European Union.

Until next time I’ll leave you with another Golden Rule of the Internet: if you aren't paying for a product and it’s not open source, you (by way of your information) are the product.