tl;dr: scroll down to the part in bold if you just want a pro-privacy action item.
Digital privacy has been in the news a lot, though you’ll be forgiven for missing it. About a year ago, the European General Data Protection Regulation (GDPR) became active. You may have noticed that you received an email about updated privacy policies from every single website you’ve ever had an account with. The California version of those regulations (CCPA) was passed a few months later. What do these laws do? Well, a lot; Wikipedia has a good summary of the CCPA:
The intentions of the Act are to provide California residents* with the right to:
- Know what personal data is being collected about them.
- Know whether their personal data is sold or disclosed and to whom.
- Say no to the sale of personal data.
- Access their personal data.
- Equal service and price, even if they exercise their privacy rights.
Writ large, these sound like good ideas. I will note that this is in conflict with how many of us experience the Internet today**.
Right now, companies are announcing very small changes to privacy settings, largely for PR purposes (Vox: Google’s Privacy Changes Are Mostly Marketing). They’re basically hoping that enough people won’t opt out of data collection to affect their business model. I recommend opting out! Here’s how to change your browser settings to limit your exposure to the tracking ecosystem:
- Safari: Safari -> Preferences -> Privacy; check “Prevent cross-site tracking” (checked by default after a recent update)
- Firefox: Follow the instructions to disable third-party cookies
- Chrome: Don’t use Chrome if you care about this issue. Would you use a browser developed by Facebook? However, if you must: Settings -> Advanced -> Privacy and security -> Content settings -> Cookies; turn on “Block third-party cookies.” Like I said, Google is not particularly interested in you checking this buried option.
You can also do this on mobile devices, though the instructions vary by device, so I’d recommend looking that up yourself. Note that some sites use these in non-nefarious ways; they will probably tell you if you’re causing a disruption in your service. Notes below the fold.
*GDPR and CCPA only apply to companies with users located in their respective jurisdictions, but given how the Internet works, that is pretty much all sufficiently-large companies.
**Many ‘free’ services, such as Gmail, are funded by a Faustian bargain: in exchange for the service, the user’s information is mined as part of a broader tracking ecosystem. This data is then used in targeted advertising. If enough people opt out of data collection, the story goes, then this funding model will go out the window. What will replace it is anybody’s guess.
Full disclosure: I currently work at an ad-tech company. The opinions expressed are my own etc. This contains no privileged information etc.