Protecting yourself on social media

Published on Apr 3, 2018 by Derek Eder

Co-authors: Derek Eder, Eric Sherman, Don Chartier, Hannah Cushman, Josh Kalov, Scott Beslow, Matt Chapman

This guide is for people who are concerned about use of their data by social media platforms like Facebook, Twitter, Instagram, Snapchat and Google and its effect on themselves and the world. Though Facebook is emphasized in the guide, most of these steps and principles can be applied to just about any web platform.

The tactics below are listed in order of effectiveness and by what may be most realistic for you (#4, deleting your accounts, being most effective, but most radical). Read through them and see which ones you’d be willing to do.

Why should I care?

In our current technological landscape, choosing not to decide or make any changes gives you the least power. You are still making a choice that affects what information is available about you and who has access to it. Being mindful, informed, decisive, and preventative are key.

It’s difficult for many people to take the dramatic step of deleting their account, as many of us rely on social media to stay connected with our social networks. Still, taking any of these steps will help to protect your privacy.

Change the way you use and interact with social media
- Review your privacy and data sharing settings and make sure they’re set to what you want. By default, most of your data is open to the public or any user of Facebook, Twitter, Instagram & Snapchat.
  - Wired guide on how to lock down your privacy settings
  - A guide to Twitter’s Privacy settings
- Be aware that that most social media web features are algorithmically driven to make them as addictive as possible. They are designed to show you posts you are most likely to ‘engage’ with. The more you use and engage with their product, the more money they make from selling ads.
- Remove any profile information you don’t want public or used to target you for ads. Be mindful that a post announcing your birthday or age or location isn’t that different from listing it in your profile – if you feel squeamish listing it, think twice about posting it. Keep in mind, though, even if you delete your profile information, Facebook still retains it internally.
- Avoid using Login through Facebook, Twitter and Google on third-party apps, such as Spotify, if possible. When you choose to log in through these platforms, you are providing your data to the third-party application. For example, when you choose to login through your Facebook account, the third-party app will ask you for permission and show a detailed list of your data that you are agreeing to share with them. You can opt out of these item by item.
- Take full advantage of each platform’s information on data and privacy. For instance, through Facebook you can conduct a Privacy Check, which walks you through the various ways you’ve given permission to have your data shared. You can review this at any time and make any changes. Do this regularly. Facebook also provides an opt-in feature to make private messages encrypted. This means that not even Facebook will be able to see the content of your private messages if you enable this feature.
Lock down your browser when using social media and the web in general
- Much of how Facebook, Twitter, Google, Instagram & Snapchat track you isn’t through the apps or websites themselves, but via a network of partner websites that collect and share data among themselves. You are being tracked on just about every website you visit, but it’s possible to block most trackers. For Firefox & Chrome, install these add-ons / extensions on all your devices:
  - HTTPS Everywhere, forces HTTPS connections (which are more secure) for all sites when possible
  - uBlock Origin or Ghostery, blocks trackers and ads
  - Privacy Badger (desktop only), blocks ads and trackers (this may break some sites when it’s turned on)
  - Mozilla’s Facebook Container Extension (desktop only): It hides/obscures much of the data that you send to Facebook when using the site
- Use secure browsers like
  - Brave - comes with built in ad blockers and privacy features
  - Tor Browser (Windows, Mac & Linux), Orbot (Android), Onion Browser (iPhone)
Delete or hide social media apps on your smartphone
- Related to #1 above, using social media on your smartphone will inherently leak a lot of data about you, including your location, contacts, and potentially data from other apps you have installed. Take a look at all of the permissions the Facebook app asks for. Delete these apps from your phone.
- Ever find yourself instinctively pulling up your phone when you have a dull moment? This is by design. For example, Facebook’s News Feed is the most addictive feature of their app and the primary way that the platforms tries to manipulate or influence you. Remove social media apps from your home screen to resist the temptation, or delete them entirely. You can still use the website on your laptop or desktop computer.
- Turn off notifications so you don’t reflexively use these apps, and therefore provide even more data.
Delete your social media accounts entirely
- The most effective way to protect yourself is to not use social media at all, though this is an extreme measure that many people aren’t willing to take.
- Guides for deleting accounts
  - Facebook
  - Twitter
  - Instagram
  - Snapchat
  - Google (if you use Gmail or other Google apps, make sure you set up accounts on other services ahead of time)
Engineers: Consider whether systems you create or maintain can be exploited
- Consider whether the tools you create – those with a perceived good – can be used for exploitation. It’s your job as an engineer to stand up against wrong and to say no to building systems of influence. These systems cannot be built without engineers to build them.
- If the tools you’re creating can be used for systemic targeting, consider how groups or individuals can use the same tools can be used by those with mal-intent.
- If you have any ethical reservations with the tools you’re building, it’s okay to talk to someone outside of your company.
- Never forget about security when building systems. It’s difficult to prevent all leaks, but it’s still possible to reduce the likelihood of a leak.

The Big Picture: Why is it so difficult to control my data? Isn’t it mine?

Laws and regulations are the best way to protect the rights of individuals. It takes a long time for new concepts and technology to assimilate into society, and even longer for our society to change laws. Political and social pressure is the best way to fix this problem in the long term!

In historical context, social media and data on the web, especially at scale, are still very new concepts. The Internet more or less came into being just a few decades ago.

For example, firearms first found their way into Europe around 1340. However, while the English didn’t establish any law about individual rights to arms until 1689, significant laws about guns at all didn’t exist in either England or the United states until the early 1900s.

That’s about a 600-year gap, folks!

In comparison, very few laws have been written to govern usage and ownership of data. Even fewer directly concern data and information on the internet.

That ain’t right! How can we change this?

Laws generally change to reflect society’s values. If we want to change this dynamic, we need to inform and empower our fellow citizens, stay organized, and put pressure on both corporations and our civic institutions to better reflect our values.

Europe has more coordinated and explicit data protections and we could too!