Every action I took to protect my data took too long, cost money or wasn’t user-friendly to anyone born before 1981

My favorite tale of privacy involves a lot of unexpected players. I was camping in Michigan last summer
and had a hankering for pizza. As I stood in line, the server asked a customer ahead of me for a phone number. He gave the number and the lady behind the counter looked at the screen, looked at the man and looked at the screen again. “I have a large pepperoni and sausage to-go for Mr. Barack Obama,” she said.

Had I somehow happened upon our 44th president’s secret pizza place? Not likely. The patron in front of me was in his 60s and … white. He paid in cash and used a fake name, but it’s pretty hard to order pizza without at least providing a phone number. But why does a tiny pizza place in Michigan care that much about your data? How concerned should you be about the info you share, the online searches you make or even the email messages you send? 

For this issue of Luckbox we’re all about keeping it tight—security-wise, that is. Carissa Véliz, author of Privacy is Power, writes, “to change our privacy landscape, we have to write about it, persuade others to protect their and our privacy … unveil the inner workings of the abusive system that is the surveillance society … envision new possibilities, and refuse to cooperate in our own surveillance.” My mission for the magazine was to perform a “security shakedown” of my own practices.

After a rigorous week of implementing protocols, my main takeaway is that privacy is regarded as a privilege and should be treated as a right. I’ve spent the last week making data privacy and security my job and, luckily, I got paid to do it. But what’s the incentive for everyone else? Every action I took was either time-intensive, had costs associated with it or wasn’t user-friendly to digital non-native users or anyone born before 1981. Here are some of the steps I took. 

Once more into the breach …

Like one of those unfortunate souls in a TV ad that runs at 2 a.m., you may be a victim of a large class of wronged people. Hackers have swiped your data if you’re among mesothelioma patients, belong to the Boy Scouts or frequent Home Depot. The majority of consumers have been the victim of at least one data breach. Equifax, Target, your shady ex—take your pick. At a site called Have I Been Pwned (pronounced poned for those born before ’81) you can check your email address and usernames against hundreds of known compromises. Updates in Google Chrome and Apple’s iOS also run searches against your information compared to known breaches. Bad news … I’d been pwned! The problem a lot of people face is using the same password for multiple sites. Which brings me to…

May I speak to your password manager? 

Everyone should use a password manager, like LastPass or 1Password, to generate unique, complicated passwords for each account. My S3xyKitty69 had been breached so I signed up for LastPass, and girl, this was harder than it needed to be. First, Google wanted to override everything with its autofill feature. I have spent much of my online life giving Google access to my passwords, so I had to export my passwords in a .CSV file and then import them into LastPass. LastPass’ freemium model means basic features are free, but using it across devices will cost you between $36 and $48 annually. I will say I will probably pay (my own money) to use the family feature because it would allow access to my parents’ passwords and that will come in handy as they get older. 

Duck duck go change your browser

The third recommendation is to protect your web browsing activities. Facebook really changed the game with its super cookies that can track what you do when you’re not even on Facebook. I installed an ad blocker called Ublock Origin that prevents my data from going to advertisers, and I also installed mobile and web extensions of the browser DuckDuckGo. I’m running so many extensions I could be a contestant on The Bachelor. Duck’s commitment to privacy is refreshing, and they tout stats like “Google trackers are on 75% of websites” and “your data remains in Google indefinitely.” I did run into some issues with some pages or links not loading, which I’m assuming happens because of the protocols DuckDuckGo has set. One search I ran was for a mechanic to install some heavy-duty tubes in my dirt bike tires. On Google, that search would return a nice Google map of places linked to a company’s Google business reviews. On Duck, I got a lot of YellowPages links (What year is this?) and links to Yelp. I could’ve just searched Yelp myself. But dedicated to this experiment, I took my bike to a random place I found on Duck. The mechanic turned out to be great, but Google is nearly a monopoly for a reason. I will say that Duck reduced the number of eerie ads I saw on my Instagram. You know, the ad for the thing you just emailed your friend about. For that alone, I’m keeping it as my browser. 

Opt to opt out 

You should learn who has your data. Worldprivacyforum.org has the most comprehensive list of data brokers and instructions for how to remove yourself from their systems. Some of the methods were pretty easy, but others wanted me to send a letter in the mail. Um, I don’t even know how much stamps cost. Baked-in features to your smartphone also allow you to prevent
calls from unknown numbers and remove yourself from some email lists. It was a step I hadn’t thought of organically, but again it was time-consuming. 

New email, who dis? 

Everything old is new again. Remember back in the day when you gave the number to Empire Carpets 588-2300 to the shady dude at the bar who wouldn’t leave you alone? Little did you know that you were a privacy pioneer! Burner phone numbers and email addresses are all the rage now. Companies can actually embed trackers in an email to find out when you opened it, how long you read it and if you clicked on anything. They can also spam you to within an inch of your life. Apple’s new iOS 15 has a “burner email” feature if you’re a customer of their iCloud service (starting at 99 cents per month). I signed up and got my new Apple burner email account. It forwards emails to an account of my choosing, but no one is the wiser. I signed myself up for a bunch of newsletters and web forums. Again, you need to have the time and the resources, and in this case a newer iPhone to use, but it totally works and I’ll be keeping this feature as well. So what did I learn? There’s a crap ton of my data already out there, and once it’s out there it’s hard to get back. Keep your software up to date and, sadly, you should probably read the privacy policies of the sites, companies and apps that you use. Also, a lot of this is “privacy theater.” I feel super smug that I’m an Apple user and I believe Tim Cook cares about me and I use the “do not track” on my iPhone, but new research coming to light shows it’s probably like the walk button at a stoplight and doesn’t do much of anything.

But setting up alerts for your banking info, breached passwords and unauthorized logins can go a long way to keep you abreast of dirty deeds tied to your identity. It’s not just what you post online, it’s the apps you use and the hardware you use to do it.

All of this is easier for those who have easy access to the latest tech, fast internet and the ability to subscribe to security services. Because a company has a harder time getting my info now, they’ll move on to someone else and that sucks. Hopefully, Congress or the Federal Trade Commission can hold companies accountable for how they handle data. Waiting for the government to do something means we all get pwned, so take matters into your own hands. 

Vonetta Logan, a writer and comedian, appears daily on the tastytrade network and hosts the Connect the Dots podcast. @vonettalogan