Lie. About. Everything.
Many online services demand that you divulge some information about yourself if you want to do business with them. If you don't want to share, you can either choose not to use that service -- or you can provide false information. Don't use your real birthday, email, address and phone number on social network sites, and don't use real answers when creating answers to challenge questions, says Robert Hansen, a security researcher and director of product management at the website security consultancy WhiteHat Security.
"Never give out any real information about yourself unless absolutely necessary. Lie about everything. That's basic operational security," he says.
You may, of course, need a working email address to validate an account. You can create a webmail account specifically for this purpose, or you can use a service such as DoNotTrackMe, which creates "disposable" proxy email addresses and phone numbers for this purpose. Yahoo Mail also offers disposable email addresses.
Create personal and professional personas
Stamm creates and maintains separate personal and professional online profiles for browsing the Web. Specifically, he uses separate instances of Firefox for each persona. "The experience is less noisy," he says, because his personal and professional web histories aren't mashed together.
Casey Oppenheim, CEO at anti-tracking software vendor Disconnect, recommends using one for Web surfing and another to log into your online accounts like Facebook, or Twitter -- to reduce cross-site tracking.
Understand how much you're paying before signing up for "free" apps and online services
By now most people realize that the price you pay for using "free" online websites, apps and services is measured in data collected about you. The question you need to ask is: How high is the price?
Understand exactly what data you are giving up and weigh that against the value of the app or service you're receiving in return. For example, you might need to share an email address for your Facebook account, but you don't need to share your telephone number and location data, or allow search engines to index and link to posts on your timeline. You can lower the price somewhat by taking advantage of available privacy controls that let you limit the types of data collected or how it's used and shared.
But privacy policies can change at any time, and no one knows what will happen to that data in the future. If the developer of an app goes out of business, for example, your data may be sold. Which is why you should always...
Delete your unused online accounts
Do you leave a trail of orphaned accounts behind you as you try different online services? Close them down, or that trail of digital relationships might come back to haunt you. "There are dozens of social networks that came and went over the years, and I think I signed up with every one of them along the way," says Mozilla's Fowler.
Many of the services you sign up for eventually disappear. "When they do, that information about you will be sold to someone at some time as an asset," he says, and the value of those assets is based on how many users they had and what they know about them.
The deeper they got with their customers, the more valuable the assets. "You have no idea how it's getting used or where it might resurface at another point in your life, so it's important to take this seriously," he says.
Tips for surfing the Web silently
(Also see on page 2.)
Block "third-party" cookies
The publisher of the site you visit isn't the only organization that knows about your online browsing activity. Many pages have third-party widgets on them that track your computer's online activity as you move from one site to another on the Web. They do this to sort people (or more specifically, the cookie IDs associated with each person's computer) into groups that can be targeted with "behavioral advertising" based on interests gleaned from your Web-surfing habits.
One way to minimize your exposure to this kind of marketing and data collection activity is to turn on third-party cookie blocking in your browser. Safari enables this feature by default, while Internet Explorer, Chrome, Firefox and other popular browsers offer it as an option. If you prefer not to have your browsing activity tracked for behavioral advertising purposes, you should also turn on the "Do Not Track" option found on all popular browsers. This feature sends a "DNT" signal from your browser to Web publishers when you visit their sites.
Go private with your browsing
If you want to minimize your data footprint at home or in the office, or wherever others have physical access to your computer, consider using a secure browser such as WhiteHat Aviator, Dell's Kace Secure Browser and Comodo Dragon. Alternately, you can use the secure browsing mode in Chrome, Firefox, Safari or IE. This will block third-party cookies, delete first-party cookies at the end of a browsing session and leave no trace of your browsing history and search history on your computer.
"Blocking cookies and clearing them regularly stops most cross-site tracking," says Brookman.
Be aware, however, that some sites, such as Google, Yahoo and Microsoft, offer single sign-on for all services. So when you sign onto your Gmail account, for example, all of your information -- user name, password, webmail, images uploaded, etc. -- persists on the provider's servers.
In addition, your search activity can be tied back to your account and the search history maintained, along with your activity on all other services -- unless the provider's privacy policy precludes it or the vendor offers privacy controls you can use to prevent that information from being stored.