Linfield Free Press

Mitigating Facebook’s Surveillance

Published by Cale Byers on

Filed under Tech

While using Facebook, Instagram, or WhatsApp, you can minimizing your information exposure, reducing their knowledge of your private life. Instagram is controlled by Facebook and shares some core technology, so it’s also addressed in this post. WhatsApp is also operated by Facebook, and if you backup your messages, they’ll be stored in an unencrypted format accessible to Facebook.

Some basic privacy settings:

Limit discoverability. Prevent people from finding your account with your phone number or email. Block search engines from listing your profile. Require tagged photos or posts to be approved before appearing on your timeline. Adjust your profile visibility. Do you want to hide your friend list? Should anyone be able to send you a friend request, or should they have to have mutual friends? Go through the settings, and decide what you are comfortable sharing publicly.

An effective way to reduce surveillance is to limit usage of social media. When you’re not using their services, they know less about your behavior and thoughts. For some people, it’s important to have an account, and it helps maintain connections. For any social networks, consider how your information is collected, and determine if you have any ability to block or reduce that usage.

After cleaning up some default settings, consider deleting the Facebook app from your phone. This prevents any potential audio recording for advertisement targeting, and it improves your battery life. Apps that frequently update and notify you will consume more power, and screen time, generally highest for social media, drains your battery fastest. Deleting the app saves a lot of space, and it may help you save time, reducing the urge to check it.

Using Facebook’s mobile site instead of their app has a few minor drawbacks, but I appreciate the privacy and control afforded by web-browsers. Sharing photos is more cumbersome with a phone’s browser, but that’s an issue with phones, not Facebook. I don’t find myself uploading photos very often. Even if using a laptop, I prefer the mobile site, because it’s simple, loads quickly, and isn’t cluttered with ads. You can even send messages in your browser, no longer needing the Messenger app. If you depend on key features like audio or video calling, you’ll have to use the app. You can also consider other messaging apps and evaluate which one best protects you depending on the circumstances. I prefer Signal, which encrypts messages by default and doesn't store usage history on their servers.

Instagram is also great as a website. It’s easy to post photos from your gallery, and all the same editing options are available. You can upload photos to your story, but adding text, stickers, polls, or other fancy filters/lenses aren’t supported. You can’t send messages, which is the biggest drawback to using their website, so I keep the app but don’t share my microphone or location.

WhatsApp is very convenient and has end-to-end encryption, but be aware that unencrypted backups can expose your information to Facebook. As mentioned above, Signal is another option worth exploring, but WhatsApp’s popularity is great for keeping in touch with friends. In either case, WhatsApp is better than sending unencrypted text messages with your cell carrier.

General Advice for Installed Apps

Evaluate the bare minimum information exposure for using an app. Does it really need your location? Or constant access to your microphone and cameras? Most apps don’t actually need your contacts, except to spam others into signing up and friending you. Although a contact file may seem trivial, it contains the identities of significant people in your life; your family, friends, workplace, and other details can be extrapolated and analyzed in undisclosed ways.

Most apps have limited privacy controls, and you can’t inspect their behavior as easily as within a web-browser. Recent scandals have exposed how apps can record your screen, and other secret data is routinely sent in the background. If you decrypt your phone’s network connections with a proxy like Charles, you can observe apps sharing private information such as battery level, network information, device IDs, and other data.

The only way to block this behavior is with Domain Name Server (DNS) filtering, or a network firewall. However, Facebook’s technical sophistication renders DNS filtering useless in most cases. Their apps manage to download advertisements and leak private information regardless of your efforts to stop them. Your best chance at improving your privacy is to use a website instead of their apps, and install content blocking software for the browser.

A new post about content blocking and browser security will be published soon. For now, you can visit my personal blog and read about online privacy tips.