How to Protect Your Online Privacy

The 4 Pillars of Digital Defence

Real privacy is not one app or one browser extension. It is a practical system. Think in four areas and you stop missing the obvious gaps.

Network Security: Your First Line of Defence

Whenever you connect to the internet, your provider can still see that you went online. Without a VPN, it can also see the sites and services you connect to much more directly. A VPN hides the contents of your traffic from your ISP, but it does not make you invisible. Your ISP can still usually see that you connected to a VPN server, along with basic connection metadata such as timing and bandwidth use.

• Use a trustworthy VPN: Pick a provider with independent audits, a clear logging policy, and a long enough track record that people have actually tried to verify its claims.
• Enable HTTPS-Only Mode: Set your browser to prefer secure HTTPS connections wherever possible. This helps cut down exposure on dodgy public Wi-Fi and badly configured sites.
• Do not treat a VPN like a magic cloak: It protects one layer. Websites can still identify you through logins, cookies, browser fingerprinting, and the data you hand over yourself.

Passkeys and MFA: Protect the Account, Not Just the Device

The biggest weak point in most people’s setup is still the login. If someone gets into your email account, they can often reset half your digital life from there.

• Use passkeys where available: They are easier to use than most people expect and much harder to phish than a normal password.
• Turn on MFA everywhere important: Email, banking, password managers, cloud storage, and social accounts should all have a second factor.
• Prefer stronger MFA over SMS when you can: App-based prompts, authenticator apps, passkeys, or hardware security keys are generally better picks than text messages.
• Use a password manager for everything else: Until passkeys are everywhere, you still need long, unique passwords for every account.

Browser Isolation and Fingerprinting

Your browser is still one of the biggest privacy leaks on your device. Even with cookies blocked, sites can still learn a lot from your browser setup, extensions, screen size, language settings, and login behaviour.

• Keep extensions lean: The more odd little extensions you install, the more distinctive your browser can become.
• Stay signed out when you do not need to be signed in: Logging into big platforms turns ordinary browsing into highly attributable browsing.
• Use content blocking sensibly: Blocking trackers and scripts helps, but breaking every site is not the goal. Aim for practical privacy you will actually keep using.

Data Clean-Up: Removing What Is Already Out There

Prevention matters, but so does clean-up. Data broker sites can pull together your old addresses, phone numbers, relatives, age, and other public-record style details into a tidy profile that strangers can search in seconds.

You can request removals yourself, or use a paid service to handle the grind for you. If you do it manually, start with the largest people-search and broker sites first, then set a reminder to repeat the process because listings often come back.

• Manual route: Search your full name, old addresses, mobile number, and common username variations.
• Paid route: A broker removal service can save time, especially if you have moved a lot or your details are already widely indexed.
• Do not forget old accounts: Closed forums, shopping accounts, and abandoned social profiles are often the soft underbelly of your privacy footprint.

Mobile Hygiene

Your phone is easily the richest source of personal data you carry around. It knows where you go, who you speak to, what you install, and often what you search and buy.

• Audit permissions: Check which apps have access to your location, microphone, camera, photos, contacts, and Bluetooth. If an app does not genuinely need it, turn it off.
• Update your OS promptly: Putting off updates leaves old holes open for longer than necessary.
• Review sharing settings: If you use an iPhone, Safety Check is worth knowing about, especially if you have ever shared your location or account access with someone and want a quick reset.
• Know when Lockdown Mode makes sense: It is not for everyone, but if you are at elevated risk of targeted spyware or high-end phishing, it is one of the strongest built-in protections available on Apple devices.

Email Aliases and Burner Accounts

Your email address is still the nearest thing you have to a digital passport. Give out the same address everywhere and sooner or later it ends up linked across shopping accounts, newsletters, breaches, and phishing lists.

Use aliases: Services like SimpleLogin or Apple’s Hide My Email let you create a different address for each sign-up while still forwarding everything to your real inbox. If one alias starts attracting spam or appears in a breach, you can disable it without touching the rest of your accounts.

Keep your real inbox private: Save your main address for important accounts only, especially your bank, primary email, password manager, and anything that handles identity checks or recovery links.