Default privacy settings often aren’t very private. A tech columnist is back with Round 2 of his clickable guide to improving your privacy on all sorts of devices and online services.
It’s not just Google and Facebook that are spying on you.
Your TV, your cellphone provider and even your LinkedIn account have side hustles in your data. But in many cases, you can opt out – if you know where to look.
I dug into a bunch of popular products and services you might not think of as data vacuums or security risks and found their default privacy settings often aren’t very private. So I collected here some common settings you can change to stop giving away so much. Here are clickable instructions for televisions, LinkedIn, Twitter, Yahoo, cellphone carriers and WiFi routers.
Two weeks ago, I offered similar suggestions on the worst default settings for Facebook, Google, Amazon, Microsoft and Apple. Thousands of you told me about your experiences trying to protect your privacy and asked about how to go further.
Most Read Business Stories
- Costco takes rotisserie chicken supply chain under its wing
- Judge upholds Seattle cap on move-in fees for renters
- Seattle trucking-tech company Convoy gets $185 million delivery
- UK leader May hits back on Brexit plan; pound falls VIEW
- Ten years ago, WaMu's failure crushed Seattle's last banking giant | Jon Talton
What I learned is that despite the rhetoric from tech companies, few actually make it easy to be in control of your data. They hide behind menus as confusing as the floor plan at Ikea. I’m a professional gadget guy, and I found even I’ve gotten tricked into handing over too much by my TV maker and phone service.
Many of these companies collect our data so they can sell ads targeted to our specific behaviors and interests. They claim people prefer these kinds of personalized ads – but much more often I hear people complain targeted ads are creepy. You can love technology like I do and still be angry that Silicon Valley is making surveillance the price of using the internet.
At the very least, companies should be much more upfront about what they’re doing with our data. I couldn’t get straight answers out of many. Others made avoiding tracking or targeted ads so cumbersome, I couldn’t include them in this list I hope you can complete in half an hour.
The steps I outline below are small acts of resistance. But I’m hopeful we can send a message that we’re going to judge products on privacy – and the wise companies will learn to use it as a competitive advantage.
Your TV is watching you. Often, default settings (or screens you likely clicked “agree” to during setup) allow smart TVs, streaming boxes and cable services to track significant amounts of personal information. They know what you’re watching and what apps you use. In 2017, TV maker Vizio even had to pay millions to settle complaints from the Federal Trade Commission and the state of New Jersey for collecting this kind of data with users’ knowledge.
— Recent smart TVs from Samsung, the best-selling brand, track how you use your TV to target ads that Samsung inserts on menu screens.
During setup, the TV encourages you to agree to a bunch of terms of and conditions that include permission for “Interest-based advertisements.” You can say no them, but if you didn’t realize what was going on – or now you’re just not sure – you’ll have to dig into your TV’s settings to stop the tracking.
With your remote, go to Settings, then Support, then Terms & Policy, then Interest Based Advertisements and choose to Disable interactive services. (On older Samsung TVs, you might find this under the Smart Hub menu.)
You’ll find similar settings on smart TVs made by LG, Sony and Vizio.
What you give up: More-relevant ads.
— Roku streaming boxes as well as Roku-branded TVs made by TCL, Hisesne, Insignia and others by default track the channels and apps you watch.
To tell Roku to stop, use your remote to find Settings, then Privacy, then Advertising and tap Limit ad tracking.
What you give up: More-targeted ads in Roku menus. Roku won’t actually stop collecting data, though.
— Cable services also often track the programs you’re watching so they can target ads.
For Comcast, the largest cable company, turn off the targeting on the Web by logging into Xfinity.com or use this link, then going to My Account, then finding Alerts and Ad Preferences, then scrolling until you find Cable Targeted Advertising, tapping Edit near it, and then clicking Opt out and then Save.
Other cable companies have a similar functions with slightly different names. Spectrum from Charter calls it Additional Marketing and Targeted Television Ads or try this link. Verizon Fios calls it Relevant TV advertising.
What you give up: You’ll still get ads, but they’ll be less targeted.
Here’s my job evaluation for LinkedIn: Office busybody. Based on the assumption that you want to broadcast your professional life, the social network’s defaults expose a lot.
LinkedIn has some 60 data, privacy and advertising settings you can control. To get to them on your phone’s LinkedIn app, tap your picture in the upper left corner, then the gear icon in the upper right corner. On the Web to this link or go from your home screen to Me, then Settings.
Your profile is visible to the public and searchable on Google. Data shared by default could include your first and last name, your number of connections, your posts on LinkedIn and details of your current and past work experience.
Scaling back this information is most easily done on the Web. Go to LinkedIn, find Settings and then Privacy, then click on Change next to Edit your public profile. There you can turn off your public profile entirely and choose which details you’re comfortable sharing.
What you give up: There will be less info about you out there for ex-colleagues and would-be employers to find – as well as aggressive salespeople, crooks and stalkers.
— Every time you look at someone’s LinkedIn profile, LinkedIn tells them you were there.
Make your visits anonymous by going to this link or in the app from Settings to Privacy, then tapping Profile viewing options. There, switch to Private mode.
What you give up: Once you go private, you won’t be able to know who looked at your profile, either – unless you pay for a premium LinkedIn subscription.
— Every time you make an edit on your profile, LinkedIn broadcasts the change to your connections.
Turn off the oversharing by going to this link or to Settings, then Privacy, then click to change Sharing profile edits, and toggle it to No.
What you give up: Connections might miss an important update like a promotion – but you could always just turn this back on temporarily for a change you do want to broadcast.
— LinkedIn pings your professional connections when it’s your birthday, too. Why on earth?
Turning this off requires changing the visibility of your birth date in your contact info. This one involves a lot of clicks: On the Web go to the Me icon on your LinkedIn homepage, then View profile, then See contact info. In the window that pops up, click Edit, and there under Birthday, set it as visible to Only you.
What you give up: Birthday notes from people you met at conferences.
You can take steps to keep creepy advertisers out of your professional life, too.
— LinkedIn by default targets ads at you based on the personal data you enter and also by tracking other websites you go to. It even uses your data to target ads you see outside of LinkedIn.
Scale back access by using this link or by going from Settings to Ads in the app. There, I recommend switching most of the choices to No, including Insights on websites you visited, Ads beyond LinkedIn, as well as the many specific categories of data collected on LinkedIn (Connections, Location, Demographics, Companies You Follow, etc.) and towards the bottom, Interactions with businesses.
What you give up: More targeted ads, potentially including interesting job ads.
— LinkedIn can use your name and photo in ads you see. Who thought that was a good idea?
Use this link or under the Ads settings, switch off Profile data for ad personalization.
What you give up: You’ll no longer be asked to “picture yourself” in a help-wanted ad.
Unlike other social networks, most people assume what they do on Twitter is public. So maybe you’re not surprised to know that it’s in the business of selling your attention to advertisers, just like Facebook and LinkedIn.
– – By default, Twitter will try to target ads to you based not only on what you do on Twitter, but also your activity outside the social network, including information it buys from data brokers.
Turn that off on the web at this link, or in the mobile app by tapping on your profile picture, then Settings and privacy, then Privacy and safety, then scroll down to find and tap Personalization and data, then toggle off everything.
What you give up: The ads you see on Twitter will be less targeted, and some other aspects of your Twitter experience, such as recommendations for follows and news events, may also be less personalized to you.
Props to Twitter: Its defaults for permission to track your precise location and collect your address book contacts are both set to off.
Yahoo, now part of a company called Oath and owned by Verizon, is still used by millions of people for email, to follow news and explore the Web. And like its rival Google, Yahoo is making money by tracking you and selling your attention to advertisers. The good news is Yahoo keeps most of its settings in one Privacy Dashboard: yahoo.mydashboard.oath.com
Three defaults worth changing in Yahoo’s privacy settings.
— Yahoo tracks what you do across its sites and services – including the content of your email and messenger communications – to, you guessed it, target ads at you.
Turn it off from the Dashboard. Tap Personalized Advertising on our Products, and toggle it to off, or Disagree.
What you give up: You’ll see more generic ads, but not fewer ads.
— Yahoo is tracking your precise location from its apps and websites.
Turn it off from the Dashboard. Tap Precise Location, and toggle it off, or Disagree.
What you give up: Yahoo will still use your location in services (like the weather report) that require it, but not for serving you targeted ads
— Yahoo is following you across the Web to provide “personalized experiences” on other sites and – surprise, surprise – deliver more targeted ads.
To turn it off from the Dashboard. Tap on Oath Across the Web, and toggle it off, or Disagree.
What you give up: Personalized experiences on Yahoo partner sites.
Phone plans from AT&T, Verizon, T-Mobile and Sprint
Nobody knows more about where you go and what you do than your cellphone provider. And even though you’re already paying them for service, some want to make money off your data, too. Shouldn’t they be the ones paying us for our data?
— AT&T by default enrolls customers into what it calls a Relevant Advertising program that uses a broad report of your location (such as your Zip code) and other data to let advertisers target you in websites and apps you see on your phone. AT&T also tries to convince you to click yes – it had even gotten me – to opt in to a program called Enhanced Relevant Advertising that tailors ads using more detailed information, including your Web browsing, app usage, and precise location.
Turn off both settings on the Web at this link, or log into your AT&T account and tap your name at the top to bring up a menu, then click View profile, then Communication preferences, then click on Privacy settings. There, make sure both Relevant Advertising and Enhanced Relevant Advertising, are opted out for all your phone numbers.
What you give up: More targeted ads.
— Verizon’s data programs include a partnership with Oath that makes it easier for them to track you for advertising. It also has a business selling aggregated data from customers that includes the websites we visit, apps we use and the places we go.
A Verizon spokesman didn’t answer my questions about the company’s defaults. You can make sure you’re opted out of both programs by using this link, or logging in to your Verizon Wireless account, then going to My Profile, then privacy settings. There find Relevant Mobile Advertising and Business & Marketing Insights, and set both to Don’t use my information.
What you give up: More targeted ads.
— T-Mobile’s data programs potentially allow advertisers and T-Mobile’s partners to target you based on your location, Web browsing and app activity.
A T-Mobile spokeswoman said she wasn’t sure what the company’s default settings were. You can check that you’ve got them all turned off by logging in to your T-Mobile account, then tapping Profile, then Privacy and Notifications. There, turn off Interest-Based Ads, Web Browsing & App Information and Device Location.
What you give up: More targeted ads.
— Sprint wants to use data about the websites you visit, apps you use and broad location data for its so-called Mobile Advertising Program – but participation is turned off by default.
Check your settings on the web by using this link, or by logging into your Sprint account, going to All about my account, and then tapping Manage mobile advertising and reporting preferences and making sure Do not use my info is selected.
While you’re there, you might also turn off Business and marketing report preferences – on by default – which allows Sprint to sell your anonymized data including precise location information to marketers and researchers. (Sprint says it is one of the few companies that even gives you the option to opt-out of such a program.)
What you give up: More targeted ads.
Here’s a concern that’s as much about security as it is privacy: The default administrator password for your home WiFi router likely is . . . “password.” That’s a problem because anybody within range could log in and change your settings – or, worse, hack into your devices.
Many home routers come with generic passwords that they intend for you to change, even if most people don’t. This isn’t the password you use to get on the WiFi – it’s the control panel that runs your router. The most common is username: admin, password: password.
One common way to access your router’s control panel is to join your home network, then type into a Web browser bar http://192.168.1.1/ If that doesn’t work, try http://10.0.0.1/ or http://routerlogin.net If none of those work, try Googling your router’s brand name and router login. Then log in – try starting with username: admin, password: password. If that doesn’t work, you might have changed your password at some point, so congratulations! Or it is possible your router has an unusual default password, so Google for your brand’s default admin password. Once you’re in, find your way to settings and change your password to something more unique.
While you’re there, update your router’s software (called firmware), too, to keep you safer from hackers.
What you give up: Now there’s one more password you need to keep track of – which is why you should get a password manager, a topic for a whole other tech column.
– With contributions from The Washington Post’s Hayley Tsukayama.