Protecting your personal data doesn’t require becoming a privacy expert or abandoning the internet. Most of the meaningful protection comes from a relatively short list of changes that take an afternoon to implement. Here’s what actually matters, in priority order.

Priority 1: Secure Your Accounts

Account security is the foundation of everything else. If your accounts can be accessed without your permission, no other privacy measure matters much.

• Use a password manager with unique passwords for every account. Bitwarden is free and excellent. This eliminates credential stuffing — the most common cause of account takeover.
• Enable two-factor authentication on every account that supports it. Start with email (your master key) and banking. Use an authenticator app, not SMS.
• Audit and close accounts you no longer use. Old accounts are security and privacy liabilities with no benefit.

Priority 2: Tighten App and Device Permissions

Your smartphone is a data collection device that you also use to make calls. Most apps request far more access than they functionally need.

• Audit location permissions: iOS: Settings > Privacy & Security > Location Services. Android: Settings > Privacy > Permission Manager > Location. Revoke “Always” permissions from apps that don’t genuinely need background location (navigation apps may legitimately need it; games and news apps almost certainly don’t).
• Review microphone and camera access: These should be “Ask each time” or denied for apps that have no audio/video function.
• Disable ad tracking: iOS: Settings > Privacy & Security > Tracking — disable “Allow Apps to Request to Track.” Android: Settings > Privacy > Ads — opt out of ads personalization.

Priority 3: Improve Your Browser Privacy

Your browser is the most data-intensive application you use. Small setting changes have significant privacy impact.

• Use Firefox or Brave instead of Chrome for general browsing. Both have stronger default privacy protections than Chrome without requiring extension configuration.
• Install uBlock Origin — the most effective and lightweight ad and tracker blocker available. Works on Chrome, Firefox, and Edge.
• Set your default search engine to DuckDuckGo or Brave Search — Google search builds a profile of your search history linked to your account and cookies.
• Use HTTPS Everywhere or ensure your browser enforces HTTPS — modern browsers can be set to always prefer HTTPS connections in settings.

Priority 4: Reduce Your Data Footprint

Less data shared means less data at risk. You can’t un-share data already out there, but you can limit future collection.

• Use email aliases for service sign-ups (SimpleLogin, DuckDuckGo Email Protection, or Apple’s Hide My Email). Your real address stays out of marketing databases.
• Opt out of data broker listings. Services like DeleteMe automate this process, or you can manually opt out from the major brokers (Spokeo, BeenVerified, Whitepages, Intelius).
• Review social media privacy settings. Most people’s Facebook, Instagram, and LinkedIn profiles reveal more than they realize — check what’s visible to “public” versus “friends.”
• Don’t fill in optional fields on sign-up forms. Birth date, phone number, and address fields that aren’t required for service delivery don’t need to be filled in accurately or at all.

Priority 5: Network Security

• Use a VPN on public WiFi — coffee shops, airports, hotels. The risk of traffic interception on properly secured WPA2/WPA3 networks is overstated, but unencrypted or poorly secured public networks are a real concern.
• Use a privacy-respecting DNS resolver — your DNS queries reveal every website you visit. Cloudflare’s 1.1.1.1 or Quad9’s 9.9.9.9 are faster than most ISP defaults and more privacy-respecting.
• Keep your home router firmware updated — most router vulnerabilities are patched in firmware updates that the majority of home users never apply.

Know Where You Stand Before You Start

The Privacy Risk Quiz assesses which of these areas need the most attention for your specific habits and gives you a prioritized 30-day action plan. Start with your highest-risk areas for maximum impact with minimum effort.