Thanks to the basic data protection regulation, the privacy settings of major online service providers such as Google or Facebook are finally moving to the forefront. This gives us users better control or at least insight into what Big Data companies know about us and with whom they share the knowledge. Here we show you the most important privacy settings of Facebook, Google, and WhatsApp and refer you to more private alternatives to the big services.
Jumps to section:
- Better protection of Android smartphones against unauthorized access
- Privacy settings on Facebook, Google and WhatsApp
- Alternatives and further tips
- Set screen lock
- Set a SIM PIN
- Withdraw app permissions
- System update installation
- Use user profiles and private areas
- Attach an app
A good display lock is one of the easiest steps to more security. Only those who know your code can operate your smartphone. You can choose between a blocking pattern, a four-digit PIN or a password. You can configure the locking screen in the settings under Security. This code also improves device encryption. A smartphone encrypted in this way is unattractive for thieves in many respects, as its memory cannot be read out and, thanks to the reactivation lock, it can only be used as a spare parts store even after resetting.
Even if the smartphone starts a little faster, don't be tempted to remove the SIM card's PIN lock. If a thief can use your phone number unhindered, this helps him with two-factor authentication or identity theft in simply verified chat apps like WhatsApp, Telegram or Signal. In the worst case, it can use your online banking because he receives SMS-TANs. But above all and easiest he could call at your expense.
You'd be amazed to see what app developers know about you. You can deny them a lot of data by regularly checking and revoking app permissions. The app "Bouncer" costs only a dollar, but takes over the role of the authorization house manager on your smartphone.
Important updates from the manufacturers should always be installed in order to close any security gaps. This is relevant for your privacy, since attackers can use these gaps to copy your SMS, e-mails, photos and the remaining data from your device, sometimes wirelessly, without you noticing. You can easily avoid this.
The notification of available updates is now arriving on many devices on a monthly basis. Don't ignore them, but make your smartphone secure again. Installing the update on newer smartphones doesn't take long. Thanks to an additional partition, updates can be installed in the background and activated after a reboot.
If an official update is no longer available, it is worth searching for a compatible custom ROM for your device. So you can bring even an old Samsung Galaxy S5 back up to date. At the same time, you can also rely on a ROM with MicroG framework to prevent espionage by Google.
If you're using different Google accounts (such as business and personal), you can separate them into two storage areas on one smartphone. Unfortunately, not all smartphone manufacturers implement the Android feature in their user interfaces to create different user profiles.
Huawei/Honor, for example, interprets the feature in its own way and uses so-called private areas. Samsung creates the app twin for certain apps. These are also protected by additional security precautions and safely separate the storage areas from each other.
If you want a single app to always stay in the foreground and the home button to be locked as well, you can now pin single apps to the foreground since Android 5.0 Lollipop. You first have to activate this function in the security settings under "Attach screen". Then you can see the small pin in the lower right corner of each app preview in the app overview. For full security, you also activate the screen lock before the screen lock is released.
If you lose your smartphone or it gets stolen, you can locate it from a distance. Unfortunately, the location service continuously records data so that Google or known security authorities can track you unnoticed. So at least switch off the recording of your movement profile on Google. Other location-sensitive apps such as Mobike should be denied access (see above).
Now it is important that you use the location service in your sense and don't pass on unnecessary data to Google. How you can interrupt, stop or delete these and many other ominous Google recordings is explained in our special article.
Keep in mind that your smartphone does not only share the location with Google. Your mobile phone provider also knows where you are at all times, at least through its cell triangulation. If you make an emergency call, this is of course an advantage. Because then the employee in the emergency call center can determine your position, if you could not describe it exactly.
Facebook is by far the largest social network. Many people use it almost exclusively to keep in touch with friends or acquaintances. Some services and events are exclusively organized there. Once registered, you can share photos, links and texts with friends or in your filter bubble. So that you or a stranger don't publish embarrassing things about you, you should check your privacy settings regularly. We'll show you how to do this in a separate article.
But even if the app is not open, it is still busy collecting and sending data. Uninstall it as far as possible. Some smartphone manufacturers even require you to connect to a computer and work with a command line, see our instructions.
A paranoid alternative for Facebook and Messenger is the open-source app SlimSocial. The app looks like the Facebook app five years ago, is a few hundred kilobytes in size (200 times less than the Play Store app) and has a chat function directly in the app. Everything looks a bit worse than in the original, but stops the data flow in the background.
With Facebook's chat service, your hands are tied for data protection reasons. While the chats themselves are end-to-end encrypted, the complete metadata is visible for Facebook. This means that the head office knows who communicated with whom for how long and when. In addition, your telephone number is quasi-public. As soon as a contact pulls you into a group, which you can prevent in the meantime in the settings, everyone in that group can see, save and pass on your telephone number. WhatsApp announces this in the user agreement, but could still surprise you. If you don't like this, we recommend alternative chat services.
Using WhatsApp paranoidly
If you're still dependent on Messenger (I know group pressure is overwhelming in the long run), you can use WhatsApp on a different mobile number than your main number. When you set it up, you can deny WhatsApp access to your contacts so they won't be copied to Facebook right away. Who then wants to contact you, should ask you individually on another channel for your dedicated WhatsApp number.
You can also use Android without Google apps and services. The reliable option would be to overwrite the entire operating system partition. But this is only possible with some smartphones, is complicated and may cost you the warranty claims. Thanks to a cooperation between the developers of the Google service replacement package microG and the team behind Lineage OS, many problems with a Google-free Android could be solved in everyday life.
If your Chrome and Google is replaced by Firefox Klar or even the TOR browser and DuckDuckGo, it will be much more complicated for website operators to analyze your surfing behavior. Because when leaving the website or at least when closing the browser, they delete your tracks. Websites can only create a user profile of you with more effort.
WLANs are only secure to a limited extent; especially if you do not know who is still connected to them. So encrypts the Internet connections of your own devices over a virtual private network (VPN). We will show you in a separate article how to set this up and which free services are available:
There is plenty of information on the net about why we should not trust apps like Facebook, WhatsApp, Google and the like. Prism-Break offers you a privacy-friendly alternative for each of them. The Degoogle Subreddit wiki also provides you with a list of alternative web services to privately secure your calendars, contacts, and the like.
Privacy: Your control is limited
A completely data protection-friendly operation of a smartphone is virtually impossible. As soon as you connect to the mobile network, your provider can locate you. And as soon as you establish a data connection, your smartphone sends telemetry data to several services; some anonymous, some not.
Only Purism with the Librem 5 really wants to make it better. Killswitches for GPS, GSM, microphone and other components are supposed to have this, with which you physically deprive the smartphone of the right to observe you. In practice, however, this device also has to struggle with start-up difficulties (see blog post).
With your existing Android smartphone and the use of supposedly free services like Gmail, Facebook, WhatsApp or Google Maps you have to decide: Be completely anonymous or pay the price with a part of your privacy.