To help us provide you with free impartial advice, we may earn a commission if you buy through links on our site. Learn more

How to protect your online privacy

Worried about snooping as you browse, watch and buy things online? Here are some simple ways to protect your online privacy

Your online privacy is increasingly at risk. Even if you’re not worried about state snooping, the internet giants are busy collecting information about you and using it to build an ever-clearer picture of your life and interests.

True, there might not seem any harm in it, but there’s no telling how your data might one day be exploited to sell you products and services, adjust insurance premiums or change your credit rating.

Then there’s the risk of hacker attacks. When so much personal information is online, crucial details could be stolen before you even know about it. You could even fall victim to identity theft, or see your credentials taken and used to scam others. Luckily, there are steps you can take to improve your personal data security and give you a greater level of privacy.

READ NEXT: How to use a VPN

Don’t get tracked on the web

One threat to your privacy is the way that social media services and websites try to follow you around the web. Facebook is particularly notorious for this behaviour. You might visit a website that appears to have no connection with a social network, but behind the scenes, its HTML code is requesting a cookie from Facebook, alerting Mark Zuckerberg’s empire to the fact that you’re visiting that site. Facebook then personalises the adverts you see, both on Facebook and elsewhere.

You can opt out of this by delving into Facebook’s options – and many other sites and services do the same. However, it’s a pain to do this across multiple sites. is a useful website that lets you opt out of personalised advertising from more than 100 tracking systems (including Facebook and Google) with just a few clicks.

This doesn’t stop tracking altogether, though – just for online advertising. You can enable the ‘do not track’ feature in your browser, which tells websites not to track your activity, but as compliance with the feature is voluntary, some sites may not play ball.

The alternative is to configure your browser to reject all third-party cookies, so that only, say, Facebook can request cookies from The catch is that if a legitimate website relies on embedded content fetched from elsewhere on the web, this might stop working.

Last year, Google toughened up some of the tracking controls in its Chrome browser, making it easier to restrict third-party cookies while leaving others unaffected, and restricting the use of techniques, like fingerprinting, that use other forms of identification to track where you go and what you do.

The safest way to stop the trackers is to install a tool like Ghostery or Privacy Badger that give you more transparency over who is tracking you and more control over whether you allow it. Try not to be daunted when you see the list: there’s a lot of snooping going on out there, but you can reduce the impact.

READ NEXT: Best Android VPN apps

Beyond the cookie

Blocking tracking cookies will get you so far, but it’s not the only threat to your privacy. For one thing – as we mentioned earlier – some sites have resorted to a technique known as fingerprinting, where the site captures telltale information about your browser and its version, your operating system, your active plugins and your language settings and timezone, then puts it all together to create a kind of browser fingerprint. This can then be used to track you across sites and send over data about your activities.

What’s more, your ISP retains a log of your online activity which, thanks to the 2016 Investigatory Powers Act, can be accessed by dozens of government agencies without a court order. While this might not worry you right now, there are legitimate concerns about how these powers and this information could be used down the line – particularly in a country where groups like Extinction Rebellion can be labelled as an extremist group.

How to protect your online privacy: use a reputed VPN service

There is, of course, another way to protect against such threats: to install a VPN. This re-routes all your internet traffic through an encrypted ‘tunnel’ between your PC and a server run by your VPN provider, which then connects to the wider Internet.

Once active, the VPN is effectively invisible – though there is some impact on connection speed. The general rule of thumb is – the shorter the geographical VPN connection, the faster your speed will be. For example, using a VPN to connect to Spain from the UK will be much faster than connecting to the US.

VPNs don’t have to be expensive. Some of the best VPN services are still very affordable (under £4/month), especially if you opt for a long-term plan. Whenever you go online using a VPN, your traffic becomes invisible to your ISP because they can’t see into the tunnel to see which sites you’re visiting and services you’re using them.

The sites and services themselves aren’t any the wiser because the connection appears to stem from the VPN server rather than your home location. What’s more, as your IP address and location are changed and much other information masked, it becomes harder – though not impossible – for companies to track you, either via cookie or via fingerprint. If your ISP can’t log where you go and what you do, they can’t reveal that information on request.

READ NEXT: How to set up a VPN on your router

To get your online data in this case, the authorities would need to contact your VPN service provider directly. The solution, in this case, is to choose a VPN service provider that’s based outside the Five Eyes and it’s larger Fourteen Eyes Alliance. In short, these numbers refer to the major countries worldwide who have agreed to share mass surveillance data between them. Of course, this is more for security measures, but it still gives them the authority to track and share anyone’s personal data should they wish to.

Thankfully, most reputed VPN services (including ExpressVPN, CyberGhost and Surfshark) are based outside these countries, in places like Panama which have no such data retention of sharing laws. All our top-VPN services also have a strict no-logs policy making it harder for anyone to retrieve what you do when you go online and therefore protecting your online privacy.

ExpressVPN, for example, is very clear about what data it does collect. As you can see, this is mainly to make changes and optimise its own service rather than know what you’re doing online. Its also one of the few VPN services that have been publicly audited to back up their strict -no-logs claim.

ExpressVPN – Get 49% off the 1-year plan

Protect your online privacy even further using Tor

Using a reputed VPN service is the perfect antidote to protecting your online privacy. Some VPNs (like NordVPN) even have additional features that let you route all your internet traffic through two different countries, making it harder to trace the origin of your connection, but of course, this comes at the cost of browsing speed.

Another alternative, in this case, is to use Tor, short for “the Onion router” but we must warn you that using Tor can slow down your connection to a crawl, much slower than even a VPN.

Similar to using a VPN, Tor sends all your web traffic through at least three randomly selected servers. Each of these servers have multiple levels of encryption that keeps your connection and your browsing content 100% private.

Using Tor makes your connection virtually impossible to trace because its servers are mostly run by volunteers making it hard to gain access to. Even if that happens, seizing one of its servers won’t reveal anything conclusion about your online activities.

Read more