These controls and techniques will help you limit the personal data Google collects for advertising and other purposes
Google is a company that runs on consumer data. It uses details about your activity to target ads, build new services, develop algorithms, and perform other business functions. Completely avoiding the company’s data collection machinery is extremely difficult, but it’s not hard to place some limits on how Google gathers and uses your data.
The first step is to take advantage of Google’s own privacy settings, and you can fine-tune them with a bit more precision thanks to some recent updates. There are also several outside tools you can use to take more control.
Most of the instructions below are for a computer browser, but the steps are similar if you’re working on your phone. And one of these settings is specific to Android, Google’s smartphone platform.
Turn Off the Master Privacy Control
If you’ve been feeling guilty about neglecting your diary, you can rest easy: If a setting called Web & App Activity is turned on, Google keeps one for you.
You can see this data for yourself, with granular details about your activity on Google products such as Search, Chrome, Android, and Google Assistant. This includes your whereabouts, websites you’ve gone to, the apps you’ve used on your phone, and your search history, along with exact time stamps for all this behavior.
The Web & App Activity control is the company’s most powerful privacy setting, and it does a lot more than you might think. Leave it on, and the company considers that consent to harness everything from your YouTube history to credit card purchases in the physical world for advertising and other data-driven business efforts.
MORE ON DIGITAL PRIVACY
30-Second Privacy Fixes: Simple Ways to Protect Your Data
Privacy Fix: How to Find Old Online Accounts
How to Use Facebook Privacy Settings
CR’s Guide to Digital Security & Privacy
But if you switch it off, Google warns that its services may be less “personalized,” and certain features will be disabled in Maps and Google Assistant.
“That makes for a terrible user experience,” says Justin Brookman, director of privacy and technology policy for Consumer Reports. “It’s bad practice for them to lump all these settings together and disincentivize protecting your privacy.”
But Brookman thinks the privacy boost is still worth the trade-off, and you can always switch the setting back on if you need to.
Google has introduced a few new controls for Web & App activity. You can tell it to exclude browsing data and other information from Google Chrome, and exclude any voice data the company collects if you use Google Assistant.
To turn it off: From any Google website,click the icon in the top right (you’ll need to sign in first) > Manage your Google Account > Privacy & personalization > If Web & App Activity is on, click on it > On the next screen, click “Turn off.” If you’d rather leave the global Web & App activity setting on, you can also adjust the settings for Chrome and voice data.
Turn Off Location History—for Real This Time
Google has a setting called Location History. The description once read: “With Location History off, the places you go are no longer stored. When you turn off Location History for your Google Account, it’s off for all devices associated with that Google Account.”
But in August 2018, Google users learned that the company continued to collect location data regardless of how they adjusted that setting. Internal email uncovered in a subsequent court case revealed that even Google’s own employees worried this was inappropriate.
The company then changed the language describing Location History, and told users they really could stop location tracking—but they had to turn off Web & App Activity as well.
Yes, that’s the same master privacy control described above. Here are the directions to switch off both settings.
To turn it off: Go to “Privacy & personalization” > If Location History is on, click on it > On the next screen, click the toggle, and hit Pause. Then do the same for Web & App Activity (described above).
Take the Consumer Reports 7-Day Privacy Challenge.
Set It and Forget It—or Delete Data Now
As described above, toggling the Web & App Activity setting makes for a significant privacy boost, but it will disable some functions on certain Google products.
If you want to leave the setting on, Google has a newer feature that will automatically delete some of the data the company collects after three or 18 months, depending on which option you pick. You can also opt to just erase the data manually.
Google has already extracted most if not all of the advertising value from the data by that point, so this isn’t an ironclad way to protect your privacy from the tech giant. But it’s better not to have personal information—like everything you’ve ever Googled—sitting on a corporate server.
After an update, this auto-delete feature is turned on by default when you create a new Google account.
Existing users need to turn it on manually.
To delete your Web & App Activity automatically: Go to “Privacy & personalization” > Web & App Activity > Choose an auto-delete option
To delete your Location History automatically: Go to “Privacy & personalization” > Location History > Choose an auto-delete option
To delete your Web & App Activity manually: Go to “Web & App Activity” > Manage all Web & App Activity > Click the icon with three dots in the search bar > Delete activity by > Choose a time period to delete, or select All time.
To delete your Location History manually: Go to “Location History” > Manage history > Click the trash icon to delete all your location history, or use the tool in the top left to pick a specific time frame to delete.
Limit Data Sharing With Sites and Services
There are a number of reasons you might want to give third-party apps and services access to your data from your Google account. You may want to share your contacts with Twitter or LinkedIn, or give an app like Evernote access to files in Google Drive. You can also use Google Sign-in to log in to some apps and services instead of creating new accounts.
These arrangements are convenient, but they’re also a privacy trade-off. For example, the company knows every time you use Google Sign-in to open another service, and it harnesses that data for advertising. It’s a good idea to periodically review which apps are connected to your Google account and remove permissions for services you no longer use.
To turn off data sharing: Go to “Manage your Google Account” > Security > Third-party apps with account access > Click on the row with the app’s name and select Remove Access. Then do the same with apps under Signing in with Google.
Make Ads a Little Less Targeted
Google uses the information it collects about you for targeted advertising. If you find irrelevant ads particularly annoying, you may prefer it that way. But for people who want to keep their internet habits to themselves, Google allows them to decouple their personal preferences from the ads they see online. This setting doesn’t disable the Google advertising data machine entirely, but it’s worth adjusting for a small privacy boost.
To turn it off: Go to “Manage your data & personalization” > Go to ad settings > If Ad personalization is on, click the toggle > Turn off.
Turn Off Personalized Search Results
Google personalizes its search tool to try to make it more useful to you. That’s convenient, but other people using your computer may get a window into your internet life if you let them tool around on Google.com. For example, Google auto-predicts your typing based on things you’ve searched for, shows details about travel when you type in “my flights” or “directions home,” and makes recommendations for things like what to read and where to eat.
You can turn all of that off if you don’t want this information to show up. (These features will also be disabled if you turn off the Web & App activity setting.)
To turn it off: Go to “Manage your data & personalization” > Personal results in search > Switch the toggle off.
Safeguard Your Account From Hackers
One of the simplest ways to create roadblocks for hackers is to turn on two-factor authentication, also called multifactor authentication. Once you do that, you use a verification code sent by text or provided by an app (which may be more secure) to confirm your identity anytime you try to log in to your account from an unverified location, device, or browser. You also need the account password.
Once you turn on two-factor authentication, you can also add other safeguards, such as single-use codes you can print out and use if you don’t have access to your phone, and a physical security key that you can plug into your laptop’s USB port to confirm your identity. (You’ll need to buy one of the U2F, or universal second factor, devices separately.)
To turn it on: Go to “Manage your Google Account” > Security > 2-Step Verification > Get Started.
Get Your Personal Information Off Google Search
If you’ve Googled yourself (and who hasn’t?) you may have come across some disturbing results: your personal contact information or other sensitive details. This can happen for any number of reasons, but often it’s the result of people search engines that make money by selling data such as your phone number, home address, and even your relatives’ addresses to anyone with a credit card.
That’s a privacy problem that can easily cross the line into threats to your safety. A new tool lets you ask Google to remove this kind of data from its search results. That will make the details harder to find, though you’ll need to contact the sites hosting the information if you want it gone from the internet entirely. (That process can be slow, annoying, and even expensive.)
An online form lets you ask Google to remove search results that include several kinds of personal data, including copies of IDs, bank account or credit card numbers, passwords, medical documents, your contact information, and more. You’ll need to include the URL of the page where you found the information. Google says adding screenshots to your request is helpful, too.
Google has provided ways for people to make this kind of request for a long time, but a recent policy change lowers the bar for removal. The company says there are still a few reasons why it might deny a request. Primarily, Google may leave the information up if it’s on a government website or it’s considered “broadly useful,” which usually means the company judges that it’s newsworthy.
Give Chrome a Privacy Tuneup
It’s no secret: Google Chrome collects data about you. When you log in to Chrome and sync with your Google Account, your browsing data is stored on Google’s servers and linked with your account. That includes the websites you go to, your bookmarks, and your saved passwords.
You can be logged in to Chrome without syncing your data across devices. But in the latest versions of Chrome, Google logs you in to the browser by default when you sign in to Gmail or another Google service on a computer.
But you can opt out of automatic sign-ins. Or, as described below, you can try a different browser altogether, and there are good reasons to consider it.
To turn off Chrome’s automatic sign-in: On a computer, click the icon with three dots in the top right corner > Settings > Sync and Google Services > Switch off the “Allow Chrome sign-in” toggle. (This will let you sign in to an app such as Gmail without signing into the browser.)
If you’ve already logged in to Chrome, logging out is simple.
To sign out of Chrome: In Chrome, click the icon with your profile picture or the first letter of your username in the top right corner > Sign out. (The instructions are slightly different if you’ve already turned on Chrome’s data syncing. In the same menu, click “Syncing to” and then hit “Turn off” on the next page to be signed out automatically.)
Or you can stay logged in while disabling some or all of Chrome’s data-syncing functions.
To turn off Chrome’s sync settings: After signing in to Chrome, click the icon with three dots in the top right corner > Settings > Sync and Google Services > Manage what you sync > Switch off the “Sync everything” toggle > Switch off the toggles for some or all of the categories.
Or Just Say Goodbye to Chrome
Google Chrome collects a lot of data about its users. That includes location information, search history, and details about your browsing. All of that information is linked to your identity and harnessed for third-party advertising.
The search giant says that Chrome is going to change, and some new improvements will make for a more private experience. The biggest update would be blocking third-party cookies, little bits of code that let any company follow you around the web. Lots of other browsers already do that, and the reason Google hasn’t made the change yet is because it’s trying to figure out a new way to track Chrome users first.
But web browsers are pretty similar these days. You probably won’t notice major differences if you switch; you might even prefer a different browser. More private alternatives include Safari, Firefox, and DuckDuckGo’s Privacy Browser mobile app. All three promise to collect far less personal information, and they already block third-party cookies.
There’s a caveat, though. Chrome has a reputation for being the best option to protect your security (i.e., defending against hackers) even if it infringes on your privacy along the way. You probably don’t need to worry about that unless you’re a high-value target, like a person who handles highly sensitive information or, say, the CEO of a big company. But security may be a bigger concern for you than privacy; you’ll need to weigh the trade-off for yourself.