Absolute privacy is dead.
There's just too much personal information and metadata about you collected from too many sources and you have no control over any of it - who has it, how it's used, how it can be combined - nothing. Privacy regulations like GDPR and CCPA are a step in the right direction, but they won't protect you nearly as much as they claim.
In the "good old days," (prior to 1995) marketers and other users of personal information were basically limited to credit card data (sold by your credit card company, natch), public records (e.g. the car you own, your address) and consumer research.
Today, there is a treasure trove of data available about you, your habits and your intentions based solely on your online activity.
Going forward, the best you can hope for is to prevent further escape of your personal information and metadata into the wild. (Sometimes referred to as "data exhaust.")
The use (and abuse) of Cookies
There are many types of strategies and tactics for capturing your personal metadata, but the greatest culprit is probably browser cookies.
Cookies were originally created by Netscape in the 1990's for use in their Navigator web browser. Their original design was to uniquely identify internet users to help ecommerce sites keep track of what items are in your shoppping cart.
Since then, they've been used for a variety of reasons, almost all of which are designed to track you on the internet.
Cross-site tracking cookies are the worst offenders.
These cookies are delivered by companies like ad networks, analytics and research providers, social media sites and ecommerce sites, among others.
Have you ever searched for something on Google, then saw an ad for it on a web site?
What about Amazon?
All of these companies use this tactic (called "retargeting" in ad industry parlance) but the worst part about it is not the relevant ads - that's actually a benefit to you - it's the massive amounts of data that these companies gather about you in the process: what sites you visit, when you use a web application (Hello, "Login with Facebook".), what purchases you're considering, what medications you may be taking, any health conditions you may have - the list goes on and on.
You can do some things to help protect your privacy - use a privacy-respecting search engine like DuckDuckGo, turn on "Do Not Track" in your browser, install ad blockers in your browser - but if you're really serious about preventing data exhaust, the best thing you can do is to use a different web browser for every site you visit.
Wait. What?! How is that even possible?!
It's not. There are too many web sites and not enough browsers to use this strategy. Plus, it would be a huge pain in the ass.
That's where Firefox Multi-Account Containers ("Firefox Containers") come to the rescue.
Firefox Multi-Account Containers
From the Mozilla web site:
Multi-Account Containers is a Firefox add-on that lets you separate your work, shopping or personal browsing without having to clear your history, log in and out, or use multiple browsers. Container tabs are like normal tabs except that the sites you visit will have access to a separate slice of the browser's storage. This means your site preferences, logged in sessions, and advertising tracking data won't carry over to the new container. Likewise, any browsing you do within the new container will not affect your logged in sessions, or tracking data of your other containers.
I discovered Firefox containers last year when I began diving back into Linux as it's the default browser installed in many Linux distributions.
Firefox has always been an excellent browser but over the years, I tended to use browsers that were faster (Safari) or had better plug-in support for the apps that I used (Chrome).
Firefox containers changed all of that.
Firefox is now the default browser on my personal machine, the browser I use for personal tasks on my work PC and even the default browser on my Android phone.
Here's how I configure and use Firefox containers. Feel free to follow along with me.
I'm assuming that you already have Firefox installed. If not, go ahead and do that. Now, you're ready to get started with Firefox Multi-Account Containers.
First, you have to install the add-on from Mozilla since it's not included by default. (It really should be.)
Once that's done, you'll see a new icon in your toolbar:
Selecting it will show you some sample containers that have already been created for you to use or test. I haven't completed a fresh install of this plugin in awhile, but the starter containers are usually:
You can edit the name, color and icon to your liking.
(Ignore the "tmp" containers you see below, for now. I'll explain them shortly.)
If you select "Personal" from this menu, it will launch a new Personal container. Now, try this: visit any web site where you have an account, then login. (Not social media, yet.)
Next, create a new Default tab using the standard Firefox controls. ("Ctrl + T" on Linux and Windows, "Cmd + T" on a Mac or clicking the "+" icon in the toolbar). Now, visit that same web site again in the Default tab. You'll immediately notice that you're not logged in to the site in that tab.
That's because Firefox containers have (as the name implies) contained your activities for that web site within the Personal set of tabs (you can have as many container tabs open as your computer will allow). If this is a site that you login to frequently, you can check the box just below the page title in the Firefox containers menu, so that you can "Always open in Personal." By doing that, any time you launch a new tab and enter the URL for that web site, regardless of the container you're using, Firefox will load that web site in the Personal container automatically.
But wait - it gets better.
The Facebook Container
Now, install the Facebook Container add-on. The Facebook Container is a special add-on that not only keeps your Facebook activity in the Firefox container, but it also blocks the loading of any Facebook cookies, code or off-site applications, such as "Share to Facebook" or "Login with Facebook."
Try it: open a tab in any other container, then visit any web site that has Facebook "Share" buttons. You'll see something like this. The tooltip text will load if you hover over the icon.
If the Facebook share button is served from Facebook.com, the Facebook Container will deactivate the button and prevent Facebook from knowing that you visited that site.
The same will happen if you visit a site that uses "Login with Facebook."
You always have the option of over-riding this setting by clicking the button but then, you'll be exposing your online activites to Facebook - but at least the choice is yours.
The Default Tab
I use keyboard shortcuts as much as possible. They enable me to accomplish things so much faster than navigating through application menus. So, if you're like me, that means you probably create tabs using "Ctrl + T" on Linux and Windows or "Cmd + T" on a Mac.
When you do this, you launch a Default tab (and related container) in Firefox. Doing this means that the more frequently you use the Default tab, you're more likely to expose your online activites across sites.
To solve his problem, install the Temporary Containers add-on. Next, go to the Add-ons menu item in Firefox, find Temporary Containers, select the ellipse menu, then select Preferences. This add-on is very configurable, but you don't need to worry about that. Select the checkbox for "Automatic Mode" then close that tab.
Automatic Mode, as defined by the add-on creator:
Instantly reopen new tabs in Temporary Containers. You might lose the first few already typed characters in the address bar when reopening takes too long, but it prevents new tabs from writing and reading cookies in the default container.
Now that the Temporary Containers tab is installed, any time you create a new tab using keyboard shortcuts or use the "+" icon on the toolbar, Firefox will create a new Temporary tab. When you close the tab, all of the cookies that were set in that tab will be deleted, erasing any trace of your visit to that site.
Note: unlike Private Windows, visits to sites in Temporary Containers will still show up in your browser history.
But what happens if you use a Temporary container and wind up on a site where you have an account and would like to be remembered? Right-click the current tab and select the "Reopen in Container" menu, then select your chosen container. You can then select the Firefox containers icon in the toolbar and check the box to always open that site in that container.
If you'd like to take additional steps to protect your privacy (and speed up your web browsing in the process) I recommend installing the following add-ons:
uBlock Origin is a fast ad-blocker that is efficient with resources. It doesn't hog a lot of memory or noticeably slow down your computer.
Privacy Badger has some similar functionality, but it's main purpose is to automatically learn which sites are tracking you, then block them accordingly.
Note: like most ad blocking add-ons, these applications can sometimes prevent sites from working properly. If you find yourself in that situation, you can turn off uBlock Origin or Privacy Badger for that site while leaving them turned on for other sites you visit.
In Conlusion or "Who has time for all this?"
When I tell people about my use of Firefox Multi-Account Containers, inevitably, I receive questions like, "How long did it take you to set this up?" and "Who has time for all this?"
Set up is easy - you can follow the instructions I've provided above and be done in 5 minutes or less. However, at the start, you do need to think differently about how you use your browser, but that's a short learning curve.
Installing Temporary Containers helped me a lot here, since I no longer had to worry about accidentally opening something in a permanent Default container.
I suggest you give it a try. You'll notice a signficant drop in the number of retargeting ads that you receive and that's the key indicator that it's working.
If you find it too complicated for day-to-day use, you can always switch back to your usual browing habits.
Bonus: Protect Your Privacy on Your Smartphone
Firefox on iOS doesn't support add-ons - and never will - due to Apple's strict software security model. On Android, the uBlock Origin and Privacy Badger add-ons can be installed, but not Firefox Multi-Account containers. (insert sad face here)
This can be problematic as it exposes the data exhaust from your mobile browsing, but there are other things you can do to help prevent that.
If you use any of the sites mentioned above, all of them have their own apps for your phone. If you need to buy something on Amazon or search for something on Google, use the site's respective app. Generally speaking, any activity in those apps stays in those apps.
My personal exception to this rule is Facebook. The Facebook app has been notorious for not respecting privacy settings, like when you turn off Location Services for the app. Twitter is better, but still aggressive.
For these sites, I use a separate browser: I installed Brave, a browser that, like Firefox, also helps protect your privacy. The only two sites that I use in Brave?
Facebook and Twitter.
Those two sites both have very good mobile web experiences and are the only way I can be certain that they're not tracking my location or other web activities.
I use DuckDuckGo for web searches on both my laptop and smartphone. While I trust DuckDuckGo to not track me all over the web, that doesn't mean that I trust the sites to which it links.
For this, I sometimes use the nuclear option for sensitive searches: Firefox Focus, a browser that clears everything from your device (including history) when the app is closed. It's available on both Android and iOS and, in practice, functions like the Temporary Containers add-on I described above.
I use this when I'm searching for things that I don't want anyone to attribute to me. For example, a new cholesterol medication or mortgage refinancing rates. The first search and subsequent site visits to the sites in the search results may expose the fact that I have high cholesterol (I don't) and that's health data that no one needs to know, other than my doctor. The second protects me from incessant retargeting by mortgage lenders and brokers.